Import of old SSLeay release: SSLeay 0.8.1b
diff --git a/COPYRIGHT b/COPYRIGHT
new file mode 100644
index 0000000..75b65cf
--- /dev/null
+++ b/COPYRIGHT
@@ -0,0 +1,64 @@
+Copyright (C) 1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an SSL implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with Netscapes SSL.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to. The following conditions
+apply to all code found in this distribution, be it the RC4, RSA,
+lhash, DES, etc., code; not just the SSL code. The SSL documentation
+included with this distribution is covered by the same copyright terms
+except that the holder is Tim Hudson (tjh@cryptsoft.com).
+
+Please note that MD2, MD5 and IDEA are publically available standards
+that contain sample implementations, I have re-coded them in my own
+way but there is nothing special about those implementations. The DES
+library is another mater :-).
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of the parts of the library used.
+This can be in the form of a textual message at program startup or
+in documentation (online or textual) provided with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ "This product includes cryptographic software written by
+ Eric Young (eay@cryptsoft.com)"
+ The word 'cryptographic' can be left out if the rouines from the library
+ being used are not cryptographic related :-).
+4. If you include any Windows specific code (or a derivative thereof) from
+ the apps directory (application code) you must include an acknowledgement:
+ "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The licence and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied and put under another distribution licence
+[including the GNU Public Licence.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/Configure b/Configure
new file mode 100755
index 0000000..ab20385
--- /dev/null
+++ b/Configure
@@ -0,0 +1,505 @@
+#!/usr/local/bin/perl
+#
+# see PROBLEMS for instructions on what sort of things to do when
+# tracking a bug --tjh
+#
+# extra options
+# -DRSAref build to use RSAref
+# -DNO_IDEA build with no IDEA algorithm
+# -DNO_RC4 build with no RC4 algorithm
+# -DNO_RC2 build with no RC2 algorithm
+# -DNO_BF build with no Blowfish algorithm
+# -DNO_DES build with no DES/3DES algorithm
+# -DNO_MD2 build with no MD2 algorithm
+#
+# DES_PTR use pointer lookup vs arrays in the DES in crypto/des/des_locl.h
+# DES_RISC1 use different DES_ENCRYPT macro that helps reduce register
+# dependancies but needs to more registers, good for RISC CPU's
+# DES_RISC2 A different RISC variant.
+# DES_UNROLL unroll the inner DES loop, sometimes helps, somtimes hinders.
+# DES_INT use 'int' instead of 'long' for DES_LONG in crypto/des/des.h
+# This is used on the DEC Alpha where long is 8 bytes
+# and int is 4
+# BN_LLONG use the type 'long long' in crypto/bn/bn.h
+# MD2_CHAR use 'char' instead of 'int' for MD2_INT in crypto/md/md2.h
+# MD2_LONG use 'long' instead of 'int' for MD2_INT in crypto/md/md2.h
+# IDEA_SHORT use 'short' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# IDEA_LONG use 'long' instead of 'int' for IDEA_INT in crypto/idea/idea.h
+# RC2_SHORT use 'short' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC2_LONG use 'long' instead of 'int' for RC2_INT in crypto/rc2/rc2.h
+# RC4_CHAR use 'char' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_LONG use 'long' instead of 'int' for RC4_INT in crypto/rc4/rc4.h
+# RC4_INDEX define RC4_INDEX in crypto/rc4/rc4_enc.c. This turns on
+# array lookups instead of pointer use.
+# BF_PTR use 'pointer arithmatic' for Blowfish (unsafe on Alpha).
+# BF_PTR2 use a pentium/intel specific version.
+
+$x86_gcc_des="DES_PTR DES_RISC1 DES_UNROLL";
+
+# MD2_CHAR slags pentium pros
+$x86_gcc_opts="RC4_INDEX MD2_INT BF_PTR2";
+
+# MODIFY THESE PARAMETERS IF YOU ARE GOING TO USE THE 'util/speed.sh SCRIPT
+# Don't worry about these normally
+
+$tcc="cc";
+$tflags="-fast -Xa";
+$tbn_mul="";
+$tlib="-lnsl -lsocket";
+#$bits1="SIXTEEN_BIT ";
+#$bits2="THIRTY_TWO_BIT ";
+$bits1="THIRTY_TWO_BIT ";
+$bits2="SIXTY_FOUR_BIT ";
+
+# -DB_ENDIAN slows things down on a sparc
+
+#config-string CC : CFLAGS : LDFLAGS : special header file mods:bn_asm \
+# des_asm:bf_asm
+%table=(
+#"b", "$tcc:$tflags:$tlib:$bits1:$tbn_mul::",
+#"bl-4c-2c", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR MD2_CHAR:$tbn_mul::",
+#"bl-4c-ri", "$tcc:$tflags:$tlib:${bits1}BN_LLONG RC4_CHAR RC4_INDEX:$tbn_mul::",
+#"b2-is-ri-dp", "$tcc:$tflags:$tlib:${bits2}IDEA_SHORT RC4_INDEX DES_PTR:$tbn_mul::",
+
+# A few of my development configs
+"purify", "purify gcc:-g -DPURIFY -Wall:-lsocket -lnsl::::",
+"debug", "gcc:-DREF_CHECK -DCRYPTO_MDEBUG -g -Wformat -Wshadow -Wmissing-prototypes -Wmissing-declarations -Werror:::::",
+"dist", "cc:-O -DNOPROTO::::",
+
+# Basic configs that should work on any box
+"gcc", "gcc:-O3::BN_LLONG:::",
+"cc", "cc:-O -DNOPROTO -DNOCONST:::::",
+
+# My solaris setups
+"solaris-x86-gcc","gcc:-O3 -fomit-frame-pointer -m486 -Wall -DL_ENDIAN:\
+ -lsocket -lnsl:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-sol.o:asm/dx86-sol.o asm/cx86-sol.o:asm/bx86-sol.o",
+"solaris-sparc-gcc","gcc:-O3 -fomit-frame-pointer -mv8 -Wall:\
+ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_UNROLL BF_PTR:::",
+# DO NOT use /xO[34] on sparc with SC3.0.
+# It is broken, and will not pass the tests
+"solaris-sparc-cc","cc:-fast -O -Xa -DB_ENDIAN:\
+ -lsocket -lnsl:BN_LLONG RC4_CHAR DES_PTR DES_UNROLL BF_PTR:asm/sparc.o::",
+# SC4.0 is ok, better than gcc, except for the bignum stuff.
+# -fast slows things like DES down quite a lot
+"solaris-sparc-sc4","cc:-xO5 -Xa -DB_ENDIAN:-lsocket -lnsl:\
+ BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
+"solaris-usparc-sc4","cc:-xtarget=ultra -xarch=v8plus -Xa -xO5 -DB_ENDIAN:\
+ -lsocket -lnsl:\
+ BN_LLONG RC4_CHAR DES_PTR DES_RISC1 DES_UNROLL BF_PTR:asm/sparc.o::",
+
+# Sunos configs, assuming sparc for the gcc one.
+"sunos-cc", "cc:-O4 -DNOPROTO -DNOCONST::DES_UNROLL:::",
+"sunos-gcc","gcc:-O3 -mv8::BN_LLONG RC4_CHAR DES_UNROLL DES_PTR DES_RISC1:::",
+
+# SGI configurations. If the box is rather old (r3000 cpu), you will
+# probably have to remove the '-mips2' flag. I've only been using
+# IRIX 5.[23].
+#"irix-gcc","gcc:-O2 -mips2::BN_LLONG RC4_INDEX RC4_CHAR:::",
+"irix-gcc","gcc:-O2 -DTERMIOS -DB_ENDIAN::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::",
+"irix-cc", "cc:-O2 -DTERMIOS -DB_ENDIAN::DES_PTR DES_RISC2 DES_UNROLL BF_PTR:asm/r3000.o::",
+"debug-irix-cc", "cc:-w2 -g -DCRYPTO_MDEBUG -DTERMIOS -DB_ENDIAN:::asm/r3000.o::",
+
+# HPUX config. I've been building on HPUX 9, so the options may be
+# different on version 10. The pa-risc2.o assember file is 2 times
+# faster than the old asm/pa-risc.o version but it may not run on old
+# PA-RISC CPUs. If you have problems, swap back to the old one.
+# Both were generated by gcc, so use the C version with the PA-RISC specific
+# options turned on if you are using gcc.
+"hpux-cc", "cc:-DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive::DES_PTR DES_UNROLL DES_RISC1:asm/pa-risc2.o::",
+"hpux-kr-cc", "cc:-DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE::DES_PTR DES_UNROLL:asm/pa-risc2.o::",
+"hpux-gcc", "gcc:-DB_ENDIAN -O3::BN_LLONG DES_PTR DES_UNROLL DES_RISC1:::",
+
+# Dec Alpha, OSF/1 - the alpha400-cc is the flags for a 21164A with
+# the new compiler
+"alpha-gcc","gcc:-O3::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"alpha-cc", "cc:-O2::SIXTY_FOUR_BIT_LONGS DES_INT DES_PTR DES_RISC2:asm/alpha.o::",
+"alpha400-cc", "cc:-arch host -tune host -fast -std -O4 -inline speed::SIXTY_FOUR_BIT_LONG:asm/alpha.o::",
+
+# The intel boxes :-), It would be worth seeing if bsdi-gcc can use the
+# x86-lnx.o file file since it is hand tweaked assembler.
+"linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"debug-linux-elf","gcc:-DREF_CHECK -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -m486 -Wall:-lefence:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+"linux-aout", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
+"NetBSD-sparc", "gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL:::",
+"NetBSD-x86", "gcc:-DTERMIOS -D_ANSI_SOURCE -O3 -fomit-frame-pointer -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
+"FreeBSD", "gcc:-DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnxa.o:asm/dx86-out.o asm/cx86-out.o:asm/bx86-out.o",
+#"bsdi-gcc", "shlicc2:-O3 -ffast-math-m486::RSA_LLONG $x86_gcc_des $x86_gcc_opts:::",
+#"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:asm/x86-bsdi.o:asm/dx86bsdi.o asm/cx86bsdi.o:asm/bx86bsdi.o",
+"bsdi-gcc", "gcc:-O3 -ffast-math -DPERL5 -m486::RSA_LLONG $x86_gc_des $x86_gcc_opts:::",
+"nextstep", "cc:-O3 -Wall::BN_LLONG $x86_gcc_des $x86_gcc_opts:::",
+
+# UnixWare 2.0
+"unixware-2.0","cc:-O:-lsocket -lnsl:$x86_gcc_des $x86_gcc_opts:::",
+"unixware-2.0-pentium","cc:-O -Kpentium -Kthread:-lsocket -lnsl:MD2_CHAR RC4_INDEX $x86_des_des::",
+
+# IBM's AIX.
+"aix-cc", "cc:-O -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+"aix-gcc", "gcc:-O2 -DAIX -DB_ENDIAN::BN_LLONG RC4_CHAR:::",
+
+# DGUX, 88100.
+"dgux-R3-gcc", "gcc:-O3 -fomit-frame-pointer::RC4_INDEX DES_UNROLL:::",
+"dgux-R4-gcc", "gcc:-O3 -fomit-frame-pointer:-lnsl -lsocket:RC4_INDEX:RC4_INDEX DES_UNROLL:::",
+"dgux-R4-x86-gcc", "gcc:-O3 -fomit-frame-pointer -DL_ENDIAN:-lnsl -lsocket:BN_LLONG $x86_gcc_des $x86_gcc_opts:asm/x86-lnx.o:asm/dx86-elf.o asm/cx86-elf.o:asm/bx86-elf.o",
+
+# SCO 5
+"sco5-cc", "cc:-O:-lsocket:$x86_gcc_des $x86_gcc_opts:::", # des options?
+
+# Sinix RM400
+"SINIX-N","/usr/ucb/cc:-O2 -misaligned:-lucb:RC4_INDEX RC4_CHAR:::",
+
+# Windows NT, Microsoft Visual C++ 4.0
+
+# hmm... bug in perl under NT, I need to concatinate :-(
+"VC-NT","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::",
+"VC-WIN32","cl:::BN_LLONG RC4_INDEX ".$x86_gcc_opts.":::",
+"VC-WIN16","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
+"VC-W31-16","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+"VC-W31-32","cl:::MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX THIRTY_TWO_BIT:::",
+"VC-MSDOS","cl:::BN_LLONG MD2_CHAR DES_UNROLL DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+
+# Borland C++ 4.5
+"BC-32","bcc32:::DES_PTR RC4_INDEX:::",
+"BC-16","bcc:::BN_LLONG DES_PTR RC4_INDEX SIXTEEN_BIT:::",
+);
+
+$postfix="org";
+$Makefile="Makefile.ssl";
+$des_locl="crypto/des/des_locl.h";
+$des ="crypto/des/des.h";
+$bn ="crypto/bn/bn.h";
+$md2 ="crypto/md/md2.h";
+$rc4 ="crypto/rc4/rc4.h";
+$rc4_enc="crypto/rc4/rc4_enc.c";
+$idea ="crypto/idea/idea.h";
+$rc2 ="crypto/rc2/rc2.h";
+$bf ="crypto/bf/bf_locl.h";
+$bn_mulw="bn_mulw.o";
+$des_enc="des_enc.o fcrypt_b.o";
+$bf_enc ="bf_enc.o";
+
+if ($#ARGV < 0)
+ {
+ &bad_target;
+ exit(1);
+ }
+
+$flags="";
+foreach (@ARGV)
+ {
+ if ($_ =~ /^-/)
+ {
+ if ($_ =~ /^-[lL](.*)$/)
+ {
+ $libs.=$_." ";
+ }
+ elsif ($_ =~ /^-D(.*)$/)
+ {
+ $flags.=$_." ";
+ }
+ else
+ {
+ die "unknown options, only -Dxxx, -Lxxx -lxxx supported\n";
+ }
+ }
+ else
+ {
+ die "target already defined - $target\n" if ($target ne "");
+ $target=$_;
+ if (!defined($table{$target}))
+ {
+ &bad_target;
+ exit(1);
+ }
+ }
+ }
+
+if (!defined($table{$target}))
+ {
+ &bad_target;
+ exit(1);
+ }
+
+($cc,$cflags,$lflags,$bn_ops,$bn_obj,$des_obj,$bf_obj)=
+ split(/\s*:\s*/,$table{$target});
+$cflags="$flags$cflags" if ($flags ne "");
+$lflags="$libs$lflags"if ($libs ne "");
+
+$bn_obj=$bn_mulw unless ($bn_obj =~ /\.o$/);
+$des_obj=$des_enc unless ($des_obj =~ /\.o$/);
+$bf_obj=$bf_enc unless ($bf_obj =~ /\.o$/);
+
+$n=&file_new($Makefile);
+open(IN,"<".$Makefile) || die "unable to read $Makefile:$!\n";
+open(OUT,">".$n) || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ chop;
+ s/^CC=.*$/CC= $cc/;
+ s/^CFLAG=.*$/CFLAG= $cflags/;
+ s/^EX_LIBS=.*$/EX_LIBS= $lflags/;
+ s/^BN_MULW=.*$/BN_MULW= $bn_obj/;
+ s/^DES_ENC=.*$/DES_ENC= $des_obj/;
+ s/^BF_ENC=.*$/BF_ENC= $bf_obj/;
+ print OUT $_."\n";
+ }
+close(IN);
+close(OUT);
+&Rename($Makefile,&file_old($Makefile));
+&Rename($n,$Makefile);
+print "CC =$cc\n";
+print "CFLAG =$cflags\n";
+print "EX_LIBS=$lflags\n";
+print "BN_MULW=$bn_obj\n";
+print "DES_ENC=$des_obj\n";
+print "BF_ENC =$bf_obj\n";
+
+$des_ptr=0;
+$des_risc1=0;
+$des_risc2=0;
+$des_unroll=0;
+$bn_ll=0;
+$def_int=2;
+$rc4_int=$def_int;
+$md2_int=$def_int;
+$idea_int=$def_int;
+$rc2_int=$def_int;
+$rc4_idx=0;
+$bf_ptr=0;
+@type=("char","short","int","long");
+($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0);
+
+foreach (sort split(/\s+/,$bn_ops))
+ {
+ $des_ptr=1 if /DES_PTR/;
+ $des_risc1=1 if /DES_RISC1/;
+ $des_risc2=1 if /DES_RISC2/;
+ $des_unroll=1 if /DES_UNROLL/;
+ $des_int=1 if /DES_INT/;
+ $bn_ll=1 if /BN_LLONG/;
+ $rc4_int=0 if /RC4_CHAR/;
+ $rc4_int=3 if /RC4_LONG/;
+ $rc4_idx=1 if /RC4_INDEX/;
+ $md2_int=0 if /MD2_CHAR/;
+ $md2_int=3 if /MD2_LONG/;
+ $idea_int=1 if /IDEA_SHORT/;
+ $idea_int=3 if /IDEA_LONG/;
+ $rc2_int=1 if /RC2_SHORT/;
+ $rc2_int=3 if /RC2_LONG/;
+ $bf_ptr=1 if $_ eq "BF_PTR";
+ $bf_ptr=2 if $_ eq "BF_PTR2";
+ ($b64l,$b64,$b32,$b16,$b8)=(1,0,0,0,0) if /SIXTY_FOUR_BIT_LONG/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,1,0,0,0) if /SIXTY_FOUR_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,1,0,0) if /THIRTY_TWO_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,1,0) if /SIXTEEN_BIT/;
+ ($b64l,$b64,$b32,$b16,$b8)=(0,0,0,0,1) if /EIGHT_BIT/;
+ }
+
+(($in=$bn) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($bn);
+open(IN,"<".$in) || die "unable to read $bn:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#((define)|(undef))\s+SIXTY_FOUR_BIT_LONG/)
+ { printf OUT "#%s SIXTY_FOUR_BIT_LONG\n",($b64l)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTY_FOUR_BIT/)
+ { printf OUT "#%s SIXTY_FOUR_BIT\n",($b64)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+THIRTY_TWO_BIT/)
+ { printf OUT "#%s THIRTY_TWO_BIT\n",($b32)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+SIXTEEN_BIT/)
+ { printf OUT "#%s SIXTEEN_BIT\n",($b16)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+EIGHT_BIT/)
+ { printf OUT "#%s EIGHT_BIT\n",($b8)?"define":"undef"; }
+ elsif (/^#((define)|(undef))\s+BN_LLONG\s*$/)
+ { printf OUT "#%s BN_LLONG\n",($bn_ll)?"define":"undef"; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($bn,&file_old($bn));
+&Rename($n,$bn);
+
+(($in=$des) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($des);
+open(IN,"<".$in) || die "unable to read $des:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^\#define\s+DES_LONG\s+.*/)
+ { printf OUT "#define DES_LONG unsigned %s\n",
+ ($des_int)?'int':'long'; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($des,&file_old($des));
+&Rename($n,$des);
+
+(($in=$des_locl) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($des_locl);
+open(IN,"<".$in) || die "unable to read $des_locl:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^\#(define|undef)\s+DES_PTR/)
+ { printf OUT "#%s DES_PTR\n",($des_ptr)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC1/)
+ { printf OUT "#%s DES_RISC1\n",($des_risc1)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_RISC2/)
+ { printf OUT "#%s DES_RISC2\n",($des_risc2)?'define':'undef'; }
+ elsif (/^\#(define|undef)\s+DES_UNROLL/)
+ { printf OUT "#%s DES_UNROLL\n",($des_unroll)?'define':'undef'; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($des_locl,&file_old($des_locl));
+&Rename($n,$des_locl);
+
+(($in=$rc4) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4);
+open(IN,"<".$in) || die "unable to read $rc4:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+RC4_INT\s/)
+ { printf OUT "#define RC4_INT unsigned %s\n",$type[$rc4_int]; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc4,&file_old($rc4));
+&Rename($n,$rc4);
+
+(($in=$rc4_enc) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc4_enc);
+open(IN,"<".$in) || die "unable to read $rc4_enc:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#((define)|(undef))\s+RC4_INDEX/)
+ { printf OUT "#%s RC4_INDEX\n",($rc4_idx)?"define":"undef"; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc4_enc,&file_old($rc4_enc));
+&Rename($n,$rc4_enc);
+
+(($in=$md2) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($md2);
+open(IN,"<".$in) || die "unable to read $bn:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+MD2_INT\s/)
+ { printf OUT "#define MD2_INT unsigned %s\n",$type[$md2_int]; }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($md2,&file_old($md2));
+&Rename($n,$md2);
+
+(($in=$idea) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($idea);
+open(IN,"<".$in) || die "unable to read $idea:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+IDEA_INT\s/)
+ {printf OUT "#define IDEA_INT unsigned %s\n",$type[$idea_int];}
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($idea,&file_old($idea));
+&Rename($n,$idea);
+
+(($in=$rc2) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($rc2);
+open(IN,"<".$in) || die "unable to read $rc2:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#define\s+RC2_INT\s/)
+ {printf OUT "#define RC2_INT unsigned %s\n",$type[$rc2_int];}
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($rc2,&file_old($rc2));
+&Rename($n,$rc2);
+
+(($in=$bf) =~ s/\.([^.]+)/.$postfix/);
+$n=&file_new($bf);
+open(IN,"<".$in) || die "unable to read $bf:$!\n";
+open(OUT,">$n") || die "unable to read $n:$!\n";
+while (<IN>)
+ {
+ if (/^#(define|undef)\s+BF_PTR/)
+ {
+ printf OUT "#undef BF_PTR\n" if $bf_ptr == 0;
+ printf OUT "#define BF_PTR\n" if $bf_ptr == 1;
+ printf OUT "#define BF_PTR2\n" if $bf_ptr == 2;
+ }
+ else
+ { print OUT $_; }
+ }
+close(IN);
+close(OUT);
+&Rename($bf,&file_old($bf));
+&Rename($n,$bf);
+
+print "SIXTY_FOUR_BIT_LONG mode\n" if $b64l;
+print "SIXTY_FOUR_BIT mode\n" if $b64;
+print "THIRTY_TWO_BIT mode\n" if $b32;
+print "SIXTEEN_BIT mode\n" if $b16;
+print "EIGHT_BIT mode\n" if $b8;
+print "DES_PTR used\n" if $des_ptr;
+print "DES_RISC1 used\n" if $des_risc1;
+print "DES_RISC2 used\n" if $des_risc2;
+print "DES_UNROLL used\n" if $des_unroll;
+print "DES_INT used\n" if $des_int;
+print "BN_LLONG mode\n" if $bn_ll;
+print "RC4 uses u$type[$rc4_int]\n" if $rc4_int != $def_int;
+print "RC4_INDEX mode\n" if $rc4_idx;
+print "MD2 uses u$type[$md2_int]\n" if $md2_int != $def_int;
+print "IDEA uses u$type[$idea_int]\n" if $idea_int != $def_int;
+print "RC2 uses u$type[$rc2_int]\n" if $rc2_int != $def_int;
+print "BF_PTR used\n" if $bf_ptr == 1;
+print "BF_PTR2 used\n" if $bf_ptr == 2;
+exit(0);
+
+sub bad_target
+ {
+ print STDERR "Usage: Configure [-Dxxx] [-Lxxx] [-lxxx] os/compiler\n";
+ print STDERR "pick os/compiler from:";
+ $j=0;
+ foreach $i (sort keys %table)
+ {
+ next if /^b-/;
+ print STDERR "\n" if ($j++ % 4) == 0;
+ printf(STDERR "%-18s ",$i);
+ }
+ print STDERR "\n";
+ }
+
+sub Rename
+ {
+ local($from,$to)=@_;
+
+ unlink($to);
+ rename($from,$to) || die "unable to rename $from to $to:$!\n";
+ }
+
+sub file_new { local($a)=@_; $a =~ s/(\.[^.]+$|$)/.new/; $a; }
+sub file_old { local($a)=@_; $a =~ s/(\.[^.]+$|$)/.old/; $a; }
diff --git a/HISTORY b/HISTORY
new file mode 100644
index 0000000..7844faa
--- /dev/null
+++ b/HISTORY
@@ -0,0 +1,126 @@
+SSLeay 0.8.1 released.
+
+19-Jul-97
+ - Server side initated dynamic renegotiation is broken. I will fix
+ it when I get back from holidays.
+
+15-Jul-97
+ - Quite a few small changes.
+ - INVALID_SOCKET usage cleanups from Alex Kiernan <alex@hisoft.co.uk>
+
+09-Jul-97
+ - Added 2 new values to the SSL info callback.
+ SSL_CB_START which is passed when the SSL protocol is started
+ and SSL_CB_DONE when it has finished sucsessfully.
+
+08-Jul-97
+ - Fixed a few bugs problems in apps/req.c and crypto/asn1/x_pkey.c
+ that related to DSA public/private keys.
+ - Added all the relevent PEM and normal IO functions to support
+ reading and writing RSAPublic keys.
+ - Changed makefiles to use ${AR} instead of 'ar r'
+
+07-Jul-97
+ - Error in ERR_remove_state() that would leave a dangling reference
+ to a free()ed location - thanks to Alex Kiernan <alex@hisoft.co.uk>
+ - s_client now prints the X509_NAMEs passed from the server
+ when requesting a client cert.
+ - Added a ssl->type, which is one of SSL_ST_CONNECT or
+ SSL_ST_ACCEPT. I had to add it so I could tell if I was
+ a connect or an accept after the handshake had finished.
+ - SSL_get_client_CA_list(SSL *s) now returns the CA names
+ passed by the server if called by a client side SSL.
+
+05-Jul-97
+ - Bug in X509_NAME_get_text_by_OBJ(), looking starting at index
+ 0, not -1 :-( Fix from Tim Hudson (tjh@cryptsoft.com).
+
+04-Jul-97
+ - Fixed some things in X509_NAME_add_entry(), thanks to
+ Matthew Donald <matthew@world.net>.
+ - I had a look at the cipher section and though that it was a
+ bit confused, so I've changed it.
+ - I was not setting up the RC4-64-MD5 cipher correctly. It is
+ a MS special that appears in exported MS Money.
+ - Error in all my DH ciphers. Section 7.6.7.3 of the SSLv3
+ spec. I was missing the two byte length header for the
+ ClientDiffieHellmanPublic value. This is a packet sent from
+ the client to the server. The SSL_OP_SSLEAY_080_CLIENT_DH_BUG
+ option will enable SSLeay server side SSLv3 accept either
+ the correct or my 080 packet format.
+ - Fixed a few typos in crypto/pem.org.
+
+02-Jul-97
+ - Alias mapping for EVP_get_(digest|cipher)byname is now
+ performed before a lookup for actual cipher. This means
+ that an alias can be used to 're-direct' a cipher or a
+ digest.
+ - ASN1_read_bio() had a bug that only showed up when using a
+ memory BIO. When EOF is reached in the memory BIO, it is
+ reported as a -1 with BIO_should_retry() set to true.
+
+01-Jul-97
+ - Fixed an error in X509_verify_cert() caused by my
+ miss-understanding how 'do { contine } while(0);' works.
+ Thanks to Emil Sit <sit@mit.edu> for educating me :-)
+
+30-Jun-97
+ - Base64 decoding error. If the last data line did not end with
+ a '=', sometimes extra data would be returned.
+ - Another 'cut and paste' bug in x509.c related to setting up the
+ STDout BIO.
+
+27-Jun-97
+ - apps/ciphers.c was not printing due to an editing error.
+ - Alex Kiernan <alex@hisoft.co.uk> send in a nice fix for
+ a library build error in util/mk1mf.pl
+
+26-Jun-97
+ - Still did not have the auto 'experimental' code removal
+ script correct.
+ - A few header tweaks for Watcom 11.0 under Win32 from
+ Rolf Lindemann <Lindemann@maz-hh.de>
+ - 0 length OCTET_STRING bug in asn1_parse
+ - A minor fix with an non-existent function in the MS .def files.
+ - A few changes to the PKCS7 stuff.
+
+25-Jun-97
+ SSLeay 0.8.0 finally it gets released.
+
+24-Jun-97
+ Added a SSL_OP_EPHEMERAL_RSA option which causes all SSLv3 RSA keys to
+ use a temporary RSA key. This is experimental and needs some more work.
+ Fixed a few Win16 build problems.
+
+23-Jun-97
+ SSLv3 bug. I was not doing the 'lookup' of the CERT structure
+ correctly. I was taking the SSL->ctx->default_cert when I should
+ have been using SSL->cert. The bug was in ssl/s3_srvr.c
+
+20-Jun-97
+ X509_ATTRIBUTES were being encoded wrongly by apps/reg.c and the
+ rest of the library. Even though I had the code required to do
+ it correctly, apps/req.c was doing the wrong thing. I have fixed
+ and tested everything.
+
+ Missing a few #ifdef FIONBIO sections in crypto/bio/bss_acpt.c.
+
+19-Jun-97
+ Fixed a bug in the SSLv2 server side first packet handling. When
+ using the non-blocking test BIO, the ssl->s2->first_packet flag
+ was being reset when a would-block failure occurred when reading
+ the first 5 bytes of the first packet. This caused the checking
+ logic to run at the wrong time and cause an error.
+
+ Fixed a problem with specifying cipher. If RC4-MD5 were used,
+ only the SSLv3 version would be picked up. Now this will pick
+ up both SSLv2 and SSLv3 versions. This required changing the
+ SSL_CIPHER->mask values so that they only mask the ciphers,
+ digests, authentication, export type and key-exchange algorithms.
+
+ I found that when a SSLv23 session is established, a reused
+ session, of type SSLv3 was attempting to write the SSLv2
+ ciphers, which were invalid. The SSL_METHOD->put_cipher_by_char
+ method has been modified so it will only write out cipher which
+ that method knows about.
+
diff --git a/HISTORY.066 b/HISTORY.066
new file mode 100644
index 0000000..f852249
--- /dev/null
+++ b/HISTORY.066
@@ -0,0 +1,443 @@
+SSLeay 0.6.5
+
+After quite some time (3 months), the new release. I have been very busy
+for the last few months and so this is mostly bug fixes and improvments.
+
+The main additions are
+
+- assember for x86 DES. For all those gcc based systems, this is a big
+ improvement. From 117,000 DES operation a second on a pentium 100,
+ I now get 191,000. I have also reworked the C version so it
+ now gives 148,000 DESs per second.
+- As mentioned above, the inner DES macros now have some more variant that
+ sometimes help, sometimes hinder performance. There are now 3 options
+ DES_PTR (ptr vs array lookup), DES_UNROLL (full vs partial loop unrolling)
+ and DES_RISC (a more register intensive version of the inner macro).
+ The crypto/des/des_opts.c program, when compiled and run, will give
+ an indication of the correct options to use.
+- The BIO stuff has been improved. Read doc/bio.doc. There are now
+ modules for encryption and base64 encoding and a BIO_printf() function.
+- The CA program will accept simple one line X509v3 extensions in the
+ ssleay.cnf file. Have a look at the example. Currently this just
+ puts the text into the certificate as an OCTET_STRING so currently
+ the more advanced X509v3 data types are not handled but this is enough
+ for the netscape extensions.
+- There is the start of a nicer higher level interface to the X509
+ strucutre.
+- Quite a lot of bug fixes.
+- CRYPTO_malloc_init() (or CRYPTO_set_mem_functions()) can be used
+ to define the malloc(), free() and realloc() routines to use
+ (look in crypto/crypto.h). This is mostly needed for Windows NT/95 when
+ using DLLs and mixing CRT libraries.
+
+In general, read the 'VERSION' file for changes and be aware that some of
+the new stuff may not have been tested quite enough yet, so don't just plonk
+in SSLeay 0.6.5 when 0.6.4 used to work and expect nothing to break.
+
+SSLeay 0.6.4 30/08/96 eay
+
+I've just finished some test builds on Windows NT, Windows 3.1, Solaris 2.3,
+Solaris 2.5, Linux, IRIX, HPUX 10 and everthing seems to work :-).
+
+The main changes in this release
+
+- Thread safe. have a read of doc/threads.doc and play in the mt directory.
+ For anyone using 0.6.3 with threads, I found 2 major errors so consider
+ moving to 0.6.4. I have a test program that builds under NT and
+ solaris.
+- The get session-id callback has changed. Have a read of doc/callback.doc.
+- The X509_cert_verify callback (the SSL_verify callback) now
+ has another argument. Have a read of doc/callback.doc
+- 'ca -preserve', sign without re-ordering the DN. Not tested much.
+- VMS support.
+- Compile time memory leak detection can now be built into SSLeay.
+ Read doc/memory.doc
+- CONF routines now understand '\', '\n', '\r' etc. What this means is that
+ the SPKAC object mentioned in doc/ns-ca.doc can be on multiple lines.
+- 'ssleay ciphers' added, lists the default cipher list for SSLeay.
+- RC2 key setup is now compatable with Netscape.
+- Modifed server side of SSL implementation, big performance difference when
+ using session-id reuse.
+
+0.6.3
+
+Bug fixes and the addition of some nice stuff to the 'ca' program.
+Have a read of doc/ns-ca.doc for how hit has been modified so
+it can be driven from a CGI script. The CGI script is not provided,
+but that is just being left as an excersize for the reader :-).
+
+0.6.2
+
+This is most bug fixes and functionality improvements.
+
+Additions are
+- More thread debugging patches, the thread stuff is still being
+ tested, but for those keep to play with stuff, have a look in
+ crypto/cryptlib.c. The application needs to define 1 (or optionaly
+ a second) callback that is used to implement locking. Compiling
+ with LOCK_DEBUG spits out lots of locking crud :-).
+ This is what I'm currently working on.
+- SSL_CTX_set_default_passwd_cb() can be used to define the callback
+ function used in the SSL*_file() functions used to load keys. I was
+ always of the opinion that people should call
+ PEM_read_RSAPrivateKey() and pass the callback they want to use, but
+ it appears they just want to use the SSL_*_file() function() :-(.
+- 'enc' now has a -kfile so a key can be read from a file. This is
+ mostly used so that the passwd does not appear when using 'ps',
+ which appears imposible to stop under solaris.
+- X509v3 certificates now work correctly. I even have more examples
+ in my tests :-). There is now a X509_EXTENSION type that is used in
+ X509v3 certificates and CRLv2.
+- Fixed that signature type error :-(
+- Fixed quite a few potential memory leaks and problems when reusing
+ X509, CRL and REQ structures.
+- EVP_set_pw_prompt() now sets the library wide default password
+ prompt.
+- The 'pkcs7' command will now, given the -print_certs flag, output in
+ pem format, all certificates and CRL contained within. This is more
+ of a pre-emtive thing for the new verisign distribution method. I
+ should also note, that this also gives and example in code, of how
+ to do this :-), or for that matter, what is involved in going the
+ other way (list of certs and crl -> pkcs7).
+- Added RSA's DESX to the DES library. It is also available via the
+ EVP_desx_cbc() method and via 'enc desx'.
+
+SSLeay 0.6.1
+
+The main functional changes since 0.6.0 are as follows
+- Bad news, the Microsoft 060 DLL's are not compatable, but the good news is
+ that from now on, I'll keep the .def numbers the same so they will be.
+- RSA private key operations are about 2 times faster that 0.6.0
+- The SSL_CTX now has more fields so default values can be put against
+ it. When an SSL structure is created, these default values are used
+ but can be overwritten. There are defaults for cipher, certificate,
+ private key, verify mode and callback. This means SSL session
+ creation can now be
+ ssl=SSL_new()
+ SSL_set_fd(ssl,sock);
+ SSL_accept(ssl)
+ ....
+ All the other uglyness with having to keep a global copy of the
+ private key and certificate/verify mode in the server is now gone.
+- ssl/ssltest.c - one process talking SSL to its self for testing.
+- Storage of Session-id's can be controled via a session_cache_mode
+ flag. There is also now an automatic default flushing of
+ old session-id's.
+- The X509_cert_verify() function now has another parameter, this
+ should not effect most people but it now means that the reason for
+ the failure to verify is now available via SSL_get_verify_result(ssl).
+ You don't have to use a global variable.
+- SSL_get_app_data() and SSL_set_app_data() can be used to keep some
+ application data against the SSL structure. It is upto the application
+ to free the data. I don't use it, but it is available.
+- SSL_CTX_set_cert_verify_callback() can be used to specify a
+ verify callback function that completly replaces my certificate
+ verification code. Xcert should be able to use this :-).
+ The callback is of the form int app_verify_callback(arg,ssl,cert).
+ This needs to be documented more.
+- I have started playing with shared library builds, have a look in
+ the shlib directory. It is very simple. If you need a numbered
+ list of functions, have a look at misc/crypto.num and misc/ssl.num.
+- There is some stuff to do locking to make the library thread safe.
+ I have only started this stuff and have not finished. If anyone is
+ keen to do so, please send me the patches when finished.
+
+So I have finally made most of the additions to the SSL interface that
+I thought were needed.
+
+There will probably be a pause before I make any non-bug/documentation
+related changes to SSLeay since I'm feeling like a bit of a break.
+
+eric - 12 Jul 1996
+I saw recently a comment by some-one that we now seem to be entering
+the age of perpetual Beta software.
+Pioneered by packages like linux but refined to an art form by
+netscape.
+
+I too wish to join this trend with the anouncement of SSLeay 0.6.0 :-).
+
+There are quite a large number of sections that are 'works in
+progress' in this package. I will also list the major changes and
+what files you should read.
+
+BIO - this is the new IO structure being used everywhere in SSLeay. I
+started out developing this because of microsoft, I wanted a mechanism
+to callback to the application for all IO, so Windows 3.1 DLL
+perversion could be hidden from me and the 15 different ways to write
+to a file under NT would also not be dictated by me at library build
+time. What the 'package' is is an API for a data structure containing
+functions. IO interfaces can be written to conform to the
+specification. This in not intended to hide the underlying data type
+from the application, but to hide it from SSLeay :-).
+I have only really finished testing the FILE * and socket/fd modules.
+There are also 'filter' BIO's. Currently I have only implemented
+message digests, and it is in use in the dgst application. This
+functionality will allow base64/encrypto/buffering modules to be
+'push' into a BIO without it affecting the semantics. I'm also
+working on an SSL BIO which will hide the SSL_accept()/SLL_connet()
+from an event loop which uses the interface.
+It is also possible to 'attach' callbacks to a BIO so they get called
+before and after each operation, alowing extensive debug output
+to be generated (try running dgst with -d).
+
+Unfortunaly in the conversion from 0.5.x to 0.6.0, quite a few
+functions that used to take FILE *, now take BIO *.
+The wrappers are easy to write
+
+function_fp(fp,x)
+FILE *fp;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL) error.....
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=function_bio(b,x);
+ BIO_free(b);
+ return(ret);
+ }
+Remember, there are no functions that take FILE * in SSLeay when
+compiled for Windows 3.1 DLL's.
+
+--
+I have added a general EVP_PKEY type that can hold a public/private
+key. This is now what is used by the EVP_ functions and is passed
+around internally. I still have not done the PKCS#8 stuff, but
+X509_PKEY is defined and waiting :-)
+
+--
+For a full function name listings, have a look at ms/crypt32.def and
+ms/ssl32.def. These are auto-generated but are complete.
+Things like ASN1_INTEGER_get() have been added and are in here if you
+look. I have renamed a few things, again, have a look through the
+function list and you will probably find what you are after. I intend
+to at least put a one line descrition for each one.....
+
+--
+Microsoft - thats what this release is about, read the MICROSOFT file.
+
+--
+Multi-threading support. I have started hunting through the code and
+flaging where things need to be done. In a state of work but high on
+the list.
+
+--
+For random numbers, edit e_os.h and set DEVRANDOM (it's near the top)
+be be you random data device, otherwise 'RFILE' in e_os.h
+will be used, in your home directory. It will be updated
+periodically. The environment variable RANDFILE will override this
+choice and read/write to that file instead. DEVRANDOM is used in
+conjunction to the RFILE/RANDFILE. If you wish to 'seed' the random
+number generator, pick on one of these files.
+
+--
+
+The list of things to read and do
+
+dgst -d
+s_client -state (this uses a callback placed in the SSL state loop and
+ will be used else-where to help debug/monitor what
+ is happening.)
+
+doc/why.doc
+doc/bio.doc <- hmmm, needs lots of work.
+doc/bss_file.doc <- one that is working :-)
+doc/session.doc <- it has changed
+doc/speed.doc
+ also play with ssleay version -a. I have now added a SSLeay()
+ function that returns a version number, eg 0600 for this release
+ which is primarily to be used to check DLL version against the
+ application.
+util/* Quite a few will not interest people, but some may, like
+ mk1mf.pl, mkdef.pl,
+util/do_ms.sh
+
+try
+cc -Iinclude -Icrypto -c crypto/crypto.c
+cc -Iinclude -Issl -c ssl/ssl.c
+You have just built the SSLeay libraries as 2 object files :-)
+
+Have a general rummage around in the bin stall directory and look at
+what is in there, like CA.sh and c_rehash
+
+There are lots more things but it is 12:30am on a Friday night and I'm
+heading home :-).
+
+eric 22-Jun-1996
+This version has quite a few major bug fixes and improvements. It DOES NOT
+do SSLv3 yet.
+
+The main things changed
+- A Few days ago I added the s_mult application to ssleay which is
+ a demo of an SSL server running in an event loop type thing.
+ It supports non-blocking IO, I have finally gotten it right, SSL_accept()
+ can operate in non-blocking IO mode, look at the code to see how :-).
+ Have a read of doc/s_mult as well. This program leaks memory and
+ file descriptors everywhere but I have not cleaned it up yet.
+ This is a demo of how to do non-blocking IO.
+- The SSL session management has been 'worked over' and there is now
+ quite an expansive set of functions to manipulate them. Have a read of
+ doc/session.doc for some-things I quickly whipped up about how it now works.
+ This assume you know the SSLv2 protocol :-)
+- I can now read/write the netscape certificate format, use the
+ -inform/-outform 'net' options to the x509 command. I have not put support
+ for this type in the other demo programs, but it would be easy to add.
+- asn1parse and 'enc' have been modified so that when reading base64
+ encoded files (pem format), they do not require '-----BEGIN' header lines.
+ The 'enc' program had a buffering bug fixed, it can be used as a general
+ base64 -> binary -> base64 filter by doing 'enc -a -e' and 'enc -a -d'
+ respecivly. Leaving out the '-a' flag in this case makes the 'enc' command
+ into a form of 'cat'.
+- The 'x509' and 'req' programs have been fixed and modified a little so
+ that they generate self-signed certificates correctly. The test
+ script actually generates a 'CA' certificate and then 'signs' a
+ 'user' certificate. Have a look at this shell script (test/sstest)
+ to see how things work, it tests most possible combinations of what can
+ be done.
+- The 'SSL_set_pref_cipher()' function has been 'fixed' and the prefered name
+ of SSL_set_cipher_list() is now the correct API (stops confusion :-).
+ If this function is used in the client, only the specified ciphers can
+ be used, with preference given to the order the ciphers were listed.
+ For the server, if this is used, only the specified ciphers will be used
+ to accept connections. If this 'option' is not used, a default set of
+ ciphers will be used. The SSL_CTX_set_cipher_list(SSL_CTX *ctx) sets this
+ list for all ciphers started against the SSL_CTX. So the order is
+ SSL cipher_list, if not present, SSL_CTX cipher list, if not
+ present, then the library default.
+ What this means is that normally ciphers like
+ NULL-MD5 will never be used. The only way this cipher can be used
+ for both ends to specify to use it.
+ To enable or disable ciphers in the library at build time, modify the
+ first field for the cipher in the ssl_ciphers array in ssl/ssl_lib.c.
+ This file also contains the 'pref_cipher' list which is the default
+ cipher preference order.
+- I'm not currently sure if the 'rsa -inform net' and the 'rsa -outform net'
+ options work. They should, and they enable loading and writing the
+ netscape rsa private key format. I will be re-working this section of
+ SSLeay for the next version. What is currently in place is a quick and
+ dirty hack.
+- I've re-written parts of the bignum library. This gives speedups
+ for all platforms. I now provide assembler for use under Windows NT.
+ I have not tested the Windows 3.1 assembler but it is quite simple code.
+ This gives RSAprivate_key operation encryption times of 0.047s (512bit key)
+ and 0.230s (1024bit key) on a pentium 100 which I consider reasonable.
+ Basically the times available under linux/solaris x86 can be achieve under
+ Windows NT. I still don't know how these times compare to RSA's BSAFE
+ library but I have been emailing with people and with their help, I should
+ be able to get my library's quite a bit faster still (more algorithm changes).
+ The object file crypto/bn/asm/x86-32.obj should be used when linking
+ under NT.
+- 'make makefile.one' in the top directory will generate a single makefile
+ called 'makefile.one' This makefile contains no perl references and
+ will build the SSLeay library into the 'tmp' and 'out' directories.
+ util/mk1mf.pl >makefile.one is how this makefile is
+ generated. The mk1mf.pl command take several option to generate the
+ makefile for use with cc, gcc, Visual C++ and Borland C++. This is
+ still under development. I have only build .lib's for NT and MSDOS
+ I will be working on this more. I still need to play with the
+ correct compiler setups for these compilers and add some more stuff but
+ basically if you just want to compile the library
+ on a 'non-unix' platform, this is a very very good file to start with :-).
+ Have a look in the 'microsoft' directory for my current makefiles.
+ I have not yet modified things to link with sockets under Windows NT.
+ You guys should be able to do this since this is actually outside of the
+ SSLeay scope :-). I will be doing it for myself soon.
+ util/mk1mf.pl takes quite a few options including no-rc, rsaref and no-sock
+ to build without RC2/RC4, to require RSAref for linking, and to
+ build with no socket code.
+
+- Oh yes, the cipher that was reported to be compatible with RSA's RC2 cipher
+ that was posted to sci.crypt has been added to the library and SSL.
+ I take the view that if RC2 is going to be included in a standard,
+ I'll include the cipher to make my package complete.
+ There are NO_RC2, NO_RC4 and NO_IDEA macros to remove these ciphers
+ at compile time. I have not tested this recently but it should all work
+ and if you are in the USA and don't want RSA threatening to sue you,
+ you could probably remove the RC4/RC2 code inside these sections.
+ I may in the future include a perl script that does this code
+ removal automatically for those in the USA :-).
+- I have removed all references to sed in the makefiles. So basically,
+ the development environment requires perl and sh. The build environment
+ does not (use the makefile.one makefile).
+ The Configure script still requires perl, this will probably stay that way
+ since I have perl for Windows NT :-).
+
+eric (03-May-1996)
+
+PS Have a look in the VERSION file for more details on the changes and
+ bug fixes.
+I have fixed a few bugs, added alpha and x86 assembler and generally cleaned
+things up. This version will be quite stable, mostly because I'm on
+holidays until 10-March-1996. For any problems in the interum, send email
+to Tim Hudson <tjh@mincom.oz.au>.
+
+SSLeay 0.5.0
+
+12-12-95
+This is going out before it should really be released.
+
+I leave for 11 weeks holidays on the 22-12-95 and so I either sit on
+this for 11 weeks or get things out. It is still going to change a
+lot in the next week so if you do grab this version, please test and
+give me feed back ASAP, inculuding questions on how to do things with
+the library. This will prompt me to write documentation so I don't
+have to answer the same question again :-).
+
+This 'pre' release version is for people who are interested in the
+library. The applications will have to be changed to use
+the new version of the SSL interface. I intend to finish more
+documentation before I leave but until then, look at the programs in
+the apps directory. As far as code goes, it is much much nicer than
+the old version.
+
+The current library works, has no memory leaks (as far as I can tell)
+and is far more bug free that 0.4.5d. There are no global variable of
+consequence (I believe) and I will produce some documentation that
+tell where to look for those people that do want to do multi-threaded
+stuff.
+
+There should be more documentation. Have a look in the
+doc directory. I'll be adding more before I leave, it is a start
+by mostly documents the crypto library. Tim Hudson will update
+the web page ASAP. The spelling and grammar are crap but
+it is better than nothing :-)
+
+Reasons to start playing with version 0.5.0
+- All the programs in the apps directory build into one ssleay binary.
+- There is a new version of the 'req' program that generates certificate
+ requests, there is even documentation for this one :-)
+- There is a demo certification authorithy program. Currently it will
+ look at the simple database and update it. It will generate CRL from
+ the data base. You need to edit the database by hand to revoke a
+ certificate, it is my aim to use perl5/Tk but I don't have time to do
+ this right now. It will generate the certificates but the management
+ scripts still need to be written. This is not a hard task.
+- Things have been cleaned up alot.
+- Have a look at the enc and dgst programs in the apps directory.
+- It supports v3 of x509 certiticates.
+
+
+Major things missing.
+- I have been working on (and thinging about) the distributed x509
+ hierachy problem. I have not had time to put my solution in place.
+ It will have to wait until I come back.
+- I have not put in CRL checking in the certificate verification but
+ it would not be hard to do. I was waiting until I could generate my
+ own CRL (which has only been in the last week) and I don't have time
+ to put it in correctly.
+- Montgomery multiplication need to be implemented. I know the
+ algorithm, just ran out of time.
+- PKCS#7. I can load and write the DER version. I need to re-work
+ things to support BER (if that means nothing, read the ASN1 spec :-).
+- Testing of the higher level digital envelope routines. I have not
+ played with the *_seal() and *_open() type functions. They are
+ written but need testing. The *_sign() and *_verify() functions are
+ rock solid.
+- PEM. Doing this and PKCS#7 have been dependant on the distributed
+ x509 heirachy problem. I started implementing my ideas, got
+ distracted writing a CA program and then ran out of time. I provide
+ the functionality of RSAref at least.
+- Re work the asm. code for the x86. I've changed by low level bignum
+ interface again, so I really need to tweak the x86 stuff. gcc is
+ good enough for the other boxes.
+
diff --git a/INSTALL b/INSTALL
new file mode 100644
index 0000000..9cbdfd7
--- /dev/null
+++ b/INSTALL
@@ -0,0 +1,128 @@
+# Installation of SSLeay.
+# It depends on perl for a few bits but those steps can be skipped and
+# the top level makefile edited by hand
+
+# When bringing the SSLeay distribution back from the evil intel world
+# of Windows NT, do the following to make it nice again under unix :-)
+# You don't normally need to run this.
+sh util/fixNT.sh # This only works for NT now - eay - 21-Jun-1996
+
+# If you have perl, and it is not in /usr/local/bin, you can run
+perl util/perlpath.pl /new/path
+# and this will fix the paths in all the scripts. DO NOT put
+# /new/path/perl, just /new/path. The build
+# environment always run scripts as 'perl perlscript.pl' but some of the
+# 'applications' are easier to usr with the path fixed.
+
+# Edit crypto/cryptlib.h, tools/c_rehash, and Makefile.ssl
+# to set the install locations if you don't like
+# the default location of /usr/local/ssl
+# Do this by running
+perl util/ssldir.pl /new/ssl/home
+# if you have perl, or by hand if not.
+
+# If things have been stuffed up with the sym links, run
+make -f Makefile.ssl links
+# This will re-populate lib/include with symlinks and for each
+# directory, link Makefile to Makefile.ssl
+
+# Setup the machine dependent stuff for the top level makefile
+# and some select .h files
+# If you don't have perl, this will bomb, in which case just edit the
+# top level Makefile.ssl
+./Configure 'system type'
+
+# The 'Configure' command contains default configuration parameters
+# for lots of machines. Configure edits 5 lines in the top level Makefile
+# It modifies the following values in the following files
+Makefile.ssl CC CFLAG EX_LIBS BN_MULW
+crypto/des/des.h DES_LONG
+crypto/des/des_locl.h DES_PTR
+crypto/md/md2.h MD2_INT
+crypto/rc4/rc4.h RC4_INT
+crypto/rc4/rc4_enc.c RC4_INDEX
+crypto/rc2/rc2.h RC2_INT
+crypto/bf/bf_locl.h BF_INT
+crypto/idea/idea.h IDEA_INT
+crypto/bn/bn.h BN_LLONG (and defines one of SIXTY_FOUR_BIT,
+ SIXTY_FOUR_BIT_LONG, THIRTY_TWO_BIT,
+ SIXTEEN_BIT or EIGHT_BIT)
+Please remember that all these files are actually copies of the file with
+a .org extention. So if you change crypto/des/des.h, the next time
+you run Configure, it will be runover by a 'configured' version of
+crypto/des/des.org. So to make the changer the default, change the .org
+files. The reason these files have to be edited is because most of
+these modifications change the size of fundamental data types.
+While in theory this stuff is optional, it often makes a big
+difference in performance and when using assember, it is importaint
+for the 'Bignum bits' match those required by the assember code.
+A warning for people using gcc with sparc cpu's. Gcc needs the -mv8
+flag to use the hardware multiply instruction which was not present in
+earlier versions of the sparc CPU. I define it by default. If you
+have an old sparc, and it crashes, try rebuilding with this flag
+removed. I am leaving this flag on by default because it makes
+things run 4 times faster :-)
+
+# clean out all the old stuff
+make clean
+
+# Do a make depend only if you have the makedepend command installed
+# This is not needed but it does make things nice when developing.
+make depend
+
+# make should build everything
+make
+
+# fix up the demo certificate hash directory if it has been stuffed up.
+make rehash
+
+# test everything
+make test
+
+# install the lot
+make install
+
+# It is worth noting that all the applications are built into the one
+# program, ssleay, which is then has links from the other programs
+# names to it.
+# The applicatons can be built by themselves, just don't define the
+# 'MONOLITH' flag. So to build the 'enc' program stand alone,
+gcc -O2 -Iinclude apps/enc.c apps/apps.c libcrypto.a
+
+# Other useful make options are
+make makefile.one
+# which generate a 'makefile.one' file which will build the complete
+# SSLeay distribution with temp. files in './tmp' and 'installable' files
+# in './out'
+
+# Have a look at running
+perl util/mk1mf.pl help
+# this can be used to generate a single makefile and is about the only
+# way to generate makefiles for windows.
+
+# There is actually a final way of building SSLeay.
+gcc -O2 -c -Icrypto -Iinclude crypto/crypto.c
+gcc -O2 -c -Issl -Iinclude ssl/ssl.c
+# and you now have the 2 libraries as single object files :-).
+# If you want to use the assember code for your particular platform
+# (DEC alpha/x86 are the main ones, the other assember is just the
+# output from gcc) you will need to link the assember with the above generated
+# object file and also do the above compile as
+gcc -O2 -DBN_ASM -c -Icrypto -Iinclude crypto/crypto.c
+
+This last option is probably the best way to go when porting to another
+platform or building shared libraries. It is not good for development so
+I don't normally use it.
+
+To build shared libararies under unix, have a look in shlib, basically
+you are on your own, but it is quite easy and all you have to do
+is compile 2 (or 3) files.
+
+For mult-threading, have a read of doc/threads.doc. Again it is quite
+easy and normally only requires some extra callbacks to be defined
+by the application.
+The examples for solaris and windows NT/95 are in the mt directory.
+
+have fun
+
+eric 25-Jun-1997
diff --git a/MICROSOFT b/MICROSOFT
new file mode 100644
index 0000000..54176f0
--- /dev/null
+++ b/MICROSOFT
@@ -0,0 +1,146 @@
+The Microsoft World.
+
+The good news, to build SSLeay for the Microsft World
+
+Windows 3.1 DLL's
+perl Configure VC-WIN16
+nmake -f ms\w31dll.mak
+
+Windows NT/95 DLL's
+perl Configure VC-WIN32
+nmake -f ms\ntdll.mak
+
+Now the bad news
+All builds were done using Microsofts Visual C++ 1.52c and [45].x.
+If you are a borland person, you are probably going to have to help me
+finish the stuff in util/pl/BC*pl
+
+All builds were made under Windows NT - this means long filenames, so
+you may have problems under Windows 3.1 but probably not under 95.
+
+Because file pointers don't work in DLL's under Windows 3.1 (well at
+least stdin/stdout don't and I don't like having to differentiate
+between these and other file pointers), I now use the BIO file-pointer
+module, which needs to be linked into your application. You can either
+use the memory buffer BIO for IO, or compile bss_file.c into your
+application, it is in the apps directory and is just a copy of
+crypto/buffer/bss_file.c with #define APPS_WIN16 added.
+I have not yet automated the makefile to automatically copy it into 'out'
+for a win 3.1 build....
+
+All callbacks passed into SSLeay for Windows 3.1 need to be of type
+_far _loadds.
+
+I don't support building with the pascal calling convention.
+
+The DLL and static builds are large memory model.
+
+To build static libraries for NT/95 or win 3.1
+
+perl util/mk1mf.pl VC-WIN32 > mf-stat.nt
+perl util/mk1mf.pl VC-WIN16 > mf-stat.w31
+for DLL's
+perl util/mk1mf.pl dll VC-WIN32 > mf-dll.nt
+perl util/mk1mf.pl dll VC-WIN16 > mf-dll.w31
+
+Again you will notice that if you dont have perl, you cannot do this.
+
+Now the next importaint issue. Running Configure!
+I have small assember code files for critical big number library operation
+in crypto/bn/asm. There is, asm code, object files and uuencode
+object files. They are
+x86nt32.asm - 32bit flat memory model assember - suitable Win32
+x86w16.asm - 16bit assember - used in the msdos build.
+x86w32.asm - 32bit assember, win 3.1 segments, used for win16 build.
+
+If you feel compelled to build the 16bit maths routines in the windows 3.1
+build,
+perl Configure VC-W31-16
+perl util/mk1mf.pl dll VC-W31-16 > mf-dll.w31
+
+If you hate assember and don't want anything to do with it,
+perl util/mk1mf.pl no-asm VC-WIN16 > mf-dll.w31
+will work for any of the makefile generations.
+
+There are more options to mk1mf.pl but these all leave the temporary
+files in 'tmp' and the output files in 'out' by default.
+
+The NT build is done for console mode.
+
+The Windows 3.1 version of SSLeay uses quickwin, the interface is ugly
+but it is better than nothing. If you want ugly, try doing anything
+that involves getting a password. I decided to be ugly instead of
+echoing characters. For Windows 3.1 I would just sugest using the
+msdos version of the ssleay application for command line work.
+The QuickWin build is primarily for testing.
+
+For both NT and Windows 3.1, I have not written the code so that
+s_client, s_server can take input from the keyboard. You can happily
+start applications up in separate windows, watch them handshake, and then sit
+there for-ever. I have not had the time to get this working, and I've
+been able to test things from a unix box to the NT box :-).
+Try running ssleay s_server on the windows box
+(with either -cert ../apps/server.pem -www)
+and run ssleay s_time from another window.
+This often stuffs up on Windows 3.1, but I'm not worried since this is
+probably a problem with my demo applications, not the libraries.
+
+After a build of one of the version of microsoft SSLeay,
+'cd ms' and then run 'test'. This should check everything out and
+even does a trial run of generating certificates.
+'test.bat' requires that perl be install, you be in the ms directory
+(not the test directory, thats for unix so stay out :-) and that the
+build output directory be ../out
+
+On a last note, you will probably get division by zero errors and
+stuff after a build. This is due to your own inability to follow
+instructions :-).
+
+The reasons for the problem is probably one of the following.
+
+1) You did not run Configure. This is critical for windows 3.1 when
+ using assember. The values in crypto/bn/bn.h must match the
+ ones requred for the assember code. (remember that if you
+ edit crypto/bn/bn.h by hand, it will be clobered the next time
+ you run Configure by the contents of crypto/bn/bn.org).
+ SSLeay version -o will list the compile options.
+ For VC-WIN32 you need bn(64,32) or bn(32,32)
+ For VC-W31-32/VC-WIN16 you need bn(32,32)
+ For VC-W31-16 you need bn(32,16) or bn(16,16)
+ For VC-MSDOS you need bn(32,16) or bn(16,16).
+
+ The first number will be 2 times bigger than the second if
+ BN_LLONG is defined in bn.h and the size of the second number
+ depends on the 'bits' defined at the start of bn.h. Have a
+ look, it's all reasonably clear.
+ If you want to start messing with 8 bit builds and things like
+ that, build without the assember by re-generating a makefile
+ via 'perl util/mk1mf.pl no-asm'.
+2) You tried to build under MS-DOS or Windows 3.1 using the /G3
+ option. Don't. It is buggy (thats why you just got that
+ error) and unless you want to work out which optimising flag
+ to turn off, I'm not going to help you :-). I also noticed
+ that code often ran slower when compiled with /G3.
+3) Under NT/95, malloc goes stupid. You are probably linking with
+ the wrong library, there are problems if you mix the threaded
+ and non-threaded libraries (due to the DLL being staticly
+ linked with one and the applicaion using another.
+
+Well hopefully thats most of the MS issues handled, see you in ssl-users :-).
+
+eric 30-Aug-1996
+
+SSLeay 0.6.5
+For Windows 95/NT, add CRYPTO_malloc_init() to your program before any
+calls to the SSLeay libraries. This function will insert callbacks so that
+the SSLeay libraries will use the same malloc(), free() and realloc() as
+your application so 'problem 3)' mentioned above will go away.
+
+There is now DES assember for Windows NT/95. The file is
+crypto/des/asm/win32.asm and replaces crypto/des/des_enc.c in the build.
+
+There is also Blowfish assember for Windows NT/95. The file is
+crypto/bf/asm/win32.asm and replaces crypto/bf/bf_enc.c in the build.
+
+eric 25-Jun-1997
+
diff --git a/MINFO b/MINFO
new file mode 100644
index 0000000..024b85d
--- /dev/null
+++ b/MINFO
@@ -0,0 +1,831 @@
+RELATIVE_DIRECTORY=.
+AR=ar r
+BASENAME=SSLeay
+BF_ENC=bf_enc.o
+BN_MULW=bn_mulw.o
+CC=cc
+CFLAG=-O -DNOPROTO
+DES_ENC=des_enc.o fcrypt_b.o
+DIRS=crypto ssl rsaref apps test tools
+EDIRS=times doc bugs util include certs ms shlib mt demos
+EX_HEADER=
+EX_LIBS=
+GENERAL=Makefile
+HEADER=e_os.h
+INSTALLTOP=/usr/local/ssl
+LIBS=libcrypto.a libssl.a
+MAKE=make -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+MAN1=1
+MAN3=3
+MISC=COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile README TODO HISTORY README.066 README.080 VERSION PROBLEMS MINFO makefile.one e_os.h MICROSOFT makevms.com
+NAME=SSLeay-0.8.1
+ONEDIRS=out tmp
+PEX_LIBS=-L. -L.. -L../.. -L../../..
+SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem asn1 x509 conf txt_db pkcs7
+SHELL=/bin/sh
+TARFILE=SSLeay-0.8.1.tar
+TOP=.
+VERSION=0.8.1
+WDIRS=windows
+WTARFILE=SSLeay-0.8.1-win.tar
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto
+ALL=Makefile README cryptlib.c mem.c cversion.c cryptlib.h date.h crypto.h cryptall.h
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I. -I../include -g -DCFLAGS=" \"cc -g\" "
+DIR=crypto
+EXHEADER=crypto.h cryptall.h
+EX_LIBS=
+GENERAL=Makefile README
+HEADER=cryptlib.h date.h crypto.h cryptall.h
+INCLUDE=-I. -I../include
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libcrypto.a
+LIBOBJ=cryptlib.o mem.o cversion.o
+LIBS=
+LIBSRC=cryptlib.c mem.c cversion.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+PEX_LIBS=
+RM=/bin/rm -f
+SDIRS=md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh buffer bio stack lhash rand err objects evp pem x509 asn1 conf txt_db pkcs7
+SRC=cryptlib.c mem.c cversion.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/md
+ALL=Makefile md2_dgst.c md5_dgst.c md2_one.c md5_one.c md5_locl.h md2.h md5.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=md
+EXHEADER=md2.h md5.h
+GENERAL=Makefile
+HEADER=md5_locl.h md2.h md5.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
+LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+TEST=md2test.c md5test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/sha
+ALL=Makefile sha_dgst.c sha1dgst.c sha_one.c sha1_one.c sha_locl.h sha.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=sha
+EXHEADER=sha.h
+GENERAL=Makefile
+HEADER=sha_locl.h sha.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+TEST=shatest.c sha1test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/mdc2
+ALL=Makefile mdc2dgst.c mdc2_one.c mdc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=mdc2
+EXHEADER=mdc2.h
+GENERAL=Makefile
+HEADER=mdc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=mdc2dgst.o mdc2_one.o
+LIBSRC=mdc2dgst.c mdc2_one.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=mdc2dgst.c mdc2_one.c
+TEST=mdc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/des
+ALL=Makefile des.org des_locl.org cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DES_ENC=des_enc.o fcrypt_b.o
+DIR=des
+EXHEADER=des.h
+GENERAL=Makefile des.org des_locl.org
+HEADER=des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h des.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o des_enc.o fcrypt_b.o read2pwd.o fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+LIBSRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c des_enc.c fcrypt_b.c read2pwd.c fcrypt.c xcbc_enc.c str2key.c cfb64ede.c ofb64ede.c supp.c
+TEST=destest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc4
+ALL=Makefile rc4_enc.c rc4.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc4
+EXHEADER=rc4.h
+GENERAL=Makefile
+HEADER=rc4.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc4_enc.o
+LIBSRC=rc4_enc.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc4_enc.c
+TEST=rc4test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rc2
+ALL=Makefile rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c rc2_locl.h rc2.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rc2
+EXHEADER=rc2.h
+GENERAL=Makefile
+HEADER=rc2_locl.h rc2.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+TEST=rc2test.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/idea
+ALL=Makefile i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c idea_lcl.h idea.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=idea
+EXHEADER=idea.h
+GENERAL=Makefile
+HEADER=idea_lcl.h idea.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+TEST=ideatest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bf
+ALL=Makefile bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c bf_pi.h bf_locl.h blowfish.h
+APPS=
+AR=ar r
+BF_ENC=bf_enc.o
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+CPP=cc -E
+DIR=bf
+EXHEADER=blowfish.h
+GENERAL=Makefile
+HEADER=bf_pi.h bf_locl.h blowfish.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bf_skey.o bf_ecb.o bf_enc.o bf_cbc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+TEST=bftest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bn
+ALL=Makefile bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c bn_lcl.h bn_prime.h bn.h
+APPS=
+AR=ar r
+BN_MULW=bn_mulw.o
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=bn
+ERR=bn
+ERRC=bn_err
+EXHEADER=bn.h
+GENERAL=Makefile
+HEADER=bn_lcl.h bn_prime.h bn.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o bn_gcd.o bn_prime.o bn_err.o bn_sqr.o bn_mulw.o bn_recp.o bn_mont.o
+LIBSRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c bn_gcd.c bn_prime.c bn_err.c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+TEST=bntest.c exptest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rsa
+ALL=Makefile rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c rsa.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=rsa
+ERR=rsa
+ERRC=rsa_err
+EXHEADER=rsa.h
+GENERAL=Makefile
+HEADER=rsa.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o rsa_err.o
+LIBSRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c rsa_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/dsa
+ALL=Makefile dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c dsa.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=dsa
+ERR=dsa
+ERRC=dsa_err
+EXHEADER=dsa.h
+GENERAL=Makefile
+HEADER=dsa.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=dsa_gen.o dsa_key.o dsa_lib.o dsa_vrf.o dsa_sign.o dsa_err.o
+LIBSRC=dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c dsa_err.c
+TEST=dsatest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/dh
+ALL=Makefile dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c dh.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=dh
+ERR=dh
+ERRC=dh_err
+EXHEADER=dh.h
+GENERAL=Makefile
+HEADER=dh.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=dh_gen.o dh_key.o dh_lib.o dh_check.o dh_err.o
+LIBSRC=dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=dh_gen.c dh_key.c dh_lib.c dh_check.c dh_err.c
+TEST=dhtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/buffer
+ALL=Makefile buffer.c buf_err.c buffer.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=buffer
+ERR=buffer
+ERRC=buf_err
+EXHEADER=buffer.h
+GENERAL=Makefile
+HEADER=buffer.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=buffer.o buf_err.o
+LIBSRC=buffer.c buf_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=buffer.c buf_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/bio
+ALL=Makefile bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c bio.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=bio
+ERR=bio
+ERRC=bio_err
+EXHEADER=bio.h
+GENERAL=Makefile
+HEADER=bio.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=bio_lib.o bio_cb.o bio_err.o bss_mem.o bss_null.o bss_fd.o bss_file.o bss_sock.o bss_conn.o bf_null.o bf_buff.o b_print.o b_dump.o b_sock.o bss_acpt.o bf_nbio.o
+LIBSRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=bio_lib.c bio_cb.c bio_err.c bss_mem.c bss_null.c bss_fd.c bss_file.c bss_sock.c bss_conn.c bf_null.c bf_buff.c b_print.c b_dump.c b_sock.c bss_acpt.c bf_nbio.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/stack
+ALL=Makefile stack.c stack.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=stack
+EXHEADER=stack.h
+GENERAL=Makefile
+HEADER=stack.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=stack.o
+LIBSRC=stack.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=stack.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/lhash
+ALL=Makefile lhash.c lh_stats.c lhash.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=lhash
+EXHEADER=lhash.h
+GENERAL=Makefile
+HEADER=lhash.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=lhash.o lh_stats.o
+LIBSRC=lhash.c lh_stats.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=lhash.c lh_stats.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/rand
+ALL=Makefile md_rand.c randfile.c rand.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=rand
+EXHEADER=rand.h
+GENERAL=Makefile
+HEADER=rand.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=md_rand.o randfile.o
+LIBSRC=md_rand.c randfile.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=md_rand.c randfile.c
+TEST=randtest.c
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/err
+ALL=Makefile err.c err_all.c err_prn.c err.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=error
+EXHEADER=err.h
+GENERAL=Makefile
+HEADER=err.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=err.o err_all.o err_prn.o
+LIBSRC=err.c err_all.c err_prn.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=err.c err_all.c err_prn.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/objects
+ALL=Makefile README obj_dat.c obj_lib.c obj_err.c objects.h obj_dat.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=objects
+ERR=objects
+ERRC=obj_err
+EXHEADER=objects.h
+GENERAL=Makefile README
+HEADER=objects.h obj_dat.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=obj_dat.o obj_lib.o obj_err.o
+LIBSRC=obj_dat.c obj_lib.c obj_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=obj_dat.c obj_lib.c obj_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/evp
+ALL=Makefile encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c evp.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=evp
+ERR=evp
+ERRC=evp_err
+EXHEADER=evp.h
+GENERAL=Makefile
+HEADER=evp.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=encode.o digest.o evp_enc.o evp_key.o e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o p_open.o p_seal.o p_sign.o p_verify.o p_lib.o bio_md.o bio_b64.o bio_enc.o evp_err.o e_null.o c_all.o
+LIBSRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=encode.c digest.c evp_enc.c evp_key.c e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c p_open.c p_seal.c p_sign.c p_verify.c p_lib.c bio_md.c bio_b64.c bio_enc.c evp_err.c e_null.c c_all.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/pem
+ALL=Makefile pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c pem.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+CTX_SIZE=ctx_size
+DIR=pem
+ERR=pem
+ERRC=pem_err
+EXHEADER=pem.h
+GENERAL=Makefile
+HEADER=pem.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o pem_err.o
+LIBSRC=pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c pem_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/asn1
+ALL=Makefile README a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c asn1.h asn1_mac.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=asn1
+ERR=asn1
+ERRC=asn1_err
+EXHEADER=asn1.h asn1_mac.h
+GENERAL=Makefile README
+HEADER=asn1.h asn1_mac.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o a_sign.o a_digest.o a_verify.o x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o t_req.o t_x509.o t_pkey.o p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o a_hdr.o x_pkey.o a_bool.o x_exten.o asn1_par.o asn1_lib.o asn1_err.o a_meth.o a_bytes.o
+LIBSRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c a_sign.c a_digest.c a_verify.c x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c t_req.c t_x509.c t_pkey.c p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c a_hdr.c x_pkey.c a_bool.c x_exten.c asn1_par.c asn1_lib.c asn1_err.c a_meth.c a_bytes.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/x509
+ALL=Makefile README x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c x509.h x509_vfy.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=x509
+ERR=x509
+ERRC=x509_err
+EXHEADER=x509.h x509_vfy.h
+GENERAL=Makefile README
+HEADER=x509.h x509_vfy.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=x509_def.o x509_d2.o x509_r2x.o x509_cmp.o x509_obj.o x509_req.o x509_vfy.o x509_set.o x509rset.o x509_err.o x509name.o x509_v3.o x509_ext.o x509pack.o x509type.o x509_lu.o x_all.o x509_txt.o by_file.o by_dir.o v3_net.o v3_x509.o
+LIBSRC=x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=x509_def.c x509_d2.c x509_r2x.c x509_cmp.c x509_obj.c x509_req.c x509_vfy.c x509_set.c x509rset.c x509_err.c x509name.c x509_v3.c x509_ext.c x509pack.c x509type.c x509_lu.c x_all.c x509_txt.c by_file.c by_dir.c v3_net.c v3_x509.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/conf
+ALL=Makefile conf.c conf_err.c conf_lcl.h conf.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=conf
+ERR=conf
+ERRC=conf_err
+EXHEADER=conf.h
+GENERAL=Makefile
+HEADER=conf_lcl.h conf.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=conf.o conf_err.o
+LIBSRC=conf.c conf_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=conf.c conf_err.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/txt_db
+ALL=Makefile txt_db.c txt_db.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS= -g
+DIR=txt_db
+EXHEADER=txt_db.h
+GENERAL=Makefile
+HEADER=txt_db.h
+INCLUDES=
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=txt_db.o
+LIBSRC=txt_db.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=txt_db.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=crypto/pkcs7
+ALL=Makefile README pk7_lib.c pkcs7err.c pk7_doit.c pkcs7.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=pkcs7
+ERR=pkcs7
+ERRC=pkcs7err
+EXHEADER=pkcs7.h
+GENERAL=Makefile README
+HEADER=pkcs7.h
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+LIB=../../libcrypto.a
+LIBOBJ=pk7_lib.o pkcs7err.o pk7_doit.o
+LIBSRC=pk7_lib.c pkcs7err.c pk7_doit.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=pk7_lib.c pkcs7err.c pk7_doit.c
+TEST=
+TOP=../..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=ssl
+ALL=Makefile README s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I../crypto -I../include -g
+DIR=ssl
+ERR=ssl
+ERRC=ssl_err
+EXHEADER=ssl.h ssl2.h ssl3.h ssl23.h
+GENERAL=Makefile README
+HEADER=ssl.h ssl2.h ssl3.h ssl23.h ssl_locl.h
+INCLUDES=-I../crypto -I../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libssl.a
+LIBOBJ=s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o ssl_ciph.o ssl_stat.o ssl_rsa.o ssl_asn1.o ssl_txt.o ssl_algs.o bio_ssl.o ssl_err.o
+LIBSRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c ssl_ciph.c ssl_stat.c ssl_rsa.c ssl_asn1.c ssl_txt.c ssl_algs.c bio_ssl.c ssl_err.c
+TEST=ssltest.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=rsaref
+ALL=Makefile rsaref.c rsar_err.c rsaref.h
+APPS=
+AR=ar r
+CC=cc
+CFLAG=-g
+CFLAGS=-I../crypto -I../include -g
+DIR=rsaref
+ERR=rsaref
+ERRC=rsar_err
+EXHEADER=
+GENERAL=Makefile
+HEADER= rsaref.h
+INCLUDES=-I../crypto -I../include
+INSTALLTOP=/usr/local/ssl
+LIB=../libRSAglue.a
+LIBOBJ=rsaref.o rsar_err.o
+LIBSRC=rsaref.c rsar_err.c
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+SRC=rsaref.c rsar_err.c
+TEST=
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=apps
+ALL=Makefile verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c apps.h progs.h s_apps.h testdsa.h testrsa.h
+A_OBJ=apps.o
+A_SRC=apps.c
+CC=cc
+CFLAG=-g -static
+CFLAGS=-DMONOLITH -I../include -g -static
+DIR=apps
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+EXE=ssleay
+EXHEADER=
+EX_LIBS=
+E_EXE=verify asn1pars req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers
+E_OBJ=verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o gendsa.o pkcs7.o crl2p7.o crl.o rsa.o dsa.o dsaparam.o x509.o genrsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o version.o sess_id.o ciphers.o
+E_SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+GENERAL=Makefile
+HEADER=apps.h progs.h s_apps.h testdsa.h testrsa.h
+INCLUDES=-I../include
+INSTALLTOP=/usr/local/ssl
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+PEX_LIBS=
+PROGS=ssleay.c
+RM=/bin/rm -f
+SCRIPTS=CA.sh der_chop
+SRC=verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c gendsa.c pkcs7.c crl2p7.c crl.c rsa.c dsa.c dsaparam.c x509.c genrsa.c s_server.c s_client.c speed.c s_time.c apps.c s_cb.c s_socket.c version.c sess_id.c ciphers.c
+SSLEAY=ssleay
+S_OBJ=s_cb.o s_socket.o
+S_SRC=s_cb.c s_socket.c
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=test
+ALL=Makefile.ssl bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+BFTEST=bftest
+BNTEST=bntest
+CC=cc
+CFLAG=-g
+CFLAGS=-I../include -g
+DESTEST=destest
+DHTEST=dhtest
+DIR=test
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+DSATEST=dsatest
+EXE=bntest ideatest md2test md5test rc4test destest shatest sha1test mdc2test randtest dhtest rc2test bftest ssltest exptest dsatest
+EXHEADER=
+EXPTEST=exptest
+EX_LIBS=-lnsl -lsocket
+GENERAL=Makefile.ssl
+HEADER=
+IDEATEST=ideatest
+INCLUDES=-I../include
+INSTALLTOP=/usr/local/ssl
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -fMakefile.ssl
+MAKEFILE=Makefile.ssl
+MD2TEST=md2test
+MD5TEST=md5test
+MDC2TEST=mdc2test
+METHTEST=methtest
+OBJ=bntest.o ideatest.o md2test.o md5test.o rc4test.o destest.o shatest.o sha1test.o mdc2test.o randtest.o dhtest.o rc2test.o bftest.o ssltest.o dsatest.o exptest.o
+PEX_LIBS=
+RANDTEST=randtest
+RC2TEST=rc2test
+RC4TEST=rc4test
+SHA1TEST=sha1test
+SHATEST=shatest
+SRC=bntest.c ideatest.c md2test.c md5test.c rc4test.c destest.c shatest.c sha1test.c mdc2test.c randtest.c dhtest.c rc2test.c bftest.c ssltest.c dsatest.c exptest.c
+SSLTEST=ssltest
+TOP=..
+RELATIVE_DIRECTORY=
+RELATIVE_DIRECTORY=tools
+APPS=c_hash c_info c_issuer c_name c_rehash
+CC=cc
+CFLAG=-g
+CFLAGS=-I.. -I../../include -g
+DIR=tools
+GENERAL=Makefile.ssl
+INCLUDES=-I.. -I../../include
+INSTALLTOP=/usr/local/ssl
+MAKE=make -f Makefile.ssl
+MAKEDEPEND=makedepend -f Makefile.ssl
+MAKEFILE=Makefile.ssl
+TEST=
+TOP=..
+RELATIVE_DIRECTORY=
diff --git a/Makefile.ssl b/Makefile.ssl
new file mode 100644
index 0000000..676ece0
--- /dev/null
+++ b/Makefile.ssl
@@ -0,0 +1,276 @@
+#
+# Makefile for all the SSL related library routines and utilities
+VERSION = 0.8.1a
+#
+# make install will install:
+# libraries into $INSTALLTOP/lib
+# headers into $INSTALLTOP/include
+# utilities into $INSTALLTOP/bin
+#
+# By default INSTALLTOP is set to /usr/local/ssl
+# If you want things install elsewere, consider running
+# perl util/ssldir.pl /new/path
+#
+# Interesting Mailing Lists:
+# ssl-bugs@mincom.oz.au
+# ssl-users@mincom.oz.au
+#
+# To join the Mailing Lists:
+# ssl-bugs-request@mincom.oz.au
+# ssl-users-request@mincom.oz.au
+#
+# If you must get hold of people directly (we much prefer the above
+# lists to be used if the question is of general interest!):
+# Eric Young <eay@cryptsoft.com>
+# Tim Hudson <tjh@cryptsoft.com>
+# or both <ssleay@cryptsoft.com>
+#
+# The primary distribution of SSLeay is from
+# ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL
+#
+# NOCONST - Define for C compilers that don't like the const key word.
+# NOPROTO - Define in if your compiler does not support prototypes.
+# RSAref - Define if we are to link with RSAref.
+# NO_IDEA - Define to build without the IDEA algorithm
+# NO_RC4 - Define to build without the RC4 algorithm
+# NO_RC2 - Define to build without the RC2 algorithm
+# THREADS - Define when building with threads, you will probably also need any
+# system defines as well, i.e. _REENTERANT for Solaris 2.[34]
+# TERMIO - Define the termio terminal subsystem, needed if sgtty is missing.
+# TERMIOS - Define the termios terminal subsystem, Silicon Graphics.
+# LONGCRYPT - Define to use HPUX 10.x's long password modification to crypt(3).
+# DEVRANDOM - Give this the value of the 'random device' if your OS supports
+# one. 32 bytes will be read from this when the random
+# number generator is initalised.
+# SSL_ALLOW_ADH - define if you want the server to be able to use the
+# SSLv3 anon-DH ciphers.
+# SSL_ALLOW_ENULL - define if you want the server to be able to use the
+# NULL encryption ciphers.
+#
+# LOCK_DEBUG - turns on lots of lock debug output :-)
+# REF_CHECK - turn on some xyz_free() assertions.
+# CRYPTO_MDEBUG - turns on my 'memory leak' detecting stuff
+# MFUNC - Make all Malloc/Free/Realloc calls call
+# CRYPTO_malloc/CRYPTO_free/CRYPTO_realloc which can be setup to
+# call application defined callbacks via CRYPTO_set_mem_functions()
+
+
+CC= cc
+CFLAG= -O -DNOPROTO
+#CFLAG= -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+PEX_LIBS= -L. -L.. -L../.. -L../../..
+EX_LIBS=
+#EX_LIBS= #-lRSAglue -lrsaref -lnsl -lsocket
+AR=ar r
+
+# Set BN_MULW to bn_mulw.o if you want to use the C version
+#BN_MULW= asm/x86-lnx.o
+BN_MULW= bn_mulw.o
+#BN_MULW= asm/x86-lnx.o # elf
+#BN_MULW= asm/x86-sol.o # solaris
+#BN_MULW= asm/x86-lnxa.o # a.out, FreeBSD
+#BN_MULW= asm/x86-bsdi.o # bsdi
+#BN_MULW= asm/alpha.o # DEC Alpha
+#BN_MULW= asm/pa-risc2.o # HP-UX PA-RISC
+#BN_MULW= asm/r3000.o # SGI MIPS cpu
+#BN_MULW= asm/sparc.o # Sun solaris/SunOS
+#BN_MULW= asm/x86nt32.o # Windows 95/NT
+#BN_MULW= asm/x86w16.o # 16 bit code for Windows 3.1/DOS
+#BN_MULW= asm/x86w32.o # 32 bit code for Windows 3.1
+
+# Set DES_ENC to des_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+DES_ENC= des_enc.o fcrypt_b.o
+#DES_ENC= des_enc.o fcrypt_b.o # C
+#DES_ENC= asm/dx86-elf.o asm/cx86-elf.o # elf
+#DES_ENC= asm/dx86-sol.o asm/cx86-sol.o # solaris
+#DES_ENC= asm/dx86-out.o asm/cx86-out.o # a.out, FreeBSD
+#DES_ENC= asm/dx86bsdi.o asm/cx86bsdi.o # bsdi
+
+# Set BF_ENC to bf_enc.o if you want to use the C version
+#There are 4 x86 assember options.
+BF_ENC= bf_enc.o
+#BF_ENC= bf_enc.o # C
+#BF_ENC= asm/bx86-elf.o # elf
+#BF_ENC= asm/bx86-sol.o # solaris
+#BF_ENC= asm/bx86-out.o # a.out, FreeBSD
+#BF_ENC= asm/bx86bsdi.o # bsdi
+
+DIRS= crypto ssl rsaref apps test tools
+# dirs in crypto to build
+SDIRS= \
+ md sha mdc2 des rc4 rc2 idea bf bn rsa dsa dh \
+ buffer bio stack lhash rand err objects \
+ evp pem asn1 x509 conf txt_db pkcs7
+
+# If you change the INSTALLTOP, make sure to also change the values
+# in crypto/location.h
+INSTALLTOP=/usr/local/ssl
+
+MAKEFILE= Makefile.ssl
+MAKE= make -f Makefile.ssl
+
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+
+TOP= .
+ONEDIRS=out tmp
+EDIRS= times doc bugs util include certs ms shlib mt demos
+MISC= COPYRIGHT Configure HISTORY.066 INSTALL Makefile.ssl Makefile \
+ README TODO HISTORY README.066 README.080 \
+ VERSION PROBLEMS MINFO makefile.one e_os.h \
+ MICROSOFT makevms.com
+WDIRS= windows
+LIBS= libcrypto.a libssl.a
+
+GENERAL= Makefile
+BASENAME= SSLeay
+NAME= $(BASENAME)-$(VERSION)
+TARFILE= $(NAME).tar
+WTARFILE= $(NAME)-win.tar
+EX_HEADER=
+HEADER= e_os.h
+
+all:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' all ); \
+ done;
+
+sub_all:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' SDIRS='$(SDIRS)' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+ done;
+
+clean:
+ /bin/rm -f *.o core a.out fluff *.map
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "cleaning $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' clean ); \
+ /bin/rm -f $(LIBS); \
+ done;
+ /bin/rm -f *.a *.o speed.* *.map *.so .pure core
+ /bin/rm -f $(TARFILE)
+ @for i in $(ONEDIRS) ;\
+ do \
+ /bin/rm -f $$i/*; \
+ done
+
+makefile.one: files
+ perl util/mk1mf.pl >makefile.one; \
+ sh util/do_ms.sh
+
+files: MINFO
+ perl $(TOP)/util/files.pl Makefile.ssl > $(TOP)/MINFO
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making 'files' in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' files ); \
+ done;
+
+links:
+ /bin/rm -f Makefile;
+ ./util/point.sh Makefile.ssl Makefile;
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making links in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' links ); \
+ done;
+ # @(cd apps; sh ./mklinks)
+ sh tools/c_rehash certs
+
+dclean:
+ /bin/rm -f *.bak
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "undoing makedepend in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' dclean ); \
+ done;
+
+rehash:
+ @(PATH="`pwd`/apps:${PATH}"; sh tools/c_rehash certs)
+
+test: tests
+
+tests:
+ (cd test; echo "testing $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' SDIRS='${SDIRS}' AR='${AR}' tests );
+ @apps/ssleay version -a
+
+depend:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making dependancies $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' depend ); \
+ done;
+
+lint:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making lint $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' lint ); \
+ done;
+
+tags:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making tags $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' tags ); \
+ done;
+
+errors:
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "making errors in $$i..."; \
+ $(MAKE) SDIRS='${SDIRS}' errors ); \
+ done;
+
+tar:
+ @(cd ..;\
+ mv $(BASENAME) $(NAME); \
+ export STUFF; \
+ for i in $(MISC) $(DIRS) $(EDIRS) $(ONEDIRS) ;\
+ do \
+ STUFF="$$STUFF $(NAME)/$$i"; \
+ done; \
+ tar cf $(NAME)/$(TARFILE) $$STUFF; \
+ mv $(NAME) $(BASENAME) )
+ gzip -f $(TARFILE)
+
+dist:
+ perl Configure dist
+ @$(MAKE) dist_pem_h
+ @$(MAKE) SDIRS='${SDIRS}' clean
+ @$(MAKE) SDIRS='${SDIRS}' dclean
+ @(cd apps; sh ./rmlinks)
+ @$(MAKE) makefile.one
+ @$(MAKE) tar
+
+dist_pem_h:
+ (cd crypto/pem; $(MAKE) SDIRS='${SDIRS}' CFLAG='${CFLAG}' pem.h; $(MAKE) clean)
+
+install: all
+ @-mkdir -p $(INSTALLTOP)/bin 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/lib 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/include 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/certs 2>/dev/null
+ @-mkdir -p $(INSTALLTOP)/private 2>/dev/null
+ @for i in $(DIRS) ;\
+ do \
+ (cd $$i; echo "installing $$i..."; \
+ $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' EX_LIBS='${EX_LIBS}' SDIRS='${SDIRS}' install ); \
+ done
+ @for i in $(LIBS) ;\
+ do \
+ ( echo installing $$i; \
+ cp $$i $(INSTALLTOP)/lib; \
+ sh util/ranlib.sh $(INSTALLTOP)/lib/$$i; \
+ chmod 644 $(INSTALLTOP)/lib/$$i ); \
+ done
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/PROBLEMS b/PROBLEMS
new file mode 100644
index 0000000..d78e2d9
--- /dev/null
+++ b/PROBLEMS
@@ -0,0 +1,50 @@
+If you have any problems with SSLeay then please take the following
+steps:
+
+ Remove the ASM version of the BN routines (edit Configure)
+ Remove the compiler optimisation flags
+ Add in the compiler debug flags (-g)
+
+Note: if using gcc then remove -fomit-frame-pointer before you try
+ to debug things.
+
+If you wish to report a bug then please include the following information
+in any bug report:
+
+ SSLeay Details
+ - Version, most of these details can be got from the
+ 'ssleay version -a' command.
+ Operating System Details
+ - OS Name
+ - OS Version
+ - Hardware platform
+ Compiler Details
+ - Name
+ - Version
+ Application Details
+ - Name
+ - Version
+ Problem Description
+ - include steps that will reproduce the problem (if known)
+ Stack Traceback (if the application dumps core)
+
+For example:
+
+ SSLeay-0.5.1a
+ SunOS 5.3, SPARC, SunC 3.0
+ SSLtelnet-0.7
+
+ Core dumps when using telnet with SSL support in bn_mul() with
+ the following stack trackback
+ ...
+
+
+Report the bug to either
+ ssleay@mincom.oz.au (Eric and Tim)
+or
+ ssl-bugs@mincom.oz.au (mailing list of active developers)
+
+
+Tim Hudson
+tjh@mincom.oz.au
+
diff --git a/README b/README
new file mode 100644
index 0000000..543a133
--- /dev/null
+++ b/README
@@ -0,0 +1,173 @@
+ SSLeay 0.8.1b 29-Jun-1998
+ Copyright (c) 1997, Eric Young
+ All rights reserved.
+
+This directory contains Eric Young's (eay@cryptsoft.com) implementation
+of SSL and supporting libraries.
+
+The current version of this library is available from
+ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+There are patches to a number of internet applications which can be found in
+ ftp://ftp.psy.uq.oz.au/pub/Crypto/SSLapps/
+
+A Web page containing the SSLeay FAQ written by Tim Hudson <tjh@cryptsoft.com>
+can be found at
+ http://www.psy.uq.oz.au/~ftp/Crypto
+
+Additional documentation is being slowly written by Eric Young, and is being
+added to http://www.cryptsoft.com/ssleay/doc. It will normally also be
+available on http://www.psy.uq.oz.au/~ftp/Crypto/ssleay
+
+This Library and programs are FREE for commercial and non-commercial
+usage. The only restriction is that I must be attributed with the
+development of this code. See the COPYRIGHT file for more details.
+Donations would still be accepted :-).
+
+THIS LIBRARY IS NOT %100 COMPATABLE WITH SSLeay 0.6.6
+
+The package includes
+
+libssl.a:
+ My implementation of SSLv2, SSLv3 and the required code to support
+ both SSLv2 and SSLv3 in the one server.
+
+libcrypto.a:
+ General encryption and X509 stuff needed by SSL but not
+ actually logically part of it. It includes routines for the following:
+
+ Ciphers
+ libdes - My libdes DES encryption package which has been floating
+ around the net for a few years. It includes 15
+ 'modes/variations' of DES (1, 2 and 3 key versions of ecb,
+ cbc, cfb and ofb; pcbc and a more general form of cfb and ofb)
+ including desx in cbc mode,
+ a fast crypt(3), and routines to read passwords from the
+ keyboard.
+ RC4 encryption,
+ RC2 encryption - 4 different modes, ecb, cbc, cfb and ofb.
+ Blowfish encryption - 4 different modes, ecb, cbc, cfb and ofb.
+ IDEA encryption - 4 different modes, ecb, cbc, cfb and ofb.
+
+ Digests
+ MD5 and MD2 message digest algorithms, fast implementations,
+ SHA (SHA-0) and SHA-1 message digest algorithms,
+ MDC2 message digest. A DES based hash that is polular on smart cards.
+
+ Public Key
+ RSA encryption/decryption/generation. There is no limit
+ on the number of bits.
+ DSA encryption/decryption/generation. There is no limit on the
+ number of bits.
+ Diffie-Hellman key-exchange/key generation. There is no limit
+ on the number of bits.
+
+ X509v3 certificates
+ X509 encoding/decoding into/from binary ASN1 and a PEM
+ based ascii-binary encoding which supports encryption with
+ a private key.
+ Program to generate RSA and DSA certificate requests and to
+ generate RSA and DSA certificates.
+
+ Systems
+ The normal digital envelope routines and base64 encoding.
+ Higher level access to ciphers and digests by name. New ciphers can be
+ loaded at run time.
+ The BIO io system which is a simple non-blocking IO abstraction.
+ Current methods supported are file descriptors, sockets,
+ socket accept, socket connect, memory buffer, buffering,
+ SSL client/server, file pointer, encryption, digest,
+ non-blocking testing and null.
+ Data structures
+ A dynamically growing hashing system
+ A simple stack.
+ A Configuration loader that uses a format similar to MS .ini files.
+
+Programs in this package include
+ enc - a general encryption program that can encrypt/decrypt using
+ one of 17 different cipher/mode combinations. The
+ input/output can also be converted to/from base64
+ ascii encoding.
+ dgst - a generate message digesting program that will generate
+ message digests for any of md2, md5, sha (sha-0 or sha-1)
+ or mdc2.
+ asn1parse - parse and display the structure of an asn1 encoded
+ binary file.
+ rsa - Manipulate RSA private keys.
+ dsa - Manipulate DSA private keys.
+ dh - Manipulate Diffie-Hellman parameter files.
+ dsaparam- Manipulate and generate DSA parameter files.
+ crl - Manipulate certificate revocation lists.
+ crt2pkcs7- Generate a pkcs7 object containing a crl and a certificate.
+ x509 - Manipulate x509 certificates, self-sign certificates.
+ req - Manipulate PKCS#10 certificate requests and also
+ generate certificate requests.
+ genrsa - Generates an arbitrary sized RSA private key.
+ gendh - Generates a set of Diffie-Hellman parameters, the prime
+ will be a strong prime.
+ ca - Create certificates from PKCS#10 certificate requests.
+ This program also maintains a database of certificates
+ issued.
+ verify - Check x509 certificate signatures.
+ speed - Benchmark SSLeay's ciphers.
+ s_server- A test SSL server.
+ s_client- A test SSL client.
+ s_time - Benchmark SSL performance of SSL server programs.
+ errstr - Convert from SSLeay hex error codes to a readable form.
+
+Documents avaliable are
+ A Postscript and html reference manual
+ (written by Tim Hudson tjh@cryptsoft.com).
+
+ A list of text protocol references I used.
+ An initial version of the library manual.
+
+To install this package, read the INSTALL file.
+For the Microsoft word, read MICROSOFT
+This library has been compiled and tested on Solaris 2.[34] (sparc and x86),
+SunOS 4.1.3, DGUX, OSF1 Alpha, HPUX 9, AIX 3.5(?), IRIX 5.[23],
+LINUX, NeXT (intel), linux, Windows NT, Windows 3.1, MSDOS 6.22.
+
+Multithreading has been tested under Windows NT and Solaris 2.5.1
+
+Due to time constraints, the current release has only be rigorously tested
+on Solaris 2.[45], Linux and Windows NT.
+
+For people in the USA, it is possible to compile SSLeay to use RSA
+Inc.'s public key library, RSAref. From my understanding, it is
+claimed by RSA Inc. to be illegal to use my public key routines inside the USA.
+Read doc/rsaref.doc on how to build with RSAref.
+
+Read the documentation in the doc directory. It is quite rough,
+but it lists the functions, you will probably have to look at
+the code to work out how to used them. I will be working on
+documentation. Look at the example programs.
+
+There should be a SSL reference manual which is being put together by
+Tim Hudson (tjh@cryptsoft.com) in the same location as this
+distribution. This contains a lot more information that is very
+useful. For a description of X509 Certificates, their use, and
+certification, read rfc1421, rfc1422, rfc1423 and rfc1424. ssl/README
+also goes over the mechanism.
+
+We have setup some mailing lists for use by people that are interested
+in helping develop this code and/or ask questions.
+ ssl-bugs@mincom.oz.au
+ ssl-users@mincom.oz.au
+ ssl-bugs-request@mincom.oz.au
+ ssl-users-request@mincom.oz.au
+
+I have recently read about a new form of software, that which is in
+a permanent state of beta release. Linux and Netscape are 2 good
+examples of this, and I would also add SSLeay to this category.
+The Current stable release is 0.6.6. It has a few minor problems.
+0.8.0 is not call compatable so make sure you have the correct version
+of SSLeay to link with.
+
+eric (Jun 1997)
+
+Eric Young (eay@cryptsoft.com)
+86 Taunton St.
+Annerley 4103.
+Australia.
+
diff --git a/README.066 b/README.066
new file mode 100644
index 0000000..d8e086d
--- /dev/null
+++ b/README.066
@@ -0,0 +1,27 @@
+
+SSLeay 0.6.6 13-Jan-1997
+
+The main additions are
+
+- assember for x86 DES improvments.
+ From 191,000 per second on a pentium 100, I now get 281,000. The inner
+ loop and the IP/FP modifications are from
+ Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. Many thanks for his
+ contribution.
+- The 'DES macros' introduced in 0.6.5 now have 3 types.
+ DES_PTR1, DES_PTR2 and 'normal'. As per before, des_opts reports which
+ is best and there is a summery of mine in crypto/des/options.txt
+- A few bug fixes.
+- Added blowfish. It is not used by SSL but all the other stuff that
+ deals with ciphers can use it in either ecb, cbc, cfb64 or ofb64 modes.
+ There are 3 options for optimising Blowfish. BF_PTR, BF_PTR2 and 'normal'.
+ BF_PTR2 is pentium/x86 specific. The correct option is setup in
+ the 'Configure' script.
+- There is now a 'get client certificate' callback which can be
+ 'non-blocking'. If more details are required, let me know. It will
+ documented more in SSLv3 when I finish it.
+- Bug fixes from 0.6.5 including the infamous 'ca' bug. The 'make test'
+ now tests the ca program.
+- Lots of little things modified and tweaked.
+
+eric
diff --git a/README.080 b/README.080
new file mode 100644
index 0000000..155ce1c
--- /dev/null
+++ b/README.080
@@ -0,0 +1,147 @@
+This version of SSLeay has quite a lot of things different from the
+previous version.
+
+Basically check all callback parameters, I will be producing documentation
+about how to use things in th future. Currently I'm just getting 080 out
+the door. Please not that there are several ways to do everything, and
+most of the applications in the apps directory are hybrids, some using old
+methods and some using new methods.
+
+Have a look in demos/bio for some very simple programs and
+apps/s_client.c and apps/s_server.c for some more advanced versions.
+Notes are definitly needed but they are a week or so away.
+
+Anyway, some quick nots from Tim Hudson (tjh@cryptsoft.com)
+---
+Quick porting notes for moving from SSLeay-0.6.x to SSLeay-0.8.x to
+get those people that want to move to using the new code base off to
+a quick start.
+
+Note that Eric has tidied up a lot of the areas of the API that were
+less than desirable and renamed quite a few things (as he had to break
+the API in lots of places anyrate). There are a whole pile of additional
+functions for making dealing with (and creating) certificates a lot
+cleaner.
+
+01-Jul-97
+Tim Hudson
+tjh@cryptsoft.com
+
+---8<---
+
+To maintain code that uses both SSLeay-0.6.x and SSLeay-0.8.x you could
+use something like the following (assuming you #include "crypto.h" which
+is something that you really should be doing).
+
+#if SSLEAY_VERSION_NUMBER >= 0x0800
+#define SSLEAY8
+#endif
+
+buffer.h -> splits into buffer.h and bio.h so you need to include bio.h
+ too if you are working with BIO internal stuff (as distinct
+ from simply using the interface in an opaque manner)
+
+#include "bio.h" - required along with "buffer.h" if you write
+ your own BIO routines as the buffer and bio
+ stuff that was intermixed has been separated
+ out
+
+envelope.h -> evp.h (which should have been done ages ago)
+
+Initialisation ... don't forget these or you end up with code that
+is missing the bits required to do useful things (like ciphers):
+
+SSLeay_add_ssl_algorithms()
+(probably also want SSL_load_error_strings() too but you should have
+ already had that call in place)
+
+SSL_CTX_new() - requires an extra method parameter
+ SSL_CTX_new(SSLv23_method())
+ SSL_CTX_new(SSLv2_method())
+ SSL_CTX_new(SSLv3_method())
+
+ OR to only have the server or the client code
+ SSL_CTX_new(SSLv23_server_method())
+ SSL_CTX_new(SSLv2_server_method())
+ SSL_CTX_new(SSLv3_server_method())
+ or
+ SSL_CTX_new(SSLv23_client_method())
+ SSL_CTX_new(SSLv2_client_method())
+ SSL_CTX_new(SSLv3_client_method())
+
+SSL_set_default_verify_paths() ... renamed to the more appropriate
+SSL_CTX_set_default_verify_paths()
+
+If you want to use client certificates then you have to add in a bit
+of extra stuff in that a SSLv3 server sends a list of those CAs that
+it will accept certificates from ... so you have to provide a list to
+SSLeay otherwise certain browsers will not send client certs.
+
+SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
+
+
+X509_NAME_oneline(X) -> X509_NAME_oneline(X,NULL,0)
+ or provide a buffer and size to copy the
+ result into
+
+X509_add_cert -> X509_STORE_add_cert (and you might want to read the
+ notes on X509_NAME structure changes too)
+
+
+VERIFICATION CODE
+=================
+
+The codes have all be renamed from VERIFY_ERR_* to X509_V_ERR_* to
+more accurately reflect things.
+
+The verification callback args are now packaged differently so that
+extra fields for verification can be added easily in future without
+having to break things by adding extra parameters each release :-)
+
+X509_cert_verify_error_string -> X509_verify_cert_error_string
+
+
+BIO INTERNALS
+=============
+
+Eric has fixed things so that extra flags can be introduced in
+the BIO layer in future without having to play with all the BIO
+modules by adding in some macros.
+
+The ugly stuff using
+ b->flags ~= (BIO_FLAGS_RW|BIO_FLAGS_SHOULD_RETRY)
+becomes
+ BIO_clear_retry_flags(b)
+
+ b->flags |= (BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY)
+becomes
+ BIO_set_retry_read(b)
+
+Also ... BIO_get_retry_flags(b), BIO_set_flags(b)
+
+
+
+OTHER THINGS
+============
+
+X509_NAME has been altered so that it isn't just a STACK ... the STACK
+is now in the "entries" field ... and there are a pile of nice functions
+for getting at the details in a much cleaner manner.
+
+SSL_CTX has been altered ... "cert" is no longer a direct member of this
+structure ... things are now down under "cert_store" (see x509_vfy.h) and
+things are no longer in a CERTIFICATE_CTX but instead in a X509_STORE.
+If your code "knows" about this level of detail then it will need some
+surgery.
+
+If you depending on the incorrect spelling of a number of the error codes
+then you will have to change your code as these have been fixed.
+
+ENV_CIPHER "type" got renamed to "nid" and as that is what it actually
+has been all along so this makes things clearer.
+ify_cert_error_string(ctx->error));
+
+SSL_R_NO_CIPHER_WE_TRUST -> SSL_R_NO_CIPHER_LIST
+ and SSL_R_REUSE_CIPHER_LIST_NOT_ZERO
+
+
diff --git a/TODO b/TODO
new file mode 100644
index 0000000..1c3da41
--- /dev/null
+++ b/TODO
@@ -0,0 +1,28 @@
+- The loading of the netscape RC4 encrypted key is a crock of pig pellets.
+ It will be reworked along with a nice general mechanism for encrypting
+ ASN.1 stuff. [ Jun 96 ] I've cleaned up private keys internally but
+ still have not done PKCS#8 support.
+
+- Winsock support in s_client/s_server for windows nt/3.1 is a crock.
+ I will probably not get this fixed for a while, it is just there so
+ I could test things.
+
+- Be able to generate DSS certificates.
+
+- Add CRL to the X509 verification stuff, this will probably be added with
+ SSLv3.
+
++ X509 callback. I need to callback the application to retrieve certificates
+ and CRL.
+
+*<- designates the things I'm activly working on.
++<- designates that which I have next in the queue.
+
+====
+
+X509v3 extensions
+verify certificate chains
+X509 cert lookup methods
+RSA/DSA/DH methods mostly for smart cards
+dsa cert generation
+
diff --git a/VERSION b/VERSION
new file mode 100644
index 0000000..5555e9a
--- /dev/null
+++ b/VERSION
@@ -0,0 +1,24 @@
+SSLeay 0.8.1
+ - Mostly bug fixes. There is an Ephemeral DH cipher problem which
+ is fixed.
+
+SSLeay 0.8.0
+ - New release, for those that are wondering what happend to
+ 0.7.x, call it our internal development version :-)
+ - There have been lots of changes, mostly the addition of SSLv3.
+ - There have been many additions from people and amongst
+ others, C2Net has assisted greatly.
+
+SSLeay 0.6.6
+ SSLeay 0.8.0 is not upward compatable with SSLeay 0.6.6, so
+ if your application requires 0.6.6, use it. There have been
+ lots of bug fixes to 0.8.x that have not been applied to 0.6.6
+ so use 0.8.0+ in preference.
+
+PORTING 0.6.6 to 0.8.0
+ I'll be documenting this over the next few weeks but as
+ pressures have been increasing for making SSLv3 support
+ available I'm shipping it without this documentation as I
+ basically have not had time to write it (too busy earning a
+ living :-)
+
diff --git a/apps/CA.sh b/apps/CA.sh
new file mode 100644
index 0000000..1942b98
--- /dev/null
+++ b/apps/CA.sh
@@ -0,0 +1,132 @@
+#!/bin/sh
+#
+# CA - wrapper around ca to make it easier to use ... basically ca requires
+# some setup stuff to be done before you can use it and this makes
+# things easier between now and when Eric is convinced to fix it :-)
+#
+# CA -newca ... will setup the right stuff
+# CA -newreq ... will generate a certificate request
+# CA -sign ... will sign the generated request and output
+#
+# At the end of that grab newreq.pem and newcert.pem (one has the key
+# and the other the certificate) and cat them together and that is what
+# you want/need ... I'll make even this a little cleaner later.
+#
+#
+# 12-Jan-96 tjh Added more things ... including CA -signcert which
+# converts a certificate to a request and then signs it.
+# 10-Jan-96 eay Fixed a few more bugs and added the SSLEAY_CONFIG
+# environment variable so this can be driven from
+# a script.
+# 25-Jul-96 eay Cleaned up filenames some more.
+# 11-Jun-96 eay Fixed a few filename missmatches.
+# 03-May-96 eay Modified to use 'ssleay cmd' instead of 'cmd'.
+# 18-Apr-96 tjh Original hacking
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+# default ssleay.cnf file has setup as per the following
+# demoCA ... where everything is stored
+
+DAYS="-days 365"
+REQ="ssleay req $SSLEAY_CONFIG"
+CA="ssleay ca $SSLEAY_CONFIG"
+VERIFY="ssleay verify"
+X509="ssleay x509"
+
+CATOP=./demoCA
+CAKEY=./cakey.pem
+CACERT=./cacert.pem
+
+for i
+do
+case $i in
+-\?|-h|-help)
+ echo "usage: CA -newcert|-newreq|-newca|-sign|-verify" >&2
+ exit 0
+ ;;
+-newcert)
+ # create a certificate
+ $REQ -new -x509 -keyout newreq.pem -out newreq.pem $DAYS
+ RET=$?
+ echo "Certificate (and private key) is in newreq.pem"
+ ;;
+-newreq)
+ # create a certificate request
+ $REQ -new -keyout newreq.pem -out newreq.pem $DAYS
+ RET=$?
+ echo "Request (and private key) is in newreq.pem"
+ ;;
+-newca)
+ # if explictly asked for or it doesn't exist then setup the directory
+ # structure that Eric likes to manage things
+ NEW="1"
+ if [ "$NEW" -o ! -f ${CATOP}/serial ]; then
+ # create the directory hierarchy
+ mkdir ${CATOP}
+ mkdir ${CATOP}/certs
+ mkdir ${CATOP}/crl
+ mkdir ${CATOP}/newcerts
+ mkdir ${CATOP}/private
+ echo "01" > ${CATOP}/serial
+ touch ${CATOP}/index.txt
+ fi
+ if [ ! -f ${CATOP}/private/$CAKEY ]; then
+ echo "CA certificate filename (or enter to create)"
+ read FILE
+
+ # ask user for existing CA certificate
+ if [ "$FILE" ]; then
+ cp $FILE ${CATOP}/private/$CAKEY
+ RET=$?
+ else
+ echo "Making CA certificate ..."
+ $REQ -new -x509 -keyout ${CATOP}/private/$CAKEY \
+ -out ${CATOP}/$CACERT $DAYS
+ RET=$?
+ fi
+ fi
+ ;;
+-xsign)
+ $CA -policy policy_anything -infiles newreq.pem
+ RET=$?
+ ;;
+-sign|-signreq)
+ $CA -policy policy_anything -out newcert.pem -infiles newreq.pem
+ RET=$?
+ cat newcert.pem
+ echo "Signed certificate is in newcert.pem"
+ ;;
+-signcert)
+ echo "Cert passphrase will be requested twice - bug?"
+ $X509 -x509toreq -in newreq.pem -signkey newreq.pem -out tmp.pem
+ $CA -policy policy_anything -out newcert.pem -infiles tmp.pem
+ cat newcert.pem
+ echo "Signed certificate is in newcert.pem"
+ ;;
+-verify)
+ shift
+ if [ -z "$1" ]; then
+ $VERIFY -CAfile $CATOP/$CACERT newcert.pem
+ RET=$?
+ else
+ for j
+ do
+ $VERIFY -CAfile $CATOP/$CACERT $j
+ if [ $? != 0 ]; then
+ RET=$?
+ fi
+ done
+ fi
+ exit 0
+ ;;
+*)
+ echo "Unknown arg $i";
+ exit 1
+ ;;
+esac
+done
+exit $RET
+
diff --git a/apps/Makefile.ssl b/apps/Makefile.ssl
new file mode 100644
index 0000000..4fac51f
--- /dev/null
+++ b/apps/Makefile.ssl
@@ -0,0 +1,144 @@
+#
+# SSLeay/apps/Makefile.ssl
+#
+
+DIR= apps
+TOP= ..
+CC= cc
+INCLUDES= -I../include
+CFLAG= -g -static
+INSTALLTOP= /usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+RM= /bin/rm -f
+
+PEX_LIBS=
+EX_LIBS=
+
+CFLAGS= -DMONOLITH $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+
+DLIBCRYPTO=../libcrypto.a
+DLIBSSL=../libssl.a
+LIBCRYPTO=-L.. -lcrypto
+LIBSSL=-L.. -lssl
+
+SSLEAY= ssleay
+
+SCRIPTS=CA.sh der_chop
+
+EXE= $(SSLEAY)
+
+E_EXE= verify asn1pars req dgst dh enc gendh gendsa errstr ca crl \
+ rsa dsa dsaparam \
+ x509 genrsa s_server s_client speed \
+ s_time version pkcs7 crl2pkcs7 sess_id ciphers
+
+PROGS= $(SSLEAY).c
+
+A_OBJ=apps.o
+A_SRC=apps.c
+S_OBJ= s_cb.o s_socket.o
+S_SRC= s_cb.c s_socket.c
+
+E_OBJ= verify.o asn1pars.o req.o dgst.o dh.o enc.o gendh.o errstr.o ca.o \
+ gendsa.o pkcs7.o crl2p7.o crl.o \
+ rsa.o dsa.o dsaparam.o \
+ x509.o genrsa.o s_server.o s_client.o speed.o \
+ s_time.o $(A_OBJ) $(S_OBJ) version.o sess_id.o \
+ ciphers.o
+
+# pem_mail.o
+
+E_SRC= verify.c asn1pars.c req.c dgst.c dh.c enc.c gendh.c errstr.c ca.c \
+ gendsa.c pkcs7.c crl2p7.c crl.c \
+ rsa.c dsa.c dsaparam.c \
+ x509.c genrsa.c s_server.c s_client.c speed.c \
+ s_time.c $(A_SRC) $(S_SRC) version.c sess_id.c \
+ ciphers.c
+
+# pem_mail.c
+
+SRC=$(E_SRC)
+
+EXHEADER=
+HEADER= apps.h progs.h s_apps.h \
+ testdsa.h testrsa.h \
+ $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ @(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: exe
+
+exe: $(EXE)
+
+req: sreq.o $(A_OBJ) $(DLIBCRYPTO)
+ $(CC) -o req $(CFLAG) sreq.o $(A_OBJ) $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+sreq.o: req.c
+ $(CC) -c $(INCLUDES) $(CFLAG) -o sreq.o req.c
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+install: mklinks
+ @for i in $(EXE) $(SCRIPTS) mklinks; \
+ do \
+ (echo installing $$i; \
+ cp $$i $(INSTALLTOP)/bin/$$i; \
+ chmod 755 $(INSTALLTOP)/bin/$$i ); \
+ done; \
+ cp ssleay.cnf $(INSTALLTOP)/lib
+ chmod 644 $(INSTALLTOP)/lib/ssleay.cnf
+ cd $(INSTALLTOP)/bin; \
+ /bin/sh ./mklinks; \
+ /bin/rm -f ./mklinks
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(SRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+errors:
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE)
+ /bin/rm -f req
+
+$(DLIBSSL):
+ (cd ../ssl; $(MAKE))
+
+$(DLIBCRYPTO):
+ (cd ../crypto; $(MAKE))
+
+$(SSLEAY): progs.h $(E_OBJ) $(SSLEAY).o $(DLIBCRYPTO) $(DLIBSSL)
+ $(RM) $(SSLEAY)
+ $(CC) -o $(SSLEAY) $(CFLAGS) $(SSLEAY).o $(E_OBJ) $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
+
+progs.h:
+ perl ./g_ssleay.pl $(E_EXE) >progs.h
+ $(RM) $(SSLEAY).o
+
+mklinks:
+ perl ./g_ssleay.pl $(E_EXE) >progs.h
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/apps/apps.c b/apps/apps.c
new file mode 100644
index 0000000..7c9510e
--- /dev/null
+++ b/apps/apps.c
@@ -0,0 +1,325 @@
+/* apps/apps.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+
+#ifdef WIN16
+#define APPS_WIN16
+#ifdef FLAT_BUILD
+#include "bss_file.c"
+#else
+#include "../crypto/bio/bss_file.c"
+#endif
+#endif
+
+#ifndef NOPROTO
+int app_init(long mesgwin);
+#else
+int app_init();
+#endif
+
+#ifdef undef /* never finished - probably never will be :-) */
+int args_from_file(file,argc,argv)
+char *file;
+int *argc;
+char **argv[];
+ {
+ FILE *fp;
+ int num,i;
+ unsigned int len;
+ static char *buf=NULL;
+ static char **arg=NULL;
+ char *p;
+ struct stat stbuf;
+
+ if (stat(file,&stbuf) < 0) return(0);
+
+ fp=fopen(file,"r");
+ if (fp == NULL)
+ return(0);
+
+ *argc=0;
+ *argv=NULL;
+
+ len=(unsigned int)stbuf.st_size;
+ if (buf != NULL) Free(buf);
+ buf=(char *)Malloc(len+1);
+ if (buf == NULL) return(0);
+
+ len=fread(buf,1,len,fp);
+ if (len <= 1) return(0);
+ buf[len]='\0';
+
+ i=0;
+ for (p=buf; *p; p++)
+ if (*p == '\n') i++;
+ if (arg != NULL) Free(arg);
+ arg=(char **)Malloc(sizeof(char *)*(i*2));
+
+ *argv=arg;
+ num=0;
+ p=buf;
+ for (;;)
+ {
+ if (!*p) break;
+ if (*p == '#') /* comment line */
+ {
+ while (*p && (*p != '\n')) p++;
+ continue;
+ }
+ /* else we have a line */
+ *(arg++)=p;
+ num++;
+ while (*p && ((*p != ' ') && (*p != '\t') && (*p != '\n')))
+ p++;
+ if (!*p) break;
+ if (*p == '\n')
+ {
+ *(p++)='\0';
+ continue;
+ }
+ /* else it is a tab or space */
+ p++;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p) break;
+ if (*p == '\n')
+ {
+ p++;
+ continue;
+ }
+ *(arg++)=p++;
+ num++;
+ while (*p && (*p != '\n')) p++;
+ if (!*p) break;
+ /* else *p == '\n' */
+ *(p++)='\0';
+ }
+ *argc=num;
+ return(1);
+ }
+#endif
+
+int str2fmt(s)
+char *s;
+ {
+ if ((*s == 'D') || (*s == 'd'))
+ return(FORMAT_ASN1);
+ else if ((*s == 'T') || (*s == 't'))
+ return(FORMAT_TEXT);
+ else if ((*s == 'P') || (*s == 'p'))
+ return(FORMAT_PEM);
+ else if ((*s == 'N') || (*s == 'n'))
+ return(FORMAT_NETSCAPE);
+ else
+ return(FORMAT_UNDEF);
+ }
+
+#if defined(MSDOS) || defined(WIN32) || defined(WIN16)
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
+ {
+ int i,n;
+ char *p=NULL;
+
+ n=strlen(in);
+ /* find the last '/', '\' or ':' */
+ for (i=n-1; i>0; i--)
+ {
+ if ((in[i] == '/') || (in[i] == '\\') || (in[i] == ':'))
+ {
+ p= &(in[i+1]);
+ break;
+ }
+ }
+ if (p == NULL)
+ p=in;
+ n=strlen(p);
+ /* strip off trailing .exe if present. */
+ if ((n > 4) && (p[n-4] == '.') &&
+ ((p[n-3] == 'e') || (p[n-3] == 'E')) &&
+ ((p[n-2] == 'x') || (p[n-2] == 'X')) &&
+ ((p[n-1] == 'e') || (p[n-1] == 'E')))
+ n-=4;
+ if (n > size-1)
+ n=size-1;
+
+ for (i=0; i<n; i++)
+ {
+ if ((p[i] >= 'A') && (p[i] <= 'Z'))
+ out[i]=p[i]-'A'+'a';
+ else
+ out[i]=p[i];
+ }
+ out[n]='\0';
+ }
+#else
+void program_name(in,out,size)
+char *in;
+char *out;
+int size;
+ {
+ char *p;
+
+ p=strrchr(in,'/');
+ if (p != NULL)
+ p++;
+ else
+ p=in;
+ strncpy(out,p,size-1);
+ out[size-1]='\0';
+ }
+#endif
+
+#ifdef WIN32
+int WIN32_rename(from,to)
+char *from;
+char *to;
+ {
+ int ret;
+
+ ret=MoveFileEx(from,to,MOVEFILE_REPLACE_EXISTING|MOVEFILE_COPY_ALLOWED);
+ return(ret?0:-1);
+ }
+#endif
+
+int chopup_args(arg,buf,argc,argv)
+ARGS *arg;
+char *buf;
+int *argc;
+char **argv[];
+ {
+ int num,len,i;
+ char *p;
+
+ *argc=0;
+ *argv=NULL;
+
+ len=strlen(buf);
+ i=0;
+ if (arg->count == 0)
+ {
+ arg->count=20;
+ arg->data=(char **)Malloc(sizeof(char *)*arg->count);
+ }
+ for (i=0; i<arg->count; i++)
+ arg->data[i]=NULL;
+
+ num=0;
+ p=buf;
+ for (;;)
+ {
+ /* first scan over white space */
+ if (!*p) break;
+ while (*p && ((*p == ' ') || (*p == '\t') || (*p == '\n')))
+ p++;
+ if (!*p) break;
+
+ /* The start of something good :-) */
+ if (num >= arg->count)
+ {
+ arg->count+=20;
+ arg->data=(char **)Realloc(arg->data,
+ sizeof(char *)*arg->count);
+ if (argc == 0) return(0);
+ }
+ arg->data[num++]=p;
+
+ /* now look for the end of this */
+ if ((*p == '\'') || (*p == '\"')) /* scan for closing quote */
+ {
+ i= *(p++);
+ arg->data[num-1]++; /* jump over quote */
+ while (*p && (*p != i))
+ p++;
+ *p='\0';
+ }
+ else
+ {
+ while (*p && ((*p != ' ') &&
+ (*p != '\t') && (*p != '\n')))
+ p++;
+
+ if (*p == '\0')
+ p--;
+ else
+ *p='\0';
+ }
+ p++;
+ }
+ *argc=num;
+ *argv=arg->data;
+ return(1);
+ }
+
+#ifndef APP_INIT
+int app_init(mesgwin)
+long mesgwin;
+ {
+ return(1);
+ }
+#endif
diff --git a/apps/apps.h b/apps/apps.h
new file mode 100644
index 0000000..528828c
--- /dev/null
+++ b/apps/apps.h
@@ -0,0 +1,154 @@
+/* apps/apps.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_APPS_H
+#define HEADER_APPS_H
+
+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../e_os.h"
+#endif
+
+#include "buffer.h"
+#include "bio.h"
+#include "crypto.h"
+#include "progs.h"
+
+#ifdef WIN16
+BIO_METHOD *BIO_s_file();
+#endif
+
+#ifdef WIN32
+#define rename(from,to) WIN32_rename((from),(to))
+int WIN32_rename(char *oldname,char *newname);
+#endif
+
+#ifndef MONOLITH
+
+#define MAIN(a,v) main(a,v)
+
+#ifndef NON_MAIN
+BIO *bio_err=NULL;
+#else
+extern BIO *bio_err;
+#endif
+
+#else
+
+#define MAIN(a,v) PROG(a,v)
+#include "conf.h"
+extern LHASH *config;
+extern char *default_config_file;
+extern BIO *bio_err;
+
+#endif
+
+#include <signal.h>
+
+#ifdef SIGPIPE
+#define do_pipe_sig() signal(SIGPIPE,SIG_IGN)
+#else
+#define do_pipe_sig()
+#endif
+
+#if defined(MONOLITH) && !defined(SSLEAY)
+# define apps_startup() do_pipe_sig()
+#else
+# if defined(MSDOS) || defined(WIN16) || defined(WIN32)
+# ifdef _O_BINARY
+# define apps_startup() \
+ _fmode=_O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ SSLeay_add_all_algorithms()
+# else
+# define apps_startup() \
+ _fmode=O_BINARY; do_pipe_sig(); CRYPTO_malloc_init(); \
+ SSLeay_add_all_algorithms()
+# endif
+# else
+# define apps_startup() do_pipe_sig(); SSLeay_add_all_algorithms();
+# endif
+#endif
+
+typedef struct args_st
+ {
+ char **data;
+ int count;
+ } ARGS;
+
+#ifndef NOPROTO
+int should_retry(int i);
+int args_from_file(char *file, int *argc, char **argv[]);
+int str2fmt(char *s);
+void program_name(char *in,char *out,int size);
+int chopup_args(ARGS *arg,char *buf, int *argc, char **argv[]);
+#else
+int should_retry();
+int args_from_file();
+int str2fmt();
+void program_name();
+int chopup_args();
+#endif
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+#define FORMAT_NETSCAPE 4
+
+#endif
diff --git a/apps/asn1pars.c b/apps/asn1pars.c
new file mode 100644
index 0000000..111e282
--- /dev/null
+++ b/apps/asn1pars.c
@@ -0,0 +1,219 @@
+/* apps/asn1pars.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+/* -inform arg - input format - default PEM (DER or PEM)
+ * -in arg - input file - default stdin
+ * -i - indent the details by depth
+ * -offset - where in the file to start
+ * -length - how many bytes to use
+ */
+
+#undef PROG
+#define PROG asn1parse_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,badops=0,offset=0,ret=1;
+ unsigned int length=0;
+ long num;
+ BIO *in=NULL,*out=NULL,*b64=NULL;
+ int informat,indent=0;
+ char *infile,*str=NULL,*prog;
+ BUF_MEM *buf=NULL;
+
+ infile=NULL;
+ informat=FORMAT_PEM;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-i") == 0)
+ {
+ indent=1;
+ }
+ else if (strcmp(*argv,"-offset") == 0)
+ {
+ if (--argc < 1) goto bad;
+ offset= atoi(*(++argv));
+ }
+ else if (strcmp(*argv,"-length") == 0)
+ {
+ if (--argc < 1) goto bad;
+ length= atoi(*(++argv));
+ if (length == 0) goto bad;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -offset arg offset into file\n");
+ BIO_printf(bio_err," -length arg lenth of section in file\n");
+ BIO_printf(bio_err," -i indent entries\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if ((buf=BUF_MEM_new()) == NULL) goto end;
+ if (!BUF_MEM_grow(buf,BUFSIZ*8)) goto end; /* Pre-allocate :-) */
+
+ if (informat == FORMAT_PEM)
+ {
+ BIO *tmp;
+
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ BIO_push(b64,in);
+ tmp=in;
+ in=b64;
+ b64=tmp;
+ }
+
+ num=0;
+ for (;;)
+ {
+ if (!BUF_MEM_grow(buf,(int)num+BUFSIZ)) goto end;
+ i=BIO_read(in,&(buf->data[num]),BUFSIZ);
+ if (i <= 0) break;
+ num+=i;
+ }
+ str=buf->data;
+
+ if (length == 0) length=(unsigned int)num;
+ if (!ASN1_parse(out,(unsigned char *)&(str[offset]),length,indent))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (b64 != NULL) BIO_free(b64);
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (buf != NULL) BUF_MEM_free(buf);
+ EXIT(ret);
+ }
+
diff --git a/apps/bss_file.c b/apps/bss_file.c
new file mode 100644
index 0000000..9aa71f9
--- /dev/null
+++ b/apps/bss_file.c
@@ -0,0 +1,324 @@
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define APPS_WIN16
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+#ifndef NOPROTO
+static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
+static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
+static int MS_CALLBACK file_puts(BIO *h,char *str);
+static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
+static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+#else
+static int MS_CALLBACK file_write();
+static int MS_CALLBACK file_read();
+static int MS_CALLBACK file_puts();
+static int MS_CALLBACK file_gets();
+static long MS_CALLBACK file_ctrl();
+static int MS_CALLBACK file_new();
+static int MS_CALLBACK file_free();
+#endif
+
+static BIO_METHOD methods_filep=
+ {
+ BIO_TYPE_FILE,"FILE pointer",
+ file_write,
+ file_read,
+ file_puts,
+ file_gets,
+ file_ctrl,
+ file_new,
+ file_free,
+ };
+
+BIO *BIO_new_file(filename,mode)
+char *filename;
+char *mode;
+ {
+ BIO *ret;
+ FILE *file;
+
+ if ((file=fopen(filename,mode)) == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
+ return(NULL);
+ }
+ if ((ret=BIO_new_fp(file,BIO_CLOSE)) == NULL)
+ {
+ fclose(file);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+BIO *BIO_new_fp(stream,close_flag)
+FILE *stream;
+int close_flag;
+ {
+ BIO *ret;
+
+ if ((ret=BIO_new(BIO_s_file())) == NULL)
+ return(NULL);
+ BIO_set_fp(ret,stream,close_flag);
+ return(ret);
+ }
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+
+BIO_METHOD *BIO_s_file()
+ {
+ return(&methods_filep);
+ }
+
+#else
+
+BIO_METHOD *BIO_s_file_internal_w16()
+ {
+ return(&methods_filep);
+ }
+
+#endif
+
+static int MS_CALLBACK file_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=0;
+ bi->ptr=NULL;
+ return(1);
+ }
+
+static int MS_CALLBACK file_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if ((a->init) && (a->ptr != NULL))
+ {
+ fclose((FILE *)a->ptr);
+ a->ptr=NULL;
+ }
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int MS_CALLBACK file_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (b->init && (out != NULL))
+ {
+ ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+
+ if (b->init && (in != NULL))
+ {
+ if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+ ret=inl;
+ /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+ /* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
+ * out version above can cause 'inl' write calls under
+ * some stupid stdio implementations (VMS) */
+ }
+ return(ret);
+ }
+
+static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ FILE *fp=(FILE *)b->ptr;
+ FILE **fpp;
+ char p[4];
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=(long)fseek(fp,num,0);
+ break;
+ case BIO_CTRL_EOF:
+ ret=(long)feof(fp);
+ break;
+ case BIO_CTRL_INFO:
+ ret=ftell(fp);
+ break;
+ case BIO_C_SET_FILE_PTR:
+ file_free(b);
+ b->shutdown=(int)num;
+ b->ptr=(char *)ptr;
+ b->init=1;
+ break;
+ case BIO_C_SET_FILENAME:
+ file_free(b);
+ b->shutdown=(int)num&BIO_CLOSE;
+ if (num & BIO_FP_APPEND)
+ {
+ if (num & BIO_FP_READ)
+ strcpy(p,"a+");
+ else strcpy(p,"a");
+ }
+ else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+ strcpy(p,"r+");
+ else if (num & BIO_FP_WRITE)
+ strcpy(p,"w");
+ else if (num & BIO_FP_READ)
+ strcpy(p,"r");
+ else
+ {
+ BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
+ ret=0;
+ break;
+ }
+#if defined(MSDOS) || defined(WINDOWS)
+ if (!(num & BIO_FP_TEXT))
+ strcat(p,"b");
+ else
+ strcat(p,"t");
+#endif
+ fp=fopen(ptr,p);
+ if (fp == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
+ ret=0;
+ break;
+ }
+ b->ptr=(char *)fp;
+ b->init=1;
+ break;
+ case BIO_C_GET_FILE_PTR:
+ /* the ptr parameter is actually a FILE ** in this case. */
+ if (ptr != NULL)
+ {
+ fpp=(FILE **)ptr;
+ *fpp=(FILE *)b->ptr;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=(long)b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_FLUSH:
+ fflush((FILE *)b->ptr);
+ break;
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ int ret=0;
+
+ buf[0]='\0';
+ fgets(buf,size,(FILE *)bp->ptr);
+ if (buf[0] != '\0')
+ ret=strlen(buf);
+ return(ret);
+ }
+
+static int MS_CALLBACK file_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=file_write(bp,str,n);
+ return(ret);
+ }
+
diff --git a/apps/c512-key.pem b/apps/c512-key.pem
new file mode 100644
index 0000000..a1ea82e
--- /dev/null
+++ b/apps/c512-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
+q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
+/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
+HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
+ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
+nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
+ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
+-----END RSA PRIVATE KEY-----
diff --git a/apps/c512-req.pem b/apps/c512-req.pem
new file mode 100644
index 0000000..e8d0fea
--- /dev/null
+++ b/apps/c512-req.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
+MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0
+IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i
+2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs6
+2NNtXrT8odkCAwEAATANBgkqhkiG9w0BAQQFAANBAC5JBTeji7RosqMaUIDzIW13
+oO6+kPhx9fXSpMFHIsY3aH92Milkov/2A4SuZTcnv/P6+8klmS0EaiUKcRzak4E=
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/ca-cert.srl b/apps/ca-cert.srl
new file mode 100644
index 0000000..75016ea
--- /dev/null
+++ b/apps/ca-cert.srl
@@ -0,0 +1 @@
+03
diff --git a/apps/ca-key.pem b/apps/ca-key.pem
new file mode 100644
index 0000000..3a520b2
--- /dev/null
+++ b/apps/ca-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/apps/ca-req.pem b/apps/ca-req.pem
new file mode 100644
index 0000000..77bf7ec
--- /dev/null
+++ b/apps/ca-req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmTCCAQICAQAwWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgx
+MDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgy
+bTsZDCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/d
+FXSv1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUe
+cQU2mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAKlk7
+cxu9gCJN3/iQFyJXQ6YphaiQAT5VBXTx9ftRrQIjA3vxlDzPWGDy+V5Tqa7h8PtR
+5Bn00JShII2zf0hjyjKils6x/UkWmjEiwSiFp4hR70iE8XwSNEHY2P6j6nQEIpgW
+kbfgmmUqk7dl2V+ossTJ80B8SBpEhrn81V/cHxA=
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/ca.c b/apps/ca.c
new file mode 100644
index 0000000..3e10d6c
--- /dev/null
+++ b/apps/ca.c
@@ -0,0 +1,1916 @@
+/* apps/ca.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The PPKI stuff has been donated by Jeff Barber <jeffb@issl.atl.hp.com> */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "txt_db.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+#include "conf.h"
+
+#ifndef W_OK
+#include <sys/file.h>
+#endif
+
+#undef PROG
+#define PROG ca_main
+
+#define BASE_SECTION "ca"
+#define CONFIG_FILE "lib/ssleay.cnf"
+
+#define ENV_DEFAULT_CA "default_ca"
+
+#define ENV_DIR "dir"
+#define ENV_CERTS "certs"
+#define ENV_CRL_DIR "crl_dir"
+#define ENV_CA_DB "CA_DB"
+#define ENV_NEW_CERTS_DIR "new_certs_dir"
+#define ENV_CERTIFICATE "certificate"
+#define ENV_SERIAL "serial"
+#define ENV_CRL "crl"
+#define ENV_PRIVATE_KEY "private_key"
+#define ENV_RANDFILE "RANDFILE"
+#define ENV_DEFAULT_DAYS "default_days"
+#define ENV_DEFAULT_CRL_DAYS "default_crl_days"
+#define ENV_DEFAULT_CRL_HOURS "default_crl_hours"
+#define ENV_DEFAULT_MD "default_md"
+#define ENV_PRESERVE "preserve"
+#define ENV_POLICY "policy"
+#define ENV_EXTENSIONS "x509_extensions"
+#define ENV_MSIE_HACK "msie_hack"
+
+#define ENV_DATABASE "database"
+
+#define DB_type 0
+#define DB_exp_date 1
+#define DB_rev_date 2
+#define DB_serial 3 /* index - unique */
+#define DB_file 4
+#define DB_name 5 /* index - unique for active */
+#define DB_NUMBER 6
+
+#define DB_TYPE_REV 'R'
+#define DB_TYPE_EXP 'E'
+#define DB_TYPE_VAL 'V'
+
+static char *ca_usage[]={
+"usage: ca args\n",
+"\n",
+" -verbose - Talk alot while doing things\n",
+" -config file - A config file\n",
+" -name arg - The particular CA definition to use\n",
+" -gencrl - Generate a new CRL\n",
+" -crldays days - Days is when the next CRL is due\n",
+" -crlhours hours - Hours is when the next CRL is due\n",
+" -days arg - number of days to certify the certificate for\n",
+" -md arg - md to use, one of md2, md5, sha or sha1\n",
+" -policy arg - The CA 'policy' to support\n",
+" -keyfile arg - PEM private key file\n",
+" -key arg - key to decode the private key if it is encrypted\n",
+" -cert - The CA certificate\n",
+" -in file - The input PEM encoded certificate request(s)\n",
+" -out file - Where to put the output file(s)\n",
+" -outdir dir - Where to put output certificates\n",
+" -infiles .... - The last argument, requests to process\n",
+" -spkac file - File contains DN and signed public key and challenge\n",
+" -preserveDN - Don't re-order the DN\n",
+" -batch - Don't ask questions\n",
+" -msie_hack - msie modifications to handle all thos universal strings\n",
+NULL
+};
+
+#ifdef EFENCE
+extern int EF_PROTECT_FREE;
+extern int EF_PROTECT_BELOW;
+extern int EF_ALIGNMENT;
+#endif
+
+#ifndef NOPROTO
+static STACK *load_extensions(char *section);
+static void lookup_fail(char *name,char *tag);
+static int MS_CALLBACK key_callback(char *buf,int len,int verify);
+static unsigned long index_serial_hash(char **a);
+static int index_serial_cmp(char **a, char **b);
+static unsigned long index_name_hash(char **a);
+static int index_name_qual(char **a);
+static int index_name_cmp(char **a,char **b);
+static BIGNUM *load_serial(char *serialfile);
+static int save_serial(char *serialfile, BIGNUM *serial);
+static int certify(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
+ int batch, STACK *extensions,int verbose);
+static int certify_spkac(X509 **xret, char *infile,EVP_PKEY *pkey,X509 *x509,
+ EVP_MD *dgst,STACK *policy,TXT_DB *db,BIGNUM *serial,int days,
+ STACK *extensions,int verbose);
+static int fix_data(int nid, int *type);
+static void write_new_certificate(BIO *bp, X509 *x, int output_der);
+static int do_body(X509 **xret, EVP_PKEY *pkey, X509 *x509, EVP_MD *dgst,
+ STACK *policy, TXT_DB *db, BIGNUM *serial, int days, int batch,
+ int verbose, X509_REQ *req, STACK *extensions);
+static int check_time_format(char *str);
+#else
+static STACK *load_extensions();
+static void lookup_fail();
+static int MS_CALLBACK key_callback();
+static unsigned long index_serial_hash();
+static int index_serial_cmp();
+static unsigned long index_name_hash();
+static int index_name_qual();
+static int index_name_cmp();
+static int fix_data();
+static BIGNUM *load_serial();
+static int save_serial();
+static int certify();
+static int certify_spkac();
+static void write_new_certificate();
+static int do_body();
+static int check_time_format();
+#endif
+
+static LHASH *conf;
+static char *key=NULL;
+static char *section=NULL;
+
+static int preserve=0;
+static int msie_hack=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int total=0;
+ int total_done=0;
+ int badops=0;
+ int ret=1;
+ int req=0;
+ int verbose=0;
+ int gencrl=0;
+ long crldays=0;
+ long crlhours=0;
+ long errorline= -1;
+ char *configfile=NULL;
+ char *md=NULL;
+ char *policy=NULL;
+ char *keyfile=NULL;
+ char *certfile=NULL;
+ char *infile=NULL;
+ char *spkac_file=NULL;
+ EVP_PKEY *pkey=NULL;
+ int output_der = 0;
+ char *outfile=NULL;
+ char *outdir=NULL;
+ char *serialfile=NULL;
+ char *extensions=NULL;
+ BIGNUM *serial=NULL;
+ int days=0;
+ int batch=0;
+ X509 *x509=NULL;
+ X509 *x=NULL;
+ BIO *in=NULL,*out=NULL,*Sout=NULL,*Cout=NULL;
+ char *dbfile=NULL;
+ TXT_DB *db=NULL;
+ X509_CRL *crl=NULL;
+ X509_CRL_INFO *ci=NULL;
+ X509_REVOKED *r=NULL;
+ char **pp,*p,*f;
+ int i,j;
+ long l;
+ EVP_MD *dgst=NULL;
+ STACK *attribs=NULL;
+ STACK *extensions_sk=NULL;
+ STACK *cert_sk=NULL;
+ BIO *hex=NULL;
+#undef BSIZE
+#define BSIZE 256
+ MS_STATIC char buf[3][BSIZE];
+
+#ifdef EFENCE
+EF_PROTECT_FREE=1;
+EF_PROTECT_BELOW=1;
+EF_ALIGNMENT=0;
+#endif
+
+ apps_startup();
+
+ X509v3_add_netscape_extensions();
+
+ preserve=0;
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-verbose") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-config") == 0)
+ {
+ if (--argc < 1) goto bad;
+ configfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-name") == 0)
+ {
+ if (--argc < 1) goto bad;
+ section= *(++argv);
+ }
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days=atoi(*(++argv));
+ }
+ else if (strcmp(*argv,"-md") == 0)
+ {
+ if (--argc < 1) goto bad;
+ md= *(++argv);
+ }
+ else if (strcmp(*argv,"-policy") == 0)
+ {
+ if (--argc < 1) goto bad;
+ policy= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ key= *(++argv);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ certfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ req=1;
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-outdir") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outdir= *(++argv);
+ }
+ else if (strcmp(*argv,"-batch") == 0)
+ batch=1;
+ else if (strcmp(*argv,"-preserveDN") == 0)
+ preserve=1;
+ else if (strcmp(*argv,"-gencrl") == 0)
+ gencrl=1;
+ else if (strcmp(*argv,"-msie_hack") == 0)
+ msie_hack=1;
+ else if (strcmp(*argv,"-crldays") == 0)
+ {
+ if (--argc < 1) goto bad;
+ crldays= atol(*(++argv));
+ }
+ else if (strcmp(*argv,"-crlhours") == 0)
+ {
+ if (--argc < 1) goto bad;
+ crlhours= atol(*(++argv));
+ }
+ else if (strcmp(*argv,"-infiles") == 0)
+ {
+ argc--;
+ argv++;
+ req=1;
+ break;
+ }
+ else if (strcmp(*argv, "-spkac") == 0)
+ {
+ if (--argc < 1) goto bad;
+ spkac_file = *(++argv);
+ req=1;
+ }
+ else
+ {
+bad:
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+ for (pp=ca_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto err;
+ }
+
+ ERR_load_crypto_strings();
+
+ /*****************************************************************/
+ if (configfile == NULL)
+ {
+ /* We will just use 'buf[0]' as a temporary buffer. */
+ strncpy(buf[0],X509_get_default_cert_area(),
+ sizeof(buf[0])-2-sizeof(CONFIG_FILE));
+ strcat(buf[0],"/");
+ strcat(buf[0],CONFIG_FILE);
+ configfile=buf[0];
+ }
+
+ BIO_printf(bio_err,"Using configuration from %s\n",configfile);
+ if ((conf=CONF_load(NULL,configfile,&errorline)) == NULL)
+ {
+ if (errorline <= 0)
+ BIO_printf(bio_err,"error loading the config file '%s'\n",
+ configfile);
+ else
+ BIO_printf(bio_err,"error on line %ld of config file '%s'\n"
+ ,errorline,configfile);
+ goto err;
+ }
+
+ /* Lets get the config section we are using */
+ if (section == NULL)
+ {
+ section=CONF_get_string(conf,BASE_SECTION,ENV_DEFAULT_CA);
+ if (section == NULL)
+ {
+ lookup_fail(BASE_SECTION,ENV_DEFAULT_CA);
+ goto err;
+ }
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ Sout=BIO_new(BIO_s_file());
+ Cout=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL) || (Sout == NULL) || (Cout == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ /*****************************************************************/
+ /* we definitly need an public key, so lets get it */
+
+ if ((keyfile == NULL) && ((keyfile=CONF_get_string(conf,
+ section,ENV_PRIVATE_KEY)) == NULL))
+ {
+ lookup_fail(section,ENV_PRIVATE_KEY);
+ goto err;
+ }
+ if (BIO_read_filename(in,keyfile) <= 0)
+ {
+ perror(keyfile);
+ BIO_printf(bio_err,"trying to load CA private key\n");
+ goto err;
+ }
+ if (key == NULL)
+ pkey=PEM_read_bio_PrivateKey(in,NULL,NULL);
+ else
+ {
+ pkey=PEM_read_bio_PrivateKey(in,NULL,key_callback);
+ memset(key,0,strlen(key));
+ }
+ if (pkey == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CA private key\n");
+ goto err;
+ }
+
+ /*****************************************************************/
+ /* we need a certificate */
+ if ((certfile == NULL) && ((certfile=CONF_get_string(conf,
+ section,ENV_CERTIFICATE)) == NULL))
+ {
+ lookup_fail(section,ENV_CERTIFICATE);
+ goto err;
+ }
+ if (BIO_read_filename(in,certfile) <= 0)
+ {
+ perror(certfile);
+ BIO_printf(bio_err,"trying to load CA certificate\n");
+ goto err;
+ }
+ x509=PEM_read_bio_X509(in,NULL,NULL);
+ if (x509 == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CA certificate\n");
+ goto err;
+ }
+
+ f=CONF_get_string(conf,BASE_SECTION,ENV_PRESERVE);
+ if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
+ preserve=1;
+ f=CONF_get_string(conf,BASE_SECTION,ENV_MSIE_HACK);
+ if ((f != NULL) && ((*f == 'y') || (*f == 'Y')))
+ msie_hack=1;
+
+ /*****************************************************************/
+ /* lookup where to write new certificates */
+ if ((outdir == NULL) && (req))
+ {
+ struct stat sb;
+
+ if ((outdir=CONF_get_string(conf,section,ENV_NEW_CERTS_DIR))
+ == NULL)
+ {
+ BIO_printf(bio_err,"there needs to be defined a directory for new certificate to be placed in\n");
+ goto err;
+ }
+ if (access(outdir,R_OK|W_OK|X_OK) != 0)
+ {
+ BIO_printf(bio_err,"I am unable to acces the %s directory\n",outdir);
+ perror(outdir);
+ goto err;
+ }
+
+ if (stat(outdir,&sb) != 0)
+ {
+ BIO_printf(bio_err,"unable to stat(%s)\n",outdir);
+ perror(outdir);
+ goto err;
+ }
+ if (!(sb.st_mode & S_IFDIR))
+ {
+ BIO_printf(bio_err,"%s need to be a directory\n",outdir);
+ perror(outdir);
+ goto err;
+ }
+ }
+
+ /*****************************************************************/
+ /* we need to load the database file */
+ if ((dbfile=CONF_get_string(conf,section,ENV_DATABASE)) == NULL)
+ {
+ lookup_fail(section,ENV_DATABASE);
+ goto err;
+ }
+ if (BIO_read_filename(in,dbfile) <= 0)
+ {
+ perror(dbfile);
+ BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
+ goto err;
+ }
+ db=TXT_DB_read(in,DB_NUMBER);
+ if (db == NULL) goto err;
+
+ /* Lets check some fields */
+ for (i=0; i<sk_num(db->data); i++)
+ {
+ pp=(char **)sk_value(db->data,i);
+ if ((pp[DB_type][0] != DB_TYPE_REV) &&
+ (pp[DB_rev_date][0] != '\0'))
+ {
+ BIO_printf(bio_err,"entry %d: not, revoked yet has a revokation date\n",i+1);
+ goto err;
+ }
+ if ((pp[DB_type][0] == DB_TYPE_REV) &&
+ !check_time_format(pp[DB_rev_date]))
+ {
+ BIO_printf(bio_err,"entry %d: invalid revokation date\n",
+ i+1);
+ goto err;
+ }
+ if (!check_time_format(pp[DB_exp_date]))
+ {
+ BIO_printf(bio_err,"entry %d: invalid expiry date\n",i+1);
+ goto err;
+ }
+ p=pp[DB_serial];
+ j=strlen(p);
+ if ((j&1) || (j < 2))
+ {
+ BIO_printf(bio_err,"entry %d: bad serial number length (%d)\n",i+1,j);
+ goto err;
+ }
+ while (*p)
+ {
+ if (!( ((*p >= '0') && (*p <= '9')) ||
+ ((*p >= 'A') && (*p <= 'F')) ||
+ ((*p >= 'a') && (*p <= 'f'))) )
+ {
+ BIO_printf(bio_err,"entry %d: bad serial number characters, char pos %ld, char is '%c'\n",i+1,(long)(p-pp[DB_serial]),*p);
+ goto err;
+ }
+ p++;
+ }
+ }
+ if (verbose)
+ {
+ BIO_set_fp(out,stdout,BIO_NOCLOSE); /* cannot fail */
+ TXT_DB_write(out,db);
+ BIO_printf(bio_err,"%d entries loaded from the database\n",
+ db->data->num);
+ BIO_printf(bio_err,"generating indexs\n");
+ }
+
+ if (!TXT_DB_create_index(db,DB_serial,NULL,index_serial_hash,
+ index_serial_cmp))
+ {
+ BIO_printf(bio_err,"error creating serial number index:(%ld,%ld,%ld)\n",db->error,db->arg1,db->arg2);
+ goto err;
+ }
+
+ if (!TXT_DB_create_index(db,DB_name,index_name_qual,index_name_hash,
+ index_name_cmp))
+ {
+ BIO_printf(bio_err,"error creating name index:(%ld,%ld,%ld)\n",
+ db->error,db->arg1,db->arg2);
+ goto err;
+ }
+
+ /*****************************************************************/
+ if (req || gencrl)
+ {
+ if (outfile != NULL)
+ {
+
+ if (BIO_write_filename(Sout,outfile) <= 0)
+ {
+ perror(outfile);
+ goto err;
+ }
+ }
+ else
+ BIO_set_fp(Sout,stdout,BIO_NOCLOSE);
+ }
+
+ if (req)
+ {
+ if ((md == NULL) && ((md=CONF_get_string(conf,
+ section,ENV_DEFAULT_MD)) == NULL))
+ {
+ lookup_fail(section,ENV_DEFAULT_MD);
+ goto err;
+ }
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+ goto err;
+ }
+ if (verbose)
+ BIO_printf(bio_err,"message digest is %s\n",
+ OBJ_nid2ln(dgst->type));
+ if ((policy == NULL) && ((policy=CONF_get_string(conf,
+ section,ENV_POLICY)) == NULL))
+ {
+ lookup_fail(section,ENV_POLICY);
+ goto err;
+ }
+ if (verbose)
+ BIO_printf(bio_err,"policy is %s\n",policy);
+
+ if ((serialfile=CONF_get_string(conf,section,ENV_SERIAL))
+ == NULL)
+ {
+ lookup_fail(section,ENV_SERIAL);
+ goto err;
+ }
+
+ if ((extensions=CONF_get_string(conf,section,ENV_EXTENSIONS))
+ != NULL)
+ {
+ if ((extensions_sk=load_extensions(extensions)) == NULL)
+ goto err;
+ }
+
+ if (days == 0)
+ {
+ days=(int)CONF_get_number(conf,section,
+ ENV_DEFAULT_DAYS);
+ }
+ if (days == 0)
+ {
+ BIO_printf(bio_err,"cannot lookup how many days to certify for\n");
+ goto err;
+ }
+
+ if ((serial=load_serial(serialfile)) == NULL)
+ {
+ BIO_printf(bio_err,"error while loading serial number\n");
+ goto err;
+ }
+ if (verbose)
+ {
+ if ((f=BN_bn2ascii(serial)) == NULL) goto err;
+ BIO_printf(bio_err,"next serial number is %s\n",f);
+ Free(f);
+ }
+
+ if ((attribs=CONF_get_section(conf,policy)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to find 'section' for %s\n",policy);
+ goto err;
+ }
+
+ if ((cert_sk=sk_new_null()) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ if (spkac_file != NULL)
+ {
+ total++;
+ j=certify_spkac(&x,spkac_file,pkey,x509,dgst,attribs,db,
+ serial,days,extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ if (outfile)
+ {
+ output_der = 1;
+ batch = 1;
+ }
+ }
+ }
+ if (infile != NULL)
+ {
+ total++;
+ j=certify(&x,infile,pkey,x509,dgst,attribs,db,
+ serial,days,batch,extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ }
+ for (i=0; i<argc; i++)
+ {
+ total++;
+ j=certify(&x,argv[i],pkey,x509,dgst,attribs,db,
+ serial,days,batch,extensions_sk,verbose);
+ if (j < 0) goto err;
+ if (j > 0)
+ {
+ total_done++;
+ BIO_printf(bio_err,"\n");
+ if (!BN_add_word(serial,1)) goto err;
+ if (!sk_push(cert_sk,(char *)x))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ }
+ /* we have a stack of newly certified certificates
+ * and a data base and serial number that need
+ * updating */
+
+ if (sk_num(cert_sk) > 0)
+ {
+ if (!batch)
+ {
+ BIO_printf(bio_err,"\n%d out of %d certificate requests certified, commit? [y/n]",total_done,total);
+ BIO_flush(bio_err);
+ buf[0][0]='\0';
+ fgets(buf[0],10,stdin);
+ if ((buf[0][0] != 'y') && (buf[0][0] != 'Y'))
+ {
+ BIO_printf(bio_err,"CERTIFICATION CANCELED\n");
+ ret=0;
+ goto err;
+ }
+ }
+
+ BIO_printf(bio_err,"Write out database with %d new entries\n",sk_num(cert_sk));
+
+ strncpy(buf[0],serialfile,BSIZE-4);
+ strcat(buf[0],".new");
+
+ if (!save_serial(buf[0],serial)) goto err;
+
+ strncpy(buf[1],dbfile,BSIZE-4);
+ strcat(buf[1],".new");
+ if (BIO_write_filename(out,buf[1]) <= 0)
+ {
+ perror(dbfile);
+ BIO_printf(bio_err,"unable to open '%s'\n",dbfile);
+ goto err;
+ }
+ l=TXT_DB_write(out,db);
+ if (l <= 0) goto err;
+ }
+
+ if (verbose)
+ BIO_printf(bio_err,"writing new certificates\n");
+ for (i=0; i<sk_num(cert_sk); i++)
+ {
+ int k;
+ unsigned char *n;
+
+ x=(X509 *)sk_value(cert_sk,i);
+
+ j=x->cert_info->serialNumber->length;
+ p=(char *)x->cert_info->serialNumber->data;
+
+ strncpy(buf[2],outdir,BSIZE-(j*2)-6);
+ strcat(buf[2],"/");
+ n=(unsigned char *)&(buf[2][strlen(buf[2])]);
+ if (j > 0)
+ {
+ for (k=0; k<j; k++)
+ {
+ sprintf((char *)n,"%02X",*(p++));
+ n+=2;
+ }
+ }
+ else
+ {
+ *(n++)='0';
+ *(n++)='0';
+ }
+ *(n++)='.'; *(n++)='p'; *(n++)='e'; *(n++)='m';
+ *n='\0';
+ if (verbose)
+ BIO_printf(bio_err,"writing %s\n",buf[2]);
+
+ if (BIO_write_filename(Cout,buf[2]) <= 0)
+ {
+ perror(buf[2]);
+ goto err;
+ }
+ write_new_certificate(Cout,x, 0);
+ write_new_certificate(Sout,x, output_der);
+ }
+
+ if (sk_num(cert_sk))
+ {
+ /* Rename the database and the serial file */
+ strncpy(buf[2],serialfile,BSIZE-4);
+ strcat(buf[2],".old");
+ BIO_free(in);
+ BIO_free(out);
+ in=NULL;
+ out=NULL;
+ if (rename(serialfile,buf[2]) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ serialfile,buf[2]);
+ perror("reason");
+ goto err;
+ }
+ if (rename(buf[0],serialfile) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ buf[0],serialfile);
+ perror("reason");
+ rename(buf[2],serialfile);
+ goto err;
+ }
+
+ strncpy(buf[2],dbfile,BSIZE-4);
+ strcat(buf[2],".old");
+ if (rename(dbfile,buf[2]) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ dbfile,buf[2]);
+ perror("reason");
+ goto err;
+ }
+ if (rename(buf[1],dbfile) < 0)
+ {
+ BIO_printf(bio_err,"unabel to rename %s to %s\n",
+ buf[1],dbfile);
+ perror("reason");
+ rename(buf[2],dbfile);
+ goto err;
+ }
+ BIO_printf(bio_err,"Data Base Updated\n");
+ }
+ }
+
+ /*****************************************************************/
+ if (gencrl)
+ {
+ if ((hex=BIO_new(BIO_s_mem())) == NULL) goto err;
+
+ if (!crldays && !crlhours)
+ {
+ crldays=CONF_get_number(conf,section,
+ ENV_DEFAULT_CRL_DAYS);
+ crlhours=CONF_get_number(conf,section,
+ ENV_DEFAULT_CRL_HOURS);
+ }
+ if ((crldays == 0) && (crlhours == 0))
+ {
+ BIO_printf(bio_err,"cannot lookup how long until the next CRL is issuer\n");
+ goto err;
+ }
+
+ if (verbose) BIO_printf(bio_err,"making CRL\n");
+ if ((crl=X509_CRL_new()) == NULL) goto err;
+ ci=crl->crl;
+ X509_NAME_free(ci->issuer);
+ ci->issuer=X509_NAME_dup(x509->cert_info->subject);
+ if (ci->issuer == NULL) goto err;
+
+ X509_gmtime_adj(ci->lastUpdate,0);
+ X509_gmtime_adj(ci->nextUpdate,(crldays*24+crlhours)*60*60);
+
+ for (i=0; i<sk_num(db->data); i++)
+ {
+ pp=(char **)sk_value(db->data,i);
+ if (pp[DB_type][0] == DB_TYPE_REV)
+ {
+ if ((r=X509_REVOKED_new()) == NULL) goto err;
+ ASN1_STRING_set((ASN1_STRING *)
+ r->revocationDate,
+ (unsigned char *)pp[DB_rev_date],
+ strlen(pp[DB_rev_date]));
+ /* strcpy(r->revocationDate,pp[DB_rev_date]);*/
+
+ BIO_reset(hex);
+ if (!BIO_puts(hex,pp[DB_serial]))
+ goto err;
+ if (!a2i_ASN1_INTEGER(hex,r->serialNumber,
+ buf[0],BSIZE)) goto err;
+
+ sk_push(ci->revoked,(char *)r);
+ }
+ }
+ /* sort the data so it will be written in serial
+ * number order */
+ sk_find(ci->revoked,NULL);
+ for (i=0; i<sk_num(ci->revoked); i++)
+ {
+ r=(X509_REVOKED *)sk_value(ci->revoked,i);
+ r->sequence=i;
+ }
+
+ /* we how have a CRL */
+ if (verbose) BIO_printf(bio_err,"signing CRL\n");
+ if (md != NULL)
+ {
+ if ((dgst=EVP_get_digestbyname(md)) == NULL)
+ {
+ BIO_printf(bio_err,"%s is an unsupported message digest type\n",md);
+ goto err;
+ }
+ }
+ else
+ dgst=EVP_md5();
+ if (!X509_CRL_sign(crl,pkey,dgst)) goto err;
+
+ PEM_write_bio_X509_CRL(Sout,crl);
+ }
+ /*****************************************************************/
+ ret=0;
+err:
+ if (hex != NULL) BIO_free(hex);
+ if (Cout != NULL) BIO_free(Cout);
+ if (Sout != NULL) BIO_free(Sout);
+ if (out != NULL) BIO_free(out);
+ if (in != NULL) BIO_free(in);
+
+ if (cert_sk != NULL) sk_pop_free(cert_sk,X509_free);
+ if (extensions_sk != NULL)
+ sk_pop_free(extensions_sk,X509_EXTENSION_free);
+
+ if (ret) ERR_print_errors(bio_err);
+ if (serial != NULL) BN_free(serial);
+ if (db != NULL) TXT_DB_free(db);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (x509 != NULL) X509_free(x509);
+ if (crl != NULL) X509_CRL_free(crl);
+ if (conf != NULL) CONF_free(conf);
+ X509v3_cleanup_extensions();
+ EXIT(ret);
+ }
+
+static void lookup_fail(name,tag)
+char *name;
+char *tag;
+ {
+ BIO_printf(bio_err,"variable lookup failed for %s::%s\n",name,tag);
+ }
+
+static int MS_CALLBACK key_callback(buf,len,verify)
+char *buf;
+int len,verify;
+ {
+ int i;
+
+ if (key == NULL) return(0);
+ i=strlen(key);
+ i=(i > len)?len:i;
+ memcpy(buf,key,i);
+ return(i);
+ }
+
+static unsigned long index_serial_hash(a)
+char **a;
+ {
+ char *n;
+
+ n=a[DB_serial];
+ while (*n == '0') n++;
+ return(lh_strhash(n));
+ }
+
+static int index_serial_cmp(a,b)
+char **a;
+char **b;
+ {
+ char *aa,*bb;
+
+ for (aa=a[DB_serial]; *aa == '0'; aa++);
+ for (bb=b[DB_serial]; *bb == '0'; bb++);
+ return(strcmp(aa,bb));
+ }
+
+static unsigned long index_name_hash(a)
+char **a;
+ { return(lh_strhash(a[DB_name])); }
+
+static int index_name_qual(a)
+char **a;
+ { return(a[0][0] == 'V'); }
+
+static int index_name_cmp(a,b)
+char **a;
+char **b;
+ { return(strcmp(a[DB_name],b[DB_name])); }
+
+static BIGNUM *load_serial(serialfile)
+char *serialfile;
+ {
+ BIO *in=NULL;
+ BIGNUM *ret=NULL;
+ MS_STATIC char buf[1024];
+ ASN1_INTEGER *ai=NULL;
+
+ if ((in=BIO_new(BIO_s_file())) == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ if (BIO_read_filename(in,serialfile) <= 0)
+ {
+ perror(serialfile);
+ goto err;
+ }
+ ai=ASN1_INTEGER_new();
+ if (ai == NULL) goto err;
+ if (!a2i_ASN1_INTEGER(in,ai,buf,1024))
+ {
+ BIO_printf(bio_err,"unable to load number from %s\n",
+ serialfile);
+ goto err;
+ }
+ ret=ASN1_INTEGER_to_BN(ai,NULL);
+ if (ret == NULL)
+ {
+ BIO_printf(bio_err,"error converting number from bin to BIGNUM");
+ goto err;
+ }
+err:
+ if (in != NULL) BIO_free(in);
+ if (ai != NULL) ASN1_INTEGER_free(ai);
+ return(ret);
+ }
+
+static int save_serial(serialfile,serial)
+char *serialfile;
+BIGNUM *serial;
+ {
+ BIO *out;
+ int ret=0;
+ ASN1_INTEGER *ai=NULL;
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ if (BIO_write_filename(out,serialfile) <= 0)
+ {
+ perror(serialfile);
+ goto err;
+ }
+
+ if ((ai=BN_to_ASN1_INTEGER(serial,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"error converting serial to ASN.1 format\n");
+ goto err;
+ }
+ i2a_ASN1_INTEGER(out,ai);
+ BIO_puts(out,"\n");
+ ret=1;
+err:
+ if (out != NULL) BIO_free(out);
+ if (ai != NULL) ASN1_INTEGER_free(ai);
+ return(ret);
+ }
+
+static int certify(xret,infile,pkey,x509,dgst,policy,db,serial,days,
+ batch,extensions,verbose)
+X509 **xret;
+char *infile;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+int days;
+int batch;
+STACK *extensions;
+int verbose;
+ {
+ X509_REQ *req=NULL;
+ BIO *in=NULL;
+ EVP_PKEY *pktmp=NULL;
+ int ok= -1,i;
+
+ in=BIO_new(BIO_s_file());
+
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto err;
+ }
+ if ((req=PEM_read_bio_X509_REQ(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"Error reading certificate request in %s\n",
+ infile);
+ goto err;
+ }
+ if (verbose)
+ X509_REQ_print(bio_err,req);
+
+ BIO_printf(bio_err,"Check that the request matches the signature\n");
+
+ if ( (req->req_info == NULL) ||
+ (req->req_info->pubkey == NULL) ||
+ (req->req_info->pubkey->public_key == NULL) ||
+ (req->req_info->pubkey->public_key->data == NULL))
+ {
+ BIO_printf(bio_err,"The certificate request appears to corrupted\n");
+ BIO_printf(bio_err,"It does not contain a public key\n");
+ goto err;
+ }
+ if ((pktmp=X509_REQ_get_pubkey(req)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking public key\n");
+ goto err;
+ }
+ i=X509_REQ_verify(req,pktmp);
+ if (i < 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature verification problems....\n");
+ goto err;
+ }
+ if (i == 0)
+ {
+ ok=0;
+ BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ goto err;
+ }
+ else
+ BIO_printf(bio_err,"Signature ok\n");
+
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
+ extensions);
+
+err:
+ if (req != NULL) X509_REQ_free(req);
+ if (in != NULL) BIO_free(in);
+ return(ok);
+ }
+
+static int do_body(xret,pkey,x509,dgst,policy,db,serial,days,batch,verbose,req,
+ extensions)
+X509 **xret;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+int days;
+int batch;
+int verbose;
+X509_REQ *req;
+STACK *extensions;
+ {
+ X509_NAME *name=NULL,*CAname=NULL,*subject=NULL;
+ ASN1_UTCTIME *tm;
+ ASN1_STRING *str,*str2;
+ ASN1_OBJECT *obj;
+ X509 *ret=NULL;
+ X509_CINF *ci;
+ X509_NAME_ENTRY *ne;
+ X509_NAME_ENTRY *tne,*push;
+ X509_EXTENSION *ex=NULL;
+ EVP_PKEY *pktmp;
+ int ok= -1,i,j,last,nid;
+ char *p;
+ CONF_VALUE *cv;
+ char *row[DB_NUMBER],**rrow,**irow=NULL;
+ char buf[25],*pbuf;
+
+ for (i=0; i<DB_NUMBER; i++)
+ row[i]=NULL;
+
+ BIO_printf(bio_err,"The Subjects Distinguished Name is as follows\n");
+ name=X509_REQ_get_subject_name(req);
+ for (i=0; i<X509_NAME_entry_count(name); i++)
+ {
+ ne=(X509_NAME_ENTRY *)X509_NAME_get_entry(name,i);
+ obj=X509_NAME_ENTRY_get_object(ne);
+ j=i2a_ASN1_OBJECT(bio_err,obj);
+ str=X509_NAME_ENTRY_get_data(ne);
+ pbuf=buf;
+ for (j=22-j; j>0; j--)
+ *(pbuf++)=' ';
+ *(pbuf++)=':';
+ *(pbuf++)='\0';
+ BIO_puts(bio_err,buf);
+
+ if (msie_hack)
+ {
+ /* assume all type should be strings */
+ nid=OBJ_obj2nid(ne->object);
+
+ if (str->type == V_ASN1_UNIVERSALSTRING)
+ ASN1_UNIVERSALSTRING_to_string(str);
+
+ if ((str->type == V_ASN1_IA5STRING) &&
+ (nid != NID_pkcs9_emailAddress))
+ str->type=V_ASN1_T61STRING;
+
+ if ((nid == NID_pkcs9_emailAddress) &&
+ (str->type == V_ASN1_PRINTABLESTRING))
+ str->type=V_ASN1_IA5STRING;
+ }
+
+ if (str->type == V_ASN1_PRINTABLESTRING)
+ BIO_printf(bio_err,"PRINTABLE:'");
+ else if (str->type == V_ASN1_T61STRING)
+ BIO_printf(bio_err,"T61STRING:'");
+ else if (str->type == V_ASN1_IA5STRING)
+ BIO_printf(bio_err,"IA5STRING:'");
+ else if (str->type == V_ASN1_UNIVERSALSTRING)
+ BIO_printf(bio_err,"UNIVERSALSTRING:'");
+ else
+ BIO_printf(bio_err,"ASN.1 %2d:'",str->type);
+
+ /* check some things */
+ if ((OBJ_obj2nid(obj) == NID_pkcs9_emailAddress) &&
+ (str->type != V_ASN1_IA5STRING))
+ {
+ BIO_printf(bio_err,"\nemailAddress type needs to be of type IA5STRING\n");
+ goto err;
+ }
+ j=ASN1_PRINTABLE_type(str->data,str->length);
+ if ( ((j == V_ASN1_T61STRING) &&
+ (str->type != V_ASN1_T61STRING)) ||
+ ((j == V_ASN1_IA5STRING) &&
+ (str->type == V_ASN1_PRINTABLESTRING)))
+ {
+ BIO_printf(bio_err,"\nThe string contains characters that are illegal for the ASN.1 type\n");
+ goto err;
+ }
+
+ p=(char *)str->data;
+ for (j=str->length; j>0; j--)
+ {
+ if ((*p >= ' ') && (*p <= '~'))
+ BIO_printf(bio_err,"%c",*p);
+ else if (*p & 0x80)
+ BIO_printf(bio_err,"\\0x%02X",*p);
+ else if ((unsigned char)*p == 0xf7)
+ BIO_printf(bio_err,"^?");
+ else BIO_printf(bio_err,"^%c",*p+'@');
+ p++;
+ }
+ BIO_printf(bio_err,"'\n");
+ }
+
+ /* Ok, now we check the 'policy' stuff. */
+ if ((subject=X509_NAME_new()) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+
+ /* take a copy of the issuer name before we mess with it. */
+ CAname=X509_NAME_dup(x509->cert_info->subject);
+ if (CAname == NULL) goto err;
+ str=str2=NULL;
+
+ for (i=0; i<sk_num(policy); i++)
+ {
+ cv=(CONF_VALUE *)sk_value(policy,i); /* get the object id */
+ if ((j=OBJ_txt2nid(cv->name)) == NID_undef)
+ {
+ BIO_printf(bio_err,"%s:unknown object type in 'policy' configuration\n",cv->name);
+ goto err;
+ }
+ obj=OBJ_nid2obj(j);
+
+ last= -1;
+ for (;;)
+ {
+ /* lookup the object in the supplied name list */
+ j=X509_NAME_get_index_by_OBJ(name,obj,last);
+ if (j < 0)
+ {
+ if (last != -1) break;
+ tne=NULL;
+ }
+ else
+ {
+ tne=X509_NAME_get_entry(name,j);
+ }
+ last=j;
+
+ /* depending on the 'policy', decide what to do. */
+ push=NULL;
+ if (strcmp(cv->value,"optional") == 0)
+ {
+ if (tne != NULL)
+ push=tne;
+ }
+ else if (strcmp(cv->value,"supplied") == 0)
+ {
+ if (tne == NULL)
+ {
+ BIO_printf(bio_err,"The %s field needed to be supplied and was missing\n",cv->name);
+ goto err;
+ }
+ else
+ push=tne;
+ }
+ else if (strcmp(cv->value,"match") == 0)
+ {
+ int last2;
+
+ if (tne == NULL)
+ {
+ BIO_printf(bio_err,"The mandatory %s field was missing\n",cv->name);
+ goto err;
+ }
+
+ last2= -1;
+
+again2:
+ j=X509_NAME_get_index_by_OBJ(CAname,obj,last2);
+ if ((j < 0) && (last2 == -1))
+ {
+ BIO_printf(bio_err,"The %s field does not exist in the CA certificate,\nthe 'policy' is misconfigured\n",cv->name);
+ goto err;
+ }
+ if (j >= 0)
+ {
+ push=X509_NAME_get_entry(CAname,j);
+ str=X509_NAME_ENTRY_get_data(tne);
+ str2=X509_NAME_ENTRY_get_data(push);
+ last2=j;
+ if (ASN1_STRING_cmp(str,str2) != 0)
+ goto again2;
+ }
+ if (j < 0)
+ {
+ BIO_printf(bio_err,"The %s field needed to be the same in the\nCA certificate (%s) and the request (%s)\n",cv->name,((str == NULL)?"NULL":(char *)str->data),((str2 == NULL)?"NULL":(char *)str2->data));
+ goto err;
+ }
+ }
+ else
+ {
+ BIO_printf(bio_err,"%s:invalid type in 'policy' configuration\n",cv->value);
+ goto err;
+ }
+
+ if (push != NULL)
+ {
+ if (!X509_NAME_add_entry(subject,push,
+ X509_NAME_entry_count(subject),0))
+ {
+ if (push != NULL)
+ X509_NAME_ENTRY_free(push);
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ }
+ if (j < 0) break;
+ }
+ }
+
+ if (preserve)
+ {
+ X509_NAME_free(subject);
+ subject=X509_NAME_dup(X509_REQ_get_subject_name(req));
+ if (subject == NULL) goto err;
+ }
+
+ if (verbose)
+ BIO_printf(bio_err,"The subject name apears to be ok, checking data base for clashes\n");
+
+ row[DB_name]=X509_NAME_oneline(subject,NULL,0);
+ row[DB_serial]=BN_bn2ascii(serial);
+ if ((row[DB_name] == NULL) || (row[DB_serial] == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+
+ rrow=TXT_DB_get_by_index(db,DB_name,row);
+ if (rrow != NULL)
+ {
+ BIO_printf(bio_err,"ERROR:There is already a certificate for %s\n",
+ row[DB_name]);
+ }
+ else
+ {
+ rrow=TXT_DB_get_by_index(db,DB_serial,row);
+ if (rrow != NULL)
+ {
+ BIO_printf(bio_err,"ERROR:Serial number %s has already been issued,\n",
+ row[DB_serial]);
+ BIO_printf(bio_err," check the database/serial_file for corruption\n");
+ }
+ }
+
+ if (rrow != NULL)
+ {
+ BIO_printf(bio_err,
+ "The matching entry has the following details\n");
+ if (rrow[DB_type][0] == 'E')
+ p="Expired";
+ else if (rrow[DB_type][0] == 'R')
+ p="Revoked";
+ else if (rrow[DB_type][0] == 'V')
+ p="Valid";
+ else
+ p="\ninvalid type, Data base error\n";
+ BIO_printf(bio_err,"Type :%s\n",p);;
+ if (rrow[DB_type][0] == 'R')
+ {
+ p=rrow[DB_exp_date]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Was revoked on:%s\n",p);
+ }
+ p=rrow[DB_exp_date]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Expires on :%s\n",p);
+ p=rrow[DB_serial]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Serial Number :%s\n",p);
+ p=rrow[DB_file]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"File name :%s\n",p);
+ p=rrow[DB_name]; if (p == NULL) p="undef";
+ BIO_printf(bio_err,"Subject Name :%s\n",p);
+ ok= -1; /* This is now a 'bad' error. */
+ goto err;
+ }
+
+ /* We are now totaly happy, lets make and sign the certificate */
+ if (verbose)
+ BIO_printf(bio_err,"Everything appears to be ok, creating and signing the certificate\n");
+
+ if ((ret=X509_new()) == NULL) goto err;
+ ci=ret->cert_info;
+
+#ifdef X509_V3
+ /* Make it an X509 v3 certificate. */
+ if (!X509_set_version(x509,2)) goto err;
+#endif
+
+ if (BN_to_ASN1_INTEGER(serial,ci->serialNumber) == NULL)
+ goto err;
+ if (!X509_set_issuer_name(ret,X509_get_subject_name(x509)))
+ goto err;
+
+ BIO_printf(bio_err,"Certificate is to be certified until ");
+ X509_gmtime_adj(X509_get_notBefore(ret),0);
+ X509_gmtime_adj(X509_get_notAfter(ret),(long)60*60*24*days);
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ret));
+ BIO_printf(bio_err," (%d days)\n",days);
+
+ if (!X509_set_subject_name(ret,subject)) goto err;
+
+ pktmp=X509_REQ_get_pubkey(req);
+ if (!X509_set_pubkey(ret,pktmp)) goto err;
+
+ /* Lets add the extensions, if there are any */
+ if ((extensions != NULL) && (sk_num(extensions) > 0))
+ {
+ if (ci->version == NULL)
+ if ((ci->version=ASN1_INTEGER_new()) == NULL)
+ goto err;
+ ASN1_INTEGER_set(ci->version,2); /* version 3 certificate */
+
+ /* Free the current entries if any, there should not
+ * be any I belive */
+ if (ci->extensions != NULL)
+ sk_pop_free(ci->extensions,X509_EXTENSION_free);
+
+ if ((ci->extensions=sk_new_null()) == NULL)
+ goto err;
+
+ /* Lets 'copy' in the new ones */
+ for (i=0; i<sk_num(extensions); i++)
+ {
+ ex=X509_EXTENSION_dup((X509_EXTENSION *)
+ sk_value(extensions,i));
+ if (ex == NULL) goto err;
+ if (!sk_push(ci->extensions,(char *)ex)) goto err;
+ }
+ }
+
+
+ if (!batch)
+ {
+ BIO_printf(bio_err,"Sign the certificate? [y/n]:");
+ BIO_flush(bio_err);
+ buf[0]='\0';
+ fgets(buf,sizeof(buf)-1,stdin);
+ if (!((buf[0] == 'y') || (buf[0] == 'Y')))
+ {
+ BIO_printf(bio_err,"CERTIFICATE WILL NOT BE CERTIFIED\n");
+ ok=0;
+ goto err;
+ }
+ }
+
+#ifndef NO_DSA
+ pktmp=X509_get_pubkey(ret);
+ if (EVP_PKEY_missing_parameters(pktmp) &&
+ !EVP_PKEY_missing_parameters(pkey))
+ EVP_PKEY_copy_parameters(pktmp,pkey);
+#endif
+
+ if (!X509_sign(ret,pkey,dgst))
+ goto err;
+
+ /* We now just add it to the database */
+ row[DB_type]=(char *)Malloc(2);
+
+ tm=X509_get_notAfter(ret);
+ row[DB_exp_date]=(char *)Malloc(tm->length+1);
+ memcpy(row[DB_exp_date],tm->data,tm->length);
+ row[DB_exp_date][tm->length]='\0';
+
+ row[DB_rev_date]=NULL;
+
+ /* row[DB_serial] done already */
+ row[DB_file]=(char *)Malloc(8);
+ /* row[DB_name] done already */
+
+ if ((row[DB_type] == NULL) || (row[DB_exp_date] == NULL) ||
+ (row[DB_file] == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ strcpy(row[DB_file],"unknown");
+ row[DB_type][0]='V';
+ row[DB_type][1]='\0';
+
+ if ((irow=(char **)Malloc(sizeof(char *)*(DB_NUMBER+1))) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+
+ for (i=0; i<DB_NUMBER; i++)
+ {
+ irow[i]=row[i];
+ row[i]=NULL;
+ }
+ irow[DB_NUMBER]=NULL;
+
+ if (!TXT_DB_insert(db,irow))
+ {
+ BIO_printf(bio_err,"failed to update database\n");
+ BIO_printf(bio_err,"TXT_DB error number %ld\n",db->error);
+ goto err;
+ }
+ ok=1;
+err:
+ for (i=0; i<DB_NUMBER; i++)
+ if (row[i] != NULL) Free(row[i]);
+
+ if (CAname != NULL)
+ X509_NAME_free(CAname);
+ if (subject != NULL)
+ X509_NAME_free(subject);
+ if (ok <= 0)
+ {
+ if (ret != NULL) X509_free(ret);
+ ret=NULL;
+ }
+ else
+ *xret=ret;
+ return(ok);
+ }
+
+static void write_new_certificate(bp,x, output_der)
+BIO *bp;
+X509 *x;
+int output_der;
+ {
+ char *f;
+ char buf[256];
+
+ if (output_der)
+ {
+ (void)i2d_X509_bio(bp,x);
+ return;
+ }
+
+ f=X509_NAME_oneline(X509_get_issuer_name(x),buf,256);
+ BIO_printf(bp,"issuer :%s\n",f);
+
+ f=X509_NAME_oneline(X509_get_subject_name(x),buf,256);
+ BIO_printf(bp,"subject:%s\n",f);
+
+ BIO_puts(bp,"serial :");
+ i2a_ASN1_INTEGER(bp,x->cert_info->serialNumber);
+ BIO_puts(bp,"\n\n");
+ X509_print(bp,x);
+ BIO_puts(bp,"\n");
+ PEM_write_bio_X509(bp,x);
+ BIO_puts(bp,"\n");
+ }
+
+static int certify_spkac(xret,infile,pkey,x509,dgst,policy,db,serial,days,
+ extensions,verbose)
+X509 **xret;
+char *infile;
+EVP_PKEY *pkey;
+X509 *x509;
+EVP_MD *dgst;
+STACK *policy;
+TXT_DB *db;
+BIGNUM *serial;
+int days;
+STACK *extensions;
+int verbose;
+ {
+ STACK *sk=NULL;
+ LHASH *parms=NULL;
+ X509_REQ *req=NULL;
+ CONF_VALUE *cv=NULL;
+ NETSCAPE_SPKI *spki = NULL;
+ unsigned char *spki_der = NULL,*p;
+ X509_REQ_INFO *ri;
+ char *type,*buf;
+ EVP_PKEY *pktmp=NULL;
+ X509_NAME *n=NULL;
+ X509_NAME_ENTRY *ne=NULL;
+ int ok= -1,i,j;
+ long errline;
+ int nid;
+
+ /*
+ * Load input file into a hash table. (This is just an easy
+ * way to read and parse the file, then put it into a convenient
+ * STACK format).
+ */
+ parms=CONF_load(NULL,infile,&errline);
+ if (parms == NULL)
+ {
+ BIO_printf(bio_err,"error on line %ld of %s\n",errline,infile);
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ sk=CONF_get_section(parms, "default");
+ if (sk_num(sk) == 0)
+ {
+ BIO_printf(bio_err, "no name/value pairs found in %s\n", infile);
+ CONF_free(parms);
+ goto err;
+ }
+
+ /*
+ * Now create a dummy X509 request structure. We don't actually
+ * have an X509 request, but we have many of the components
+ * (a public key, various DN components). The idea is that we
+ * put these components into the right X509 request structure
+ * and we can use the same code as if you had a real X509 request.
+ */
+ req=X509_REQ_new();
+ if (req == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ /*
+ * Build up the subject name set.
+ */
+ ri=req->req_info;
+ n = ri->subject;
+
+ for (i = 0; ; i++)
+ {
+ if ((int)sk_num(sk) <= i) break;
+
+ cv=(CONF_VALUE *)sk_value(sk,i);
+ type=cv->name;
+ buf=cv->value;
+
+ if ((nid=OBJ_txt2nid(type)) == NID_undef)
+ {
+ if (strcmp(type, "SPKAC") == 0)
+ {
+ spki_der=(unsigned char *)Malloc(
+ strlen(cv->value)+1);
+ if (spki_der == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto err;
+ }
+ j = EVP_DecodeBlock(spki_der, (unsigned char *)cv->value,
+ strlen(cv->value));
+ if (j <= 0)
+ {
+ BIO_printf(bio_err, "Can't b64 decode SPKAC structure\n");
+ goto err;
+ }
+
+ p=spki_der;
+ spki = d2i_NETSCAPE_SPKI(&spki, &p, j);
+ Free(spki_der);
+ spki_der = NULL;
+ if (spki == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Netscape SPKAC structure\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ continue;
+ }
+
+ j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
+ if (fix_data(nid, &j) == 0)
+ {
+ BIO_printf(bio_err,
+ "invalid characters in string %s\n",buf);
+ goto err;
+ }
+
+ if ((ne=X509_NAME_ENTRY_create_by_NID(&ne,nid,j,
+ (unsigned char *)buf,
+ strlen(buf))) == NULL)
+ goto err;
+
+ if (!X509_NAME_add_entry(n,ne,X509_NAME_entry_count(n),0))
+ goto err;
+ }
+ if (spki == NULL)
+ {
+ BIO_printf(bio_err,"Netscape SPKAC structure not found in %s\n",
+ infile);
+ goto err;
+ }
+
+ /*
+ * Now extract the key from the SPKI structure.
+ */
+
+ BIO_printf(bio_err,"Check that the SPKAC request matches the signature\n");
+
+ if ((pktmp=X509_PUBKEY_get(spki->spkac->pubkey)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking SPKAC public key\n");
+ goto err;
+ }
+
+ j = NETSCAPE_SPKI_verify(spki, pktmp);
+ if (j <= 0)
+ {
+ BIO_printf(bio_err,"signature verification failed on SPKAC public key\n");
+ goto err;
+ }
+ BIO_printf(bio_err,"Signature ok\n");
+
+ X509_REQ_set_pubkey(req,pktmp);
+ ok=do_body(xret,pkey,x509,dgst,policy,db,serial,days,1,verbose,req,
+ extensions);
+err:
+ if (req != NULL) X509_REQ_free(req);
+ if (parms != NULL) CONF_free(parms);
+ if (spki_der != NULL) Free(spki_der);
+ if (spki != NULL) NETSCAPE_SPKI_free(spki);
+ if (ne != NULL) X509_NAME_ENTRY_free(ne);
+
+ return(ok);
+ }
+
+static int fix_data(nid,type)
+int nid;
+int *type;
+ {
+ if (nid == NID_pkcs9_emailAddress)
+ *type=V_ASN1_IA5STRING;
+ if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+ if ((nid == NID_pkcs9_challengePassword) && (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+ if ((nid == NID_pkcs9_unstructuredName) && (*type == V_ASN1_T61STRING))
+ return(0);
+ if (nid == NID_pkcs9_unstructuredName)
+ *type=V_ASN1_IA5STRING;
+ return(1);
+ }
+
+
+static STACK *load_extensions(sec)
+char *sec;
+ {
+ STACK *ext;
+ STACK *ret=NULL;
+ CONF_VALUE *cv;
+ ASN1_OCTET_STRING *str=NULL;
+ ASN1_STRING *tmp=NULL;
+ X509_EXTENSION *x;
+ BIO *mem=NULL;
+ BUF_MEM *buf=NULL;
+ int i,nid,len;
+ unsigned char *ptr;
+ int pack_type;
+ int data_type;
+
+ if ((ext=CONF_get_section(conf,sec)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to find extension section called '%s'\n",sec);
+ return(NULL);
+ }
+
+ if ((ret=sk_new_null()) == NULL) return(NULL);
+
+ for (i=0; i<sk_num(ext); i++)
+ {
+ cv=(CONF_VALUE *)sk_value(ext,i); /* get the object id */
+ if ((nid=OBJ_txt2nid(cv->name)) == NID_undef)
+ {
+ BIO_printf(bio_err,"%s:unknown object type in section, '%s'\n",sec,cv->name);
+ goto err;
+ }
+
+ pack_type=X509v3_pack_type_by_NID(nid);
+ data_type=X509v3_data_type_by_NID(nid);
+
+ /* pack up the input bytes */
+ ptr=(unsigned char *)cv->value;
+ len=strlen((char *)ptr);
+ if ((len > 2) && (cv->value[0] == '0') &&
+ (cv->value[1] == 'x'))
+ {
+ if (data_type == V_ASN1_UNDEF)
+ {
+ BIO_printf(bio_err,"data type for extension %s is unknown\n",cv->name);
+ goto err;
+ }
+ if (mem == NULL)
+ if ((mem=BIO_new(BIO_s_mem())) == NULL)
+ goto err;
+ if (((buf=BUF_MEM_new()) == NULL) ||
+ !BUF_MEM_grow(buf,128))
+ goto err;
+ if ((tmp=ASN1_STRING_new()) == NULL) goto err;
+
+ BIO_reset(mem);
+ BIO_write(mem,(char *)&(ptr[2]),len-2);
+ if (!a2i_ASN1_STRING(mem,tmp,buf->data,buf->max))
+ goto err;
+ len=tmp->length;
+ ptr=tmp->data;
+ }
+
+ switch (pack_type)
+ {
+ case X509_EXT_PACK_STRING:
+ if ((str=X509v3_pack_string(&str,
+ data_type,ptr,len)) == NULL)
+ goto err;
+ break;
+ case X509_EXT_PACK_UNKNOWN:
+ default:
+ BIO_printf(bio_err,"Don't know how to pack extension %s\n",cv->name);
+ goto err;
+ break;
+ }
+
+ if ((x=X509_EXTENSION_create_by_NID(NULL,nid,0,str)) == NULL)
+ goto err;
+ sk_push(ret,(char *)x);
+ }
+
+ if (0)
+ {
+err:
+ if (ret != NULL) sk_pop_free(ret,X509_EXTENSION_free);
+ ret=NULL;
+ }
+ if (str != NULL) ASN1_OCTET_STRING_free(str);
+ if (tmp != NULL) ASN1_STRING_free(tmp);
+ if (buf != NULL) BUF_MEM_free(buf);
+ if (mem != NULL) BIO_free(mem);
+ return(ret);
+ }
+
+static int check_time_format(str)
+char *str;
+ {
+ ASN1_UTCTIME tm;
+
+ tm.data=(unsigned char *)str;
+ tm.length=strlen(str);
+ tm.type=V_ASN1_UTCTIME;
+ return(ASN1_UTCTIME_check(&tm));
+ }
+
diff --git a/apps/ciphers.c b/apps/ciphers.c
new file mode 100644
index 0000000..16ff2b4
--- /dev/null
+++ b/apps/ciphers.c
@@ -0,0 +1,191 @@
+/* apps/ciphers.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "err.h"
+#include "ssl.h"
+
+#undef PROG
+#define PROG ciphers_main
+
+static char *ciphers_usage[]={
+"usage: ciphers args\n",
+" -v - verbose mode, a textual listing of the ciphers in SSLeay\n",
+" -ssl2 - SSL2 mode\n",
+" -ssl3 - SSL3 mode\n",
+NULL
+};
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1,i;
+ int verbose=0;
+ char **pp,*p;
+ int badops=0;
+ SSL_CTX *ctx=NULL;
+ SSL *ssl=NULL;
+ char *ciphers=NULL;
+ SSL_METHOD *meth=NULL;
+ STACK *sk;
+ char buf[512];
+ BIO *STDout=NULL;
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_server_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_server_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_server_method();
+#endif
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ meth=SSLv3_client_method();
+#endif
+ else if ((strncmp(*argv,"-h",2) == 0) ||
+ (strcmp(*argv,"-?") == 0))
+ {
+ badops=1;
+ break;
+ }
+ else
+ {
+ ciphers= *argv;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+ for (pp=ciphers_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ SSLeay_add_ssl_algorithms();
+
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL) goto err;
+ if (ciphers != NULL)
+ SSL_CTX_set_cipher_list(ctx,ciphers);
+ ssl=SSL_new(ctx);
+ if (ssl == NULL) goto err;
+
+
+ if (!verbose)
+ {
+ for (i=0; ; i++)
+ {
+ p=SSL_get_cipher_list(ssl,i);
+ if (p == NULL) break;
+ if (i != 0) BIO_printf(STDout,":");
+ BIO_printf(STDout,"%s",p);
+ }
+ BIO_printf(STDout,"\n");
+ }
+ else
+ {
+ sk=SSL_get_ciphers(ssl);
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ BIO_puts(STDout,SSL_CIPHER_description(
+ (SSL_CIPHER *)sk_value(sk,i),
+ buf,512));
+ }
+ }
+
+ ret=0;
+ if (0)
+ {
+err:
+ SSL_load_error_strings();
+ ERR_print_errors(bio_err);
+ }
+end:
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (ssl != NULL) SSL_free(ssl);
+ if (STDout != NULL) BIO_free(STDout);
+ EXIT(ret);
+ }
+
diff --git a/apps/client.pem b/apps/client.pem
new file mode 100644
index 0000000..307910e
--- /dev/null
+++ b/apps/client.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Client test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQIwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU2WhcNOTgwNjA5
+MTM1NzU2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGkNsaWVudCB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALtv55QyzG6i2Plw
+Z1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexmq/R4KedLjFEIYjocDui+IXs62NNt
+XrT8odkCAwEAATANBgkqhkiG9w0BAQQFAAOBgQBwtMmI7oGUG8nKmftQssATViH5
+NRRtoEw07DxJp/LfatHdrhqQB73eGdL5WILZJXk46Xz2e9WMSUjVCSYhdKxtflU3
+UR2Ajv1Oo0sTNdfz0wDqJNirLNtzyhhsaq8qMTrLwXrCP31VxBiigFSQSUFnZyTE
+9TKwhS4GlwbtCfxSKQ==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBALtv55QyzG6i2PlwZ1pah7++Gv8L5j6Hnyr/uTZE1NLG0ABDDexm
+q/R4KedLjFEIYjocDui+IXs62NNtXrT8odkCAwEAAQJAbwXq0vJ/+uyEvsNgxLko
+/V86mGXQ/KrSkeKlL0r4ENxjcyeMAGoKu6J9yMY7+X9+Zm4nxShNfTsf/+Freoe1
+HQIhAPOSm5Q1YI+KIsII2GeVJx1U69+wnd71OasIPakS1L1XAiEAxQAW+J3/JWE0
+ftEYakbhUOKL8tD1OaFZS71/5GdG7E8CIQCefUMmySSvwd6kC0VlATSWbW+d+jp/
+nWmM1KvqnAo5uQIhALqEADu5U1Wvt8UN8UDGBRPQulHWNycuNV45d3nnskWPAiAw
+ueTyr6WsZ5+SD8g/Hy3xuvF3nPmJRH+rwvVihlcFOg==
+-----END RSA PRIVATE KEY-----
diff --git a/apps/crl.c b/apps/crl.c
new file mode 100644
index 0000000..9642ee5
--- /dev/null
+++ b/apps/crl.c
@@ -0,0 +1,330 @@
+/* apps/crl.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG crl_main
+
+#undef POSTFIX
+#define POSTFIX ".rvk"
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+static char *crl_usage[]={
+"usage: crl args\n",
+"\n",
+" -inform arg - input format - default PEM (one of DER, TXT or PEM)\n",
+" -outform arg - output format - default PEM\n",
+" -text - print out a text format version\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -hash - print hash value\n",
+" -issuer - print issuer DN\n",
+" -lastupdate - lastUpdate field\n",
+" -nextupdate - nextUpdate field\n",
+" -noout - no CRL output\n",
+NULL
+};
+
+#ifndef NOPROTO
+static X509_CRL *load_crl(char *file, int format);
+#else
+static X509_CRL *load_crl();
+#endif
+
+static BIO *bio_out=NULL;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ X509_CRL *x=NULL;
+ int ret=1,i,num,badops=0;
+ BIO *out=NULL;
+ int informat,outformat;
+ char *infile=NULL,*outfile=NULL;
+ char *str=NULL;
+ int hash=0,issuer=0,lastupdate=0,nextupdate=0,noout=0;
+ char **pp,buf[256];
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ if (bio_out == NULL)
+ if ((bio_out=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_out,stdout,BIO_NOCLOSE);
+
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ argc--;
+ argv++;
+ num=0;
+ while (argc >= 1)
+ {
+#ifdef undef
+ if (strcmp(*argv,"-p") == 0)
+ {
+ if (--argc < 1) goto bad;
+ if (!args_from_file(++argv,Nargc,Nargv)) { goto end; }*/
+ }
+#endif
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-text") == 0)
+ {
+ outformat=FORMAT_TEXT;
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-hash") == 0)
+ hash= ++num;
+ else if (strcmp(*argv,"-issuer") == 0)
+ issuer= ++num;
+ else if (strcmp(*argv,"-lastupdate") == 0)
+ lastupdate= ++num;
+ else if (strcmp(*argv,"-nextupdate") == 0)
+ nextupdate= ++num;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout= ++num;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (outformat == FORMAT_TEXT)
+ {
+ num=0;
+ issuer= ++num;
+ lastupdate= ++num;
+ nextupdate= ++num;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=crl_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+ x=load_crl(infile,informat);
+ if (x == NULL) { goto end; }
+
+ if (num)
+ {
+ for (i=1; i<=num; i++)
+ {
+ if (issuer == i)
+ {
+ X509_NAME_oneline(x->crl->issuer,buf,256);
+ fprintf(stdout,"issuer= %s\n",str);
+ }
+
+ if (hash == i)
+ {
+ fprintf(stdout,"%08lx\n",
+ X509_NAME_hash(x->crl->issuer));
+ }
+ if (lastupdate == i)
+ {
+ fprintf(stdout,"lastUpdate=");
+ ASN1_UTCTIME_print(bio_out,x->crl->lastUpdate);
+ fprintf(stdout,"\n");
+ }
+ if (nextupdate == i)
+ {
+ fprintf(stdout,"nextUpdate=");
+ ASN1_UTCTIME_print(bio_out,x->crl->nextUpdate);
+ fprintf(stdout,"\n");
+ }
+ }
+ }
+
+ if (noout) goto end;
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=(int)i2d_X509_CRL_bio(out,x);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509_CRL(out,x);
+ else if (outformat == FORMAT_TEXT)
+ {
+ X509_REVOKED *r;
+
+ while ((r=(X509_REVOKED *)sk_pop(x->crl->revoked)) != NULL)
+ {
+ fprintf(stdout,"revoked: serialNumber=");
+ i2a_ASN1_INTEGER(out,r->serialNumber);
+ fprintf(stdout," revocationDate=");
+ ASN1_UTCTIME_print(bio_out,r->revocationDate);
+ fprintf(stdout,"\n");
+ }
+ i=1;
+ }
+ else
+ {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) { BIO_printf(bio_err,"unable to write CRL\n"); goto end; }
+ ret=0;
+end:
+ if (out != NULL) BIO_free(out);
+ if (bio_out != NULL) BIO_free(bio_out);
+ if (x != NULL) X509_CRL_free(x);
+ EXIT(ret);
+ }
+
+static X509_CRL *load_crl(infile, format)
+char *infile;
+int format;
+ {
+ X509_CRL *x=NULL;
+ BIO *in=NULL;
+
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (format == FORMAT_ASN1)
+ x=d2i_X509_CRL_bio(in,NULL);
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_X509_CRL(in,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input crl\n");
+ goto end;
+ }
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CRL\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+end:
+ if (in != NULL) BIO_free(in);
+ return(x);
+ }
+
diff --git a/apps/crl.out b/apps/crl.out
new file mode 100644
index 0000000..85d10e9
--- /dev/null
+++ b/apps/crl.out
@@ -0,0 +1,8 @@
+-----BEGIN X509 CRL-----
+MIIBDjCBuTANBgkqhkiG9w0BAQQFADBgMQswCQYDVQQGEwJBVTEMMAoGA1UECBMD
+UUxEMRkwFwYDVQQKExBNaW5jb20gUHR5LiBMdGQuMQswCQYDVQQLEwJDUzEbMBkG
+A1UEAxMSU1NMZWF5IGRlbW8gc2VydmVyFw05NzA3MDkwMDAwMjJaFw05NzA4MDgw
+MDAwMjJaMCgwEgIBARcNOTUxMDA5MjMzMjA1WjASAgEDFw05NTEyMDEwMTAwMDBa
+MA0GCSqGSIb3DQEBBAUAA0EAcEBIWVZPXxSlLMPPLfBi4s0N3lzTgskZkgO6pjZi
+oQRwh5vi5zFqDNQteGx7RTHpUYntgyoAZ87FZE0GOJgBaQ==
+-----END X509 CRL-----
diff --git a/apps/crl2p7.c b/apps/crl2p7.c
new file mode 100644
index 0000000..04bb1a1
--- /dev/null
+++ b/apps/crl2p7.c
@@ -0,0 +1,334 @@
+/* apps/crl2p7.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This was written by Gordon Chaffee <chaffee@plateau.cs.berkeley.edu>
+ * and donated 'to the cause' along with lots and lots of other fixes to
+ * the library. */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "err.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static int add_certs_from_file(STACK *stack, char *certfile);
+#else
+static int add_certs_from_file();
+#endif
+
+#undef PROG
+#define PROG crl2pkcs7_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,badops=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat;
+ char *infile,*outfile,*prog,*certfile;
+ PKCS7 *p7 = NULL;
+ PKCS7_SIGNED *p7s = NULL;
+ X509_CRL *crl=NULL;
+ STACK *crl_stack=NULL;
+ STACK *cert_stack=NULL;
+ int ret=1,nocrl=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+ certfile=NULL;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-nocrl") == 0)
+ {
+ nocrl=1;
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-certfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ certfile= *(++argv);
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -certfile arg certificates file of chain to a trusted CA\n");
+ BIO_printf(bio_err," -nocrl no crl to load, just certs from '-certfile'\n");
+ EXIT(1);
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (!nocrl)
+ {
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ crl=d2i_X509_CRL_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ crl=PEM_read_bio_X509_CRL(in,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input crl\n");
+ goto end;
+ }
+ if (crl == NULL)
+ {
+ BIO_printf(bio_err,"unable to load CRL\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if ((p7=PKCS7_new()) == NULL) goto end;
+ if ((p7s=PKCS7_SIGNED_new()) == NULL) goto end;
+ p7->type=OBJ_nid2obj(NID_pkcs7_signed);
+ p7->d.sign=p7s;
+ p7s->contents->type=OBJ_nid2obj(NID_pkcs7_data);
+
+ if (!ASN1_INTEGER_set(p7s->version,1)) goto end;
+ if ((crl_stack=sk_new(NULL)) == NULL) goto end;
+ p7s->crl=crl_stack;
+ if (crl != NULL)
+ {
+ sk_push(crl_stack,(char *)crl);
+ crl=NULL; /* now part of p7 for Freeing */
+ }
+
+ if ((cert_stack=sk_new(NULL)) == NULL) goto end;
+ p7s->cert=cert_stack;
+
+ if (certfile != NULL)
+ {
+ if (add_certs_from_file(cert_stack,certfile) < 0)
+ {
+ BIO_printf(bio_err,"error loading certificates\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=i2d_PKCS7_bio(out,p7);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_PKCS7(out,p7);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write pkcs7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (p7 != NULL) PKCS7_free(p7);
+ if (crl != NULL) X509_CRL_free(crl);
+
+ EXIT(ret);
+ }
+
+/*
+ *----------------------------------------------------------------------
+ * int add_certs_from_file
+ *
+ * Read a list of certificates to be checked from a file.
+ *
+ * Results:
+ * number of certs added if successful, -1 if not.
+ *----------------------------------------------------------------------
+ */
+static int add_certs_from_file(stack,certfile)
+STACK *stack;
+char *certfile;
+ {
+ struct stat st;
+ BIO *in=NULL;
+ int count=0;
+ int ret= -1;
+ STACK *sk=NULL;
+ X509_INFO *xi;
+
+ if ((stat(certfile,&st) != 0))
+ {
+ BIO_printf(bio_err,"unable to file the file, %s\n",certfile);
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ if ((in == NULL) || (BIO_read_filename(in,certfile) <= 0))
+ {
+ goto end;
+ }
+
+ /* This loads from a file, a stack of x509/crl/pkey sets */
+ sk=PEM_X509_INFO_read_bio(in,NULL,NULL);
+ if (sk == NULL) goto end;
+
+ /* scan over it and pull out the CRL's */
+ while (sk_num(sk))
+ {
+ xi=(X509_INFO *)sk_shift(sk);
+ if (xi->x509 != NULL)
+ {
+ sk_push(stack,(char *)xi->x509);
+ xi->x509=NULL;
+ count++;
+ }
+ X509_INFO_free(xi);
+ }
+
+ ret=count;
+end:
+ /* never need to Free x */
+ if (in != NULL) BIO_free(in);
+ if (sk != NULL) sk_free(sk);
+ return(ret);
+ }
+
diff --git a/apps/demoCA/cacert.pem b/apps/demoCA/cacert.pem
new file mode 100644
index 0000000..affbce3
--- /dev/null
+++ b/apps/demoCA/cacert.pem
@@ -0,0 +1,14 @@
+subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
diff --git a/apps/demoCA/index.txt b/apps/demoCA/index.txt
new file mode 100644
index 0000000..2cdd252
--- /dev/null
+++ b/apps/demoCA/index.txt
@@ -0,0 +1,39 @@
+R 980705233205Z 951009233205Z 01 certs/00000001 /CN=Eric Young
+E 951009233205Z 02 certs/00000002 /CN=Duncan Young
+R 980705233205Z 951201010000Z 03 certs/00000003 /CN=Tim Hudson
+V 980705233205Z 04 certs/00000004 /CN=Eric Young4
+V 980705233205Z 05 certs/00000004 /CN=Eric Young5
+V 980705233205Z 06 certs/00000004 /CN=Eric Young6
+V 980705233205Z 07 certs/00000004 /CN=Eric Young7
+V 980705233205Z 08 certs/00000004 /CN=Eric Young8
+V 980705233205Z 09 certs/00000004 /CN=Eric Young9
+V 980705233205Z 0A certs/00000004 /CN=Eric YoungA
+V 980705233205Z 0B certs/00000004 /CN=Eric YoungB
+V 980705233205Z 0C certs/00000004 /CN=Eric YoungC
+V 980705233205Z 0D certs/00000004 /CN=Eric YoungD
+V 980705233205Z 0E certs/00000004 /CN=Eric YoungE
+V 980705233205Z 0F certs/00000004 /CN=Eric YoungF
+V 980705233205Z 10 certs/00000004 /CN=Eric Young10
+V 980705233205Z 11 certs/00000004 /CN=Eric Young11
+V 980705233205Z 12 certs/00000004 /CN=Eric Young12
+V 980705233205Z 13 certs/00000004 /CN=Eric Young13
+V 980705233205Z 14 certs/00000004 /CN=Eric Young14
+V 980705233205Z 15 certs/00000004 /CN=Eric Young15
+V 980705233205Z 16 certs/00000004 /CN=Eric Young16
+V 980705233205Z 17 certs/00000004 /CN=Eric Young17
+V 961206150305Z 010C unknown /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
+V 961206153245Z 010D unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=Eric Young/Email=eay@mincom.oz.au
+V 970322074816Z 010E unknown /CN=Eric Young/Email=eay@mincom.oz.au
+V 970322075152Z 010F unknown /CN=Eric Young
+V 970322075906Z 0110 unknown /CN=Eric Youngg
+V 970324092238Z 0111 unknown /C=AU/SP=Queensland/CN=Eric Young
+V 970324221931Z 0112 unknown /CN=Fred
+V 970324224934Z 0113 unknown /C=AU/CN=eay
+V 971001005237Z 0114 unknown /C=AU/SP=QLD/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
+V 971001010331Z 0115 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test again - x509v3
+V 971001013945Z 0117 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=x509v3 test
+V 971014225415Z 0118 unknown /C=AU/SP=Queensland/CN=test
+V 971015004448Z 0119 unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test2
+V 971016035001Z 011A unknown /C=AU/SP=Queensland/O=Mincom Pty Ltd/OU=MTR/CN=test64
+V 971016080129Z 011B unknown /C=FR/O=ALCATEL/OU=Alcatel Mobile Phones/CN=bourque/Email=bourque@art.alcatel.fr
+V 971016224000Z 011D unknown /L=Bedford/O=Cranfield University/OU=Computer Centre/CN=Peter R Lister/Email=P.Lister@cranfield.ac.uk
diff --git a/apps/demoCA/private/cakey.pem b/apps/demoCA/private/cakey.pem
new file mode 100644
index 0000000..48fb18c
--- /dev/null
+++ b/apps/demoCA/private/cakey.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+subject=/C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+
+MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
+Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
+hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
+sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
+tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
+agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
+g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
+-----END RSA PRIVATE KEY-----
diff --git a/apps/demoCA/serial b/apps/demoCA/serial
new file mode 100644
index 0000000..69fa0ff
--- /dev/null
+++ b/apps/demoCA/serial
@@ -0,0 +1 @@
+011E
diff --git a/apps/der_chop b/apps/der_chop
new file mode 100644
index 0000000..4639330
--- /dev/null
+++ b/apps/der_chop
@@ -0,0 +1,305 @@
+#!/usr/local/bin/perl
+#
+# der_chop ... this is one total hack that Eric is really not proud of
+# so don't look at it and don't ask for support
+#
+# The "documentation" for this (i.e. all the comments) are my fault --tjh
+#
+# This program takes the "raw" output of derparse/asn1parse and
+# converts it into tokens and then runs regular expression matches
+# to try to figure out what to grab to get the things that are needed
+# and it is possible that this will do the wrong thing as it is a *hack*
+#
+# SSLeay 0.5.2+ should have direct read support for x509 (via -inform NET)
+# [I know ... promises promises :-)]
+#
+# To convert a Netscape Certificate:
+# der_chop < ServerCert.der > cert.pem
+# To convert a Netscape Key (and encrypt it again to protect it)
+# rsa -inform NET -in ServerKey.der -des > key.pem
+#
+# 23-Apr-96 eay Added the extra ASN.1 string types, I still think this
+# is an evil hack. If nothing else the parsing should
+# be relative, not absolute.
+# 19-Apr-96 tjh hacked (with eay) into 0.5.x format
+#
+# Tim Hudson
+# tjh@cryptsoft.com
+#
+
+
+require 'getopts.pl';
+
+$debug=0;
+
+# this was the 0.4.x way of doing things ...
+$cmd="derparse";
+$x509_cmd="x509";
+$crl_cmd="crl";
+$rc4_cmd="rc4";
+$md2_cmd="md2";
+$md4_cmd="md4";
+$rsa_cmd="rsa -des -inform der ";
+
+# this was the 0.5.x way of doing things ...
+$cmd="ssleay asn1parse";
+$x509_cmd="ssleay x509";
+$crl_cmd="ssleay crl";
+$rc4_cmd="ssleay rc4";
+$md2_cmd="ssleay md2";
+$md4_cmd="ssleay md4";
+$rsa_cmd="ssleay rsa -des -inform der ";
+
+&Getopts('vd:') || die "usage:$0 [-v] [-d num] file";
+$depth=($opt_d =~ /^\d+$/)?$opt_d:0;
+
+&init_der();
+
+if ($#ARGV != -1)
+ {
+ foreach $file (@ARGV)
+ {
+ print STDERR "doing $file\n";
+ &dofile($file);
+ }
+ }
+else
+ {
+ $file="/tmp/a$$.DER";
+ open(OUT,">$file") || die "unable to open $file:$!\n";
+ for (;;)
+ {
+ $i=sysread(STDIN,$b,1024*10);
+ last if ($i <= 0);
+ $i=syswrite(OUT,$b,$i);
+ }
+ &dofile($file);
+ unlink($file);
+ }
+
+sub dofile
+ {
+ local($file)=@_;
+ local(@p);
+
+ $b=&load_file($file);
+ @p=&load_file_parse($file);
+
+ foreach $_ (@p)
+ {
+ ($off,$d,$hl,$len)=&parse_line($_);
+ $d-=$depth;
+ next if ($d != 0);
+ next if ($len == 0);
+
+ $o=substr($b,$off,$len+$hl);
+ ($str,@data)=&der_str($o);
+ print "$str\n" if ($opt_v);
+ if ($str =~ /^$crl/)
+ {
+ open(OUT,"|$crl_cmd -inform d -hash -issuer") ||
+ die "unable to run $crl_cmd:$!\n";
+ print OUT $o;
+ close(OUT);
+ }
+ elsif ($str =~ /^$x509/)
+ {
+ open(OUT,"|$x509_cmd -inform d -hash -subject -issuer")
+ || die "unable to run $x509_cmd:$!\n";
+ print OUT $o;
+ close(OUT);
+ }
+ elsif ($str =~ /^$rsa/)
+ {
+ ($type)=($data[3] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
+ next unless ($type eq "rsaEncryption");
+ ($off,$d,$hl,$len)=&parse_line($data[5]);
+ $os=substr($o,$off+$hl,$len);
+ open(OUT,"|$rsa_cmd")
+ || die "unable to run $rsa_cmd:$!\n";
+ print OUT $os;
+ close(OUT);
+ }
+ elsif ($str =~ /^0G-1D-1G/)
+ {
+ ($off,$d,$hl,$len)=&parse_line($data[1]);
+ $os=substr($o,$off+$hl,$len);
+ print STDERR "<$os>\n" if $opt_v;
+ &do_certificate($o,@data)
+ if (($os eq "certificate") &&
+ ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
+ &do_private_key($o,@data)
+ if (($os eq "private-key") &&
+ ($str =! /^0G-1D-1G-2G-3F-3E-2D/));
+ }
+ }
+ }
+
+sub der_str
+ {
+ local($str)=@_;
+ local(*OUT,*IN,@a,$t,$d,$ret);
+ local($file)="/tmp/b$$.DER";
+ local(@ret);
+
+ open(OUT,">$file");
+ print OUT $str;
+ close(OUT);
+ open(IN,"$cmd -inform 'd' -in $file |") ||
+ die "unable to run $cmd:$!\n";
+ $ret="";
+ while (<IN>)
+ {
+ chop;
+ push(@ret,$_);
+
+ print STDERR "$_\n" if ($debug);
+
+ @a=split(/\s*:\s*/);
+ ($d)=($a[1] =~ /d=\s*(\d+)/);
+ $a[2] =~ s/\s+$//;
+ $t=$DER_s2i{$a[2]};
+ $ret.="$d$t-";
+ }
+ close(IN);
+ unlink($file);
+ chop $ret;
+ $ret =~ s/(-3H(-4G-5F-5[IJKMQRS])+)+/-NAME/g;
+ $ret =~ s/(-3G-4B-4L)+/-RCERT/g;
+ return($ret,@ret);
+ }
+
+sub init_der
+ {
+ $crl= "0G-1G-2G-3F-3E-2G-NAME-2L-2L-2G-RCERT-1G-2F-2E-1C";
+ $x509="0G-1G-2B-2G-3F-3E-2G-NAME-2G-3L-3L-2G-NAME-2G-3G-4F-4E-3C-1G-2F-2E-1C";
+ $rsa= "0G-1B-1G-2F-2E-1D";
+
+ %DER_i2s=(
+ # SSLeay 0.4.x has this list
+ "A","EOC",
+ "B","INTEGER",
+ "C","BIT STRING",
+ "D","OCTET STRING",
+ "E","NULL",
+ "F","OBJECT",
+ "G","SEQUENCE",
+ "H","SET",
+ "I","PRINTABLESTRING",
+ "J","T61STRING",
+ "K","IA5STRING",
+ "L","UTCTIME",
+ "M","NUMERICSTRING",
+ "N","VIDEOTEXSTRING",
+ "O","GENERALIZEDTIME",
+ "P","GRAPHICSTRING",
+ "Q","ISO64STRING",
+ "R","GENERALSTRING",
+ "S","UNIVERSALSTRING",
+
+ # SSLeay 0.5.x changed some things ... and I'm
+ # leaving in the old stuff but adding in these
+ # to handle the new as well --tjh
+ # - Well I've just taken them out and added the extra new
+ # ones :-) - eay
+ );
+
+ foreach (keys %DER_i2s)
+ { $DER_s2i{$DER_i2s{$_}}=$_; }
+ }
+
+sub parse_line
+ {
+ local($_)=@_;
+
+ return(/\s*(\d+):d=\s*(\d+)\s+hl=\s*(\d+)\s+l=\s*(\d+|inf)\s/);
+ }
+
+# 0:d=0 hl=4 l=377 cons: univ: SEQUENCE
+# 4:d=1 hl=2 l= 11 prim: univ: OCTET_STRING
+# 17:d=1 hl=4 l=360 cons: univ: SEQUENCE
+# 21:d=2 hl=2 l= 12 cons: univ: SEQUENCE
+# 23:d=3 hl=2 l= 8 prim: univ: OBJECT_IDENTIFIER :rc4
+# 33:d=3 hl=2 l= 0 prim: univ: NULL
+# 35:d=2 hl=4 l=342 prim: univ: OCTET_STRING
+sub do_private_key
+ {
+ local($data,@struct)=@_;
+ local($file)="/tmp/b$$.DER";
+ local($off,$d,$hl,$len,$_,$b,@p,$s);
+
+ ($type)=($struct[4] =~ /OBJECT_IDENTIFIER :(.*)\s*$/);
+ if ($type eq "rc4")
+ {
+ ($off,$d,$hl,$len)=&parse_line($struct[6]);
+ open(OUT,"|$rc4_cmd >$file") ||
+ die "unable to run $rc4_cmd:$!\n";
+ print OUT substr($data,$off+$hl,$len);
+ close(OUT);
+
+ $b=&load_file($file);
+ unlink($file);
+
+ ($s,@p)=&der_str($b);
+ die "unknown rsa key type\n$s\n"
+ if ($s ne '0G-1B-1G-2F-2E-1D');
+ local($off,$d,$hl,$len)=&parse_line($p[5]);
+ $b=substr($b,$off+$hl,$len);
+ ($s,@p)=&der_str($b);
+ open(OUT,"|$rsa_cmd") || die "unable to run $rsa_cmd:$!\n";
+ print OUT $b;
+ close(OUT);
+ }
+ else
+ {
+ print "'$type' is unknown\n";
+ exit(1);
+ }
+ }
+
+sub do_certificate
+ {
+ local($data,@struct)=@_;
+ local($file)="/tmp/b$$.DER";
+ local($off,$d,$hl,$len,$_,$b,@p,$s);
+
+ ($off,$d,$hl,$len)=&parse_line($struct[2]);
+ $b=substr($data,$off,$len+$hl);
+
+ open(OUT,"|$x509_cmd -inform d") || die "unable to run $x509_cmd:$!\n";
+ print OUT $b;
+ close(OUT);
+ }
+
+sub load_file
+ {
+ local($file)=@_;
+ local(*IN,$r,$b,$i);
+
+ $r="";
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ for (;;)
+ {
+ $i=sysread(IN,$b,10240);
+ last if ($i <= 0);
+ $r.=$b;
+ }
+ close(IN);
+ return($r);
+ }
+
+sub load_file_parse
+ {
+ local($file)=@_;
+ local(*IN,$r,@ret,$_,$i,$n,$b);
+
+ open(IN,"$cmd -inform d -in $file|")
+ || die "unable to run der_parse\n";
+ while (<IN>)
+ {
+ chop;
+ push(@ret,$_);
+ }
+ return($r,@ret);
+ }
+
diff --git a/apps/dgst.c b/apps/dgst.c
new file mode 100644
index 0000000..6d7a178
--- /dev/null
+++ b/apps/dgst.c
@@ -0,0 +1,227 @@
+/* apps/dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef BUFSIZE
+#define BUFSIZE 1024*8
+
+#undef PROG
+#define PROG dgst_main
+
+#ifndef NOPROTO
+void do_fp(unsigned char *buf,BIO *f,int sep);
+#else
+void do_fp();
+#endif
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ unsigned char *buf=NULL;
+ int i,err=0;
+ EVP_MD *md=NULL,*m;
+ BIO *in=NULL,*inp;
+ BIO *bmd=NULL;
+ char *name;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+ int separator=0;
+ int debug=0;
+
+ apps_startup();
+
+ if ((buf=(unsigned char *)Malloc(BUFSIZE)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ /* first check the program name */
+ program_name(argv[0],pname,PROG_NAME_SIZE);
+
+ md=EVP_get_digestbyname(pname);
+
+ argc--;
+ argv++;
+ for (i=0; i<argc; i++)
+ {
+ if ((*argv)[0] != '-') break;
+ if (strcmp(*argv,"-c") == 0)
+ separator=1;
+ else if (strcmp(*argv,"-d") == 0)
+ debug=1;
+ else if ((m=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+ md=m;
+ else
+ break;
+ argc--;
+ argv++;
+ }
+
+ if (md == NULL)
+ md=EVP_md5();
+
+ if ((argc > 0) && (argv[0][0] == '-')) /* bad option */
+ {
+ BIO_printf(bio_err,"unknown option '%s'\n",*argv);
+ BIO_printf(bio_err,"options are\n");
+ BIO_printf(bio_err,"-c to output the digest with separating colons\n");
+ BIO_printf(bio_err,"-c to output debug info\n");
+ BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm (default)\n",
+ LN_md5,LN_md5);
+ BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ LN_md2,LN_md2);
+ BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ LN_sha1,LN_sha1);
+ BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ LN_sha,LN_sha);
+ BIO_printf(bio_err,"-%3s to use the %s message digest alogorithm\n",
+ LN_mdc2,LN_mdc2);
+ err=1;
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ bmd=BIO_new(BIO_f_md());
+ if (debug)
+ {
+ BIO_set_callback(in,BIO_debug_callback);
+ /* needed for windows 3.1 */
+ BIO_set_callback_arg(in,bio_err);
+ }
+
+ if ((in == NULL) || (bmd == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ /* we use md as a filter, reading from 'in' */
+ BIO_set_md(bmd,md);
+ inp=BIO_push(bmd,in);
+
+ if (argc == 0)
+ {
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ do_fp(buf,inp,separator);
+ }
+ else
+ {
+ name=OBJ_nid2sn(md->type);
+ for (i=0; i<argc; i++)
+ {
+ if (BIO_read_filename(in,argv[i]) <= 0)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("%s(%s)= ",name,argv[i]);
+ do_fp(buf,inp,separator);
+ BIO_reset(bmd);
+ }
+ }
+end:
+ if (buf != NULL)
+ {
+ memset(buf,0,BUFSIZE);
+ Free(buf);
+ }
+ if (in != NULL) BIO_free(in);
+ if (bmd != NULL) BIO_free(bmd);
+ EXIT(err);
+ }
+
+void do_fp(buf,bp,sep)
+unsigned char *buf;
+BIO *bp;
+int sep;
+ {
+ int len;
+ int i;
+
+ for (;;)
+ {
+ i=BIO_read(bp,(char *)buf,BUFSIZE);
+ if (i <= 0) break;
+ }
+ len=BIO_gets(bp,(char *)buf,BUFSIZE);
+
+ for (i=0; i<len; i++)
+ {
+ if (sep && (i != 0))
+ putc(':',stdout);
+ printf("%02x",buf[i]);
+ }
+ printf("\n");
+ }
+
diff --git a/apps/dh.c b/apps/dh.c
new file mode 100644
index 0000000..8a3bcfb
--- /dev/null
+++ b/apps/dh.c
@@ -0,0 +1,312 @@
+/* apps/dh.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "dh.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG dh_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -check - check the parameters are ok
+ * -noout
+ * -text
+ * -C
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ DH *dh=NULL;
+ int i,badops=0,text=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,check=0,noout=0,C=0,ret=1;
+ char *infile,*outfile,*prog;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-check") == 0)
+ check=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-C") == 0)
+ C=1;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -check check the DH parameters\n");
+ BIO_printf(bio_err," -text check the DH parameters\n");
+ BIO_printf(bio_err," -C Output C code\n");
+ BIO_printf(bio_err," -noout no output\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ dh=d2i_DHparams_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ dh=PEM_read_bio_DHparams(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified\n");
+ goto end;
+ }
+ if (dh == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DH parameters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+
+
+ if (text)
+ {
+ DHparams_print(out,dh);
+#ifdef undef
+ printf("p=");
+ BN_print(stdout,dh->p);
+ printf("\ng=");
+ BN_print(stdout,dh->g);
+ printf("\n");
+ if (dh->length != 0)
+ printf("recomented private length=%ld\n",dh->length);
+#endif
+ }
+
+ if (check)
+ {
+ if (!DH_check(dh,&i))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (i & DH_CHECK_P_NOT_PRIME)
+ printf("p value is not prime\n");
+ if (i & DH_CHECK_P_NOT_STRONG_PRIME)
+ printf("p value is not a strong prime\n");
+ if (i & DH_UNABLE_TO_CHECK_GENERATOR)
+ printf("unable to check the generator value\n");
+ if (i & DH_NOT_SUITABLE_GENERATOR)
+ printf("the g value is not a generator\n");
+ if (i == 0)
+ printf("DH parameters appear to be ok.\n");
+ }
+ if (C)
+ {
+ unsigned char *data;
+ int len,l,bits;
+
+ len=BN_num_bytes(dh->p);
+ bits=BN_num_bits(dh->p);
+ data=(unsigned char *)Malloc(len);
+ if (data == NULL)
+ {
+ perror("Malloc");
+ goto end;
+ }
+ l=BN_bn2bin(dh->p,data);
+ printf("static unsigned char dh%d_p[]={",bits);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n");
+
+ l=BN_bn2bin(dh->g,data);
+ printf("static unsigned char dh%d_g[]={",bits);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n\n");
+
+ printf("DH *get_dh%d()\n\t{\n",bits);
+ printf("\tDH *dh;\n\n");
+ printf("\tif ((dh=DH_new()) == NULL) return(NULL);\n");
+ printf("\tdh->p=BN_bin2bn(dh%d_p,sizeof(dh%d_p),NULL);\n",
+ bits,bits);
+ printf("\tdh->g=BN_bin2bn(dh%d_g,sizeof(dh%d_g),NULL);\n",
+ bits,bits);
+ printf("\tif ((dh->p == NULL) || (dh->g == NULL))\n");
+ printf("\t\treturn(NULL);\n");
+ printf("\treturn(dh);\n\t}\n");
+ }
+
+
+ if (!noout)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DHparams_bio(out,dh);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DHparams(out,dh);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write DH paramaters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (dh != NULL) DH_free(dh);
+ EXIT(ret);
+ }
diff --git a/apps/dh1024.pem b/apps/dh1024.pem
new file mode 100644
index 0000000..81d43f6
--- /dev/null
+++ b/apps/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/apps/dsa-ca.pem b/apps/dsa-ca.pem
new file mode 100644
index 0000000..9eb08f3
--- /dev/null
+++ b/apps/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/apps/dsa-pca.pem b/apps/dsa-pca.pem
new file mode 100644
index 0000000..e3641ad
--- /dev/null
+++ b/apps/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/apps/dsa.c b/apps/dsa.c
new file mode 100644
index 0000000..585116a
--- /dev/null
+++ b/apps/dsa.c
@@ -0,0 +1,257 @@
+/* apps/dsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG dsa_main
+
+/* -inform arg - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -des - encrypt output if PEM format with DES in cbc mode
+ * -des3 - encrypt output if PEM format
+ * -idea - encrypt output if PEM format
+ * -text - print a text version
+ * -modulus - print the DSA public key
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ DSA *dsa=NULL;
+ int i,badops=0;
+ EVP_CIPHER *enc=NULL;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,text=0,noout=0;
+ char *infile,*outfile,*prog;
+ int modulus=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus=1;
+ else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
+ BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
+#endif
+ BIO_printf(bio_err," -text print the key in text\n");
+ BIO_printf(bio_err," -noout don't print key out\n");
+ BIO_printf(bio_err," -modulus print the DSA public value\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ BIO_printf(bio_err,"read DSA private key\n");
+ if (informat == FORMAT_ASN1)
+ dsa=d2i_DSAPrivateKey_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ dsa=PEM_read_bio_DSAPrivateKey(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+ if (dsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (text)
+ if (!DSA_print(out,dsa,0))
+ {
+ perror(outfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (modulus)
+ {
+ fprintf(stdout,"Public Key=");
+ BN_print(out,dsa->pub_key);
+ fprintf(stdout,"\n");
+ }
+
+ if (noout) goto end;
+ BIO_printf(bio_err,"writing DSA private key\n");
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DSAPrivateKey_bio(out,dsa);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DSAPrivateKey(out,dsa,enc,NULL,0,NULL);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write private key\n");
+ ERR_print_errors(bio_err);
+ }
+ else
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (dsa != NULL) DSA_free(dsa);
+ EXIT(ret);
+ }
+
diff --git a/apps/dsa1024.pem b/apps/dsa1024.pem
new file mode 100644
index 0000000..082dec3
--- /dev/null
+++ b/apps/dsa1024.pem
@@ -0,0 +1,9 @@
+-----BEGIN DSA PARAMETERS-----
+MIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2GlrMV4FMuj+BZgnOQPnUx
+mUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7OZq5riDb77Cjcwtelu+Us
+OSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR5HCVW1DNSQIVAPcHMe36
+bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnlaG8w42nh5bNdmLsohkj8
+3pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6kQmdtvFNnFQPWAbuSXQH
+zlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15AlsQReVkusBtXOlan7YMu0O
+Arg=
+-----END DSA PARAMETERS-----
diff --git a/apps/dsa512.pem b/apps/dsa512.pem
new file mode 100644
index 0000000..5f86d1a
--- /dev/null
+++ b/apps/dsa512.pem
@@ -0,0 +1,6 @@
+-----BEGIN DSA PARAMETERS-----
+MIGdAkEAnRtpjibb8isRcBmG9hnI+BnyGFOURgbQYlAzSwI8UjADizv5X9EkBk97
+TLqqQJv9luQ3M7stWtdaEUBmonZ9MQIVAPtT71C0QJIxVoZTeuiLIppJ+3GPAkEA
+gz6I5cWJc847bAFJv7PHnwrqRJHlMKrZvltftxDXibeOdPvPKR7rqCxUUbgQ3qDO
+L8wka5B33qJoplISogOdIA==
+-----END DSA PARAMETERS-----
diff --git a/apps/dsaparam.c b/apps/dsaparam.c
new file mode 100644
index 0000000..e9485c0
--- /dev/null
+++ b/apps/dsaparam.c
@@ -0,0 +1,340 @@
+/* apps/dsaparam.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "bn.h"
+#include "rand.h"
+#include "dsa.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG dsaparam_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -noout
+ * -text
+ * -C
+ * -noout
+ */
+
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ DSA *dsa=NULL;
+ int i,badops=0,text=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,noout=0,C=0,ret=1;
+ char *infile,*outfile,*prog,*inrand=NULL;
+ int numbits= -1,num;
+ char buffer[200],*randfile=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-C") == 0)
+ C=1;
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (sscanf(*argv,"%d",&num) == 1)
+ {
+ /* generate a key */
+ numbits=num;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] [bits] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -text check the DSA parameters\n");
+ BIO_printf(bio_err," -C Output C code\n");
+ BIO_printf(bio_err," -noout no output\n");
+ BIO_printf(bio_err," -rand files to use for random number input\n");
+ BIO_printf(bio_err," number number of bits to use for generating private key\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (numbits > 0)
+ {
+ randfile=RAND_file_name(buffer,200);
+ RAND_load_file(randfile,1024L*1024L);
+
+ BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+ BIO_printf(bio_err,"This could take some time\n");
+ dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL,dsa_cb);
+ }
+ else if (informat == FORMAT_ASN1)
+ dsa=d2i_DSAparams_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ dsa=PEM_read_bio_DSAparams(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified\n");
+ goto end;
+ }
+ if (dsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DSA parameters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (text)
+ {
+ DSAparams_print(out,dsa);
+ }
+
+ if (C)
+ {
+ unsigned char *data;
+ int l,len,bits_p,bits_q,bits_g;
+
+ len=BN_num_bytes(dsa->p);
+ bits_p=BN_num_bits(dsa->p);
+ bits_q=BN_num_bits(dsa->q);
+ bits_g=BN_num_bits(dsa->g);
+ data=(unsigned char *)Malloc(len+20);
+ if (data == NULL)
+ {
+ perror("Malloc");
+ goto end;
+ }
+ l=BN_bn2bin(dsa->p,data);
+ printf("static unsigned char dsa%d_p[]={",bits_p);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n");
+
+ l=BN_bn2bin(dsa->q,data);
+ printf("static unsigned char dsa%d_q[]={",bits_p);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n");
+
+ l=BN_bn2bin(dsa->g,data);
+ printf("static unsigned char dsa%d_g[]={",bits_p);
+ for (i=0; i<l; i++)
+ {
+ if ((i%12) == 0) printf("\n\t");
+ printf("0x%02X,",data[i]);
+ }
+ printf("\n\t};\n\n");
+
+ printf("DSA *get_dsa%d()\n\t{\n",bits_p);
+ printf("\tDSA *dsa;\n\n");
+ printf("\tif ((dsa=DSA_new()) == NULL) return(NULL);\n");
+ printf("\tdsa->p=BN_bin2bn(dsa%d_p,sizeof(dsa%d_p),NULL);\n",
+ bits_p,bits_p);
+ printf("\tdsa->q=BN_bin2bn(dsa%d_q,sizeof(dsa%d_q),NULL);\n",
+ bits_p,bits_p);
+ printf("\tdsa->g=BN_bin2bn(dsa%d_g,sizeof(dsa%d_g),NULL);\n",
+ bits_p,bits_p);
+ printf("\tif ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))\n");
+ printf("\t\treturn(NULL);\n");
+ printf("\treturn(dsa);\n\t}\n");
+ }
+
+
+ if (!noout)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_DSAparams_bio(out,dsa);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_DSAparams(out,dsa);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write DSA paramaters\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ }
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (dsa != NULL) DSA_free(dsa);
+ EXIT(ret);
+ }
+
+static void MS_CALLBACK dsa_cb(p, n)
+int p;
+int n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write(bio_err,&c,1);
+ BIO_flush(bio_err);
+#ifdef LINT
+ p=n;
+#endif
+ }
diff --git a/apps/eay.c b/apps/eay.c
new file mode 100644
index 0000000..c7a59ca
--- /dev/null
+++ b/apps/eay.c
@@ -0,0 +1,130 @@
+/* apps/eay.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define MONOLITH
+#define USE_SOCKETS
+#include "../e_os.h"
+
+#include "bio.h"
+#include "stack.h"
+#include "lhash.h"
+
+#include "err.h"
+
+#include "bn.h"
+
+#include "evp.h"
+
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"
+
+#include "err.h"
+
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"
+
+#define MONOLITH
+
+#include "ssleay.c"
+#include "apps.c"
+#include "asn1pars.c"
+#ifndef NO_RSA
+#include "ca.c"
+#include "genrsa.c"
+#include "req.c"
+#include "rsa.c"
+#endif
+#ifndef NO_DH
+#include "gendh.c"
+#include "dh.c"
+#endif
+#include "crl.c"
+#include "crl2p7.c"
+#include "dgst.c"
+#include "enc.c"
+#include "errstr.c"
+#if !defined(NO_SSL2) || !defined(NO_SSL3)
+#ifndef NO_SOCK
+#include "s_cb.c"
+#include "s_client.c"
+#include "s_server.c"
+#include "s_socket.c"
+#include "s_time.c"
+#endif
+#endif
+#include "speed.c"
+#include "verify.c"
+#include "version.c"
+#include "x509.c"
+#include "ciphers.c"
+#include "sess_id.c"
+#include "pkcs7.c"
+#ifndef NO_DSA
+#include "dsaparam.c"
+#include "dsa.c"
+#include "gendsa.c"
+#endif
+
diff --git a/apps/enc.c b/apps/enc.c
new file mode 100644
index 0000000..d7c9909
--- /dev/null
+++ b/apps/enc.c
@@ -0,0 +1,545 @@
+/* apps/enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#ifdef NO_MD5
+#include "md5.h"
+#endif
+#include "pem.h"
+
+#ifndef NOPROTO
+int set_hex(char *in,unsigned char *out,int size);
+#else
+int set_hex();
+#endif
+
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE (512)
+#define BSIZE (8*1024)
+#define PROG enc_main
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ char *strbuf=NULL;
+ unsigned char *buff=NULL,*bufsize=NULL;
+ int bsize=BSIZE,verbose=0;
+ int ret=1,inl;
+ unsigned char key[24],iv[MD5_DIGEST_LENGTH];
+ char *str=NULL;
+ char *hkey=NULL,*hiv=NULL;
+ int enc=1,printkey=0,i,base64=0;
+ int debug=0;
+ EVP_CIPHER *cipher=NULL,*c;
+ char *inf=NULL,*outf=NULL;
+ BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ /* first check the program name */
+ program_name(argv[0],pname,PROG_NAME_SIZE);
+ if (strcmp(pname,"base64") == 0)
+ base64=1;
+
+ cipher=EVP_get_cipherbyname(pname);
+ if (!base64 && (cipher == NULL) && (strcmp(pname,"enc") != 0))
+ {
+ BIO_printf(bio_err,"%s is an unknown cipher\n",pname);
+ goto bad;
+ }
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-e") == 0)
+ enc=1;
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inf= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outf= *(++argv);
+ }
+ else if (strcmp(*argv,"-d") == 0)
+ enc=0;
+ else if (strcmp(*argv,"-p") == 0)
+ printkey=1;
+ else if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+ else if ((strcmp(*argv,"-debug") == 0) ||
+ (strcmp(*argv,"-d") == 0))
+ debug=1;
+ else if (strcmp(*argv,"-P") == 0)
+ printkey=2;
+ else if (strcmp(*argv,"-a") == 0)
+ base64=1;
+ else if (strcmp(*argv,"-base64") == 0)
+ base64=1;
+ else if (strcmp(*argv,"-bufsize") == 0)
+ {
+ if (--argc < 1) goto bad;
+ bufsize=(unsigned char *)*(++argv);
+ }
+ else if (strcmp(*argv,"-k") == 0)
+ {
+ if (--argc < 1) goto bad;
+ str= *(++argv);
+ }
+ else if (strcmp(*argv,"-kfile") == 0)
+ {
+ static char buf[128];
+ FILE *infile;
+ char *file;
+
+ if (--argc < 1) goto bad;
+ file= *(++argv);
+ infile=fopen(file,"r");
+ if (infile == NULL)
+ {
+ BIO_printf(bio_err,"unable to read key from '%s'\n",
+ file);
+ goto bad;
+ }
+ buf[0]='\0';
+ fgets(buf,128,infile);
+ fclose(infile);
+ i=strlen(buf);
+ if ((i > 0) &&
+ ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
+ buf[--i]='\0';
+ if ((i > 0) &&
+ ((buf[i-1] == '\n') || (buf[i-1] == '\r')))
+ buf[--i]='\0';
+ if (i < 1)
+ {
+ BIO_printf(bio_err,"zero length password\n");
+ goto bad;
+ }
+ str=buf;
+ }
+ else if (strcmp(*argv,"-K") == 0)
+ {
+ if (--argc < 1) goto bad;
+ hkey= *(++argv);
+ }
+ else if (strcmp(*argv,"-iv") == 0)
+ {
+ if (--argc < 1) goto bad;
+ hiv= *(++argv);
+ }
+ else if ((argv[0][0] == '-') &&
+ ((c=EVP_get_cipherbyname(&(argv[0][1]))) != NULL))
+ {
+ cipher=c;
+ }
+ else if (strcmp(*argv,"-none") == 0)
+ cipher=NULL;
+ else
+ {
+ BIO_printf(bio_err,"unknown option '%s'\n",*argv);
+bad:
+ BIO_printf(bio_err,"options are\n");
+ BIO_printf(bio_err,"%-14s input file\n","-in <file>");
+ BIO_printf(bio_err,"%-14s output fileencrypt\n","-out <file>");
+ BIO_printf(bio_err,"%-14s encrypt\n","-e");
+ BIO_printf(bio_err,"%-14s decrypt\n","-d");
+ BIO_printf(bio_err,"%-14s base64 encode/decode, depending on encryption flag\n","-a/-base64");
+ BIO_printf(bio_err,"%-14s key is the next argument\n","-k");
+ BIO_printf(bio_err,"%-14s key is the first line of the file argument\n","-kfile");
+ BIO_printf(bio_err,"%-14s key/iv in hex is the next argument\n","-K/-iv");
+ BIO_printf(bio_err,"%-14s print the iv/key (then exit if -P)\n","-[pP]");
+ BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+
+ BIO_printf(bio_err,"Cipher Types\n");
+ BIO_printf(bio_err,"des : 56 bit key DES encryption\n");
+ BIO_printf(bio_err,"des_ede :112 bit key ede DES encryption\n");
+ BIO_printf(bio_err,"des_ede3:168 bit key ede DES encryption\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err,"idea :128 bit key IDEA encryption\n");
+#endif
+#ifndef NO_RC4
+ BIO_printf(bio_err,"rc2 :128 bit key RC2 encryption\n");
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err,"bf :128 bit key BlowFish encryption\n");
+#endif
+#ifndef NO_RC4
+ BIO_printf(bio_err," -%-5s :128 bit key RC4 encryption\n",
+ LN_rc4);
+#endif
+
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_des_ecb,LN_des_cbc,
+ LN_des_cfb64,LN_des_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n",
+ "des", LN_des_cbc);
+
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_des_ede,LN_des_ede_cbc,
+ LN_des_ede_cfb64,LN_des_ede_ofb64);
+ BIO_printf(bio_err," -desx -none\n");
+
+
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_des_ede3,LN_des_ede3_cbc,
+ LN_des_ede3_cfb64,LN_des_ede3_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n",
+ "des3", LN_des_ede3_cbc);
+
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_idea_ecb, LN_idea_cbc,
+ LN_idea_cfb64, LN_idea_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","idea",LN_idea_cbc);
+#endif
+#ifndef NO_RC2
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_rc2_ecb, LN_rc2_cbc,
+ LN_rc2_cfb64, LN_rc2_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","rc2", LN_rc2_cbc);
+#endif
+#ifndef NO_BLOWFISH
+ BIO_printf(bio_err," -%-12s -%-12s -%-12s -%-12s",
+ LN_bf_ecb, LN_bf_cbc,
+ LN_bf_cfb64, LN_bf_ofb64);
+ BIO_printf(bio_err," -%-4s (%s)\n","bf", LN_bf_cbc);
+#endif
+ goto end;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (bufsize != NULL)
+ {
+ unsigned long n;
+
+ for (n=0; *bufsize; bufsize++)
+ {
+ i= *bufsize;
+ if ((i <= '9') && (i >= '0'))
+ n=n*10+i-'0';
+ else if (i == 'k')
+ {
+ n*=1024;
+ bufsize++;
+ break;
+ }
+ }
+ if (*bufsize != '\0')
+ {
+ BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
+ goto end;
+ }
+
+ /* It must be large enough for a base64 encoded line */
+ if (n < 80) n=80;
+
+ bsize=(int)n;
+ if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
+ }
+
+ strbuf=Malloc(SIZE);
+ buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize));
+ if ((buff == NULL) || (strbuf == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure %ld\n",(long)EVP_ENCODE_LENGTH(bsize));
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (debug)
+ {
+ BIO_set_callback(in,BIO_debug_callback);
+ BIO_set_callback(out,BIO_debug_callback);
+ BIO_set_callback_arg(in,bio_err);
+ BIO_set_callback_arg(out,bio_err);
+ }
+
+ if (inf == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,inf) <= 0)
+ {
+ perror(inf);
+ goto end;
+ }
+ }
+
+ if ((str == NULL) && (cipher != NULL) && (hkey == NULL))
+ {
+ for (;;)
+ {
+ char buf[200];
+
+ sprintf(buf,"enter %s %s password:",
+ OBJ_nid2ln(EVP_CIPHER_nid(cipher)),
+ (enc)?"encryption":"decryption");
+ strbuf[0]='\0';
+ i=EVP_read_pw_string((char *)strbuf,SIZE,buf,enc);
+ if (i == 0)
+ {
+ if (strbuf[0] == '\0')
+ {
+ ret=1;
+ goto end;
+ }
+ str=strbuf;
+ break;
+ }
+ if (i < 0)
+ {
+ BIO_printf(bio_err,"bad password read\n");
+ goto end;
+ }
+ }
+ }
+
+ if (cipher != NULL)
+ {
+ if (str != NULL)
+ {
+ EVP_BytesToKey(cipher,EVP_md5(),NULL,
+ (unsigned char *)str,
+ strlen(str),1,key,iv);
+ /* zero the complete buffer or the string
+ * passed from the command line
+ * bug picked up by
+ * Larry J. Hughes Jr. <hughes@indiana.edu> */
+ if (str == strbuf)
+ memset(str,0,SIZE);
+ else
+ memset(str,0,strlen(str));
+ }
+ if ((hiv != NULL) && !set_hex(hiv,iv,8))
+ {
+ BIO_printf(bio_err,"invalid hex iv value\n");
+ goto end;
+ }
+ if ((hkey != NULL) && !set_hex(hkey,key,24))
+ {
+ BIO_printf(bio_err,"invalid hex key value\n");
+ goto end;
+ }
+
+ if ((benc=BIO_new(BIO_f_cipher())) == NULL)
+ goto end;
+ BIO_set_cipher(benc,cipher,key,iv,enc);
+ if (debug)
+ {
+ BIO_set_callback(benc,BIO_debug_callback);
+ BIO_set_callback_arg(benc,bio_err);
+ }
+
+ if (printkey)
+ {
+ if (cipher->key_len > 0)
+ {
+ printf("key=");
+ for (i=0; i<cipher->key_len; i++)
+ printf("%02X",key[i]);
+ printf("\n");
+ }
+ if (cipher->iv_len > 0)
+ {
+ printf("iv =");
+ for (i=0; i<cipher->iv_len; i++)
+ printf("%02X",iv[i]);
+ printf("\n");
+ }
+ if (printkey == 2)
+ {
+ ret=0;
+ goto end;
+ }
+ }
+ }
+
+
+ if (outf == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outf) <= 0)
+ {
+ perror(outf);
+ goto end;
+ }
+ }
+
+ rbio=in;
+ wbio=out;
+
+ if (base64)
+ {
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ if (debug)
+ {
+ BIO_set_callback(b64,BIO_debug_callback);
+ BIO_set_callback_arg(b64,bio_err);
+ }
+ if (enc)
+ wbio=BIO_push(b64,wbio);
+ else
+ rbio=BIO_push(b64,rbio);
+ }
+
+ /* Only encrypt/decrypt as we write the file */
+ if (benc != NULL)
+ wbio=BIO_push(benc,wbio);
+
+ for (;;)
+ {
+ inl=BIO_read(rbio,(char *)buff,bsize);
+ if (inl <= 0) break;
+ if (BIO_write(wbio,(char *)buff,inl) != inl)
+ {
+ BIO_printf(bio_err,"error writing output file\n");
+ goto end;
+ }
+ }
+ if (!BIO_flush(wbio))
+ {
+ BIO_printf(bio_err,"bad decrypt\n");
+ goto end;
+ }
+
+ ret=0;
+ if (verbose)
+ {
+ BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in));
+ BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
+ }
+end:
+ if (strbuf != NULL) Free(strbuf);
+ if (buff != NULL) Free(buff);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (benc != NULL) BIO_free(benc);
+ if (b64 != NULL) BIO_free(b64);
+ EXIT(ret);
+ }
+
+int set_hex(in,out,size)
+char *in;
+unsigned char *out;
+int size;
+ {
+ int i,n;
+ unsigned char j;
+
+ n=strlen(in);
+ if (n > (size*2))
+ {
+ BIO_printf(bio_err,"hex string is too long\n");
+ return(0);
+ }
+ memset(out,0,size);
+ for (i=0; i<n; i++)
+ {
+ j=(unsigned char)*in;
+ *(in++)='\0';
+ if (j == 0) break;
+ if ((j >= '0') && (j <= '9'))
+ j-='0';
+ else if ((j >= 'A') && (j <= 'F'))
+ j=j-'A'+10;
+ else if ((j >= 'a') && (j <= 'f'))
+ j=j-'a'+10;
+ else
+ {
+ BIO_printf(bio_err,"non-hex digit\n");
+ return(0);
+ }
+ if (i&1)
+ out[i/2]|=j;
+ else
+ out[i/2]=(j<<4);
+ }
+ return(1);
+ }
diff --git a/apps/errstr.c b/apps/errstr.c
new file mode 100644
index 0000000..6d0f9d1
--- /dev/null
+++ b/apps/errstr.c
@@ -0,0 +1,116 @@
+/* apps/errstr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "lhash.h"
+#include "err.h"
+#include "ssl.h"
+
+#undef PROG
+#define PROG errstr_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,ret=0;
+ char buf[256];
+ unsigned long l;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ SSL_load_error_strings();
+
+ if ((argc > 1) && (strcmp(argv[1],"-stats") == 0))
+ {
+ BIO *out=NULL;
+
+ out=BIO_new(BIO_s_file());
+ if ((out != NULL) && BIO_set_fp(out,stdout,BIO_NOCLOSE))
+ {
+ lh_node_stats_bio((LHASH *)ERR_get_string_table(),out);
+ lh_stats_bio((LHASH *)ERR_get_string_table(),out);
+ lh_node_usage_stats_bio((LHASH *)
+ ERR_get_string_table(),out);
+ }
+ if (out != NULL) BIO_free(out);
+ argc--;
+ argv++;
+ }
+
+ for (i=1; i<argc; i++)
+ {
+ if (sscanf(argv[i],"%lx",&l))
+ printf("%s\n",ERR_error_string(l,buf));
+ else
+ {
+ printf("%s: bad error code\n",argv[i]);
+ printf("usage: errstr [-stats] <errno> ...\n");
+ ret++;
+ }
+ }
+ EXIT(ret);
+ }
diff --git a/apps/f b/apps/f
new file mode 100644
index 0000000..857052e
--- /dev/null
+++ b/apps/f
@@ -0,0 +1,5 @@
+586
+2481
+
+1400
+2064
diff --git a/apps/g_ssleay.pl b/apps/g_ssleay.pl
new file mode 100644
index 0000000..237dd4c
--- /dev/null
+++ b/apps/g_ssleay.pl
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+
+$mkprog='mklinks';
+$rmprog='rmlinks';
+
+print "#ifndef NOPROTO\n";
+
+grep(s/^asn1pars$/asn1parse/,@ARGV);
+
+foreach (@ARGV)
+ { printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+print "#else\n";
+foreach (@ARGV)
+ { printf "extern int %s_main();\n",$_; }
+print "#endif\n";
+
+
+print <<'EOF';
+
+#ifdef SSLEAY_SRC
+
+#define FUNC_TYPE_GENERAL 1
+#define FUNC_TYPE_MD 2
+#define FUNC_TYPE_CIPHER 3
+
+typedef struct {
+ int type;
+ char *name;
+ int (*func)();
+ } FUNCTION;
+
+FUNCTION functions[] = {
+EOF
+
+foreach (@ARGV)
+ {
+ push(@files,$_);
+ $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+ if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
+ { print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
+ ($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
+ { print "#ifndef NO_RSA\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
+ { print "#ifndef NO_DSA\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
+ { print "#ifndef NO_DH\n${str}#endif\n"; }
+ else
+ { print $str; }
+ }
+
+foreach ("md2","md5","sha","sha1","mdc2")
+ {
+ push(@files,$_);
+ printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
+ }
+
+foreach (
+ "base64",
+ "des", "des3", "desx", "idea", "rc4", "rc2","bf",
+ "des-ecb", "des-ede", "des-ede3",
+ "des-cbc", "des-ede-cbc","des-ede3-cbc",
+ "des-cfb", "des-ede-cfb","des-ede3-cfb",
+ "des-ofb", "des-ede-ofb","des-ede3-ofb",
+ "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
+ "rc2-cbc", "rc2-ecb", "rc2-cfb", "rc2-ofb",
+ "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb")
+ {
+ push(@files,$_);
+
+ $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+ if ($_ =~ /des/) { $t="#ifndef NO_DES\n${t}#endif\n"; }
+ elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
+ elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; }
+ elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; }
+ elsif ($_ =~ /bf/) { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+ print $t;
+ }
+
+print "\t{0,NULL,NULL}\n\t};\n";
+print "#endif\n\n";
+
+open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+ { print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo making symlink for $i
+/bin/rm -f $i
+ln -s ssleay $i
+done
+EOF
+close(OUT);
+chmod(0755,$mkprog);
+
+open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+ { print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo removing $i
+/bin/rm -f $i
+done
+EOF
+close(OUT);
+chmod(0755,$rmprog);
diff --git a/apps/gendh.c b/apps/gendh.c
new file mode 100644
index 0000000..b7b6d0f
--- /dev/null
+++ b/apps/gendh.c
@@ -0,0 +1,234 @@
+/* apps/gendh.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "dh.h"
+#include "x509.h"
+#include "pem.h"
+
+#define DEFBITS 512
+#undef PROG
+#define PROG gendh_main
+
+#ifndef NOPROTO
+static void MS_CALLBACK dh_cb(int p, int n);
+static long dh_load_rand(char *names);
+#else
+static void MS_CALLBACK dh_cb();
+static long dh_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ char buffer[200];
+ DH *dh=NULL;
+ int ret=1,num=DEFBITS;
+ int g=2;
+ char *outfile=NULL;
+ char *inrand=NULL,*randfile;
+ BIO *out=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ argv++;
+ argc--;
+ for (;;)
+ {
+ if (argc <= 0) break;
+ if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-2") == 0)
+ g=2;
+ /* else if (strcmp(*argv,"-3") == 0)
+ g=3; */
+ else if (strcmp(*argv,"-5") == 0)
+ g=5;
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+ else
+ break;
+ argv++;
+ argc--;
+ }
+ if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
+ {
+bad:
+ BIO_printf(bio_err,"usage: gendh [args] [numbits]\n");
+ BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err," -2 use 2 as the generator value\n");
+ /* BIO_printf(bio_err," -3 use 3 as the generator value\n"); */
+ BIO_printf(bio_err," -5 use 5 as the generator value\n");
+ BIO_printf(bio_err," -rand file:file:...\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto end;
+ }
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ randfile=RAND_file_name(buffer,200);
+ if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+
+ if (inrand == NULL)
+ BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+ else
+ {
+ BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+ dh_load_rand(inrand));
+ }
+
+ BIO_printf(bio_err,"Generating DH parameters, %d bit long strong prime, generator of %d\n",num,g);
+ BIO_printf(bio_err,"This is going to take a long time\n");
+ dh=DH_generate_parameters(num,g,dh_cb);
+
+ if (dh == NULL) goto end;
+
+ if (randfile == NULL)
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+ else
+ RAND_write_file(randfile);
+
+ if (!PEM_write_bio_DHparams(out,dh))
+ goto end;
+ ret=0;
+end:
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (out != NULL) BIO_free(out);
+ if (dh != NULL) DH_free(dh);
+ EXIT(ret);
+ }
+
+static void MS_CALLBACK dh_cb(p, n)
+int p;
+int n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write(bio_err,&c,1);
+ BIO_flush(bio_err);
+#ifdef LINT
+ p=n;
+#endif
+ }
+
+static long dh_load_rand(name)
+char *name;
+ {
+ char *p,*n;
+ int last;
+ long tot=0;
+
+ for (;;)
+ {
+ last=0;
+ for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
+ if (*p == '\0') last=1;
+ *p='\0';
+ n=name;
+ name=p+1;
+ if (*n == '\0') break;
+
+ tot+=RAND_load_file(n,1);
+ if (last) break;
+ }
+ return(tot);
+ }
+
+
diff --git a/apps/gendsa.c b/apps/gendsa.c
new file mode 100644
index 0000000..35f299a
--- /dev/null
+++ b/apps/gendsa.c
@@ -0,0 +1,220 @@
+/* apps/gendsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "dsa.h"
+#include "x509.h"
+#include "pem.h"
+
+#define DEFBITS 512
+#undef PROG
+#define PROG gendsa_main
+
+#ifndef NOPROTO
+static long dsa_load_rand(char *names);
+#else
+static long dsa_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ char buffer[200];
+ DSA *dsa=NULL;
+ int ret=1,num=DEFBITS;
+ char *outfile=NULL;
+ char *inrand=NULL,*randfile,*dsaparams=NULL;
+ BIO *out=NULL,*in=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ argv++;
+ argc--;
+ for (;;)
+ {
+ if (argc <= 0) break;
+ if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+ else if (strcmp(*argv,"-") == 0)
+ goto bad;
+ else if (dsaparams == NULL)
+ {
+ dsaparams= *argv;
+ }
+ else
+ goto bad;
+ argv++;
+ argc--;
+ }
+
+ if (dsaparams == NULL)
+ {
+bad:
+ BIO_printf(bio_err,"usage: gendsa [args] [numbits]\n");
+ BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err," -rand file:file:...\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ if (!(BIO_read_filename(in,"r")))
+ {
+ perror(dsaparams);
+ goto end;
+ }
+
+ if ((dsa=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DSA parameter file\n");
+ goto end;
+ }
+ BIO_free(in);
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) goto end;
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ randfile=RAND_file_name(buffer,200);
+ if ((randfile == NULL)|| !RAND_load_file(randfile,1024L*1024L))
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+
+ if (inrand == NULL)
+ BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+ else
+ {
+ BIO_printf(bio_err,"%ld semi-random bytes loaded\n",
+ dsa_load_rand(inrand));
+ }
+
+ BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num);
+ BIO_printf(bio_err,"This could take some time\n");
+ if (!DSA_generate_key(dsa)) goto end;
+
+ if (randfile == NULL)
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+ else
+ RAND_write_file(randfile);
+
+ if (!PEM_write_bio_DSAPrivateKey(out,dsa,EVP_des_ede3_cbc(),NULL,0,NULL))
+ goto end;
+ ret=0;
+end:
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ if (out != NULL) BIO_free(out);
+ if (dsa != NULL) DSA_free(dsa);
+ EXIT(ret);
+ }
+
+static long dsa_load_rand(name)
+char *name;
+ {
+ char *p,*n;
+ int last;
+ long tot=0;
+
+ for (;;)
+ {
+ last=0;
+ for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
+ if (*p == '\0') last=1;
+ *p='\0';
+ n=name;
+ name=p+1;
+ if (*n == '\0') break;
+
+ tot+=RAND_load_file(n,1);
+ if (last) break;
+ }
+ return(tot);
+ }
+
+
diff --git a/apps/genrsa.c b/apps/genrsa.c
new file mode 100644
index 0000000..9731754
--- /dev/null
+++ b/apps/genrsa.c
@@ -0,0 +1,277 @@
+/* apps/genrsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "apps.h"
+#include "bio.h"
+#include "rand.h"
+#include "err.h"
+#include "bn.h"
+#include "rsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#define DEFBITS 512
+#undef PROG
+#define PROG genrsa_main
+
+#ifndef NOPROTO
+static void MS_CALLBACK genrsa_cb(int p, int n);
+static long gr_load_rand(char *names);
+#else
+static void MS_CALLBACK genrsa_cb();
+static long gr_load_rand();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ char buffer[200];
+ RSA *rsa=NULL;
+ int i,num=DEFBITS;
+ long rnum=0,l;
+ EVP_CIPHER *enc=NULL;
+ unsigned long f4=RSA_F4;
+ char *outfile=NULL;
+ char *inrand=NULL,*randfile;
+ BIO *out=NULL;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ if ((out=BIO_new(BIO_s_file())) == NULL)
+ {
+ BIO_printf(bio_err,"unable to creat BIO for output\n");
+ goto err;
+ }
+
+ argv++;
+ argc--;
+ for (;;)
+ {
+ if (argc <= 0) break;
+ if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-3") == 0)
+ f4=3;
+ else if (strcmp(*argv,"-F4") == 0)
+ f4=RSA_F4;
+ else if (strcmp(*argv,"-rand") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inrand= *(++argv);
+ }
+#ifndef NO_DES
+ else if (strcmp(*argv,"-des") == 0)
+ enc=EVP_des_cbc();
+ else if (strcmp(*argv,"-des3") == 0)
+ enc=EVP_des_ede3_cbc();
+#endif
+#ifndef NO_IDEA
+ else if (strcmp(*argv,"-idea") == 0)
+ enc=EVP_idea_cbc();
+#endif
+ else
+ break;
+ argv++;
+ argc--;
+ }
+ if ((argc >= 1) && ((sscanf(*argv,"%d",&num) == 0) || (num < 0)))
+ {
+bad:
+ BIO_printf(bio_err,"usage: genrsa [args] [numbits]\n");
+ BIO_printf(bio_err," -des - encrypt the generated key with DES in cbc mode\n");
+ BIO_printf(bio_err," -des3 - encrypt the generated key with DES in ede cbc mode (168 bit key)\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea - encrypt the generated key with IDEA in cbc mode\n");
+#endif
+ BIO_printf(bio_err," -out file - output the key to 'file\n");
+ BIO_printf(bio_err," -f4 - use F4 (0x10001) for the E value\n");
+ BIO_printf(bio_err," -3 - use 3 for the E value\n");
+ BIO_printf(bio_err," -rand file:file:...\n");
+ BIO_printf(bio_err," - load the file (or the files in the directory) into\n");
+ BIO_printf(bio_err," the random number generator\n");
+ goto err;
+ }
+
+ ERR_load_crypto_strings();
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto err;
+ }
+ }
+
+#ifdef WINDOWS
+ BIO_printf(bio_err,"Loading 'screen' into random state -");
+ BIO_flush(bio_err);
+ RAND_screen();
+ BIO_printf(bio_err," done\n");
+#endif
+ randfile=RAND_file_name(buffer,200);
+ if ((randfile == NULL) ||
+ !(rnum=(long)RAND_load_file(randfile,1024L*1024L)))
+ {
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+ }
+
+ if (inrand == NULL)
+ {
+ if (rnum == 0)
+ {
+ BIO_printf(bio_err,"warning, not much extra random data, consider using the -rand option\n");
+ }
+ }
+ else
+ {
+ rnum+=gr_load_rand(inrand);
+ }
+ if (rnum != 0)
+ BIO_printf(bio_err,"%ld semi-random bytes loaded\n",rnum);
+
+ BIO_printf(bio_err,"Generating RSA private key, %d bit long modulus\n",
+ num);
+ rsa=RSA_generate_key(num,f4,genrsa_cb);
+
+ if (randfile == NULL)
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+ else
+ RAND_write_file(randfile);
+
+ if (rsa == NULL) goto err;
+
+ /* We need to do the folloing for when the base number size is <
+ * long, esp windows 3.1 :-(. */
+ l=0L;
+ for (i=0; i<rsa->e->top; i++)
+ {
+#ifndef SIXTY_FOUR_BIT
+ l<<=BN_BITS4;
+ l<<=BN_BITS4;
+#endif
+ l+=rsa->e->d[i];
+ }
+ BIO_printf(bio_err,"e is %ld (0x%lX)\n",l,l);
+ if (!PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL))
+ goto err;
+
+ ret=0;
+err:
+ if (rsa != NULL) RSA_free(rsa);
+ if (out != NULL) BIO_free(out);
+ if (ret != 0)
+ ERR_print_errors(bio_err);
+ EXIT(ret);
+ }
+
+static void MS_CALLBACK genrsa_cb(p, n)
+int p;
+int n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write(bio_err,&c,1);
+ BIO_flush(bio_err);
+#ifdef LINT
+ p=n;
+#endif
+ }
+
+static long gr_load_rand(name)
+char *name;
+ {
+ char *p,*n;
+ int last;
+ long tot=0;
+
+ for (;;)
+ {
+ last=0;
+ for (p=name; ((*p != '\0') && (*p != LIST_SEPARATOR_CHAR)); p++);
+ if (*p == '\0') last=1;
+ *p='\0';
+ n=name;
+ name=p+1;
+ if (*n == '\0') break;
+
+ tot+=RAND_load_file(n,1024L*1024L);
+ if (last) break;
+ }
+ return(tot);
+ }
+
+
diff --git a/apps/mklinks b/apps/mklinks
new file mode 100644
index 0000000..6423613
--- /dev/null
+++ b/apps/mklinks
@@ -0,0 +1,7 @@
+#!/bin/sh
+for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb
+do
+echo making symlink for $i
+/bin/rm -f $i
+ln -s ssleay $i
+done
diff --git a/apps/openssl.c b/apps/openssl.c
new file mode 100644
index 0000000..f69f14a
--- /dev/null
+++ b/apps/openssl.c
@@ -0,0 +1,339 @@
+/* apps/ssleay.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define DEBUG
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "crypto.h"
+#include "lhash.h"
+#include "conf.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#define SSLEAY /* turn off a few special case MONOLITH macros */
+#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
+#define SSLEAY_SRC
+#include "apps.h"
+#include "s_apps.h"
+#include "err.h"
+
+
+#ifndef NOPROTO
+static unsigned long MS_CALLBACK hash(FUNCTION *a);
+static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
+static LHASH *prog_init(void );
+static int do_cmd(LHASH *prog,int argc,char *argv[]);
+static void sig_stop(int i);
+#else
+static unsigned long MS_CALLBACK hash();
+static int MS_CALLBACK cmp();
+static LHASH *prog_init();
+static int do_cmd();
+static void sig_stop();
+#endif
+
+LHASH *config=NULL;
+char *default_config_file=NULL;
+
+#ifdef DEBUG
+static void sig_stop(i)
+int i;
+ {
+ char *a=NULL;
+
+ *a='\0';
+ }
+#endif
+
+/* Make sure there is only one when MONOLITH is defined */
+#ifdef MONOLITH
+BIO *bio_err=NULL;
+#endif
+
+int main(Argc,Argv)
+int Argc;
+char *Argv[];
+ {
+ ARGS arg;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+ FUNCTION f,*fp;
+ MS_STATIC char *prompt,buf[1024],config_name[256];
+ int n,i,ret=0;
+ int argc;
+ char **argv,*p;
+ LHASH *prog=NULL;
+ long errline;
+
+ arg.data=NULL;
+ arg.count=0;
+
+ /* SSLeay_add_ssl_algorithms(); is called in apps_startup() */
+ apps_startup();
+
+#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
+#ifdef SIGBUS
+ signal(SIGBUS,sig_stop);
+#endif
+#ifdef SIGSEGV
+ signal(SIGSEGV,sig_stop);
+#endif
+#endif
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+
+ /* Lets load up our environment a little */
+ p=getenv("SSLEAY_CONF");
+ if (p == NULL)
+ {
+ strcpy(config_name,X509_get_default_cert_area());
+ strcat(config_name,"/lib/");
+ strcat(config_name,SSLEAY_CONF);
+ p=config_name;
+ }
+
+ default_config_file=p;
+
+ config=CONF_load(config,p,&errline);
+ if (config == NULL) ERR_clear_error();
+
+ prog=prog_init();
+
+ /* first check the program name */
+ program_name(Argv[0],pname,PROG_NAME_SIZE);
+
+ f.name=pname;
+ fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
+ if (fp != NULL)
+ {
+ Argv[0]=pname;
+ ret=fp->func(Argc,Argv);
+ goto end;
+ }
+
+ /* ok, now check that there are not arguments, if there are,
+ * run with them, shifting the ssleay off the front */
+ if (Argc != 1)
+ {
+ Argc--;
+ Argv++;
+ ret=do_cmd(prog,Argc,Argv);
+ if (ret < 0) ret=0;
+ goto end;
+ }
+
+ /* ok, lets enter the old 'SSLeay>' mode */
+
+ for (;;)
+ {
+ ret=0;
+ p=buf;
+ n=1024;
+ i=0;
+ for (;;)
+ {
+ p[0]='\0';
+ if (i++)
+ prompt=">";
+ else prompt="SSLeay>";
+ fputs(prompt,stdout);
+ fflush(stdout);
+ fgets(p,n,stdin);
+ if (p[0] == '\0') goto end;
+ i=strlen(p);
+ if (i <= 1) break;
+ if (p[i-2] != '\\') break;
+ i-=2;
+ p+=i;
+ n-=i;
+ }
+ if (!chopup_args(&arg,buf,&argc,&argv)) break;
+
+ ret=do_cmd(prog,argc,argv);
+ if (ret < 0)
+ {
+ ret=0;
+ goto end;
+ }
+ if (ret != 0)
+ BIO_printf(bio_err,"error in %s\n",argv[0]);
+ }
+ BIO_printf(bio_err,"bad exit\n");
+ ret=1;
+end:
+ if (config != NULL)
+ {
+ CONF_free(config);
+ config=NULL;
+ }
+ if (prog != NULL) lh_free(prog);
+ if (arg.data != NULL) Free(arg.data);
+ ERR_remove_state(0);
+
+ EVP_cleanup();
+
+ CRYPTO_mem_leaks(bio_err);
+ if (bio_err != NULL)
+ {
+ BIO_free(bio_err);
+ bio_err=NULL;
+ }
+ EXIT(ret);
+ }
+
+static int do_cmd(prog,argc,argv)
+LHASH *prog;
+int argc;
+char *argv[];
+ {
+ FUNCTION f,*fp;
+ int i,ret=1,tp,nl;
+
+ if ((argc <= 0) || (argv[0] == NULL))
+ { ret=0; goto end; }
+ f.name=argv[0];
+ fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
+ if (fp != NULL)
+ {
+ ret=fp->func(argc,argv);
+ }
+ else if ((strcmp(argv[0],"quit") == 0) ||
+ (strcmp(argv[0],"q") == 0) ||
+ (strcmp(argv[0],"exit") == 0) ||
+ (strcmp(argv[0],"bye") == 0))
+ {
+ ret= -1;
+ goto end;
+ }
+ else
+ {
+ BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
+ argv[0]);
+ i=0;
+ fp=functions;
+ tp=0;
+ for (fp=functions; fp->name != NULL; fp++)
+ {
+ nl=0;
+ if (((i++) % 5) == 0)
+ {
+ BIO_printf(bio_err,"\n");
+ nl=1;
+ }
+ if (fp->type != tp)
+ {
+ tp=fp->type;
+ if (!nl) BIO_printf(bio_err,"\n");
+ if (tp == FUNC_TYPE_MD)
+ {
+ i=1;
+ BIO_printf(bio_err,
+ "Message Digest commands - see the dgst command for more details\n");
+ }
+ else if (tp == FUNC_TYPE_CIPHER)
+ {
+ i=1;
+ BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
+ }
+ }
+ BIO_printf(bio_err,"%-15s",fp->name);
+ }
+ BIO_printf(bio_err,"\nquit\n");
+ ret=0;
+ }
+end:
+ return(ret);
+ }
+
+static LHASH *prog_init()
+ {
+ LHASH *ret;
+ FUNCTION *f;
+
+ if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);
+
+ for (f=functions; f->name != NULL; f++)
+ lh_insert(ret,(char *)f);
+ return(ret);
+ }
+
+static int MS_CALLBACK cmp(a,b)
+FUNCTION *a,*b;
+ {
+ return(strncmp(a->name,b->name,8));
+ }
+
+static unsigned long MS_CALLBACK hash(a)
+FUNCTION *a;
+ {
+ return(lh_strhash(a->name));
+ }
+
+#undef SSLEAY
diff --git a/apps/openssl.cnf b/apps/openssl.cnf
new file mode 100644
index 0000000..0b3bfa6
--- /dev/null
+++ b/apps/openssl.cnf
@@ -0,0 +1,116 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = $ENV::HOME/.rnd
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = ./demoCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/cacert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/cakey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+x509_extensions = x509v3_extensions # The extentions to add to the cert
+default_days = 365 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = md5 # which md to use.
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Some-State
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = CryptSoft Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName = Common Name (eg, YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 40
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+[ x509v3_extensions ]
+
+nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
+nsComment = "This is a comment"
+
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType = 0x40
+
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
+
diff --git a/apps/pca-cert.srl b/apps/pca-cert.srl
new file mode 100644
index 0000000..8a0f05e
--- /dev/null
+++ b/apps/pca-cert.srl
@@ -0,0 +1 @@
+01
diff --git a/apps/pca-key.pem b/apps/pca-key.pem
new file mode 100644
index 0000000..20029ab
--- /dev/null
+++ b/apps/pca-key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/apps/pca-req.pem b/apps/pca-req.pem
new file mode 100644
index 0000000..33f1553
--- /dev/null
+++ b/apps/pca-req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBmjCCAQMCAQAwXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAo
+MTAyNCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfj
+Irkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUX
+MRsp22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3
+vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAEzz
+IG8NnfpnPTQSCN5zJhOfy6p9AcDyQzuJirYv1HR/qoYWalPh/U2uiK0lAim7qMcv
+wOlK3I7A8B7/4dLqvIqgtUj9b1WT8zIrnwdvJI4osLI2BY+c1pVlp174DHLMol1L
+Cl1e3N5BTm7lCitTYjuUhsw6hiA8IcdNKDo6sktV
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/pem_mail.c b/apps/pem_mail.c
new file mode 100644
index 0000000..e48c358
--- /dev/null
+++ b/apps/pem_mail.c
@@ -0,0 +1,170 @@
+/* apps/pem_mail.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "apps.h"
+
+#undef PROG
+#define PROG pem_mail_main
+
+static char *usage[]={
+"usage: pem_mail args\n",
+"\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -cert arg - the certificate to use\n",
+" -key arg - the private key to use\n",
+" -MIC - sign the message\n",
+" -enc arg - encrypt with one of cbc-des\n",
+NULL
+};
+
+
+typedef struct lines_St
+ {
+ char *line;
+ struct lines_st *next;
+ } LINES;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ FILE *in;
+ RSA *rsa=NULL;
+ EVP_MD_CTX ctx;
+ unsigned int mic=0,i,n;
+ unsigned char buf[1024*15];
+ char *prog,*infile=NULL,*outfile=NULL,*key=NULL;
+ int badops=0;
+
+ apps_startup();
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ key= *(++argv);
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-mic") == 0)
+ mic=1;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ EXIT(1);
+ }
+
+ if (key == NULL)
+ { BIO_printf(bio_err,"you need to specify a key\n"); EXIT(1); }
+ in=fopen(key,"r");
+ if (in == NULL) { perror(key); EXIT(1); }
+ rsa=PEM_read_RSAPrivateKey(in,NULL,NULL);
+ if (rsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ ERR_print_errors(bio_err);
+ EXIT(1);
+ }
+ fclose(in);
+
+ PEM_SignInit(&ctx,EVP_md5());
+ for (;;)
+ {
+ i=fread(buf,1,1024*10,stdin);
+ if (i <= 0) break;
+ PEM_SignUpdate(&ctx,buf,i);
+ }
+ if (!PEM_SignFinal(&ctx,buf,&n,rsa)) goto err;
+ BIO_printf(bio_err,"%s\n",buf);
+ EXIT(0);
+err:
+ ERR_print_errors(bio_err);
+ EXIT(1);
+ }
diff --git a/apps/pkcs7.c b/apps/pkcs7.c
new file mode 100644
index 0000000..47bd756
--- /dev/null
+++ b/apps/pkcs7.c
@@ -0,0 +1,313 @@
+/* apps/pkcs7.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "err.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG pkcs7_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -des - encrypt output if PEM format with DES in cbc mode
+ * -des3 - encrypt output if PEM format
+ * -idea - encrypt output if PEM format
+ * -print_certs
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ PKCS7 *p7=NULL;
+ int i,badops=0;
+ EVP_CIPHER *enc=NULL;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat;
+ char *infile,*outfile,*prog,buf[256];
+ int print_certs=0;
+ int ret=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-print_certs") == 0)
+ print_certs=1;
+#ifndef NO_DES
+ else if (strcmp(*argv,"-des") == 0)
+ enc=EVP_des_cbc();
+ else if (strcmp(*argv,"-des3") == 0)
+ enc=EVP_des_ede3_cbc();
+#endif
+#ifndef NO_IDEA
+ else if (strcmp(*argv,"-idea") == 0)
+ enc=EVP_idea_cbc();
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -print_certs print any certs or crl in the input\n");
+ BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
+ BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
+#endif
+ EXIT(1);
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ if (in == NULL)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ p7=d2i_PKCS7_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ p7=PEM_read_bio_PKCS7(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for pkcs7 object\n");
+ goto end;
+ }
+ if (p7 == NULL)
+ {
+ BIO_printf(bio_err,"unable to load PKCS7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (print_certs)
+ {
+ STACK *certs=NULL;
+ STACK *crls=NULL;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ certs=p7->d.sign->cert;
+ crls=p7->d.sign->crl;
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ certs=p7->d.signed_and_enveloped->cert;
+ crls=p7->d.signed_and_enveloped->crl;
+ break;
+ default:
+ break;
+ }
+
+ if (certs != NULL)
+ {
+ X509 *x;
+
+ for (i=0; i<sk_num(certs); i++)
+ {
+ x=(X509 *)sk_value(certs,i);
+
+ X509_NAME_oneline(X509_get_subject_name(x),
+ buf,256);
+ BIO_puts(out,"subject=");
+ BIO_puts(out,buf);
+
+ X509_NAME_oneline(X509_get_issuer_name(x),
+ buf,256);
+ BIO_puts(out,"\nissuer= ");
+ BIO_puts(out,buf);
+ BIO_puts(out,"\n");
+
+ PEM_write_bio_X509(out,x);
+ BIO_puts(out,"\n");
+ }
+ }
+ if (crls != NULL)
+ {
+ X509_CRL *crl;
+
+ for (i=0; i<sk_num(crls); i++)
+ {
+ crl=(X509_CRL *)sk_value(crls,i);
+
+ X509_NAME_oneline(crl->crl->issuer,buf,256);
+ BIO_puts(out,"issuer= ");
+ BIO_puts(out,buf);
+
+ BIO_puts(out,"\nlast update=");
+ ASN1_UTCTIME_print(out,crl->crl->lastUpdate);
+ BIO_puts(out,"\nnext update=");
+ ASN1_UTCTIME_print(out,crl->crl->nextUpdate);
+ BIO_puts(out,"\n");
+
+ PEM_write_bio_X509_CRL(out,crl);
+ BIO_puts(out,"\n");
+ }
+ }
+
+ ret=0;
+ goto end;
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=i2d_PKCS7_bio(out,p7);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_PKCS7(out,p7);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write pkcs7 object\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ if (p7 != NULL) PKCS7_free(p7);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ EXIT(ret);
+ }
diff --git a/apps/privkey.pem b/apps/privkey.pem
new file mode 100644
index 0000000..8308004
--- /dev/null
+++ b/apps/privkey.pem
@@ -0,0 +1,15 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,2221AF3DAA41AB24
+
+IOx3ubYOV2SETDSWiuG4bsioEl7jA2CulYKAJvIfy8z5GI+08NwptNOUqbMhDV1s
+156KhUvBvG48uz9mxcOyHjZRD0HNixGNMXDaFJSajINFoGtmYZRc20DEoY6buzsi
+E76GK95cJHsjJsdNrdggIJRTaiLayLzsMFVDrKhmaJVTKlBpcdnFM4BEKSyD2H5N
+OllrfK6GgmlH+WVXU9AlXoy5Jm0YXT7i5bPCB5eDDL/GkTISFHZsnEYpHCrMARsw
+5V15dYEwFc6NA/psBGk1qS2CHVIOYNcfCfndR90+UCos+rMBkcQDfvxI95+L8dbS
+ONJJrUqiCHV/zYSE+aXZN001mJJLvHOW65YbgdwSOfiowcv7HPbFrGdwOOJvSEx2
+d571YvqfsaDojwR5KLgfFDSwVBwzo/mfcFeVrT9Q8LwPL4/dwwoElWTmYbSaW0uZ
+Ov73xRUbVGa5LTJoGbFVMvjpmEO2qtBsx7vq9AT8v8gDzYSuEafyC7d0h85EIfTJ
+wPlIN3xKTiqFpp/eFCkdKqNn826NoC1TgQuoCBIrJ8gZsIr1l8R+iAuGxKGPASoF
+cyqnpcqGgaaTrxnk9cX4dQ==
+-----END DSA PRIVATE KEY-----
diff --git a/apps/progs.h b/apps/progs.h
new file mode 100644
index 0000000..50e2ca4
--- /dev/null
+++ b/apps/progs.h
@@ -0,0 +1,223 @@
+#ifndef NOPROTO
+extern int verify_main(int argc,char *argv[]);
+extern int asn1parse_main(int argc,char *argv[]);
+extern int req_main(int argc,char *argv[]);
+extern int dgst_main(int argc,char *argv[]);
+extern int dh_main(int argc,char *argv[]);
+extern int enc_main(int argc,char *argv[]);
+extern int gendh_main(int argc,char *argv[]);
+extern int gendsa_main(int argc,char *argv[]);
+extern int errstr_main(int argc,char *argv[]);
+extern int ca_main(int argc,char *argv[]);
+extern int crl_main(int argc,char *argv[]);
+extern int rsa_main(int argc,char *argv[]);
+extern int dsa_main(int argc,char *argv[]);
+extern int dsaparam_main(int argc,char *argv[]);
+extern int x509_main(int argc,char *argv[]);
+extern int genrsa_main(int argc,char *argv[]);
+extern int s_server_main(int argc,char *argv[]);
+extern int s_client_main(int argc,char *argv[]);
+extern int speed_main(int argc,char *argv[]);
+extern int s_time_main(int argc,char *argv[]);
+extern int version_main(int argc,char *argv[]);
+extern int pkcs7_main(int argc,char *argv[]);
+extern int crl2pkcs7_main(int argc,char *argv[]);
+extern int sess_id_main(int argc,char *argv[]);
+extern int ciphers_main(int argc,char *argv[]);
+#else
+extern int verify_main();
+extern int asn1parse_main();
+extern int req_main();
+extern int dgst_main();
+extern int dh_main();
+extern int enc_main();
+extern int gendh_main();
+extern int gendsa_main();
+extern int errstr_main();
+extern int ca_main();
+extern int crl_main();
+extern int rsa_main();
+extern int dsa_main();
+extern int dsaparam_main();
+extern int x509_main();
+extern int genrsa_main();
+extern int s_server_main();
+extern int s_client_main();
+extern int speed_main();
+extern int s_time_main();
+extern int version_main();
+extern int pkcs7_main();
+extern int crl2pkcs7_main();
+extern int sess_id_main();
+extern int ciphers_main();
+#endif
+
+#ifdef SSLEAY_SRC
+
+#define FUNC_TYPE_GENERAL 1
+#define FUNC_TYPE_MD 2
+#define FUNC_TYPE_CIPHER 3
+
+typedef struct {
+ int type;
+ char *name;
+ int (*func)();
+ } FUNCTION;
+
+FUNCTION functions[] = {
+ {FUNC_TYPE_GENERAL,"verify",verify_main},
+ {FUNC_TYPE_GENERAL,"asn1parse",asn1parse_main},
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"req",req_main},
+#endif
+ {FUNC_TYPE_GENERAL,"dgst",dgst_main},
+#ifndef NO_DH
+ {FUNC_TYPE_GENERAL,"dh",dh_main},
+#endif
+ {FUNC_TYPE_GENERAL,"enc",enc_main},
+#ifndef NO_DH
+ {FUNC_TYPE_GENERAL,"gendh",gendh_main},
+#endif
+#ifndef NO_DSA
+ {FUNC_TYPE_GENERAL,"gendsa",gendsa_main},
+#endif
+ {FUNC_TYPE_GENERAL,"errstr",errstr_main},
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"ca",ca_main},
+#endif
+ {FUNC_TYPE_GENERAL,"crl",crl_main},
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"rsa",rsa_main},
+#endif
+#ifndef NO_DSA
+ {FUNC_TYPE_GENERAL,"dsa",dsa_main},
+#endif
+#ifndef NO_DSA
+ {FUNC_TYPE_GENERAL,"dsaparam",dsaparam_main},
+#endif
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"x509",x509_main},
+#endif
+#ifndef NO_RSA
+ {FUNC_TYPE_GENERAL,"genrsa",genrsa_main},
+#endif
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"s_server",s_server_main},
+#endif
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"s_client",s_client_main},
+#endif
+ {FUNC_TYPE_GENERAL,"speed",speed_main},
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"s_time",s_time_main},
+#endif
+ {FUNC_TYPE_GENERAL,"version",version_main},
+ {FUNC_TYPE_GENERAL,"pkcs7",pkcs7_main},
+ {FUNC_TYPE_GENERAL,"crl2pkcs7",crl2pkcs7_main},
+ {FUNC_TYPE_GENERAL,"sess_id",sess_id_main},
+#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))
+ {FUNC_TYPE_GENERAL,"ciphers",ciphers_main},
+#endif
+ {FUNC_TYPE_MD,"md2",dgst_main},
+ {FUNC_TYPE_MD,"md5",dgst_main},
+ {FUNC_TYPE_MD,"sha",dgst_main},
+ {FUNC_TYPE_MD,"sha1",dgst_main},
+ {FUNC_TYPE_MD,"mdc2",dgst_main},
+ {FUNC_TYPE_CIPHER,"base64",enc_main},
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des3",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"desx",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea",enc_main},
+#endif
+#ifndef NO_RC4
+ {FUNC_TYPE_CIPHER,"rc4",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ecb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-cbc",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede-cbc",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3-cbc",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-cfb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede-cfb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3-cfb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ofb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede-ofb",enc_main},
+#endif
+#ifndef NO_DES
+ {FUNC_TYPE_CIPHER,"des-ede3-ofb",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-cbc",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-ecb",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-cfb",enc_main},
+#endif
+#ifndef NO_IDEA
+ {FUNC_TYPE_CIPHER,"idea-ofb",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-cbc",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-ecb",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-cfb",enc_main},
+#endif
+#ifndef NO_RC2
+ {FUNC_TYPE_CIPHER,"rc2-ofb",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-cbc",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-ecb",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-cfb",enc_main},
+#endif
+#ifndef NO_BLOWFISH
+ {FUNC_TYPE_CIPHER,"bf-ofb",enc_main},
+#endif
+ {0,NULL,NULL}
+ };
+#endif
+
diff --git a/apps/progs.pl b/apps/progs.pl
new file mode 100644
index 0000000..237dd4c
--- /dev/null
+++ b/apps/progs.pl
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+
+$mkprog='mklinks';
+$rmprog='rmlinks';
+
+print "#ifndef NOPROTO\n";
+
+grep(s/^asn1pars$/asn1parse/,@ARGV);
+
+foreach (@ARGV)
+ { printf "extern int %s_main(int argc,char *argv[]);\n",$_; }
+print "#else\n";
+foreach (@ARGV)
+ { printf "extern int %s_main();\n",$_; }
+print "#endif\n";
+
+
+print <<'EOF';
+
+#ifdef SSLEAY_SRC
+
+#define FUNC_TYPE_GENERAL 1
+#define FUNC_TYPE_MD 2
+#define FUNC_TYPE_CIPHER 3
+
+typedef struct {
+ int type;
+ char *name;
+ int (*func)();
+ } FUNCTION;
+
+FUNCTION functions[] = {
+EOF
+
+foreach (@ARGV)
+ {
+ push(@files,$_);
+ $str="\t{FUNC_TYPE_GENERAL,\"$_\",${_}_main},\n";
+ if (($_ =~ /^s_/) || ($_ =~ /^ciphers$/))
+ { print "#if !defined(NO_SOCK) && !(defined(NO_SSL2) && defined(O_SSL3))\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^rsa$/) || ($_ =~ /^genrsa$/) ||
+ ($_ =~ /^req$/) || ($_ =~ /^ca$/) || ($_ =~ /^x509$/))
+ { print "#ifndef NO_RSA\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^dsa$/) || ($_ =~ /^gendsa$/) || ($_ =~ /^dsaparam$/))
+ { print "#ifndef NO_DSA\n${str}#endif\n"; }
+ elsif ( ($_ =~ /^dh$/) || ($_ =~ /^gendh$/))
+ { print "#ifndef NO_DH\n${str}#endif\n"; }
+ else
+ { print $str; }
+ }
+
+foreach ("md2","md5","sha","sha1","mdc2")
+ {
+ push(@files,$_);
+ printf "\t{FUNC_TYPE_MD,\"%s\",dgst_main},\n",$_;
+ }
+
+foreach (
+ "base64",
+ "des", "des3", "desx", "idea", "rc4", "rc2","bf",
+ "des-ecb", "des-ede", "des-ede3",
+ "des-cbc", "des-ede-cbc","des-ede3-cbc",
+ "des-cfb", "des-ede-cfb","des-ede3-cfb",
+ "des-ofb", "des-ede-ofb","des-ede3-ofb",
+ "idea-cbc","idea-ecb", "idea-cfb", "idea-ofb",
+ "rc2-cbc", "rc2-ecb", "rc2-cfb", "rc2-ofb",
+ "bf-cbc", "bf-ecb", "bf-cfb", "bf-ofb")
+ {
+ push(@files,$_);
+
+ $t=sprintf("\t{FUNC_TYPE_CIPHER,\"%s\",enc_main},\n",$_);
+ if ($_ =~ /des/) { $t="#ifndef NO_DES\n${t}#endif\n"; }
+ elsif ($_ =~ /idea/) { $t="#ifndef NO_IDEA\n${t}#endif\n"; }
+ elsif ($_ =~ /rc4/) { $t="#ifndef NO_RC4\n${t}#endif\n"; }
+ elsif ($_ =~ /rc2/) { $t="#ifndef NO_RC2\n${t}#endif\n"; }
+ elsif ($_ =~ /bf/) { $t="#ifndef NO_BLOWFISH\n${t}#endif\n"; }
+ print $t;
+ }
+
+print "\t{0,NULL,NULL}\n\t};\n";
+print "#endif\n\n";
+
+open(OUT,">$mkprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+ { print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo making symlink for $i
+/bin/rm -f $i
+ln -s ssleay $i
+done
+EOF
+close(OUT);
+chmod(0755,$mkprog);
+
+open(OUT,">$rmprog") || die "unable to open '$prog':$!\n";
+print OUT "#!/bin/sh\nfor i in ";
+foreach (@files)
+ { print OUT $_." "; }
+print OUT <<'EOF';
+
+do
+echo removing $i
+/bin/rm -f $i
+done
+EOF
+close(OUT);
+chmod(0755,$rmprog);
diff --git a/apps/req.c b/apps/req.c
new file mode 100644
index 0000000..9b6041e
--- /dev/null
+++ b/apps/req.c
@@ -0,0 +1,1097 @@
+/* apps/req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "bio.h"
+#include "evp.h"
+#include "rand.h"
+#include "conf.h"
+#include "err.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#define SECTION "req"
+
+#define BITS "default_bits"
+#define KEYFILE "default_keyfile"
+#define DISTINGUISHED_NAME "distinguished_name"
+#define ATTRIBUTES "attributes"
+
+#define DEFAULT_KEY_LENGTH 512
+#define MIN_KEY_LENGTH 384
+
+#undef PROG
+#define PROG req_main
+
+/* -inform arg - input format - default PEM (one of DER, TXT or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -verify - check request signature
+ * -noout - don't print stuff out.
+ * -text - print out human readable text.
+ * -nodes - no des encryption
+ * -config file - Load configuration file.
+ * -key file - make a request using key in file (or use it for verification).
+ * -keyform - key file format.
+ * -newkey - make a key and a request.
+ * -modulus - print RSA modulus.
+ * -x509 - output a self signed X509 structure instead.
+ * -asn1-kludge - output new certificate request in a format that some CA's
+ * require. This format is wrong
+ */
+
+#ifndef NOPROTO
+static int make_REQ(X509_REQ *req,EVP_PKEY *pkey,int attribs);
+static int add_attribute_object(STACK *n, char *text, char *def,
+ char *value, int nid,int min,int max);
+static int add_DN_object(X509_NAME *n, char *text, char *def, char *value,
+ int nid,int min,int max);
+static void MS_CALLBACK req_cb(int p,int n);
+static int req_fix_data(int nid,int *type,int len,int min,int max);
+#else
+static int make_REQ();
+static int add_attribute_object();
+static int add_DN_object();
+static void MS_CALLBACK req_cb();
+static int req_fix_data();
+#endif
+
+#ifndef MONOLITH
+static char *default_config_file=NULL;
+static LHASH *config=NULL;
+#endif
+static LHASH *req_conf=NULL;
+
+#define TYPE_RSA 1
+#define TYPE_DSA 2
+#define TYPE_DH 3
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ DSA *dsa_params=NULL;
+ int ex=1,x509=0,days=30;
+ X509 *x509ss=NULL;
+ X509_REQ *req=NULL;
+ EVP_PKEY *pkey=NULL;
+ int i,badops=0,newreq=0,newkey= -1,pkey_type=0;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,verify=0,noout=0,text=0,keyform=FORMAT_PEM;
+ int nodes=0,kludge=0;
+ char *infile,*outfile,*prog,*keyfile=NULL,*template=NULL,*keyout=NULL;
+ EVP_CIPHER *cipher=NULL;
+ int modulus=0;
+ char *p;
+ EVP_MD *md_alg=NULL,*digest=EVP_md5();
+#ifndef MONOLITH
+ MS_STATIC char config_name[256];
+#endif
+
+#ifndef NO_DES
+ cipher=EVP_des_ede3_cbc();
+#endif
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-new") == 0)
+ {
+ pkey_type=TYPE_RSA;
+ newreq=1;
+ }
+ else if (strcmp(*argv,"-config") == 0)
+ {
+ if (--argc < 1) goto bad;
+ template= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyform=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-keyout") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyout= *(++argv);
+ }
+ else if (strcmp(*argv,"-newkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ p= *(++argv);
+ if ((strncmp("rsa:",p,4) == 0) ||
+ ((p[0] >= '0') && (p[0] <= '9')))
+ {
+ pkey_type=TYPE_RSA;
+ p+=4;
+ newkey= atoi(p);
+ }
+ else if (strncmp("dsa:",p,4) == 0)
+ {
+ X509 *xtmp=NULL;
+ EVP_PKEY *dtmp;
+
+ pkey_type=TYPE_DSA;
+ p+=4;
+ if ((in=BIO_new_file(p,"r")) == NULL)
+ {
+ perror(p);
+ goto end;
+ }
+ if ((dsa_params=PEM_read_bio_DSAparams(in,NULL,NULL)) == NULL)
+ {
+ ERR_clear_error();
+ BIO_reset(in);
+ if ((xtmp=PEM_read_bio_X509(in,NULL,NULL)) == NULL)
+ {
+ BIO_printf(bio_err,"unable to load DSA parameters from file\n");
+ goto end;
+ }
+ dtmp=X509_get_pubkey(xtmp);
+ if (dtmp->type == EVP_PKEY_DSA)
+ dsa_params=DSAparams_dup(dtmp->pkey.dsa);
+ X509_free(xtmp);
+ if (dsa_params == NULL)
+ {
+ BIO_printf(bio_err,"Certificate does not contain DSA parameters\n");
+ goto end;
+ }
+
+ }
+ BIO_free(in);
+ newkey=BN_num_bits(dsa_params->p);
+ in=NULL;
+ }
+ else if (strncmp("dh:",p,4) == 0)
+ {
+ pkey_type=TYPE_DH;
+ p+=3;
+ }
+ else
+ pkey_type=TYPE_RSA;
+
+ newreq=1;
+ }
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus=1;
+ else if (strcmp(*argv,"-verify") == 0)
+ verify=1;
+ else if (strcmp(*argv,"-nodes") == 0)
+ nodes=1;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-x509") == 0)
+ x509=1;
+ else if (strcmp(*argv,"-asn1-kludge") == 0)
+ kludge=1;
+ else if (strcmp(*argv,"-no-asn1-kludge") == 0)
+ kludge=0;
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days= atoi(*(++argv));
+ if (days == 0) days=30;
+ }
+ else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+ {
+ /* ok */
+ digest=md_alg;
+ }
+ else
+
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER TXT PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -text text form of request\n");
+ BIO_printf(bio_err," -noout do not output REQ\n");
+ BIO_printf(bio_err," -verify verify signature on REQ\n");
+ BIO_printf(bio_err," -modulus RSA modulus\n");
+ BIO_printf(bio_err," -nodes don't encrypt the output key\n");
+ BIO_printf(bio_err," -key file use the private key contained in file\n");
+ BIO_printf(bio_err," -keyform arg key file format\n");
+ BIO_printf(bio_err," -keyout arg file to send the key to\n");
+ BIO_printf(bio_err," -newkey rsa:bits generate a new RSA key of 'bits' in size\n");
+ BIO_printf(bio_err," -newkey dsa:file generate a new DSA key, parameters taken from CA in 'file'\n");
+
+ BIO_printf(bio_err," -[digest] Digest to sign with (md5, sha1, md2, mdc2)\n");
+ BIO_printf(bio_err," -config file request templace file.\n");
+ BIO_printf(bio_err," -new new request.\n");
+ BIO_printf(bio_err," -x509 output a x509 structure instead of a cert. req.\n");
+ BIO_printf(bio_err," -days number of days a x509 generated by -x509 is valid for.\n");
+ BIO_printf(bio_err," -asn1-kludge Output the 'request' in a format that is wrong but some CA's\n");
+ BIO_printf(bio_err," have been reported as requiring\n");
+ BIO_printf(bio_err," [ It is now always turned on but can be turned off with -no-asn1-kludge ]\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+#ifndef MONOLITH
+ /* Lets load up our environment a little */
+ p=getenv("SSLEAY_CONF");
+ if (p == NULL)
+ {
+ strcpy(config_name,X509_get_default_cert_area());
+ strcat(config_name,"/lib/");
+ strcat(config_name,SSLEAY_CONF);
+ p=config_name;
+ }
+ default_config_file=p;
+ config=CONF_load(config,p,NULL);
+#endif
+
+ if (template != NULL)
+ {
+ long errline;
+
+ BIO_printf(bio_err,"Using configuration from %s\n",template);
+ req_conf=CONF_load(NULL,template,&errline);
+ if (req_conf == NULL)
+ {
+ BIO_printf(bio_err,"error on line %ld of %s\n",errline,template);
+ goto end;
+ }
+ }
+ else
+ {
+ req_conf=config;
+ BIO_printf(bio_err,"Using configuration from %s\n",
+ default_config_file);
+ if (req_conf == NULL)
+ {
+ BIO_printf(bio_err,"Unable to load config info\n");
+ }
+ }
+
+ if ((md_alg == NULL) &&
+ ((p=CONF_get_string(req_conf,SECTION,"default_md")) != NULL))
+ {
+ if ((md_alg=EVP_get_digestbyname(p)) != NULL)
+ digest=md_alg;
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ goto end;
+
+ if (keyfile != NULL)
+ {
+ if (BIO_read_filename(in,keyfile) <= 0)
+ {
+ perror(keyfile);
+ goto end;
+ }
+
+/* if (keyform == FORMAT_ASN1)
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+ else */
+ if (keyform == FORMAT_PEM)
+ pkey=PEM_read_bio_PrivateKey(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for X509 request\n");
+ goto end;
+ }
+
+ if (pkey == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private key\n");
+ goto end;
+ }
+ }
+
+ if (newreq && (pkey == NULL))
+ {
+ char *randfile;
+ char buffer[200];
+
+ if ((randfile=CONF_get_string(req_conf,SECTION,"RANDFILE")) == NULL)
+ randfile=RAND_file_name(buffer,200);
+#ifdef WINDOWS
+ BIO_printf(bio_err,"Loading 'screen' into random state -");
+ BIO_flush(bio_err);
+ RAND_screen();
+ BIO_printf(bio_err," done\n");
+#endif
+ if ((randfile == NULL) || !RAND_load_file(randfile,1024L*1024L))
+ {
+ BIO_printf(bio_err,"unable to load 'random state'\n");
+ BIO_printf(bio_err,"What this means is that the random number generator has not been seeded\n");
+ BIO_printf(bio_err,"with much random data.\n");
+ BIO_printf(bio_err,"Consider setting the RANDFILE environment variable to point at a file that\n");
+ BIO_printf(bio_err,"'random' data can be kept in.\n");
+ }
+ if (newkey <= 0)
+ {
+ newkey=(int)CONF_get_number(req_conf,SECTION,BITS);
+ if (newkey <= 0)
+ newkey=DEFAULT_KEY_LENGTH;
+ }
+
+ if (newkey < MIN_KEY_LENGTH)
+ {
+ BIO_printf(bio_err,"private key length is too short,\n");
+ BIO_printf(bio_err,"it needs to be at least %d bits, not %d\n",MIN_KEY_LENGTH,newkey);
+ goto end;
+ }
+ BIO_printf(bio_err,"Generating a %d bit %s private key\n",
+ newkey,(pkey_type == TYPE_RSA)?"RSA":"DSA");
+
+ if ((pkey=EVP_PKEY_new()) == NULL) goto end;
+
+#ifndef NO_RSA
+ if (pkey_type == TYPE_RSA)
+ {
+ if (!EVP_PKEY_assign_RSA(pkey,
+ RSA_generate_key(newkey,0x10001,req_cb)))
+ goto end;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey_type == TYPE_DSA)
+ {
+ if (!DSA_generate_key(dsa_params)) goto end;
+ if (!EVP_PKEY_assign_DSA(pkey,dsa_params)) goto end;
+ dsa_params=NULL;
+ }
+#endif
+
+ if ((randfile == NULL) || (RAND_write_file(randfile) == 0))
+ BIO_printf(bio_err,"unable to write 'random state'\n");
+
+ if (pkey == NULL) goto end;
+
+ if (keyout == NULL)
+ keyout=CONF_get_string(req_conf,SECTION,KEYFILE);
+
+ if (keyout == NULL)
+ {
+ BIO_printf(bio_err,"writing new private key to stdout\n");
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ }
+ else
+ {
+ BIO_printf(bio_err,"writing new private key to '%s'\n",keyout);
+ if (BIO_write_filename(out,keyout) <= 0)
+ {
+ perror(keyout);
+ goto end;
+ }
+ }
+
+ p=CONF_get_string(req_conf,SECTION,"encrypt_rsa_key");
+ if (p == NULL)
+ p=CONF_get_string(req_conf,SECTION,"encrypt_key");
+ if ((p != NULL) && (strcmp(p,"no") == 0))
+ cipher=NULL;
+ if (nodes) cipher=NULL;
+
+ i=0;
+loop:
+ if (!PEM_write_bio_PrivateKey(out,pkey,cipher,
+ NULL,0,NULL))
+ {
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
+ PEM_R_PROBLEMS_GETTING_PASSWORD) && (i < 3))
+ {
+ ERR_clear_error();
+ i++;
+ goto loop;
+ }
+ goto end;
+ }
+ BIO_printf(bio_err,"-----\n");
+ }
+
+ if (!newreq)
+ {
+ /* Since we are using a pre-existing certificate
+ * request, the kludge 'format' info should not be
+ * changed. */
+ kludge= -1;
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ if (informat == FORMAT_ASN1)
+ req=d2i_X509_REQ_bio(in,NULL);
+ else if (informat == FORMAT_PEM)
+ req=PEM_read_bio_X509_REQ(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for X509 request\n");
+ goto end;
+ }
+ if (req == NULL)
+ {
+ BIO_printf(bio_err,"unable to load X509 request\n");
+ goto end;
+ }
+ }
+
+ if (newreq || x509)
+ {
+ if (pkey->type == EVP_PKEY_DSA)
+ digest=EVP_dss1();
+
+ if (pkey == NULL)
+ {
+ BIO_printf(bio_err,"you need to specify a private key\n");
+ goto end;
+ }
+ if (req == NULL)
+ {
+ req=X509_REQ_new();
+ if (req == NULL)
+ {
+ goto end;
+ }
+
+ i=make_REQ(req,pkey,!x509);
+ if (kludge >= 0)
+ req->req_info->req_kludge=kludge;
+ if (!i)
+ {
+ BIO_printf(bio_err,"problems making Certificate Request\n");
+ goto end;
+ }
+ }
+ if (x509)
+ {
+ if ((x509ss=X509_new()) == NULL) goto end;
+
+ /* don't set the version number, for starters
+ * the field is null and second, null is v0
+ * if (!ASN1_INTEGER_set(ci->version,0L)) goto end;
+ */
+ ASN1_INTEGER_set(X509_get_serialNumber(x509ss),0L);
+
+ X509_set_issuer_name(x509ss,
+ X509_REQ_get_subject_name(req));
+ X509_gmtime_adj(X509_get_notBefore(x509ss),0);
+ X509_gmtime_adj(X509_get_notAfter(x509ss),
+ (long)60*60*24*days);
+ X509_set_subject_name(x509ss,
+ X509_REQ_get_subject_name(req));
+ X509_set_pubkey(x509ss,X509_REQ_get_pubkey(req));
+
+ if (!(i=X509_sign(x509ss,pkey,digest)))
+ goto end;
+ }
+ else
+ {
+ if (!(i=X509_REQ_sign(req,pkey,digest)))
+ goto end;
+ }
+ }
+
+ if (verify && !x509)
+ {
+ int tmp=0;
+
+ if (pkey == NULL)
+ {
+ pkey=X509_REQ_get_pubkey(req);
+ tmp=1;
+ if (pkey == NULL) goto end;
+ }
+
+ i=X509_REQ_verify(req,pkey);
+ if (tmp) pkey=NULL;
+
+ if (i < 0)
+ {
+ goto end;
+ }
+ else if (i == 0)
+ {
+ BIO_printf(bio_err,"verify failure\n");
+ }
+ else /* if (i > 0) */
+ BIO_printf(bio_err,"verify OK\n");
+ }
+
+ if (noout && !text && !modulus)
+ {
+ ex=0;
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if ((keyout != NULL) && (strcmp(outfile,keyout) == 0))
+ i=(int)BIO_append_filename(out,outfile);
+ else
+ i=(int)BIO_write_filename(out,outfile);
+ if (!i)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (text)
+ {
+ if (x509)
+ X509_print(out,x509ss);
+ else
+ X509_REQ_print(out,req);
+ }
+
+ if (modulus)
+ {
+ EVP_PKEY *pubkey;
+
+ if (x509)
+ pubkey=X509_get_pubkey(x509ss);
+ else
+ pubkey=X509_REQ_get_pubkey(req);
+ if (pubkey == NULL)
+ {
+ fprintf(stdout,"Modulus=unavailable\n");
+ goto end;
+ }
+ fprintf(stdout,"Modulus=");
+ if (pubkey->type == EVP_PKEY_RSA)
+ BN_print(out,pubkey->pkey.rsa->n);
+ else
+ fprintf(stdout,"Wrong Algorithm type");
+ fprintf(stdout,"\n");
+ }
+
+ if (!noout && !x509)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_X509_REQ_bio(out,req);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509_REQ(out,req);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write X509 request\n");
+ goto end;
+ }
+ }
+ if (!noout && x509 && (x509ss != NULL))
+ {
+ if (outformat == FORMAT_ASN1)
+ i=i2d_X509_bio(out,x509ss);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509(out,x509ss);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write X509 certificate\n");
+ goto end;
+ }
+ }
+ ex=0;
+end:
+ if (ex)
+ {
+ ERR_print_errors(bio_err);
+ }
+ if ((req_conf != NULL) && (req_conf != config)) CONF_free(req_conf);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (req != NULL) X509_REQ_free(req);
+ if (x509ss != NULL) X509_free(x509ss);
+ if (dsa_params != NULL) DSA_free(dsa_params);
+ EXIT(ex);
+ }
+
+static int make_REQ(req,pkey,attribs)
+X509_REQ *req;
+EVP_PKEY *pkey;
+int attribs;
+ {
+ int ret=0,i,j;
+ unsigned char *p;
+ X509_REQ_INFO *ri;
+ char buf[100];
+ int nid,min,max;
+ char *type,*def,*tmp,*value,*tmp_attr;
+ STACK *sk,*attr=NULL;
+ CONF_VALUE *v;
+
+ tmp=CONF_get_string(req_conf,SECTION,DISTINGUISHED_NAME);
+ if (tmp == NULL)
+ {
+ BIO_printf(bio_err,"unable to find '%s' in config\n",
+ DISTINGUISHED_NAME);
+ goto err;
+ }
+ sk=CONF_get_section(req_conf,tmp);
+ if (sk == NULL)
+ {
+ BIO_printf(bio_err,"unable to get '%s' section\n",tmp);
+ goto err;
+ }
+
+ tmp_attr=CONF_get_string(req_conf,SECTION,ATTRIBUTES);
+ if (tmp_attr == NULL)
+ attr=NULL;
+ else
+ {
+ attr=CONF_get_section(req_conf,tmp_attr);
+ if (attr == NULL)
+ {
+ BIO_printf(bio_err,"unable to get '%s' section\n",tmp_attr);
+ goto err;
+ }
+ }
+
+ ri=req->req_info;
+
+ BIO_printf(bio_err,"You are about to be asked to enter information that will be incorporated\n");
+ BIO_printf(bio_err,"into your certificate request.\n");
+ BIO_printf(bio_err,"What you are about to enter is what is called a Distinguished Name or a DN.\n");
+ BIO_printf(bio_err,"There are quite a few fields but you can leave some blank\n");
+ BIO_printf(bio_err,"For some fields there will be a default value,\n");
+ BIO_printf(bio_err,"If you enter '.', the field will be left blank.\n");
+ BIO_printf(bio_err,"-----\n");
+
+ /* setup version number */
+ if (!ASN1_INTEGER_set(ri->version,0L)) goto err; /* version 1 */
+
+ if (sk_num(sk))
+ {
+ i= -1;
+start: for (;;)
+ {
+ i++;
+ if ((int)sk_num(sk) <= i) break;
+
+ v=(CONF_VALUE *)sk_value(sk,i);
+ p=NULL;
+ type=v->name;
+ for (j=0; type[j] != '\0'; j++)
+ {
+ if ( (type[j] == ':') ||
+ (type[j] == ',') ||
+ (type[j] == '.'))
+ p= (unsigned char *)&(type[j+1]);
+ }
+ if (p != NULL)
+ type=(char *)p;
+ if ((nid=OBJ_txt2nid(type)) == NID_undef)
+ goto start;
+
+ sprintf(buf,"%s_default",v->name);
+ if ((def=CONF_get_string(req_conf,tmp,buf)) == NULL)
+ def="";
+
+ sprintf(buf,"%s_value",v->name);
+ if ((value=CONF_get_string(req_conf,tmp,buf)) == NULL)
+ value=NULL;
+
+ sprintf(buf,"%s_min",v->name);
+ min=(int)CONF_get_number(req_conf,tmp,buf);
+
+ sprintf(buf,"%s_max",v->name);
+ max=(int)CONF_get_number(req_conf,tmp,buf);
+
+ if (!add_DN_object(ri->subject,v->value,def,value,nid,
+ min,max))
+ goto err;
+ }
+ if (sk_num(ri->subject->entries) == 0)
+ {
+ BIO_printf(bio_err,"error, no objects specified in config file\n");
+ goto err;
+ }
+
+ if (attribs)
+ {
+ if ((attr != NULL) && (sk_num(attr) > 0))
+ {
+ BIO_printf(bio_err,"\nPlease enter the following 'extra' attributes\n");
+ BIO_printf(bio_err,"to be sent with your certificate request\n");
+ }
+
+ i= -1;
+start2: for (;;)
+ {
+ i++;
+ if ((attr == NULL) || ((int)sk_num(attr) <= i))
+ break;
+
+ v=(CONF_VALUE *)sk_value(attr,i);
+ type=v->name;
+ if ((nid=OBJ_txt2nid(type)) == NID_undef)
+ goto start2;
+
+ sprintf(buf,"%s_default",type);
+ if ((def=CONF_get_string(req_conf,tmp_attr,buf))
+ == NULL)
+ def="";
+
+ sprintf(buf,"%s_value",type);
+ if ((value=CONF_get_string(req_conf,tmp_attr,buf))
+ == NULL)
+ value=NULL;
+
+ sprintf(buf,"%s_min",type);
+ min=(int)CONF_get_number(req_conf,tmp_attr,buf);
+
+ sprintf(buf,"%s_max",type);
+ max=(int)CONF_get_number(req_conf,tmp_attr,buf);
+
+ if (!add_attribute_object(ri->attributes,
+ v->value,def,value,nid,min,max))
+ goto err;
+ }
+ }
+ }
+ else
+ {
+ BIO_printf(bio_err,"No template, please set one up.\n");
+ goto err;
+ }
+
+ X509_REQ_set_pubkey(req,pkey);
+
+ ret=1;
+err:
+ return(ret);
+ }
+
+static int add_DN_object(n,text,def,value,nid,min,max)
+X509_NAME *n;
+char *text;
+char *def;
+char *value;
+int nid;
+int min;
+int max;
+ {
+ int i,j,ret=0;
+ X509_NAME_ENTRY *ne=NULL;
+ MS_STATIC char buf[1024];
+
+ BIO_printf(bio_err,"%s [%s]:",text,def);
+ BIO_flush(bio_err);
+ if (value != NULL)
+ {
+ strcpy(buf,value);
+ strcat(buf,"\n");
+ BIO_printf(bio_err,"%s\n",value);
+ }
+ else
+ {
+ buf[0]='\0';
+ fgets(buf,1024,stdin);
+ }
+
+ if (buf[0] == '\0') return(0);
+ else if (buf[0] == '\n')
+ {
+ if ((def == NULL) || (def[0] == '\0'))
+ return(1);
+ strcpy(buf,def);
+ strcat(buf,"\n");
+ }
+ else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
+
+ i=strlen(buf);
+ if (buf[i-1] != '\n')
+ {
+ BIO_printf(bio_err,"weird input :-(\n");
+ return(0);
+ }
+ buf[--i]='\0';
+
+ j=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
+ if (req_fix_data(nid,&j,i,min,max) == 0)
+ goto err;
+ if ((ne=X509_NAME_ENTRY_create_by_NID(NULL,nid,j,(unsigned char *)buf,
+ strlen(buf)))
+ == NULL) goto err;
+ if (!X509_NAME_add_entry(n,ne,X509_NAME_entry_count(n),0))
+ goto err;
+
+ ret=1;
+err:
+ if (ne != NULL) X509_NAME_ENTRY_free(ne);
+ return(ret);
+ }
+
+static int add_attribute_object(n,text,def,value,nid,min,max)
+STACK *n;
+char *text;
+char *def;
+char *value;
+int nid;
+int min;
+int max;
+ {
+ int i,z;
+ X509_ATTRIBUTE *xa=NULL;
+ static char buf[1024];
+ ASN1_BIT_STRING *bs=NULL;
+ ASN1_TYPE *at=NULL;
+
+start:
+ BIO_printf(bio_err,"%s [%s]:",text,def);
+ BIO_flush(bio_err);
+ if (value != NULL)
+ {
+ strcpy(buf,value);
+ strcat(buf,"\n");
+ BIO_printf(bio_err,"%s\n",value);
+ }
+ else
+ {
+ buf[0]='\0';
+ fgets(buf,1024,stdin);
+ }
+
+ if (buf[0] == '\0') return(0);
+ else if (buf[0] == '\n')
+ {
+ if ((def == NULL) || (def[0] == '\0'))
+ return(1);
+ strcpy(buf,def);
+ strcat(buf,"\n");
+ }
+ else if ((buf[0] == '.') && (buf[1] == '\n')) return(1);
+
+ i=strlen(buf);
+ if (buf[i-1] != '\n')
+ {
+ BIO_printf(bio_err,"weird input :-(\n");
+ return(0);
+ }
+ buf[--i]='\0';
+
+ /* add object plus value */
+ if ((xa=X509_ATTRIBUTE_new()) == NULL)
+ goto err;
+ if ((xa->value.set=sk_new_null()) == NULL)
+ goto err;
+ xa->set=1;
+
+ if (xa->object != NULL) ASN1_OBJECT_free(xa->object);
+ xa->object=OBJ_nid2obj(nid);
+
+ if ((bs=ASN1_BIT_STRING_new()) == NULL) goto err;
+
+ bs->type=ASN1_PRINTABLE_type((unsigned char *)buf,-1);
+
+ z=req_fix_data(nid,&bs->type,i,min,max);
+ if (z == 0)
+ {
+ if (value == NULL)
+ goto start;
+ else goto err;
+ }
+
+ if (!ASN1_STRING_set(bs,(unsigned char *)buf,i+1))
+ { BIO_printf(bio_err,"Malloc failure\n"); goto err; }
+
+ if ((at=ASN1_TYPE_new()) == NULL)
+ { BIO_printf(bio_err,"Malloc failure\n"); goto err; }
+
+ ASN1_TYPE_set(at,bs->type,(char *)bs);
+ sk_push(xa->value.set,(char *)at);
+ bs=NULL;
+ at=NULL;
+ /* only one item per attribute */
+
+ if (!sk_push(n,(char *)xa)) goto err;
+ return(1);
+err:
+ if (xa != NULL) X509_ATTRIBUTE_free(xa);
+ if (at != NULL) ASN1_TYPE_free(at);
+ if (bs != NULL) ASN1_BIT_STRING_free(bs);
+ return(0);
+ }
+
+static void MS_CALLBACK req_cb(p, n)
+int p;
+int n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write(bio_err,&c,1);
+ BIO_flush(bio_err);
+#ifdef LINT
+ p=n;
+#endif
+ }
+
+static int req_fix_data(nid,type,len,min,max)
+int nid;
+int *type;
+int len,min,max;
+ {
+ if (nid == NID_pkcs9_emailAddress)
+ *type=V_ASN1_IA5STRING;
+ if ((nid == NID_commonName) && (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+ if ((nid == NID_pkcs9_challengePassword) &&
+ (*type == V_ASN1_IA5STRING))
+ *type=V_ASN1_T61STRING;
+
+ if ((nid == NID_pkcs9_unstructuredName) &&
+ (*type == V_ASN1_T61STRING))
+ {
+ BIO_printf(bio_err,"invalid characters in string, please re-enter the string\n");
+ return(0);
+ }
+ if (nid == NID_pkcs9_unstructuredName)
+ *type=V_ASN1_IA5STRING;
+
+ if (len < min)
+ {
+ BIO_printf(bio_err,"string is too short, it needs to be at least %d bytes long\n",min);
+ return(0);
+ }
+ if ((max != 0) && (len > max))
+ {
+ BIO_printf(bio_err,"string is too long, it needs to be less than %d bytes long\n",max);
+ return(0);
+ }
+ return(1);
+ }
diff --git a/apps/rmlinks b/apps/rmlinks
new file mode 100644
index 0000000..54bc996
--- /dev/null
+++ b/apps/rmlinks
@@ -0,0 +1,6 @@
+#!/bin/sh
+for i in verify asn1parse req dgst dh enc gendh gendsa errstr ca crl rsa dsa dsaparam x509 genrsa s_server s_client speed s_time version pkcs7 crl2pkcs7 sess_id ciphers md2 md5 sha sha1 mdc2 base64 des des3 desx idea rc4 rc2 bf des-ecb des-ede des-ede3 des-cbc des-ede-cbc des-ede3-cbc des-cfb des-ede-cfb des-ede3-cfb des-ofb des-ede-ofb des-ede3-ofb idea-cbc idea-ecb idea-cfb idea-ofb rc2-cbc rc2-ecb rc2-cfb rc2-ofb bf-cbc bf-ecb bf-cfb bf-ofb
+do
+echo removing $i
+/bin/rm -f $i
+done
diff --git a/apps/rsa.c b/apps/rsa.c
new file mode 100644
index 0000000..9f2df77
--- /dev/null
+++ b/apps/rsa.c
@@ -0,0 +1,303 @@
+/* apps/rsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <time.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "rsa.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG rsa_main
+
+/* -inform arg - input format - default PEM (one of DER, NET or PEM)
+ * -outform arg - output format - default PEM
+ * -in arg - input file - default stdin
+ * -out arg - output file - default stdout
+ * -des - encrypt output if PEM format with DES in cbc mode
+ * -des3 - encrypt output if PEM format
+ * -idea - encrypt output if PEM format
+ * -text - print a text version
+ * -modulus - print the RSA key modulus
+ */
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ RSA *rsa=NULL;
+ int i,badops=0;
+ EVP_CIPHER *enc=NULL;
+ BIO *in=NULL,*out=NULL;
+ int informat,outformat,text=0,noout=0;
+ char *infile,*outfile,*prog;
+ int modulus=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ infile=NULL;
+ outfile=NULL;
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ prog=argv[0];
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-noout") == 0)
+ noout=1;
+ else if (strcmp(*argv,"-text") == 0)
+ text=1;
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus=1;
+ else if ((enc=EVP_get_cipherbyname(&(argv[0][1]))) == NULL)
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ BIO_printf(bio_err,"%s [options] <infile >outfile\n",prog);
+ BIO_printf(bio_err,"where options are\n");
+ BIO_printf(bio_err," -inform arg input format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -outform arg output format - one of DER NET PEM\n");
+ BIO_printf(bio_err," -in arg inout file\n");
+ BIO_printf(bio_err," -out arg output file\n");
+ BIO_printf(bio_err," -des encrypt PEM output with cbc des\n");
+ BIO_printf(bio_err," -des3 encrypt PEM output with ede cbc des using 168 bit key\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err," -idea encrypt PEM output with cbc idea\n");
+#endif
+ BIO_printf(bio_err," -text print the key in text\n");
+ BIO_printf(bio_err," -noout don't print key out\n");
+ BIO_printf(bio_err," -modulus print the RSA key modulus\n");
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+
+ BIO_printf(bio_err,"read RSA private key\n");
+ if (informat == FORMAT_ASN1)
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+#ifndef NO_RC4
+ else if (informat == FORMAT_NETSCAPE)
+ {
+ BUF_MEM *buf=NULL;
+ unsigned char *p;
+ int size=0;
+
+ buf=BUF_MEM_new();
+ for (;;)
+ {
+ if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
+ goto end;
+ i=BIO_read(in,&(buf->data[size]),1024*10);
+ size+=i;
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("reading private key");
+ BUF_MEM_free(buf);
+ goto end;
+ }
+ }
+ p=(unsigned char *)buf->data;
+ rsa=(RSA *)d2i_Netscape_RSA(NULL,&p,(long)size,NULL);
+ BUF_MEM_free(buf);
+ }
+#endif
+ else if (informat == FORMAT_PEM)
+ rsa=PEM_read_bio_RSAPrivateKey(in,NULL,NULL);
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+ if (rsa == NULL)
+ {
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+
+ if (text)
+ if (!RSA_print(out,rsa,0))
+ {
+ perror(outfile);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (modulus)
+ {
+ fprintf(stdout,"Modulus=");
+ BN_print(out,rsa->n);
+ fprintf(stdout,"\n");
+ }
+
+ if (noout) goto end;
+ BIO_printf(bio_err,"writing RSA private key\n");
+ if (outformat == FORMAT_ASN1)
+ i=i2d_RSAPrivateKey_bio(out,rsa);
+#ifndef NO_RC4
+ else if (outformat == FORMAT_NETSCAPE)
+ {
+ unsigned char *p,*pp;
+ int size;
+
+ i=1;
+ size=i2d_Netscape_RSA(rsa,NULL,NULL);
+ if ((p=(unsigned char *)Malloc(size)) == NULL)
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto end;
+ }
+ pp=p;
+ i2d_Netscape_RSA(rsa,&p,NULL);
+ BIO_write(out,(char *)pp,size);
+ Free(pp);
+ }
+#endif
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_RSAPrivateKey(out,rsa,enc,NULL,0,NULL);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i)
+ {
+ BIO_printf(bio_err,"unable to write private key\n");
+ ERR_print_errors(bio_err);
+ }
+ else
+ ret=0;
+end:
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (rsa != NULL) RSA_free(rsa);
+ EXIT(ret);
+ }
+
diff --git a/apps/rsa8192.pem b/apps/rsa8192.pem
new file mode 100644
index 0000000..946a6e5
--- /dev/null
+++ b/apps/rsa8192.pem
@@ -0,0 +1,101 @@
+-----BEGIN RSA PRIVATE KEY-----
+
+MIISKAIBAAKCBAEAiQ2f1X6Bte1DKD0OoCBKEikzPW+5w3oXk3WwnE97Wxzy6wJZ
+ebbZC3CZKKBnJeBMrysPf+lK+9+fP6Vm8bp1wvbcSIA59BDrX6irFSuM/bdnkbuF
+MFlDjt+uVrxwoyqfPi2IPot1HQg3l5mdyBqcTWvbOnU2L9HZxJfPUCjfzdTMPrMY
+55/A20XL7tlV2opEfwhy3uVlveQBM0DnZ3MUQfrk+lRRNWv7yE4ScbOfER9fjvOm
+yJc3ZbOa3e+AMGGU9OqJ/fyOl0SGYyP2k23omy/idBV4uOs8QWdnAvq8UOzDdua3
+tuf5Tn17XBurPJ8juwyPBNispkwwn8BjxAZVPhwUIcxFBg339IxJ9cW0WdVy4nNA
+LWo/8Ahlf+kZNnFNGCPFytU9gGMLMhab9w/rLrwa9qNe4L8Fmu1JxONn1WfhMOKE
+aFmycf2olJsYLgUIGYZrjnYu0p/7P3yhTOv8JIhmK+SzmA/I0xiQoF84rpaQzH2d
+PvxICOA9oQSowou0gLuBSZWm6LiXirg1DZCziU46v33ErQlWM1dSyNaUSzihcV59
+mVD0nmzboXH75lGiyiZlp8cLbozzoCwvk9rYqpUGSBzbAy0ECCpabGpzO2Ug+oDi
+71e5z4WMpeoR4IS8MaOG/GsJnwaXhiB/gNYfK+8pRADVk5StEAZDE2alSuCbDs0z
+d9zYr4/em5T9VZsLetxRE7pm/Es9yELuViz8/Tm0/8MVdmNYc/xZU1t6qYYFdyQ2
+wlGDTiNPsjR8yXCkmBjKwqnuleu1X6LaZu3VPhEkXGcyFAquQUkSiMv0Yu74qAe0
+bQ2v+jjZzP6AM9LUo89cW4Kd8SGD96BdNlAVPNMXoBcIOsZBwsOtETBd4KAyvkXE
+Ob17u+PLl4UPnSxm9ypKZunUNFRPxtKUyjySYnvlGL+kTjAXrIrZwKJqIn0uhnfa
+Ck3o7bU6yVMK22ODxy2/Vi3E0P6k5JLwnrF0VIOBqGhts66qo6mWDP8l6MZHARFd
+pU+nofssVmr8tLKmMmjYGMM5GmKIXRNBs0ksTwFnKRs9AmpE5owC8tTSVdTAkGuS
+os7QwLvyvNzq7BGJiVr0Iy3Dhsl1vzR35acNOrCsDl3DcCQONKJ2sVXV4pD3dBah
+mG3sR/jHgjasffJJ35uiGoAua9dbT7HG/+D0z1SHYaVqH8zO4VZSOnGJh/P9rtxx
+cckFDbiag/JMWig2lbnCjebTtp/BcUsK3TNaDOb7vb0LvbAeRJadd1EFu6PSlH3K
+LykSUPm4UedvUU3cWjqkSY5lITFJkVaIYOv/EljYtK7p7kFZFTaEwMAWxgsXU3pQ
+tTzVmq1gZ4vXPwcUq0zK50Frq0F7SQc21ZsunwIDAQABAoIEADuQAkDEpBausJsS
+PgL1RXuzECPJJJCBxTE+2qx0FoY4hJICCWTORHGmU8nGPE3Ht0wBiNDsULw6KXl9
+psmzYW6D3qRbpdQebky6fu/KZ5H0XTyGpJGomaXELH5hkwo2gdKB805LSXB+m7p0
+9o96kSdMkpBLVGtf5iZ8W4rY2LsZmlI9f7taQHSLVt/M8HTz1mTnBRU92QO3zZW6
+xVa+OrWaFl18u3ZeIaSh2X40tBK68cqstXVD0r2OWuXNKobcQeJW8/XABzBShZ0c
+ihL0lzyqiN4uXrLu+Nbr22b+FU2OODy6dGk3U6/69NvI4piMCPlHsfhHOnFjd1ZW
+RIVywyUlCtLNdcn11CchuRro+0J3c2Ba+i9Cl9r3qzT11xFEGF8/XLyUBBCB+uGf
+1dR/xJQhCA7cXWWLXyI/semxcvTaGpImP6kiIl1MAjHjXZTSdvyw4JmfXyYGhSjI
+P0mw3Xn7FXxJ/os9gOfNKz2nZHjr0q4sgWRYO+4vllkeL0GteZrg4oVaVpmZb7LH
+77afhodLylhijlEtV5skfkPujbBLQk6E5Ez3U/huEt2NLg6guADmwxMxfBRliZO4
+4Ex/td4cuggpEj3FGJV74qRvdvj/MF/uF7IxC/3WapPIsFBFH4zrJsUYt6u3L68I
+/KC/bfioDeUR/8ANw1DNh+UsnPV3GJIwDkIJKdppi2uXPahJyJQQ8Inps53nn8Gg
+GifS+HnOXNgMoKOJnZ9IDGjXpfjIs8dJNrGfDHF0mH30N2WARq2v/a3cNUC+f8Bq
+HSKQ9YrZopktMunsut8u7ZYbTmjIqJpXCaM0CCrSlzSMTDHFSj2tzLk6+qnxeGxB
+ZwIdShbdeK+0ETG91lE1e9RPQs/uXQP9+uCHJV0YpqQcA6pkCLYJfYpoSMu/Bafy
+AgfVZz6l5tyEnV0wCcbopsQShc1k9xtTbYNF1h9AQHknj6zeDW4iZMvmVeh3RovT
+52OA2R8oLyauF+QaG6x2wUjEx13SJlaBarJZ4seZIOJ+a8+oNzKsbgokXc2cyC9p
+5FAZz1OsOb68o93qD1Xvl7bY97fq2q55L7G1XHPPLtZE5lGiLGDtnAuwY8UPrdpr
+7Mv2yIxB7xVGurXyHb5PvusR88XED6HMPfLBG/55ENHTal7G5mRix+IWSBAIkxA5
+KZ0j8r5Ng4+wELZhqFQai39799bIAyiV6CEz4kyDXlo0kSSexp8o4iz5sPq5vp6h
+cCb7rdRw7uRnbXrHmXahxoB+ibXaurgV/6B2yurrU/UFoxEp2sHp8LXZGfF6ztY1
+dMhSQAACK2vGy5yNagbkTHLgVaHicG5zavJBqzCE+lbPlCqhOUQPdOIwvjHNjdS/
+DL3WV/ECggIBAMbW65wPk/i43nSyeZeYwcHtR1SUJqDXavYfBPC0VRhKz+7DVMFw
+Nwnocn6gITABc445W1yl7U3uww+LGuDlSlFnd8WuiXpVYud9/jeNu6Mu4wvNsnWr
+f4f4ua8CcS03GmqmcbROD2Z6by1AblCZ2UL1kv9cUX1FLVjPP1ESAGKoePt3BmZQ
+J1uJfK8HilNT8dcUlj/5CBi2uHxttDhoG0sxXE/SVsG9OD/Pjme0mj7gdzc6Ztd+
+TALuvpNQR4pRzfo5XWDZBcEYntcEE3PxYJB1+vnZ8509ew5/yLHTbLjFxIcx71zY
+fhH0gM36Sz7mz37r0+E/QkRkc5bVIDC4LDnWmjpAde6QUx0d218ShNx6sJo4kt5c
+Dd7tEVx8nuX8AIZYgwsOb382anLyFRkkmEdK3gRvwQ6SWR36Ez5L7/mHWODpLAX5
+mVBKSG4/ccFbc633/g0xHw0Nwajir/klckdakuYPlwF0yAxJSKDLhmNctDhRmxjC
+YP+fISkl5oTvFRzJH6HEyNu8M3ybRvmpPIjM5J5JpnB2IYbohYBR+T6/97C1DKrd
+mzL5PjlrWm0c1/d7LlDoP65fOShDMmj2zCiBAHHOM0Alokx+v5LmMd8NJumZIwGJ
+Rt5OpeMOhowz6j1AjYxYgV7PmJL6Ovpfb775od/aLaUbbwHz2uWIvfF7AoICAQCw
+c7NaO7oJVLJClhYw6OCvjT6oqtgNVWaennnDiJgzY9lv5HEgV0MAG0eYuB3hvj+w
+Y1P9DJxP1D+R+cshYrAFg8yU/3kaYVNI0Bl3ygX0eW1b/0HZTdocs+8kM/9PZQDR
+WrKQoU5lHvqRt99dXlD4NWGI2YQtzdZ8iet9QLqnjwRZabgE96mF01qKisMnFcsh
+KjT7ieheU4J15TZj/mdZRNK126d7e3q/rNj73e5EJ9tkYLcolSr4gpknUMJULSEi
+JH1/Qx7C/mTAMRsN5SkOthnGq0djCNWfPv/3JV0H67Uf5krFlnwLebrgfTYoPPdo
+yO7iBUNJzv6Qh22malLp4P8gzACkD7DGlSTnoB5cLwcjmDGg+i9WrUBbOiVTeQfZ
+kOj1o+Tz35ndpq/DDUVlqliB9krcxva+QHeJPH53EGI+YVg1nD+s/vUDZ3mQMGX9
+DQou2L8uU6RnWNv/BihGcL8QvS4Ty6QyPOUPpD3zc70JQAEcQk9BxQNaELgJX0IN
+22cYn22tYvElew9G41OpDqzBRcfbdJmKXQ2HcroShutYJQRGUpAXHk24fy6JVkIU
+ojF5U6cwextMja1ZIIZgh9eugIRUeIE7319nQNDzuXWjRCcoBLA25P7wnpHWDRpz
+D9ovXCIvdja74lL5psqobV6L5+fbLPkSgXoImKR0LQKCAgAIC9Jk8kxumCyIVGCP
+PeM5Uby9M3GMuKrfYsn0Y5e97+kSJF1dpojTodBgR2KQar6eVrvXt+8uZCcIjfx8
+dUrYmHNEUJfHl4T1ESgkX1vkcpVFeQFruZDjk7EP3+1sgvpSroGTZkVBRFsTXbQZ
+FuCv0Pgt1TKG+zGmklxhj3TsiRy8MEjWAxBUp++ftZJnZNI4feDGnfEx7tLwVhAg
+6DWSiWDO6hgQpvOLwX5lu+0x9itc1MQsnDO/OqIDnBAJDN5k7cVVkfKlqbVjxgpz
+eqUJs3yAd81f44kDQTCB4ahYocgeIGsrOqd/WoGL1EEPPo/O9wQP7VtlIRt8UwuG
+bS18+a4sBUfAa56xYu/pnPo7YcubsgZfcSIujzFQqMpVTClJRnOnEuJ4J1+PXzRz
+XAO9fs4VJ+CMEmgAyonUz4Xadxulnknlw//sO9VKgM69oFHCDHL/XamAAbqAdwvf
+7R/+uy+Ol7romC0wMhb6SsIZazrvvH2mNtduAKZ638nAP1x/WbQp+6iVG7yJok7w
+82Q7tO7baOePTXh12Rrt4mNPor0HLYxhra4GFgfqkumJ2Mz0esuZAozxJXFOq8ly
+beo9CVtXP5zbT6qNpeNismX6PLICaev8t+1iOZSE56WSLtefuuj/cOVrTMNDz1Rr
+pUkEVV2zjUSjlcScM538A9iL2QKCAgBLbBk0r6T0ihRsK9UucMxhnYEz/Vq+UEu9
+70Vi1AciqEJv9nh4d3Q3HnH7EHANZxG4Jqzm1DYYVUQa9GfkTFeq88xFv/GW2hUM
+YY8RSfRDrIeXNEOETCe37x2AHw25dRXlZtw+wARPau91y9+Y/FCl18NqCHfcUEin
+ERjsf/eI2bPlODAlR2tZvZ7M60VBdqpN8cmV3zvI3e88z43xLfQlDyr1+v7a5Evy
+lEJnXlSTI2o+vKxtl103vjMSwA1gh63K90gBVsJWXQDZueOzi8mB9UqNRfcMmOEe
+4YHttTXPxeu0x+4cCRfam9zKShsVFgI28vRQ/ijl6qmbQ5gV8wqf18GV1j1L4z0P
+lP6iVynDA4MMrug/w9DqPsHsfK0pwekeETfSj4y0xVXyjWZBfHG2ZBrS6mDTf+RG
+LC4sJgR0hjdILLnUqIX7PzuhieBHRrjBcopwvcryVWRHnI7kslAS0+yHjiWc5oW3
+x5mtlum4HzelNYuD9cAE/95P6CeSMfp9CyIE/KSX4VvsRm6gQVkoQRKMxnQIFQ3w
+O5gl1l88vhjoo2HxYScgCp70BsDwiUNTqIR3NM+ZBHYFweVf3Gwz5LzHZT2rEZtD
+6VXRP75Q/2wOLnqCO4bK4BUs6sqxcQZmOldruPkPynrY0oPfHHExjxZDvQu4/r80
+Ls3n0L8yvQKCAgEAnYWS6EikwaQNpJEfiUnOlglgFz4EE1eVkrDbBY4J3oPU+doz
+DrqmsvgpSZIAfd2MUbkN4pOMsMTjbeIYWDnZDa1RoctKs3FhwFPHwAjQpznab4mn
+Bp81FMHM40qyb0NaNuFRwghdXvoQvBBX1p8oEnFzDRvTiuS/vTPTA8KDY8IeRp8R
+oGzKHpfziNwq/URpqj7pwi9odNjGZvR2IwYw9jCLPIqaEbMoSOdI0mg4MoYyqP4q
+nm7d4wqSDwrYxiXZ6f3nYpkhEY1lb0Wbksp1ig8sKSF4nDZRGK1RSfE+6gjBp94H
+X/Wog6Zb6NC9ZpusTiDLvuIUXcyUJvmHiWjSNqiTv8jurlwEsgSwhziEQfqLrtdV
+QI3PRMolBkD1iCk+HFE53r05LMf1bp3r4MS+naaQrLbIrl1kgDNGwVdgS+SCM7Bg
+TwEgE67iOb2iIoUpon/NyP4LesMzvdpsu2JFlfz13PmmQ34mFI7tWvOb3NA5DP3c
+46C6SaWI0TD9B11nJbHGTYN3Si9n0EBgoDJEXUKeh3km9O47dgvkSug4WzhYsvrE
+rMlMLtKfp2w8HlMZpsUlToNCx6CI+tJrohzcs3BAVAbjFAXRKWGijB1rxwyDdHPv
+I+/wJTNaRNPQ1M0SwtEL/zJd21y3KSPn4eL+GP3efhlDSjtlDvZqkdAUsU8=
+-----END RSA PRIVATE KEY-----
+
diff --git a/apps/s1024key.pem b/apps/s1024key.pem
new file mode 100644
index 0000000..19e0403
--- /dev/null
+++ b/apps/s1024key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
+S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
+pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
+AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
+dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
+bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
+Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
+zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
+6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
+QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
+dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
+0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
+nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
+-----END RSA PRIVATE KEY-----
diff --git a/apps/s1024req.pem b/apps/s1024req.pem
new file mode 100644
index 0000000..bb75e7e
--- /dev/null
+++ b/apps/s1024req.pem
@@ -0,0 +1,11 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBojCCAQsCAQAwZDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+GjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSQwIgYDVQQDExtTZXJ2ZXIgdGVz
+dCBjZXJ0ICgxMDI0IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALMR
+9TwT5kZMa0ddXleG8zYuDfZ9dQiPJ1dvfgEZU9fqg3v5o1VL15ZrK9b/73+9RvRo
+KqKUmukV6yAi1XZPxWGGM4T75dTPjq42lwxTvAcwQBdS58+nO2kWbxkSTa0Uq9p2
+RJKg3yVvXWO69lWRKQ+UHrmkWFJ7hApKnongeuRjAgMBAAEwDQYJKoZIhvcNAQEE
+BQADgYEAStHlk4pBbwiNeQ2/PKTPPXzITYC8Gn0XMbrU94e/6JIKiO7aArq9Espq
+nrBSvC14dHcNl6NNvnkEKdQ7hAkcACfBbnOXA/oQvMBd4GD78cH3k0jVDoVUEjil
+frLfWlckW6WzpTktt0ZPDdAjJCmKVh0ABHimi7Bo9FC3wIGIe5M=
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/s512-key.pem b/apps/s512-key.pem
new file mode 100644
index 0000000..0e3ff2d
--- /dev/null
+++ b/apps/s512-key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/apps/s512-req.pem b/apps/s512-req.pem
new file mode 100644
index 0000000..ea314be
--- /dev/null
+++ b/apps/s512-req.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBGzCBxgIBADBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEa
+MBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0
+IGNlcnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8S
+MVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8E
+y2//Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAANBAAB+uQi+qwn6qRSHB8EUTvsm
+5TNTHzYDeN39nyIbZNX2s0se3Srn2Bxft5YCwD3moFZ9QoyDHxE0h6qLX5yjD+8=
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/s_apps.h b/apps/s_apps.h
new file mode 100644
index 0000000..6857674
--- /dev/null
+++ b/apps/s_apps.h
@@ -0,0 +1,122 @@
+/* apps/s_apps.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define PORT 4433
+#define PORT_STR "4433"
+#define PROTOCOL "tcp"
+
+#ifndef NOPROTO
+int do_accept(int acc_sock, int *sock, char **host);
+int do_server(int port, int *ret, int (*cb) ());
+#ifdef HEADER_X509_H
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+#else
+int MS_CALLBACK verify_callback(int ok, char *ctx);
+#endif
+#ifdef HEADER_SSL_H
+int set_cert_stuff(SSL_CTX *ctx, char *cert_file, char *key_file);
+#else
+int set_cert_stuff(char *ctx, char *cert_file, char *key_file);
+#endif
+int init_client(int *sock, char *server, int port);
+int init_client_ip(int *sock,unsigned char ip[4], int port);
+int nbio_init_client_ip(int *sock,unsigned char ip[4], int port);
+int nbio_sock_error(int sock);
+int spawn(int argc, char **argv, int *in, int *out);
+int init_server(int *sock, int port);
+int should_retry(int i);
+int sock_err(void );
+int socket_ioctl(int, long,unsigned long *);
+void sock_cleanup(void );
+int extract_port(char *str, short *port_ptr);
+int extract_host_port(char *str,char **host_ptr,unsigned char *ip,short *p);
+int host_ip(char *str, unsigned char ip[4]);
+
+long MS_CALLBACK bio_dump_cb(BIO *bio, int cmd, char *argp,
+ int argi, long argl, long ret);
+
+#ifdef HEADER_SSL_H
+void MS_CALLBACK apps_ssl_info_callback(SSL *s, int where, int ret);
+#else
+void MS_CALLBACK apps_ssl_info_callback(char *s, int where, int ret);
+#endif
+
+#else
+int do_accept();
+int do_server();
+int MS_CALLBACK verify_callback();
+int set_cert_stuff();
+int init_client();
+int init_client_ip();
+int nbio_init_client_ip();
+int nbio_sock_error();
+int spawn();
+int init_server();
+int should_retry();
+int sock_err();
+int socket_ioctl();
+void sock_cleanup();
+int extract_port();
+int extract_host_port();
+int host_ip();
+
+long MS_CALLBACK bio_dump_cb();
+void MS_CALLBACK apps_ssl_info_callback();
+
+#endif
+
diff --git a/apps/s_cb.c b/apps/s_cb.c
new file mode 100644
index 0000000..712a043
--- /dev/null
+++ b/apps/s_cb.c
@@ -0,0 +1,243 @@
+/* apps/s_cb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#define USE_SOCKETS
+#define NON_MAIN
+#include "apps.h"
+#undef NON_MAIN
+#undef USE_SOCKETS
+#include "err.h"
+#include "x509.h"
+#include "ssl.h"
+#include "s_apps.h"
+
+int verify_depth=0;
+int verify_error=X509_V_OK;
+
+/* should be X509 * but we can just have them as char *. */
+int MS_CALLBACK verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ X509 *err_cert;
+ int err,depth;
+
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ err= X509_STORE_CTX_get_error(ctx);
+ depth= X509_STORE_CTX_get_error_depth(ctx);
+
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+ if (!ok)
+ {
+ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+ X509_verify_cert_error_string(err));
+ if (verify_depth >= depth)
+ {
+ ok=1;
+ verify_error=X509_V_OK;
+ }
+ else
+ {
+ ok=0;
+ verify_error=X509_V_ERR_CERT_CHAIN_TOO_LONG;
+ }
+ }
+ switch (ctx->error)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+ BIO_printf(bio_err,"issuer= %s\n",buf);
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err,"notBefore=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err,"notAfter=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ }
+ BIO_printf(bio_err,"verify return:%d\n",ok);
+ return(ok);
+ }
+
+int set_cert_stuff(ctx, cert_file, key_file)
+SSL_CTX *ctx;
+char *cert_file;
+char *key_file;
+ {
+ if (cert_file != NULL)
+ {
+ SSL *ssl;
+ X509 *x509;
+
+ if (SSL_CTX_use_certificate_file(ctx,cert_file,
+ SSL_FILETYPE_PEM) <= 0)
+ {
+ BIO_printf(bio_err,"unable to set certificate file\n");
+ ERR_print_errors(bio_err);
+ return(0);
+ }
+ if (key_file == NULL) key_file=cert_file;
+ if (SSL_CTX_use_PrivateKey_file(ctx,key_file,
+ SSL_FILETYPE_PEM) <= 0)
+ {
+ BIO_printf(bio_err,"unable to set public key file\n");
+ ERR_print_errors(bio_err);
+ return(0);
+ }
+
+ ssl=SSL_new(ctx);
+ x509=SSL_get_certificate(ssl);
+
+ if (x509 != NULL)
+ EVP_PKEY_copy_parameters(X509_get_pubkey(x509),
+ SSL_get_privatekey(ssl));
+ SSL_free(ssl);
+
+ /* If we are using DSA, we can copy the parameters from
+ * the private key */
+
+
+ /* Now we know that a key and cert have been set against
+ * the SSL context */
+ if (!SSL_CTX_check_private_key(ctx))
+ {
+ BIO_printf(bio_err,"Private key does not match the certificate public key\n");
+ return(0);
+ }
+ }
+ return(1);
+ }
+
+long MS_CALLBACK bio_dump_cb(bio,cmd,argp,argi,argl,ret)
+BIO *bio;
+int cmd;
+char *argp;
+int argi;
+long argl;
+long ret;
+ {
+ BIO *out;
+
+ out=(BIO *)BIO_get_callback_arg(bio);
+ if (out == NULL) return(ret);
+
+ if (cmd == (BIO_CB_READ|BIO_CB_RETURN))
+ {
+ BIO_printf(out,"read from %08X [%08lX] (%d bytes => %ld (0x%X))\n",
+ bio,argp,argi,ret,ret);
+ BIO_dump(out,argp,(int)ret);
+ return(ret);
+ }
+ else if (cmd == (BIO_CB_WRITE|BIO_CB_RETURN))
+ {
+ BIO_printf(out,"write to %08X [%08lX] (%d bytes => %ld (0x%X))\n",
+ bio,argp,argi,ret,ret);
+ BIO_dump(out,argp,(int)ret);
+ }
+ return(ret);
+ }
+
+void MS_CALLBACK apps_ssl_info_callback(s,where,ret)
+SSL *s;
+int where;
+int ret;
+ {
+ char *str;
+ int w;
+
+ w=where& ~SSL_ST_MASK;
+
+ if (w & SSL_ST_CONNECT) str="SSL_connect";
+ else if (w & SSL_ST_ACCEPT) str="SSL_accept";
+ else str="undefined";
+
+ if (where & SSL_CB_LOOP)
+ {
+ BIO_printf(bio_err,"%s:%s\n",str,SSL_state_string_long(s));
+ }
+ else if (where & SSL_CB_ALERT)
+ {
+ str=(where & SSL_CB_READ)?"read":"write";
+ BIO_printf(bio_err,"SSL3 alert %s:%s:%s\n",
+ str,
+ SSL_alert_type_string_long(ret),
+ SSL_alert_desc_string_long(ret));
+ }
+ else if (where & SSL_CB_EXIT)
+ {
+ if (ret == 0)
+ BIO_printf(bio_err,"%s:failed in %s\n",
+ str,SSL_state_string_long(s));
+ else if (ret < 0)
+ {
+ BIO_printf(bio_err,"%s:error in %s\n",
+ str,SSL_state_string_long(s));
+ }
+ }
+ }
+
diff --git a/apps/s_client.c b/apps/s_client.c
new file mode 100644
index 0000000..b5dc238
--- /dev/null
+++ b/apps/s_client.c
@@ -0,0 +1,717 @@
+/* apps/s_client.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#define USE_SOCKETS
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+#include "pem.h"
+#include "s_apps.h"
+
+#undef PROG
+#define PROG s_client_main
+
+/*#define SSL_HOST_NAME "www.netscape.com" */
+/*#define SSL_HOST_NAME "193.118.187.102" */
+#define SSL_HOST_NAME "localhost"
+
+/*#define TEST_CERT "client.pem" */ /* no default cert. */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*8
+
+extern int verify_depth;
+extern int verify_error;
+
+#ifdef FIONBIO
+static int c_nbio=0;
+#endif
+static int c_Pause=0;
+static int c_debug=0;
+
+#ifndef NOPROTO
+static void sc_usage(void);
+static void print_stuff(BIO *berr,SSL *con,int full);
+#else
+static void sc_usage();
+static void print_stuff();
+#endif
+
+static BIO *bio_c_out=NULL;
+static int c_quiet=0;
+
+static void sc_usage()
+ {
+ BIO_printf(bio_err,"usage: client args\n");
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err," -host host - use -connect instead\n");
+ BIO_printf(bio_err," -port port - use -connect instead\n");
+ BIO_printf(bio_err," -connect host:port - who to connect to (default is %s:%s)\n",SSL_HOST_NAME,PORT_STR);
+
+ BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
+ BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
+ BIO_printf(bio_err," -key arg - Private key file to use, PEM format assumed, in cert file if\n");
+ BIO_printf(bio_err," not specified but cert file is.\n");
+ BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err," -reconnect - Drop and re-make the connection with the same Session-ID\n");
+ BIO_printf(bio_err," -pause - sleep(1) after each read(2) and write(2) system call\n");
+ BIO_printf(bio_err," -debug - extra output\n");
+ BIO_printf(bio_err," -nbio_test - more ssl protocol testing\n");
+ BIO_printf(bio_err," -state - print the 'ssl' states\n");
+#ifdef FIONBIO
+ BIO_printf(bio_err," -nbio - Run with non-blocking IO\n");
+#endif
+ BIO_printf(bio_err," -quiet - no s_client output\n");
+ BIO_printf(bio_err," -ssl2 - just use SSLv2\n");
+ BIO_printf(bio_err," -ssl3 - just use SSLv3\n");
+ BIO_printf(bio_err," -bugs - Switch on all SSL implementation bug workarounds\n");
+ BIO_printf(bio_err," -cipher - prefered cipher to use, use the 'ssleay ciphers'\n");
+ BIO_printf(bio_err," command to se what is available\n");
+
+ }
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ SSL *con=NULL,*con2=NULL;
+ int s,k,width,state=0;
+ char *cbuf=NULL,*sbuf=NULL;
+ int cbuf_len,cbuf_off;
+ int sbuf_len,sbuf_off;
+ fd_set readfds,writefds;
+ short port=PORT;
+ int full_log=1;
+ char *host=SSL_HOST_NAME;
+ char *cert_file=NULL,*key_file=NULL;
+ char *CApath=NULL,*CAfile=NULL,*cipher=NULL;
+ int reconnect=0,badop=0,verify=SSL_VERIFY_NONE,bugs=0;
+ int write_tty,read_tty,write_ssl,read_ssl,tty_on;
+ SSL_CTX *ctx=NULL;
+ int ret=1,in_init=1,i,nbio_test=0;
+ SSL_METHOD *meth=NULL;
+ BIO *sbio;
+ /*static struct timeval timeout={10,0};*/
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_client_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_client_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_client_method();
+#endif
+
+ apps_startup();
+ c_quiet=0;
+ c_debug=0;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ if ( ((cbuf=Malloc(BUFSIZZ)) == NULL) ||
+ ((sbuf=Malloc(BUFSIZZ)) == NULL))
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+
+ verify_depth=0;
+ verify_error=X509_V_OK;
+#ifdef FIONBIO
+ c_nbio=0;
+#endif
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-host") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+ else if (strcmp(*argv,"-port") == 0)
+ {
+ if (--argc < 1) goto bad;
+ port=atoi(*(++argv));
+ if (port == 0) goto bad;
+ }
+ else if (strcmp(*argv,"-connect") == 0)
+ {
+ if (--argc < 1) goto bad;
+ if (!extract_host_port(*(++argv),&host,NULL,&port))
+ goto bad;
+ }
+ else if (strcmp(*argv,"-verify") == 0)
+ {
+ verify=SSL_VERIFY_PEER;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-quiet") == 0)
+ c_quiet=1;
+ else if (strcmp(*argv,"-pause") == 0)
+ c_Pause=1;
+ else if (strcmp(*argv,"-debug") == 0)
+ c_debug=1;
+ else if (strcmp(*argv,"-nbio_test") == 0)
+ nbio_test=1;
+ else if (strcmp(*argv,"-state") == 0)
+ state=1;
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ meth=SSLv3_client_method();
+#endif
+ else if (strcmp(*argv,"-bugs") == 0)
+ bugs=1;
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ key_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-reconnect") == 0)
+ {
+ reconnect=5;
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+#ifdef FIONBIO
+ else if (strcmp(*argv,"-nbio") == 0)
+ { c_nbio=1; }
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sc_usage();
+ goto end;
+ }
+
+ if (bio_c_out == NULL)
+ {
+ if (c_quiet)
+ {
+ bio_c_out=BIO_new(BIO_s_null());
+ }
+ else
+ {
+ if (bio_c_out == NULL)
+ bio_c_out=BIO_new_fp(stdout,BIO_NOCLOSE);
+ }
+ }
+
+ SSLeay_add_ssl_algorithms();
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
+
+ if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+ if (cipher != NULL)
+ SSL_CTX_set_cipher_list(ctx,cipher);
+#if 0
+ else
+ SSL_CTX_set_cipher_list(ctx,getenv("SSL_CIPHER"));
+#endif
+
+ SSL_CTX_set_verify(ctx,verify,verify_callback);
+ if (!set_cert_stuff(ctx,cert_file,key_file))
+ goto end;
+
+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx)))
+ {
+ BIO_printf(bio_err,"error seting default verify locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_load_error_strings();
+
+ con=(SSL *)SSL_new(ctx);
+
+re_start:
+
+ if (init_client(&s,host,port) == 0)
+ {
+ BIO_printf(bio_err,"connect:errno=%d\n",errno);
+ SHUTDOWN(s);
+ goto end;
+ }
+ BIO_printf(bio_c_out,"CONNECTED(%08X)\n",s);
+
+#ifdef FIONBIO
+ if (c_nbio)
+ {
+ unsigned long l=1;
+ BIO_printf(bio_c_out,"turning on non blocking io\n");
+ socket_ioctl(s,FIONBIO,&l);
+ }
+#endif
+ if (c_Pause & 0x01) con->debug=1;
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+
+ if (nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+
+ if (c_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(sbio,bio_dump_cb);
+ BIO_set_callback_arg(sbio,bio_c_out);
+ }
+
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_connect_state(con);
+
+ /* ok, lets connect */
+ width=SSL_get_fd(con)+1;
+
+ read_tty=1;
+ write_tty=0;
+ tty_on=0;
+ read_ssl=1;
+ write_ssl=1;
+
+ cbuf_len=0;
+ cbuf_off=0;
+ sbuf_len=0;
+ sbuf_off=0;
+
+ for (;;)
+ {
+ FD_ZERO(&readfds);
+ FD_ZERO(&writefds);
+
+ if (SSL_in_init(con))
+ {
+ in_init=1;
+ tty_on=0;
+ }
+ else
+ {
+ tty_on=1;
+ if (in_init)
+ {
+ in_init=0;
+ print_stuff(bio_c_out,con,full_log);
+ if (full_log > 0) full_log--;
+
+ if (reconnect)
+ {
+ reconnect--;
+ BIO_printf(bio_c_out,"drop connection and then reconnect\n");
+ SSL_shutdown(con);
+ SSL_set_connect_state(con);
+ SHUTDOWN(SSL_get_fd(con));
+ goto re_start;
+ }
+ }
+ }
+
+#ifndef WINDOWS
+ if (tty_on)
+ {
+ if (read_tty) FD_SET(fileno(stdin),&readfds);
+ if (write_tty) FD_SET(fileno(stdout),&writefds);
+ }
+#endif
+ if (read_ssl)
+ FD_SET(SSL_get_fd(con),&readfds);
+ if (write_ssl)
+ FD_SET(SSL_get_fd(con),&writefds);
+
+/* printf("mode tty(%d %d%d) ssl(%d%d)\n",
+ tty_on,read_tty,write_tty,read_ssl,write_ssl);*/
+
+/* printf("pending=%d\n",SSL_pending(con)); */
+ i=select(width,&readfds,&writefds,NULL,NULL);
+ if ( i < 0)
+ {
+ BIO_printf(bio_err,"bad select %d\n",sock_err());
+ goto shut;
+ /* goto end; */
+ }
+
+ if (FD_ISSET(SSL_get_fd(con),&writefds))
+ {
+ k=SSL_write(con,&(cbuf[cbuf_off]),
+ (unsigned int)cbuf_len);
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ cbuf_off+=k;
+ cbuf_len-=k;
+ if (k <= 0) goto end;
+ /* we have done a write(con,NULL,0); */
+ if (cbuf_len <= 0)
+ {
+ read_tty=1;
+ write_ssl=0;
+ }
+ else /* if (cbuf_len > 0) */
+ {
+ read_tty=0;
+ write_ssl=1;
+ }
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_printf(bio_c_out,"write W BLOCK\n");
+ write_ssl=1;
+ read_tty=0;
+ break;
+ case SSL_ERROR_WANT_READ:
+ BIO_printf(bio_c_out,"write R BLOCK\n");
+ write_tty=0;
+ read_ssl=1;
+ write_ssl=0;
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_c_out,"write X BLOCK\n");
+ break;
+ case SSL_ERROR_ZERO_RETURN:
+ if (cbuf_len != 0)
+ {
+ BIO_printf(bio_c_out,"shutdown\n");
+ goto shut;
+ }
+ else
+ {
+ read_tty=1;
+ write_ssl=0;
+ break;
+ }
+
+ case SSL_ERROR_SYSCALL:
+ if ((k != 0) || (cbuf_len != 0))
+ {
+ BIO_printf(bio_err,"write:errno=%d\n",
+ errno);
+ goto shut;
+ }
+ else
+ {
+ read_tty=1;
+ write_ssl=0;
+ }
+ break;
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ }
+ }
+#ifndef WINDOWS
+ else if (FD_ISSET(fileno(stdout),&writefds))
+ {
+ i=write(fileno(stdout),&(sbuf[sbuf_off]),sbuf_len);
+
+ if (i <= 0)
+ {
+ BIO_printf(bio_c_out,"DONE\n");
+ goto shut;
+ /* goto end; */
+ }
+
+ sbuf_len-=i;;
+ sbuf_off+=i;
+ if (sbuf_len <= 0)
+ {
+ read_ssl=1;
+ write_tty=0;
+ }
+ }
+#endif
+ else if (FD_ISSET(SSL_get_fd(con),&readfds))
+ {
+ k=SSL_read(con,sbuf,BUFSIZZ);
+
+ switch (SSL_get_error(con,k))
+ {
+ case SSL_ERROR_NONE:
+ if (k <= 0)
+ goto end;
+ sbuf_off=0;
+ sbuf_len=k;
+
+ read_ssl=0;
+ write_tty=1;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_printf(bio_c_out,"read W BLOCK\n");
+ write_ssl=1;
+ read_tty=0;
+ break;
+ case SSL_ERROR_WANT_READ:
+ BIO_printf(bio_c_out,"read R BLOCK\n");
+ write_tty=0;
+ read_ssl=1;
+ if ((read_tty == 0) && (write_ssl == 0))
+ write_ssl=1;
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ BIO_printf(bio_c_out,"read X BLOCK\n");
+ break;
+ case SSL_ERROR_SYSCALL:
+ BIO_printf(bio_err,"read:errno=%d\n",errno);
+ goto shut;
+ case SSL_ERROR_ZERO_RETURN:
+ BIO_printf(bio_c_out,"closed\n");
+ goto shut;
+ case SSL_ERROR_SSL:
+ ERR_print_errors(bio_err);
+ goto shut;
+ break;
+ }
+ }
+
+#ifndef WINDOWS
+ else if (FD_ISSET(fileno(stdin),&readfds))
+ {
+ i=read(fileno(stdin),cbuf,BUFSIZZ);
+
+ if ((!c_quiet) && ((i <= 0) || (cbuf[0] == 'Q')))
+ {
+ BIO_printf(bio_err,"DONE\n");
+ goto shut;
+ }
+
+ if ((!c_quiet) && (cbuf[0] == 'R'))
+ {
+ SSL_renegotiate(con);
+ read_tty=0;
+ write_ssl=1;
+ }
+ else
+ {
+ cbuf_len=i;
+ cbuf_off=0;
+ }
+
+ read_tty=0;
+ write_ssl=1;
+ }
+#endif
+ }
+shut:
+ SSL_shutdown(con);
+ SHUTDOWN(SSL_get_fd(con));
+ ret=0;
+end:
+ if (con != NULL) SSL_free(con);
+ if (con2 != NULL) SSL_free(con2);
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); Free(cbuf); }
+ if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); Free(sbuf); }
+ if (bio_c_out != NULL)
+ {
+ BIO_free(bio_c_out);
+ bio_c_out=NULL;
+ }
+ EXIT(ret);
+ }
+
+
+static void print_stuff(bio,s,full)
+BIO *bio;
+SSL *s;
+int full;
+ {
+ X509 *peer;
+ char *p;
+ static char *space=" ";
+ char buf[BUFSIZ];
+ STACK *sk;
+ SSL_CIPHER *c;
+ X509_NAME *xn;
+ int j,i;
+
+ if (full)
+ {
+ sk=SSL_get_peer_cert_chain(s);
+ if (sk != NULL)
+ {
+ BIO_printf(bio,"---\nCertficate chain\n");
+ for (i=0; i<sk_num(sk); i++)
+ {
+ X509_NAME_oneline(X509_get_subject_name((X509 *)
+ sk_value(sk,i)),buf,BUFSIZ);
+ BIO_printf(bio,"%2d s:%s\n",i,buf);
+ X509_NAME_oneline(X509_get_issuer_name((X509 *)
+ sk_value(sk,i)),buf,BUFSIZ);
+ BIO_printf(bio," i:%s\n",buf);
+ }
+ }
+
+ BIO_printf(bio,"---\n");
+ peer=SSL_get_peer_certificate(s);
+ if (peer != NULL)
+ {
+ BIO_printf(bio,"Server certificate\n");
+ PEM_write_bio_X509(bio,peer);
+ X509_NAME_oneline(X509_get_subject_name(peer),
+ buf,BUFSIZ);
+ BIO_printf(bio,"subject=%s\n",buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer),
+ buf,BUFSIZ);
+ BIO_printf(bio,"issuer=%s\n",buf);
+ X509_free(peer);
+ }
+ else
+ BIO_printf(bio,"no peer certificate available\n");
+
+ sk=SSL_get_client_CA_list(s);
+ if ((sk != NULL) && (sk_num(sk) > 0))
+ {
+ BIO_printf(bio,"---\nAcceptable client certificate CA names\n");
+ for (i=0; i<sk_num(sk); i++)
+ {
+ xn=(X509_NAME *)sk_value(sk,i);
+ X509_NAME_oneline(xn,buf,sizeof(buf));
+ BIO_write(bio,buf,strlen(buf));
+ BIO_write(bio,"\n",1);
+ }
+ }
+ else
+ {
+ BIO_printf(bio,"---\nNo client certificate CA names sent\n");
+ }
+ p=SSL_get_shared_ciphers(s,buf,BUFSIZ);
+ if (p != NULL)
+ {
+ BIO_printf(bio,"---\nCiphers common between both SSL endpoints:\n");
+ j=i=0;
+ while (*p)
+ {
+ if (*p == ':')
+ {
+ BIO_write(bio,space,15-j);
+ i++;
+ j=0;
+ BIO_write(bio,((i%3)?" ":"\n"),1);
+ }
+ else
+ {
+ BIO_write(bio,p,1);
+ j++;
+ }
+ p++;
+ }
+ BIO_write(bio,"\n",1);
+ }
+
+ BIO_printf(bio,"---\nSSL handshake has read %ld bytes and written %ld bytes\n",
+ BIO_number_read(SSL_get_rbio(s)),
+ BIO_number_written(SSL_get_wbio(s)));
+ }
+ BIO_printf(bio,((s->hit)?"---\nReused, ":"---\nNew, "));
+ c=SSL_get_current_cipher(s);
+ BIO_printf(bio,"%s, Cipher is %s\n",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ SSL_SESSION_print(bio,SSL_get_session(s));
+ BIO_printf(bio,"---\n");
+ }
+
diff --git a/apps/s_server.c b/apps/s_server.c
new file mode 100644
index 0000000..d1e406c
--- /dev/null
+++ b/apps/s_server.c
@@ -0,0 +1,1112 @@
+/* apps/s_server.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "lhash.h"
+#include "bn.h"
+#define USE_SOCKETS
+#include "apps.h"
+#include "err.h"
+#include "pem.h"
+#include "x509.h"
+#include "ssl.h"
+#include "s_apps.h"
+
+#ifndef NOPROTO
+static RSA MS_CALLBACK *tmp_rsa_cb(SSL *s, int export);
+static int sv_body(char *hostname, int s);
+static int www_body(char *hostname, int s);
+static void close_accept_socket(void );
+static void sv_usage(void);
+static int init_ssl_connection(SSL *s);
+static void print_stats(BIO *bp,SSL_CTX *ctx);
+static DH *load_dh_param(void );
+static DH *get_dh512(void);
+#else
+static RSA MS_CALLBACK *tmp_rsa_cb();
+static int sv_body();
+static int www_body();
+static void close_accept_socket();
+static void sv_usage();
+static int init_ssl_connection();
+static void print_stats();
+static DH *load_dh_param();
+static DH *get_dh512();
+#endif
+
+
+#ifndef S_ISDIR
+#define S_ISDIR(a) (((a) & _S_IFMT) == _S_IFDIR)
+#endif
+
+static unsigned char dh512_p[]={
+ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
+ 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+ 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
+ 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+ 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
+ 0x47,0x74,0xE8,0x33,
+ };
+static unsigned char dh512_g[]={
+ 0x02,
+ };
+
+static DH *get_dh512()
+ {
+ DH *dh=NULL;
+
+#ifndef NO_DH
+ if ((dh=DH_new()) == NULL) return(NULL);
+ dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
+ dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+ if ((dh->p == NULL) || (dh->g == NULL))
+ return(NULL);
+#endif
+ return(dh);
+ }
+
+/* static int load_CA(SSL_CTX *ctx, char *file);*/
+
+#undef BUFSIZZ
+#define BUFSIZZ 8*1024
+static int accept_socket= -1;
+
+#define TEST_CERT "server.pem"
+#undef PROG
+#define PROG s_server_main
+
+#define DH_PARAM "server.pem"
+
+extern int verify_depth;
+
+static char *cipher=NULL;
+int verify=SSL_VERIFY_NONE;
+char *s_cert_file=TEST_CERT,*s_key_file=NULL;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+static int s_nbio_test=0;
+static SSL_CTX *ctx=NULL;
+static int www=0;
+
+static BIO *bio_s_out=NULL;
+static int s_debug=0;
+static int s_quiet=0;
+
+static void sv_usage()
+ {
+ BIO_printf(bio_err,"usage: s_server [args ...]\n");
+ BIO_printf(bio_err,"\n");
+ BIO_printf(bio_err," -accpet arg - port to accept on (default is %d\n",PORT);
+ BIO_printf(bio_err," -verify arg - turn on peer certificate verification\n");
+ BIO_printf(bio_err," -Verify arg - turn on peer certificate verification, must have a cert.\n");
+ BIO_printf(bio_err," -cert arg - certificate file to use, PEM format assumed\n");
+ BIO_printf(bio_err," (default is %s)\n",TEST_CERT);
+ BIO_printf(bio_err," -key arg - RSA file to use, PEM format assumed, in cert file if\n");
+ BIO_printf(bio_err," not specified (default is %s)\n",TEST_CERT);
+#ifdef FIONBIO
+ BIO_printf(bio_err," -nbio - Run with non-blocking IO\n");
+#endif
+ BIO_printf(bio_err," -nbio_test - test with the non-blocking test bio\n");
+ BIO_printf(bio_err," -debug - Print more output\n");
+ BIO_printf(bio_err," -state - Print the SSL states\n");
+ BIO_printf(bio_err," -CApath arg - PEM format directory of CA's\n");
+ BIO_printf(bio_err," -CAfile arg - PEM format file of CA's\n");
+ BIO_printf(bio_err," -nocert - Don't use any certificates (Anon-DH)\n");
+ BIO_printf(bio_err," -cipher arg - play with 'ssleay ciphers' to see what goes here\n");
+ BIO_printf(bio_err," -quiet - No server output\n");
+ BIO_printf(bio_err," -no_tmp_rsa - Do not generate a tmp RSA key\n");
+ BIO_printf(bio_err," -ssl2 - Just talk SSLv2\n");
+ BIO_printf(bio_err," -ssl3 - Just talk SSLv3\n");
+ BIO_printf(bio_err," -bugs - Turn on SSL bug compatability\n");
+ BIO_printf(bio_err," -www - Respond to a 'GET /' with a status page\n");
+ BIO_printf(bio_err," -WWW - Returns requested page from to a 'GET <path> HTTP/1.0'\n");
+ }
+
+static int local_argc;
+static char **local_argv;
+static int hack;
+
+int MAIN(argc, argv)
+int argc;
+char *argv[];
+ {
+ short port=PORT;
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0,bugs=0;
+ int ret=1;
+ int no_tmp_rsa=0,nocert=0;
+ int state=0;
+ SSL_METHOD *meth=NULL;
+ DH *dh=NULL;
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ meth=SSLv23_server_method();
+#elif !defined(NO_SSL3)
+ meth=SSLv3_server_method();
+#elif !defined(NO_SSL2)
+ meth=SSLv2_server_method();
+#endif
+
+ local_argc=argc;
+ local_argv=argv;
+
+ apps_startup();
+ s_quiet=0;
+ s_debug=0;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ verify_depth=0;
+#ifdef FIONBIO
+ s_nbio=0;
+#endif
+ s_nbio_test=0;
+
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if ((strcmp(*argv,"-port") == 0) ||
+ (strcmp(*argv,"-accept") == 0))
+ {
+ if (--argc < 1) goto bad;
+ if (!extract_port(*(++argv),&port))
+ goto bad;
+ }
+ else if (strcmp(*argv,"-verify") == 0)
+ {
+ verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-Verify") == 0)
+ {
+ verify=SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT|
+ SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_cert_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_key_file= *(++argv);
+ }
+ else if (strcmp(*argv,"-nocert") == 0)
+ {
+ nocert=1;
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+#ifdef FIONBIO
+ else if (strcmp(*argv,"-nbio") == 0)
+ { s_nbio=1; }
+#endif
+ else if (strcmp(*argv,"-nbio_test") == 0)
+ {
+#ifdef FIONBIO
+ s_nbio=1;
+#endif
+ s_nbio_test=1;
+ }
+ else if (strcmp(*argv,"-debug") == 0)
+ { s_debug=1; }
+ else if (strcmp(*argv,"-hack") == 0)
+ { hack=1; }
+ else if (strcmp(*argv,"-state") == 0)
+ { state=1; }
+ else if (strcmp(*argv,"-quiet") == 0)
+ { s_quiet=1; }
+ else if (strcmp(*argv,"-bugs") == 0)
+ { bugs=1; }
+ else if (strcmp(*argv,"-no_tmp_rsa") == 0)
+ { no_tmp_rsa=1; }
+ else if (strcmp(*argv,"-www") == 0)
+ { www=1; }
+ else if (strcmp(*argv,"-WWW") == 0)
+ { www=2; }
+#ifndef NO_SSL2
+ else if (strcmp(*argv,"-ssl2") == 0)
+ { meth=SSLv2_server_method(); }
+#endif
+#ifndef NO_SSL3
+ else if (strcmp(*argv,"-ssl3") == 0)
+ { meth=SSLv3_server_method(); }
+#endif
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+ if (bio_s_out == NULL)
+ {
+ if (s_quiet && !s_debug)
+ {
+ bio_s_out=BIO_new(BIO_s_null());
+ }
+ else
+ {
+ if (bio_s_out == NULL)
+ bio_s_out=BIO_new_fp(stdout,BIO_NOCLOSE);
+ }
+ }
+
+#if !defined(NO_RSA) || !defined(NO_DSA)
+ if (nocert)
+#endif
+ {
+ s_cert_file=NULL;
+ s_key_file=NULL;
+ }
+
+ SSL_load_error_strings();
+ SSLeay_add_ssl_algorithms();
+
+ ctx=SSL_CTX_new(meth);
+ if (ctx == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (bugs) SSL_CTX_set_options(ctx,SSL_OP_ALL);
+ if (hack) SSL_CTX_set_options(ctx,SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG);
+ if (hack) SSL_CTX_set_options(ctx,SSL_OP_NON_EXPORT_FIRST);
+
+ if (state) SSL_CTX_set_info_callback(ctx,apps_ssl_info_callback);
+
+#if 0
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+#endif
+
+#if 0
+ if (s_cert_file == NULL)
+ {
+ BIO_printf(bio_err,"You must specify a certificate file for the server to use\n");
+ goto end;
+ }
+#endif
+
+ if ((!SSL_CTX_load_verify_locations(ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(ctx)))
+ {
+ BIO_printf(bio_err,"X509_load_verify_locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+#ifndef NO_DH
+ /* EAY EAY EAY evil hack */
+ dh=load_dh_param();
+ if (dh != NULL)
+ {
+ BIO_printf(bio_s_out,"Setting temp DH parameters\n");
+ }
+ else
+ {
+ BIO_printf(bio_s_out,"Using default temp DH parameters\n");
+ dh=get_dh512();
+ }
+ BIO_flush(bio_s_out);
+
+ SSL_CTX_set_tmp_dh(ctx,dh);
+ DH_free(dh);
+#endif
+
+ if (!set_cert_stuff(ctx,s_cert_file,s_key_file))
+ goto end;
+
+#if 1
+ SSL_CTX_set_tmp_rsa_callback(ctx,tmp_rsa_cb);
+#else
+ if (!no_tmp_rsa && SSL_CTX_need_tmp_RSA(ctx))
+ {
+ RSA *rsa;
+
+ BIO_printf(bio_s_out,"Generating temp (512 bit) RSA key...");
+ BIO_flush(bio_s_out);
+
+ rsa=RSA_generate_key(512,RSA_F4,NULL);
+
+ if (!SSL_CTX_set_tmp_rsa(ctx,rsa))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ RSA_free(rsa);
+ BIO_printf(bio_s_out,"\n");
+ }
+#endif
+
+ if (cipher != NULL)
+ SSL_CTX_set_cipher_list(ctx,cipher);
+ SSL_CTX_set_verify(ctx,verify,verify_callback);
+
+ SSL_CTX_set_client_CA_list(ctx,SSL_load_client_CA_file(s_cert_file));
+
+ BIO_printf(bio_s_out,"ACCEPT\n");
+ if (www)
+ do_server(port,&accept_socket,www_body);
+ else
+ do_server(port,&accept_socket,sv_body);
+ print_stats(bio_s_out,ctx);
+ ret=0;
+end:
+ if (ctx != NULL) SSL_CTX_free(ctx);
+ if (bio_s_out != NULL)
+ {
+ BIO_free(bio_s_out);
+ bio_s_out=NULL;
+ }
+ EXIT(ret);
+ }
+
+static void print_stats(bio,ssl_ctx)
+BIO *bio;
+SSL_CTX *ssl_ctx;
+ {
+ BIO_printf(bio,"%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ssl_ctx));
+ BIO_printf(bio,"%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ssl_ctx));
+ BIO_printf(bio,"%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ssl_ctx));
+ BIO_printf(bio,"%4d server accepts (SSL_accept())\n",
+ SSL_CTX_sess_accept(ssl_ctx));
+ BIO_printf(bio,"%4d server accepts that finished\n",
+ SSL_CTX_sess_accept_good(ssl_ctx));
+ BIO_printf(bio,"%4d session cache hits\n",SSL_CTX_sess_hits(ssl_ctx));
+ BIO_printf(bio,"%4d session cache misses\n",SSL_CTX_sess_misses(ssl_ctx));
+ BIO_printf(bio,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ssl_ctx));
+ BIO_printf(bio,"%4d callback cache hits\n",SSL_CTX_sess_cb_hits(ssl_ctx));
+ }
+
+static int sv_body(hostname, s)
+char *hostname;
+int s;
+ {
+ char *buf=NULL;
+ fd_set readfds;
+ int ret=1,width;
+ int k,i;
+ unsigned long l;
+ SSL *con=NULL;
+ BIO *sbio;
+
+ if ((buf=Malloc(BUFSIZZ)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto err;
+ }
+#ifdef FIONBIO
+ if (s_nbio)
+ {
+ unsigned long sl=1;
+
+ if (!s_quiet)
+ BIO_printf(bio_err,"turning on non blocking io\n");
+ socket_ioctl(s,FIONBIO,&sl);
+ }
+#endif
+
+ if (con == NULL)
+ con=(SSL *)SSL_new(ctx);
+ SSL_clear(con);
+
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+ if (s_nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_accept_state(con);
+ /* SSL_set_fd(con,s); */
+
+ if (s_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
+ BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+ }
+
+ width=s+1;
+ for (;;)
+ {
+ FD_ZERO(&readfds);
+#ifndef WINDOWS
+ FD_SET(fileno(stdin),&readfds);
+#endif
+ FD_SET(s,&readfds);
+ i=select(width,&readfds,NULL,NULL,NULL);
+ if (i <= 0) continue;
+ if (FD_ISSET(fileno(stdin),&readfds))
+ {
+ i=read(fileno(stdin),buf,BUFSIZZ);
+ if (!s_quiet)
+ {
+ if ((i <= 0) || (buf[0] == 'Q'))
+ {
+ BIO_printf(bio_s_out,"DONE\n");
+ SHUTDOWN(s);
+ close_accept_socket();
+ ret= -11;
+ goto err;
+ }
+ if ((i <= 0) || (buf[0] == 'q'))
+ {
+ BIO_printf(bio_s_out,"DONE\n");
+ SHUTDOWN(s);
+ /* close_accept_socket();
+ ret= -11;*/
+ goto err;
+ }
+ if (buf[0] == 'r')
+ {
+ SSL_renegotiate(con);
+ i=0; /*13; */
+ continue;
+ strcpy(buf,"server side RE-NEGOTIATE\n");
+ }
+ if (buf[0] == 'R')
+ {
+ SSL_set_verify(con,
+ SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE,NULL);
+ SSL_renegotiate(con);
+ i=0; /* 13; */
+ continue;
+ strcpy(buf,"server side RE-NEGOTIATE asking for client cert\n");
+ }
+ if (buf[0] == 'P')
+ {
+ static char *str="Lets print some clear text\n";
+ BIO_write(SSL_get_wbio(con),str,strlen(str));
+ }
+ if (buf[0] == 'S')
+ {
+ print_stats(bio_s_out,SSL_get_SSL_CTX(con));
+ }
+ }
+ l=k=0;
+ for (;;)
+ {
+ /* should do a select for the write */
+ k=SSL_write(con,&(buf[l]),(unsigned int)i);
+ if (
+#ifdef FIONBIO
+ s_nbio &&
+#endif
+ BIO_sock_should_retry(k))
+ {
+ BIO_printf(bio_s_out,"Write BLOCK\n");
+ continue;
+ }
+ if (k <= 0)
+ {
+ ERR_print_errors(bio_err);
+ BIO_printf(bio_s_out,"DONE\n");
+ ret=1;
+ goto err;
+ }
+ l+=k;
+ i-=k;
+ if (i <= 0) break;
+ }
+ }
+ if (FD_ISSET(s,&readfds))
+ {
+ if (!SSL_is_init_finished(con))
+ {
+ i=init_ssl_connection(con);
+
+ if (i < 0)
+ {
+ ret=0;
+ goto err;
+ }
+ else if (i == 0)
+ {
+ ret=1;
+ goto err;
+ }
+ }
+ else
+ {
+ i=SSL_read(con,(char *)buf,BUFSIZZ);
+ if ((i <= 0) &&
+#ifdef FIONBIO
+ s_nbio &&
+#endif
+ BIO_sock_should_retry(i))
+ {
+ BIO_printf(bio_s_out,"Read BLOCK\n");
+ }
+ else if (i <= 0)
+ {
+ ERR_print_errors(bio_err);
+ BIO_printf(bio_s_out,"DONE\n");
+ ret=1;
+ goto err;
+ }
+ else
+ write(fileno(stdout),buf,
+ (unsigned int)i);
+ }
+ }
+ }
+err:
+ BIO_printf(bio_s_out,"shutting down SSL\n");
+#if 1
+ SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(con);
+#endif
+ if (con != NULL) SSL_free(con);
+ BIO_printf(bio_s_out,"CONNECTION CLOSED\n");
+ if (buf != NULL)
+ {
+ memset(buf,0,BUFSIZZ);
+ Free(buf);
+ }
+ if (ret >= 0)
+ BIO_printf(bio_s_out,"ACCEPT\n");
+ return(ret);
+ }
+
+static void close_accept_socket()
+ {
+ BIO_printf(bio_err,"shutdown accept socket\n");
+ if (accept_socket >= 0)
+ {
+ SHUTDOWN2(accept_socket);
+ }
+ }
+
+static int init_ssl_connection(con)
+SSL *con;
+ {
+ int i;
+ char *str;
+ X509 *peer;
+ int verify_error;
+ MS_STATIC char buf[BUFSIZ];
+
+ if ((i=SSL_accept(con)) <= 0)
+ {
+ if (BIO_sock_should_retry(i))
+ {
+ BIO_printf(bio_s_out,"DELAY\n");
+ return(1);
+ }
+
+ BIO_printf(bio_err,"ERROR\n");
+ verify_error=SSL_get_verify_result(con);
+ if (verify_error != X509_V_OK)
+ {
+ BIO_printf(bio_err,"verify error:%s\n",
+ X509_verify_cert_error_string(verify_error));
+ }
+ else
+ ERR_print_errors(bio_err);
+ return(0);
+ }
+
+ PEM_write_bio_SSL_SESSION(bio_s_out,SSL_get_session(con));
+
+ peer=SSL_get_peer_certificate(con);
+ if (peer != NULL)
+ {
+ BIO_printf(bio_s_out,"Client certificate\n");
+ PEM_write_bio_X509(bio_s_out,peer);
+ X509_NAME_oneline(X509_get_subject_name(peer),buf,BUFSIZ);
+ BIO_printf(bio_s_out,"subject=%s\n",buf);
+ X509_NAME_oneline(X509_get_issuer_name(peer),buf,BUFSIZ);
+ BIO_printf(bio_s_out,"issuer=%s\n",buf);
+ X509_free(peer);
+ }
+
+ if (SSL_get_shared_ciphers(con,buf,BUFSIZ) != NULL)
+ BIO_printf(bio_s_out,"Shared ciphers:%s\n",buf);
+ str=SSL_CIPHER_get_name(SSL_get_current_cipher(con));
+ BIO_printf(bio_s_out,"CIPHER is %s\n",(str != NULL)?str:"(NONE)");
+ if (con->hit) BIO_printf(bio_s_out,"Reused session-id\n");
+ return(1);
+ }
+
+static DH *load_dh_param()
+ {
+ DH *ret=NULL;
+ BIO *bio;
+
+#ifndef NO_DH
+ if ((bio=BIO_new_file(DH_PARAM,"r")) == NULL)
+ goto err;
+ ret=PEM_read_bio_DHparams(bio,NULL,NULL);
+err:
+ if (bio != NULL) BIO_free(bio);
+#endif
+ return(ret);
+ }
+
+#if 0
+static int load_CA(ctx,file)
+SSL_CTX *ctx;
+char *file;
+ {
+ FILE *in;
+ X509 *x=NULL;
+
+ if ((in=fopen(file,"r")) == NULL)
+ return(0);
+
+ for (;;)
+ {
+ if (PEM_read_X509(in,&x,NULL) == NULL)
+ break;
+ SSL_CTX_add_client_CA(ctx,x);
+ }
+ if (x != NULL) X509_free(x);
+ fclose(in);
+ return(1);
+ }
+#endif
+
+static int www_body(hostname, s)
+char *hostname;
+int s;
+ {
+ char buf[1024];
+ int ret=1;
+ int i,j,k,blank,dot;
+ struct stat st_buf;
+ SSL *con;
+ SSL_CIPHER *c;
+ BIO *io,*ssl_bio,*sbio;
+
+ io=BIO_new(BIO_f_buffer());
+ ssl_bio=BIO_new(BIO_f_ssl());
+ if ((io == NULL) || (ssl_bio == NULL)) goto err;
+
+#ifdef FIONBIO
+ if (s_nbio)
+ {
+ unsigned int long sl=1;
+
+ if (!s_quiet)
+ BIO_printf(bio_err,"turning on non blocking io\n");
+ socket_ioctl(s,FIONBIO,&sl);
+ }
+#endif
+
+ /* lets make the output buffer a reasonable size */
+ if (!BIO_set_write_buffer_size(io,16*1024)) goto err;
+
+ if ((con=(SSL *)SSL_new(ctx)) == NULL) goto err;
+
+ sbio=BIO_new_socket(s,BIO_NOCLOSE);
+ if (s_nbio_test)
+ {
+ BIO *test;
+
+ test=BIO_new(BIO_f_nbio_test());
+ sbio=BIO_push(test,sbio);
+ }
+ SSL_set_bio(con,sbio,sbio);
+ SSL_set_accept_state(con);
+
+ /* SSL_set_fd(con,s); */
+ BIO_set_ssl(ssl_bio,con,BIO_CLOSE);
+ BIO_push(io,ssl_bio);
+
+ if (s_debug)
+ {
+ con->debug=1;
+ BIO_set_callback(SSL_get_rbio(con),bio_dump_cb);
+ BIO_set_callback_arg(SSL_get_rbio(con),bio_s_out);
+ }
+
+ blank=0;
+ for (;;)
+ {
+ if (hack)
+ {
+ i=SSL_accept(con);
+
+ switch (SSL_get_error(con,i))
+ {
+ case SSL_ERROR_NONE:
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ case SSL_ERROR_WANT_READ:
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ continue;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_ZERO_RETURN:
+ ret=1;
+ goto err;
+ break;
+ }
+
+ SSL_renegotiate(con);
+ SSL_write(con,NULL,0);
+ }
+
+ i=BIO_gets(io,buf,sizeof(buf)-1);
+ if (i < 0) /* error */
+ {
+ if (!BIO_should_retry(io))
+ {
+ if (!s_quiet)
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ else
+ {
+ BIO_printf(bio_s_out,"read R BLOCK\n");
+#ifndef MSDOS
+ sleep(1);
+#endif
+ continue;
+ }
+ }
+ else if (i == 0) /* end of input */
+ {
+ ret=1;
+ goto end;
+ }
+
+ /* else we have data */
+ if ( ((www == 1) && (strncmp("GET ",buf,4) == 0)) ||
+ ((www == 2) && (strncmp("GET stats ",buf,10) == 0)))
+ {
+ char *p;
+ X509 *peer;
+ STACK *sk;
+ static char *space=" ";
+
+ BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+ BIO_puts(io,"<pre>\n");
+/* BIO_puts(io,SSLeay_version(SSLEAY_VERSION));*/
+ BIO_puts(io,"\n");
+ for (i=0; i<local_argc; i++)
+ {
+ BIO_puts(io,local_argv[i]);
+ BIO_write(io," ",1);
+ }
+ BIO_puts(io,"\n");
+
+ /* The following is evil and should not really
+ * be done */
+ BIO_printf(io,"Ciphers supported in s_server binary\n");
+ sk=SSL_get_ciphers(con);
+ j=sk_num(sk);
+ for (i=0; i<j; i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ BIO_printf(io,"%s:%-25s",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ if ((((i+1)%3) == 0) && (i+1 != j))
+ BIO_puts(io,"\n");
+ }
+ BIO_puts(io,"\n");
+ p=SSL_get_shared_ciphers(con,buf,sizeof(buf));
+ if (p != NULL)
+ {
+ BIO_printf(io,"---\nCiphers common between both SSL end points:\n");
+ j=i=0;
+ while (*p)
+ {
+ if (*p == ':')
+ {
+ BIO_write(io,space,15-j);
+ i++;
+ j=0;
+ BIO_write(io,((i%3)?" ":"\n"),1);
+ }
+ else
+ {
+ BIO_write(io,p,1);
+ j++;
+ }
+ p++;
+ }
+ BIO_puts(io,"\n");
+ }
+ BIO_printf(io,((con->hit)
+ ?"---\nReused, "
+ :"---\nNew, "));
+ c=SSL_get_current_cipher(con);
+ BIO_printf(io,"SSLv%d, Cipher is %s\n",
+ SSL_CIPHER_get_version(c),
+ SSL_CIPHER_get_name(c));
+ SSL_SESSION_print(io,SSL_get_session(con));
+ BIO_printf(io,"---\n");
+ print_stats(io,SSL_get_SSL_CTX(con));
+ BIO_printf(io,"---\n");
+ peer=SSL_get_peer_certificate(con);
+ if (peer != NULL)
+ {
+ BIO_printf(io,"Client certificate\n");
+ X509_print(io,peer);
+ PEM_write_bio_X509(io,peer);
+ }
+ else
+ BIO_puts(io,"no client certificate available\n");
+ break;
+ }
+ else if ((www == 2) && (strncmp("GET ",buf,4) == 0))
+ {
+ BIO *file;
+ char *p,*e;
+ static char *text="HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n";
+
+ /* skip the '/' */
+ p= &(buf[5]);
+ dot=0;
+ for (e=p; *e != '\0'; e++)
+ {
+ if (e[0] == ' ') break;
+ if ( (e[0] == '.') &&
+ (strncmp(&(e[-1]),"/../",4) == 0))
+ dot=1;
+ }
+
+ if (*e == '\0')
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"'%s' is an invalid file name\r\n",p);
+ break;
+ }
+ *e='\0';
+
+ if (dot)
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"'%s' contains '..' reference\r\n",p);
+ break;
+ }
+
+ if (*p == '/')
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"'%s' is an invalid path\r\n",p);
+ break;
+ }
+
+ /* append if a directory lookup */
+ if (e[-1] == '/')
+ strcat(p,"index.html");
+
+ /* if a directory, do the index thang */
+ if (stat(p,&st_buf) < 0)
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"Error accessing '%s'\r\n",p);
+ ERR_print_errors(io);
+ break;
+ }
+ if (S_ISDIR(st_buf.st_mode))
+ {
+ strcat(p,"/index.html");
+ }
+
+ if ((file=BIO_new_file(p,"r")) == NULL)
+ {
+ BIO_puts(io,text);
+ BIO_printf(io,"Error opening '%s'\r\n",p);
+ ERR_print_errors(io);
+ break;
+ }
+
+ if (!s_quiet)
+ BIO_printf(bio_err,"FILE:%s\n",p);
+
+ i=strlen(p);
+ if ( ((i > 5) && (strcmp(&(p[i-5]),".html") == 0)) ||
+ ((i > 4) && (strcmp(&(p[i-4]),".php") == 0)) ||
+ ((i > 4) && (strcmp(&(p[i-4]),".htm") == 0)))
+ BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/html\r\n\r\n");
+ else
+ BIO_puts(io,"HTTP/1.0 200 ok\r\nContent-type: text/plain\r\n\r\n");
+ /* send the file */
+ for (;;)
+ {
+ i=BIO_read(file,buf,1024);
+ if (i <= 0) break;
+
+ for (j=0; j<i; )
+ {
+ k=BIO_write(io,&(buf[j]),i-j);
+ if (k <= 0)
+ {
+ if (!BIO_should_retry(io))
+ break;
+ else
+ {
+ BIO_printf(bio_s_out,"rwrite W BLOCK\n");
+ }
+ }
+ else
+ {
+ j+=k;
+ }
+ }
+ }
+ BIO_free(file);
+ break;
+ }
+ }
+
+ for (;;)
+ {
+ i=(int)BIO_flush(io);
+ if (i <= 0)
+ {
+ if (!BIO_should_retry(io))
+ break;
+ }
+ else
+ break;
+ }
+end:
+#if 0
+ /* make sure we re-use sessions */
+ SSL_set_shutdown(con,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ /* This kills performace */
+ SSL_shutdown(con);
+#endif
+
+err:
+
+ if (ret >= 0)
+ BIO_printf(bio_s_out,"ACCEPT\n");
+
+ if (io != NULL) BIO_free_all(io);
+/* if (ssl_bio != NULL) BIO_free(ssl_bio); */
+ return(ret);
+ }
+
+static RSA MS_CALLBACK *tmp_rsa_cb(s,export)
+SSL *s;
+int export;
+ {
+ static RSA *rsa_tmp=NULL;
+
+ if (rsa_tmp == NULL)
+ {
+ if (!s_quiet)
+ {
+ BIO_printf(bio_err,"Generating temp (512 bit) RSA key...");
+ BIO_flush(bio_err);
+ }
+#ifndef NO_RSA
+ rsa_tmp=RSA_generate_key(512,RSA_F4,NULL);
+#endif
+ if (!s_quiet)
+ {
+ BIO_printf(bio_err,"\n");
+ BIO_flush(bio_err);
+ }
+ }
+ return(rsa_tmp);
+ }
diff --git a/apps/s_socket.c b/apps/s_socket.c
new file mode 100644
index 0000000..810061e
--- /dev/null
+++ b/apps/s_socket.c
@@ -0,0 +1,684 @@
+/* apps/s_socket.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <signal.h>
+#define USE_SOCKETS
+#define NON_MAIN
+#include "apps.h"
+#undef USE_SOCKETS
+#undef NON_MAIN
+#include "s_apps.h"
+#include "ssl.h"
+
+#ifndef NOPROTO
+static struct hostent *GetHostByName(char *name);
+int sock_init(void );
+#else
+static struct hostent *GetHostByName();
+int sock_init();
+#endif
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+#ifdef WINDOWS
+static struct WSAData wsa_state;
+static int wsa_init_done=0;
+
+#ifdef WIN16
+static HWND topWnd=0;
+static FARPROC lpTopWndProc=NULL;
+static FARPROC lpTopHookProc=NULL;
+extern HINSTANCE _hInstance; /* nice global CRT provides */
+
+static LONG FAR PASCAL topHookProc(hwnd,message,wParam,lParam)
+HWND hwnd;
+UINT message;
+WPARAM wParam;
+LPARAM lParam;
+ {
+ if (hwnd == topWnd)
+ {
+ switch(message)
+ {
+ case WM_DESTROY:
+ case WM_CLOSE:
+ SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopWndProc);
+ sock_cleanup();
+ break;
+ }
+ }
+ return CallWindowProc(lpTopWndProc,hwnd,message,wParam,lParam);
+ }
+
+static BOOL CALLBACK enumproc(HWND hwnd,LPARAM lParam)
+ {
+ topWnd=hwnd;
+ return(FALSE);
+ }
+
+#endif /* WIN32 */
+#endif /* WINDOWS */
+
+void sock_cleanup()
+ {
+#ifdef WINDOWS
+ if (wsa_init_done)
+ {
+ wsa_init_done=0;
+ WSACancelBlockingCall();
+ WSACleanup();
+ }
+#endif
+ }
+
+int sock_init()
+ {
+#ifdef WINDOWS
+ if (!wsa_init_done)
+ {
+ int err;
+
+#ifdef SIGINT
+ signal(SIGINT,(void (*)(int))sock_cleanup);
+#endif
+ wsa_init_done=1;
+ memset(&wsa_state,0,sizeof(wsa_state));
+ if (WSAStartup(0x0101,&wsa_state)!=0)
+ {
+ err=WSAGetLastError();
+ BIO_printf(bio_err,"unable to start WINSOCK, error code=%d\n",err);
+ return(0);
+ }
+
+#ifdef WIN16
+ EnumTaskWindows(GetCurrentTask(),enumproc,0L);
+ lpTopWndProc=(FARPROC)GetWindowLong(topWnd,GWL_WNDPROC);
+ lpTopHookProc=MakeProcInstance((FARPROC)topHookProc,_hInstance);
+
+ SetWindowLong(topWnd,GWL_WNDPROC,(LONG)lpTopHookProc);
+#endif /* WIN16 */
+ }
+#endif /* WINDOWS */
+ return(1);
+ }
+
+int init_client(sock, host, port)
+int *sock;
+char *host;
+int port;
+ {
+ unsigned char ip[4];
+ short p=0;
+
+ if (!host_ip(host,&(ip[0])))
+ {
+ return(0);
+ }
+ if (p != 0) port=p;
+ return(init_client_ip(sock,ip,port));
+ }
+
+int init_client_ip(sock, ip, port)
+int *sock;
+unsigned char ip[4];
+int port;
+ {
+ unsigned long addr;
+ struct sockaddr_in them;
+ int s,i;
+
+ if (!sock_init()) return(0);
+
+ memset((char *)&them,0,sizeof(them));
+ them.sin_family=AF_INET;
+ them.sin_port=htons((unsigned short)port);
+ addr=(unsigned long)
+ ((unsigned long)ip[0]<<24L)|
+ ((unsigned long)ip[1]<<16L)|
+ ((unsigned long)ip[2]<< 8L)|
+ ((unsigned long)ip[3]);
+ them.sin_addr.s_addr=htonl(addr);
+
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+
+ i=0;
+ i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0) { perror("keepalive"); return(0); }
+
+ if (connect(s,(struct sockaddr *)&them,sizeof(them)) == -1)
+ { close(s); perror("connect"); return(0); }
+ *sock=s;
+ return(1);
+ }
+
+int nbio_sock_error(sock)
+int sock;
+ {
+ int j,i,size;
+
+ size=sizeof(int);
+ i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
+ if (i < 0)
+ return(1);
+ else
+ return(j);
+ }
+
+int nbio_init_client_ip(sock, ip, port)
+int *sock;
+unsigned char ip[4];
+int port;
+ {
+ unsigned long addr;
+ struct sockaddr_in them;
+ int s,i;
+
+ if (!sock_init()) return(0);
+
+ memset((char *)&them,0,sizeof(them));
+ them.sin_family=AF_INET;
+ them.sin_port=htons((unsigned short)port);
+ addr= (unsigned long)
+ ((unsigned long)ip[0]<<24L)|
+ ((unsigned long)ip[1]<<16L)|
+ ((unsigned long)ip[2]<< 8L)|
+ ((unsigned long)ip[3]);
+ them.sin_addr.s_addr=htonl(addr);
+
+ if (*sock <= 0)
+ {
+ unsigned long l=1;
+
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (s == INVALID_SOCKET) { perror("socket"); return(0); }
+
+ i=0;
+ i=setsockopt(s,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0) { perror("keepalive"); return(0); }
+ *sock=s;
+
+#ifdef FIONBIO
+ socket_ioctl(s,FIONBIO,&l);
+#endif
+ }
+ else
+ s= *sock;
+
+ i=connect(s,(struct sockaddr *)&them,sizeof(them));
+ if (i == INVALID_SOCKET)
+ {
+ if (BIO_sock_should_retry(i))
+ return(-1);
+ else
+ return(0);
+ }
+ else
+ return(1);
+ }
+
+int do_server(port, ret, cb)
+int port;
+int *ret;
+int (*cb)();
+ {
+ int sock;
+ char *name;
+ int accept_socket;
+ int i;
+
+ if (!init_server(&accept_socket,port)) return(0);
+
+ if (ret != NULL)
+ {
+ *ret=accept_socket;
+ /* return(1);*/
+ }
+ for (;;)
+ {
+ if (do_accept(accept_socket,&sock,&name) == 0)
+ {
+ SHUTDOWN(accept_socket);
+ return(0);
+ }
+ i=(*cb)(name,sock);
+ if (name != NULL) Free(name);
+ SHUTDOWN(sock);
+ if (i < 0)
+ {
+ SHUTDOWN(accept_socket);
+ return(i);
+ }
+ }
+ }
+
+int init_server(sock, port)
+int *sock;
+int port;
+ {
+ int ret=0;
+ struct sockaddr_in server;
+ int s= -1,i;
+
+ if (!sock_init()) return(0);
+
+ memset((char *)&server,0,sizeof(server));
+ server.sin_family=AF_INET;
+ server.sin_port=htons((unsigned short)port);
+ server.sin_addr.s_addr=INADDR_ANY;
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+
+ if (s == INVALID_SOCKET) goto err;
+ if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+ {
+#ifndef WINDOWS
+ perror("bind");
+#endif
+ goto err;
+ }
+ if (listen(s,5) == -1) goto err;
+ i=0;
+ *sock=s;
+ ret=1;
+err:
+ if ((ret == 0) && (s != -1))
+ {
+ SHUTDOWN(s);
+ }
+ return(ret);
+ }
+
+int do_accept(acc_sock, sock, host)
+int acc_sock;
+int *sock;
+char **host;
+ {
+ int ret,i;
+ struct hostent *h1,*h2;
+ static struct sockaddr_in from;
+ int len;
+/* struct linger ling; */
+
+ if (!sock_init()) return(0);
+
+#ifndef WINDOWS
+redoit:
+#endif
+
+ memset((char *)&from,0,sizeof(from));
+ len=sizeof(from);
+ ret=accept(acc_sock,(struct sockaddr *)&from,&len);
+ if (ret == INVALID_SOCKET)
+ {
+#ifdef WINDOWS
+ i=WSAGetLastError();
+ BIO_printf(bio_err,"accept error %d\n",i);
+#else
+ if (errno == EINTR)
+ {
+ /*check_timeout(); */
+ goto redoit;
+ }
+ fprintf(stderr,"errno=%d ",errno);
+ perror("accept");
+#endif
+ return(0);
+ }
+
+/*
+ ling.l_onoff=1;
+ ling.l_linger=0;
+ i=setsockopt(ret,SOL_SOCKET,SO_LINGER,(char *)&ling,sizeof(ling));
+ if (i < 0) { perror("linger"); return(0); }
+ i=0;
+ i=setsockopt(ret,SOL_SOCKET,SO_KEEPALIVE,(char *)&i,sizeof(i));
+ if (i < 0) { perror("keepalive"); return(0); }
+*/
+
+ if (host == NULL) goto end;
+ /* I should use WSAAsyncGetHostByName() under windows */
+ h1=gethostbyaddr((char *)&from.sin_addr.s_addr,
+ sizeof(from.sin_addr.s_addr),AF_INET);
+ if (h1 == NULL)
+ {
+ BIO_printf(bio_err,"bad gethostbyaddr\n");
+ *host=NULL;
+ /* return(0); */
+ }
+ else
+ {
+ if ((*host=(char *)Malloc(strlen(h1->h_name)+1)) == NULL)
+ {
+ perror("Malloc");
+ return(0);
+ }
+ strcpy(*host,h1->h_name);
+
+ h2=GetHostByName(*host);
+ if (h2 == NULL)
+ {
+ BIO_printf(bio_err,"gethostbyname failure\n");
+ return(0);
+ }
+ i=0;
+ if (h2->h_addrtype != AF_INET)
+ {
+ BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ return(0);
+ }
+ }
+end:
+ *sock=ret;
+ return(1);
+ }
+
+int socket_ioctl(fd,type,arg)
+int fd;
+long type;
+unsigned long *arg;
+ {
+ int i,err;
+#ifdef WINDOWS
+ i=ioctlsocket(fd,type,arg);
+#else
+ i=ioctl(fd,type,arg);
+#endif
+ if (i < 0)
+ {
+#ifdef WINDOWS
+ err=WSAGetLastError();
+#else
+ err=errno;
+#endif
+ BIO_printf(bio_err,"ioctl on socket failed:error %d\n",err);
+ }
+ return(i);
+ }
+
+int sock_err()
+ {
+#ifdef WINDOWS
+ return(WSAGetLastError());
+#else
+ return(errno);
+#endif
+ }
+
+int extract_host_port(str,host_ptr,ip,port_ptr)
+char *str;
+char **host_ptr;
+unsigned char *ip;
+short *port_ptr;
+ {
+ char *h,*p;
+
+ h=str;
+ p=strchr(str,':');
+ if (p == NULL)
+ {
+ BIO_printf(bio_err,"no port defined\n");
+ return(0);
+ }
+ *(p++)='\0';
+
+ if ((ip != NULL) && !host_ip(str,ip))
+ goto err;
+ if (host_ptr != NULL) *host_ptr=h;
+
+ if (!extract_port(p,port_ptr))
+ goto err;
+ return(1);
+err:
+ return(0);
+ }
+
+int host_ip(str,ip)
+char *str;
+unsigned char ip[4];
+ {
+ unsigned int in[4];
+ int i;
+
+ if (sscanf(str,"%d.%d.%d.%d",&(in[0]),&(in[1]),&(in[2]),&(in[3])) == 4)
+ {
+ for (i=0; i<4; i++)
+ if (in[i] > 255)
+ {
+ BIO_printf(bio_err,"invalid IP address\n");
+ goto err;
+ }
+ ip[0]=in[0];
+ ip[1]=in[1];
+ ip[2]=in[2];
+ ip[3]=in[3];
+ }
+ else
+ { /* do a gethostbyname */
+ struct hostent *he;
+
+ if (!sock_init()) return(0);
+
+ he=GetHostByName(str);
+ if (he == NULL)
+ {
+ BIO_printf(bio_err,"gethostbyname failure\n");
+ goto err;
+ }
+ /* cast to short because of win16 winsock definition */
+ if ((short)he->h_addrtype != AF_INET)
+ {
+ BIO_printf(bio_err,"gethostbyname addr is not AF_INET\n");
+ return(0);
+ }
+ ip[0]=he->h_addr_list[0][0];
+ ip[1]=he->h_addr_list[0][1];
+ ip[2]=he->h_addr_list[0][2];
+ ip[3]=he->h_addr_list[0][3];
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int extract_port(str,port_ptr)
+char *str;
+short *port_ptr;
+ {
+ int i;
+ struct servent *s;
+
+ i=atoi(str);
+ if (i != 0)
+ *port_ptr=(unsigned short)i;
+ else
+ {
+ s=getservbyname(str,"tcp");
+ if (s == NULL)
+ {
+ BIO_printf(bio_err,"getservbyname failure for %s\n",str);
+ return(0);
+ }
+ *port_ptr=ntohs((unsigned short)s->s_port);
+ }
+ return(1);
+ }
+
+#define GHBN_NUM 4
+static struct ghbn_cache_st
+ {
+ char name[128];
+ struct hostent ent;
+ unsigned long order;
+ } ghbn_cache[GHBN_NUM];
+
+static unsigned long ghbn_hits=0L;
+static unsigned long ghbn_miss=0L;
+
+static struct hostent *GetHostByName(name)
+char *name;
+ {
+ struct hostent *ret;
+ int i,lowi=0;
+ unsigned long low= (unsigned long)-1;
+
+ for (i=0; i<GHBN_NUM; i++)
+ {
+ if (low > ghbn_cache[i].order)
+ {
+ low=ghbn_cache[i].order;
+ lowi=i;
+ }
+ if (ghbn_cache[i].order > 0)
+ {
+ if (strncmp(name,ghbn_cache[i].name,128) == 0)
+ break;
+ }
+ }
+ if (i == GHBN_NUM) /* no hit*/
+ {
+ ghbn_miss++;
+ ret=gethostbyname(name);
+ if (ret == NULL) return(NULL);
+ /* else add to cache */
+ strncpy(ghbn_cache[lowi].name,name,128);
+ memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
+ ghbn_cache[lowi].order=ghbn_miss+ghbn_hits;
+ return(ret);
+ }
+ else
+ {
+ ghbn_hits++;
+ ret= &(ghbn_cache[i].ent);
+ ghbn_cache[i].order=ghbn_miss+ghbn_hits;
+ return(ret);
+ }
+ }
+
+#ifndef MSDOS
+int spawn(argc, argv, in, out)
+int argc;
+char **argv;
+int *in;
+int *out;
+ {
+ int pid;
+#define CHILD_READ p1[0]
+#define CHILD_WRITE p2[1]
+#define PARENT_READ p2[0]
+#define PARENT_WRITE p1[1]
+ int p1[2],p2[2];
+
+ if ((pipe(p1) < 0) || (pipe(p2) < 0)) return(-1);
+
+ if ((pid=fork()) == 0)
+ { /* child */
+ if (dup2(CHILD_WRITE,fileno(stdout)) < 0)
+ perror("dup2");
+ if (dup2(CHILD_WRITE,fileno(stderr)) < 0)
+ perror("dup2");
+ if (dup2(CHILD_READ,fileno(stdin)) < 0)
+ perror("dup2");
+ close(CHILD_READ);
+ close(CHILD_WRITE);
+
+ close(PARENT_READ);
+ close(PARENT_WRITE);
+ execvp(argv[0],argv);
+ perror("child");
+ exit(1);
+ }
+
+ /* parent */
+ *in= PARENT_READ;
+ *out=PARENT_WRITE;
+ close(CHILD_READ);
+ close(CHILD_WRITE);
+ return(pid);
+ }
+#endif /* MSDOS */
+
+
+#ifdef undef
+ /* Turn on synchronous sockets so that we can do a WaitForMultipleObjects
+ * on sockets */
+ {
+ SOCKET s;
+ int optionValue = SO_SYNCHRONOUS_NONALERT;
+ int err;
+
+ err = setsockopt(
+ INVALID_SOCKET,
+ SOL_SOCKET,
+ SO_OPENTYPE,
+ (char *)&optionValue,
+ sizeof(optionValue));
+ if (err != NO_ERROR) {
+ /* failed for some reason... */
+ BIO_printf(bio_err, "failed to setsockopt(SO_OPENTYPE, SO_SYNCHRONOUS_ALERT) - %d\n",
+ WSAGetLastError());
+ }
+ }
+#endif
diff --git a/apps/s_time.c b/apps/s_time.c
new file mode 100644
index 0000000..853a9dc
--- /dev/null
+++ b/apps/s_time.c
@@ -0,0 +1,648 @@
+/* apps/s_time.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef NO_SHUTDOWN
+
+/*-----------------------------------------
+ cntime - SSL client connection timer program
+ Written and donated by Larry Streepy <streepy@healthcare.com>
+ -----------------------------------------*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "x509.h"
+#include "ssl.h"
+#include "pem.h"
+#define USE_SOCKETS
+#include "apps.h"
+#include "s_apps.h"
+#include "err.h"
+#ifdef WIN32_STUFF
+#include "winmain.h"
+#include "wintext.h"
+#endif
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef _AIX
+#include <sys/select.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+/* The following if from times(3) man page. It may need to be changed
+*/
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#undef PROG
+#define PROG s_time_main
+
+#define ioctl ioctlsocket
+
+#define SSL_CONNECT_NAME "localhost:4433"
+
+/*#define TEST_CERT "client.pem" */ /* no default cert. */
+
+#undef BUFSIZZ
+#define BUFSIZZ 1024*10
+
+#define min(a,b) (((a) < (b)) ? (a) : (b))
+#define max(a,b) (((a) > (b)) ? (a) : (b))
+
+#undef SECONDS
+#define SECONDS 30
+extern int verify_depth;
+extern int verify_error;
+
+#ifndef NOPROTO
+static void s_time_usage(void);
+static int parseArgs( int argc, char **argv );
+static SSL *doConnection( SSL *scon );
+#else
+static void s_time_usage();
+static int parseArgs();
+static SSL *doConnection();
+#endif
+
+
+/***********************************************************************
+ * Static data declarations
+ */
+
+/* static char *port=PORT_STR;*/
+static char *host=SSL_CONNECT_NAME;
+static char *t_cert_file=NULL;
+static char *t_key_file=NULL;
+static char *CApath=NULL;
+static char *CAfile=NULL;
+static char *tm_cipher=NULL;
+static int tm_verify = SSL_VERIFY_NONE;
+static int maxTime = SECONDS;
+static SSL_CTX *tm_ctx=NULL;
+static SSL_METHOD *s_time_meth=NULL;
+static char *s_www_path=NULL;
+static long bytes_read=0;
+static int st_bugs=0;
+static int perform=0;
+
+#ifdef FIONBIO
+static int t_nbio=0;
+#endif
+
+#ifdef WIN32
+static int exitNow = 0; /* Set when it's time to exit main */
+#endif
+
+/***********************************************************************
+ * usage - display usage message
+ */
+static void s_time_usage()
+{
+ static char umsg[] = "\
+-time arg - max number of seconds to collect data, default %d\n\
+-verify arg - turn on peer certificate verification, arg == depth\n\
+-cert arg - certificate file to use, PEM format assumed\n\
+-key arg - RSA file to use, PEM format assumed, in cert file if\n\
+ not specified but cert fill is.\n\
+-CApath arg - PEM format directory of CA's\n\
+-CAfile arg - PEM format file of CA's\n\
+-cipher - prefered cipher to use, play with 'ssleay ciphers'\n\n";
+
+ printf( "usage: client <args>\n\n" );
+
+ printf("-connect host:port - host:port to connect to (default is %s)\n",SSL_CONNECT_NAME);
+#ifdef FIONBIO
+ printf("-nbio - Run with non-blocking IO\n");
+ printf("-ssl2 - Just use SSLv2\n");
+ printf("-ssl3 - Just use SSLv3\n");
+ printf("-bugs - Turn on SSL bug compatability\n");
+ printf("-new - Just time new connections\n");
+ printf("-reuse - Just time connection reuse\n");
+ printf("-www page - Retrieve 'page' from the site\n");
+#endif
+ printf( umsg,SECONDS );
+}
+
+/***********************************************************************
+ * parseArgs - Parse command line arguments and initialize data
+ *
+ * Returns 0 if ok, -1 on bad args
+ */
+static int parseArgs(argc,argv)
+int argc;
+char **argv;
+{
+ int badop = 0;
+
+ verify_depth=0;
+ verify_error=X509_V_OK;
+#ifdef FIONBIO
+ t_nbio=0;
+#endif
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+
+ while (argc >= 1) {
+ if (strcmp(*argv,"-connect") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+#if 0
+ else if( strcmp(*argv,"-host") == 0)
+ {
+ if (--argc < 1) goto bad;
+ host= *(++argv);
+ }
+ else if( strcmp(*argv,"-port") == 0)
+ {
+ if (--argc < 1) goto bad;
+ port= *(++argv);
+ }
+#endif
+ else if (strcmp(*argv,"-reuse") == 0)
+ perform=2;
+ else if (strcmp(*argv,"-new") == 0)
+ perform=1;
+ else if( strcmp(*argv,"-verify") == 0) {
+
+ tm_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
+ if (--argc < 1) goto bad;
+ verify_depth=atoi(*(++argv));
+ BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+
+ } else if( strcmp(*argv,"-cert") == 0) {
+
+ if (--argc < 1) goto bad;
+ t_cert_file= *(++argv);
+
+ } else if( strcmp(*argv,"-key") == 0) {
+
+ if (--argc < 1) goto bad;
+ t_key_file= *(++argv);
+
+ } else if( strcmp(*argv,"-CApath") == 0) {
+
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+
+ } else if( strcmp(*argv,"-CAfile") == 0) {
+
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+
+ } else if( strcmp(*argv,"-cipher") == 0) {
+
+ if (--argc < 1) goto bad;
+ tm_cipher= *(++argv);
+ }
+#ifdef FIONBIO
+ else if(strcmp(*argv,"-nbio") == 0) {
+ t_nbio=1;
+ }
+#endif
+ else if(strcmp(*argv,"-www") == 0)
+ {
+ if (--argc < 1) goto bad;
+ s_www_path= *(++argv);
+ }
+ else if(strcmp(*argv,"-bugs") == 0)
+ st_bugs=1;
+#ifndef NO_SSL2
+ else if(strcmp(*argv,"-ssl2") == 0)
+ s_time_meth=SSLv2_client_method();
+#endif
+#ifndef NO_SSL3
+ else if(strcmp(*argv,"-ssl3") == 0)
+ s_time_meth=SSLv3_client_method();
+#endif
+ else if( strcmp(*argv,"-time") == 0) {
+
+ if (--argc < 1) goto bad;
+ maxTime= atoi(*(++argv));
+ }
+ else {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+
+ argc--;
+ argv++;
+ }
+
+ if (perform == 0) perform=3;
+
+ if(badop) {
+bad:
+ s_time_usage();
+ return -1;
+ }
+
+ return 0; /* Valid args */
+}
+
+/***********************************************************************
+ * TIME - time functions
+ */
+#define START 0
+#define STOP 1
+
+static double tm_Time_F(s)
+int s;
+ {
+ static double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if(s == START) {
+ times(&tstart);
+ return(0);
+ } else {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if(s == START) {
+ ftime(&tstart);
+ return(0);
+ } else {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+}
+
+/***********************************************************************
+ * MAIN - main processing area for client
+ * real name depends on MONOLITH
+ */
+int
+MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ double totalTime = 0.0;
+ int nConn = 0;
+ SSL *scon=NULL;
+ long finishtime=0;
+ int ret=1,i;
+ MS_STATIC char buf[1024*8];
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ s_time_meth=SSLv23_client_method();
+#elif !defined(NO_SSL3)
+ s_time_meth=SSLv3_client_method();
+#elif !defined(NO_SSL2)
+ s_time_meth=SSLv2_client_method();
+#endif
+
+ /* parse the command line arguments */
+ if( parseArgs( argc, argv ) < 0 )
+ goto end;
+
+ SSLeay_add_ssl_algorithms();
+ if ((tm_ctx=SSL_CTX_new(s_time_meth)) == NULL) return(1);
+
+ if (st_bugs) SSL_CTX_set_options(tm_ctx,SSL_OP_ALL);
+ SSL_CTX_set_cipher_list(tm_ctx,tm_cipher);
+ if(!set_cert_stuff(tm_ctx,t_cert_file,t_key_file))
+ goto end;
+
+ SSL_load_error_strings();
+
+ if ((!SSL_CTX_load_verify_locations(tm_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(tm_ctx)))
+ {
+ BIO_printf(bio_err,"error seting default verify locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (tm_cipher == NULL)
+ tm_cipher = getenv("SSL_CIPHER");
+
+ if (tm_cipher == NULL ) {
+ fprintf( stderr, "No CIPHER specified\n" );
+/* EXIT(1); */
+ }
+
+ if (!(perform & 1)) goto next;
+ printf( "Collecting connection statistics for %d seconds\n", maxTime );
+
+ /* Loop and time how long it takes to make connections */
+
+ bytes_read=0;
+ finishtime=(long)time(NULL)+maxTime;
+ tm_Time_F(START);
+ for (;;)
+ {
+ if (finishtime < time(NULL)) break;
+#ifdef WIN32_STUFF
+
+ if( flushWinMsgs(0) == -1 )
+ goto end;
+
+ if( waitingToDie || exitNow ) /* we're dead */
+ goto end;
+#endif
+
+ if( (scon = doConnection( NULL )) == NULL )
+ goto end;
+
+ if (s_www_path != NULL)
+ {
+ sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ SSL_write(scon,buf,strlen(buf));
+ while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
+ bytes_read+=i;
+ }
+
+#ifdef NO_SHUTDOWN
+ SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(scon);
+#endif
+ SHUTDOWN(SSL_get_fd(scon));
+
+ nConn += 1;
+ fputc(SSL_session_reused(scon)?'r':
+ (SSL_version(scon))+'0', stdout );
+ fflush(stdout);
+
+ SSL_free( scon );
+ scon=NULL;
+ }
+ totalTime += tm_Time_F(STOP); /* Add the time for this iteration */
+
+ i=(int)(time(NULL)-finishtime+maxTime);
+ printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
+ printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
+
+ /* Now loop and time connections using the same session id over and over */
+
+next:
+ if (!(perform & 2)) goto end;
+ printf( "\n\nNow timing with session id reuse.\n" );
+
+ /* Get an SSL object so we can reuse the session id */
+ if( (scon = doConnection( NULL )) == NULL )
+ {
+ fprintf( stderr, "Unable to get connection\n" );
+ goto end;
+ }
+
+ if (s_www_path != NULL)
+ {
+ sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ SSL_write(scon,buf,strlen(buf));
+ while (SSL_read(scon,buf,sizeof(buf)) > 0)
+ ;
+ }
+#ifdef NO_SHUTDOWN
+ SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(scon);
+#endif
+ SHUTDOWN(SSL_get_fd(scon));
+
+ nConn = 0;
+ totalTime = 0.0;
+
+ finishtime=time(NULL)+maxTime;
+
+ printf( "starting\n" );
+ bytes_read=0;
+ tm_Time_F(START);
+
+ for (;;)
+ {
+ if (finishtime < time(NULL)) break;
+
+#ifdef WIN32_STUFF
+ if( flushWinMsgs(0) == -1 )
+ goto end;
+
+ if( waitingToDie || exitNow ) /* we're dead */
+ goto end;
+#endif
+
+ if( (doConnection( scon )) == NULL )
+ goto end;
+
+ if (s_www_path)
+ {
+ sprintf(buf,"GET %s HTTP/1.0\r\n\r\n",s_www_path);
+ SSL_write(scon,buf,strlen(buf));
+ while ((i=SSL_read(scon,buf,sizeof(buf))) > 0)
+ bytes_read+=i;
+ }
+
+#ifdef NO_SHUTDOWN
+ SSL_set_shutdown(scon,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+#else
+ SSL_shutdown(scon);
+#endif
+ SHUTDOWN(SSL_get_fd(scon));
+
+ nConn += 1;
+ fputc(SSL_session_reused(scon)?'r':
+ (SSL_version(scon))+'0', stdout );
+ fflush(stdout);
+ }
+ totalTime += tm_Time_F(STOP); /* Add the time for this iteration*/
+
+
+ printf( "\n\n%d connections in %.2fs; %.2f connections/user sec, bytes read %ld\n", nConn, totalTime, ((double)nConn/totalTime),bytes_read);
+ printf( "%d connections in %ld real seconds, %ld bytes read per connection\n",nConn,time(NULL)-finishtime+maxTime,bytes_read/nConn);
+
+ ret=0;
+end:
+ if (scon != NULL) SSL_free(scon);
+
+ if (tm_ctx != NULL)
+ {
+ SSL_CTX_free(tm_ctx);
+ tm_ctx=NULL;
+ }
+ EXIT(ret);
+ }
+
+/***********************************************************************
+ * doConnection - make a connection
+ * Args:
+ * scon = earlier ssl connection for session id, or NULL
+ * Returns:
+ * SSL * = the connection pointer.
+ */
+static SSL *
+doConnection(scon)
+SSL *scon;
+ {
+ BIO *conn;
+ SSL *serverCon;
+ int width, i;
+ fd_set readfds;
+
+ if ((conn=BIO_new(BIO_s_connect())) == NULL)
+ return(NULL);
+
+/* BIO_set_port(conn,port);*/
+ BIO_set_hostname(conn,host);
+
+ if (scon == NULL)
+ serverCon=(SSL *)SSL_new(tm_ctx);
+ else
+ {
+ serverCon=scon;
+ SSL_set_connect_state(serverCon);
+ }
+
+ SSL_set_bio(serverCon,conn,conn);
+
+#if 0
+ if( scon != NULL )
+ SSL_set_session(serverCon,SSL_get_session(scon));
+#endif
+
+ /* ok, lets connect */
+ for(;;) {
+ i=SSL_connect(serverCon);
+ if (BIO_sock_should_retry(i))
+ {
+ BIO_printf(bio_err,"DELAY\n");
+
+ i=SSL_get_fd(serverCon);
+ width=i+1;
+ FD_ZERO(&readfds);
+ FD_SET(i,&readfds);
+ select(width,&readfds,NULL,NULL,NULL);
+ continue;
+ }
+ break;
+ }
+ if(i <= 0)
+ {
+ BIO_printf(bio_err,"ERROR\n");
+ if (verify_error != X509_V_OK)
+ BIO_printf(bio_err,"verify error:%s\n",
+ X509_verify_cert_error_string(verify_error));
+ else
+ ERR_print_errors(bio_err);
+ if (scon == NULL)
+ SSL_free(serverCon);
+ return NULL;
+ }
+
+ return serverCon;
+ }
+
+
diff --git a/apps/server.pem b/apps/server.pem
new file mode 100644
index 0000000..eabb927
--- /dev/null
+++ b/apps/server.pem
@@ -0,0 +1,369 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+notBefore=950413210656Z
+notAfter =970412210656Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
+BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
+ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
+BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
+VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
+MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
+3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
+YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
+hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
+dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
+zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
+-----END X509 CERTIFICATE-----
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
+-----BEGIN X509 CERTIFICATE-----
+MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
+LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
+MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
+b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
+EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
+bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
+ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
+hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
+ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
+bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
+fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
+R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
+Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
+-----END X509 CERTIFICATE-----
+-----BEGIN X509 CERTIFICATE-----
+
+MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
+bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
+BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
+BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
+ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
+ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
+H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
+WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
+MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
+LC7obsrHD8XAHG+ZRG==
+-----END X509 CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
+A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
+aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
+LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
+gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
+dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
+SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
+bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
+OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
+GJNMJ4L0AJ/ac+SmHZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
+OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
+40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
+22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
+BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
+Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
+xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
+cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=941109235417Z
+notAfter =991231235417Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
+Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
+roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
+aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
+HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
+iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
+suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
+cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
+-----END X509 CERTIFICATE-----
+subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
+hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
+N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
+ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
+bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
+aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
+F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
+Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
+KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
+SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
+7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
+qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
+QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
+NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
+A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
+FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
+Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
+G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
+c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
+jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
+w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
+GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
+3VZdLbCVIhNoEsysrxCpxcI=
+-----END CERTIFICATE-----
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
+ subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+ issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
+YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
+MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
+SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
+U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
+RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
+3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
+z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
+hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
+YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
+LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
+KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
+Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
+ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
+dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
+IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
+ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
+TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
+LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
+BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
+53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
+2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
+p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+-----END CERTIFICATE-----
+
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
+ subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
+9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
+IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
+O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
+g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
+yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
+-----END CERTIFICATE-----
diff --git a/apps/server2.pem b/apps/server2.pem
new file mode 100644
index 0000000..8bb6641
--- /dev/null
+++ b/apps/server2.pem
@@ -0,0 +1,376 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICLjCCAZcCAQEwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzU0WhcNOTgwNjA5
+MTM1NzU0WjBkMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxJDAiBgNVBAMTG1NlcnZlciB0ZXN0IGNl
+cnQgKDEwMjQgYml0KTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsxH1PBPm
+RkxrR11eV4bzNi4N9n11CI8nV29+ARlT1+qDe/mjVUvXlmsr1v/vf71G9GgqopSa
+6RXrICLVdk/FYYYzhPvl1M+OrjaXDFO8BzBAF1Lnz6c7aRZvGRJNrRSr2nZEkqDf
+JW9dY7r2VZEpD5QeuaRYUnuECkqeieB65GMCAwEAATANBgkqhkiG9w0BAQQFAAOB
+gQCWsOta6C0wiVzXz8wPmJKyTrurMlgUss2iSuW9366iwofZddsNg7FXniMzkIf6
+dp7jnmWZwKZ9cXsNUS2o4OL07qOk2HOywC0YsNZQsOBu1CBTYYkIefDiKFL1zQHh
+8lwwNd4NP+OE3NzUNkCfh4DnFfg9WHkXUlD5UpxNRJ4gJA==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCzEfU8E+ZGTGtHXV5XhvM2Lg32fXUIjydXb34BGVPX6oN7+aNV
+S9eWayvW/+9/vUb0aCqilJrpFesgItV2T8VhhjOE++XUz46uNpcMU7wHMEAXUufP
+pztpFm8ZEk2tFKvadkSSoN8lb11juvZVkSkPlB65pFhSe4QKSp6J4HrkYwIDAQAB
+AoGBAKy8jvb0Lzby8q11yNLf7+78wCVdYi7ugMHcYA1JVFK8+zb1WfSm44FLQo/0
+dSChAjgz36TTexeLODPYxleJndjVcOMVzsLJjSM8dLpXsTS4FCeMbhw2s2u+xqKY
+bbPWfk+HOTyJjfnkcC5Nbg44eOmruq0gSmBeUXVM5UntlTnxAkEA7TGCA3h7kx5E
+Bl4zl2pc3gPAGt+dyfk5Po9mGJUUXhF5p2zueGmYWW74TmOWB1kzt4QRdYMzFePq
+zfDNXEa1CwJBAMFErdY0xp0UJ13WwBbUTk8rujqQdHtjw0klhpbuKkjxu2hN0wwM
+6p0D9qxF7JHaghqVRI0fAW/EE0OzdHMR9QkCQQDNR26dMFXKsoPu+vItljj/UEGf
+QG7gERiQ4yxaFBPHgdpGo0kT31eh9x9hQGDkxTe0GNG/YSgCRvm8+C3TMcKXAkBD
+dhGn36wkUFCddMSAM4NSJ1VN8/Z0y5HzCmI8dM3VwGtGMUQlxKxwOl30LEQzdS5M
+0SWojNYXiT2gOBfBwtbhAkEAhafl5QEOIgUz+XazS/IlZ8goNKdDVfYgK3mHHjvv
+nY5G+AuGebdNkXJr4KSWxDcN+C2i47zuj4QXA16MAOandA==
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+issuer= /C=US/O=AT&T Bell Laboratories/OU=Prototype Research CA
+notBefore=950413210656Z
+notAfter =970412210656Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICCDCCAXECAQAwDQYJKoZIhvcNAQEEBQAwTjELMAkGA1UEBhMCVVMxHzAdBgNV
+BAoUFkFUJlQgQmVsbCBMYWJvcmF0b3JpZXMxHjAcBgNVBAsUFVByb3RvdHlwZSBS
+ZXNlYXJjaCBDQTAeFw05NTA0MTMyMTA2NTZaFw05NzA0MTIyMTA2NTZaME4xCzAJ
+BgNVBAYTAlVTMR8wHQYDVQQKFBZBVCZUIEJlbGwgTGFib3JhdG9yaWVzMR4wHAYD
+VQQLFBVQcm90b3R5cGUgUmVzZWFyY2ggQ0EwgZwwDQYJKoZIhvcNAQEBBQADgYoA
+MIGGAoGAebOmgtSCl+wCYZc86UGYeTLY8cjmW2P0FN8ToT/u2pECCoFdrlycX0OR
+3wt0ZhpFXLVNeDnHwEE9veNUih7pCL2ZBFqoIoQkB1lZmXRiVtjGonz8BLm/qrFM
+YHb0lme/Ol+s118mwKVxnn6bSAeI/OXKhLaVdYZWk+aEaxEDkVkCAQ8wDQYJKoZI
+hvcNAQEEBQADgYEAAZMG14lZmZ8bahkaHaTV9dQf4p2FZiQTFwHP9ZyGsXPC+LT5
+dG5iTaRmyjNIJdPWohZDl97kAci79aBndvuEvRKOjLHs3WRGBIwERnAcnY9Mz8u/
+zIHK23PjYVxGGaZd669OJwD0CYyqH22HH9nFUGaoJdsv39ChW0NRdLE9+y8=
+-----END X509 CERTIFICATE-----
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
+-----BEGIN X509 CERTIFICATE-----
+MIICYDCCAiACAgEoMAkGBSsOAwINBQAwfDELMAkGA1UEBhMCVVMxNjA0BgNVBAoT
+LU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZ
+MBcGA1UECxMQVGVzdCBFbnZpcm9ubWVudDEaMBgGA1UECxMRRFNTLU5BU0EtUGls
+b3QtQ0EwHhcNOTYwMjI2MTYzMjQ1WhcNOTcwMjI1MTYzMjQ1WjB8MQswCQYDVQQG
+EwJVUzE2MDQGA1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFk
+bWluaXN0cmF0aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MRowGAYDVQQL
+ExFEU1MtTkFTQS1QaWxvdC1DQTCB8jAJBgUrDgMCDAUAA4HkADCB4AJBAMA/ssKb
+hPNUG7ZlASfVwEJU21O5OyF/iyBzgHI1O8eOhJGUYO8cc8wDMjR508Mr9cp6Uhl/
+ZB7FV5GkLNEnRHYCQQDUEaSg45P2qrDwixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLb
+bn3QK74T2IxY1yY+kCNq8XrIqf5fJJzIH0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3
+fVd0geUCQQCzCFUQAh+ZkEmp5804cs6ZWBhrUAfnra8lJItYo9xPcXgdIfLfibcX
+R71UsyO77MRD7B0+Ag2tq794IleCVcEEMAkGBSsOAwINBQADLwAwLAIUUayDfreR
+Yh2WeU86/pHNdkUC1IgCFEfxe1f0oMpxJyrJ5XIxTi7vGdoK
+-----END X509 CERTIFICATE-----
+-----BEGIN X509 CERTIFICATE-----
+
+MIICGTCCAdgCAwCqTDAJBgUrDgMCDQUAMHwxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+GTAXBgNVBAsTEFRlc3QgRW52aXJvbm1lbnQxGjAYBgNVBAsTEURTUy1OQVNBLVBp
+bG90LUNBMB4XDTk2MDUxNDE3MDE0MVoXDTk3MDUxNDE3MDE0MVowMzELMAkGA1UE
+BhMCQVUxDzANBgNVBAoTBk1pbmNvbTETMBEGA1UEAxMKRXJpYyBZb3VuZzCB8jAJ
+BgUrDgMCDAUAA4HkADCB4AJBAKbfHz6vE6pXXMTpswtGUec2tvnfLJUsoxE9qs4+
+ObZX7LmLvragNPUeiTJx7UOWZ5DfBj6bXLc8eYne0lP1g3ACQQDUEaSg45P2qrDw
+ixTRhFhmWz5Nvc4lRFQ/42XPcchiJBLbbn3QK74T2IxY1yY+kCNq8XrIqf5fJJzI
+H0J/xUP3AhUAsg2wsQHfDGYk/BOSulX3fVd0geUCQQCzCFUQAh+ZkEmp5804cs6Z
+WBhrUAfnra8lJItYo9xPcXgdIfLfibcXR71UsyO77MRD7B0+Ag2tq794IleCVcEE
+MAkGBSsOAwINBQADMAAwLQIUWsuuJRE3VT4ueWkWMAJMJaZjj1ECFQCYY0zX4bzM
+LC7obsrHD8XAHG+ZRG==
+-----END X509 CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIIB6jCCAZQCAgEtMA0GCSqGSIb3DQEBBAUAMIGAMQswCQYDVQQGEwJVUzE2MDQG
+A1UEChMtTmF0aW9uYWwgQWVyb25hdXRpY3MgYW5kIFNwYWNlIEFkbWluaXN0cmF0
+aW9uMRkwFwYDVQQLExBUZXN0IEVudmlyb25tZW50MR4wHAYDVQQLExVNRDUtUlNB
+LU5BU0EtUGlsb3QtQ0EwHhcNOTYwNDMwMjIwNTAwWhcNOTcwNDMwMjIwNTAwWjCB
+gDELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEZMBcGA1UECxMQVGVzdCBFbnZpcm9ubWVu
+dDEeMBwGA1UECxMVTUQ1LVJTQS1OQVNBLVBpbG90LUNBMFkwCgYEVQgBAQICAgAD
+SwAwSAJBALmmX5+GqAvcrWK13rfDrNX9UfeA7f+ijyBgeFQjYUoDpFqapw4nzQBL
+bAXug8pKkRwa2Zh8YODhXsRWu2F/UckCAwEAATANBgkqhkiG9w0BAQQFAANBAH9a
+OBA+QCsjxXgnSqHx04gcU8S49DVUb1f2XVoLnHlIb8RnX0k5O6mpHT5eti9bLkiW
+GJNMJ4L0AJ/ac+SmHZc=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
+OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
+40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
+22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
+BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
+Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
+xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
+cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=941109235417Z
+notAfter =991231235417Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
+Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
+roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
+aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
+HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
+iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
+suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
+cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
+-----END X509 CERTIFICATE-----
+subject=/C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+issuer= /C=ZA/SP=Western Cape/L=Cape Town/O=Thawte Consulting cc
+ /OU=Certification Services Division/CN=Thawte Server CA
+ /Email=server-certs@thawte.com
+-----BEGIN CERTIFICATE-----
+MIIC+TCCAmICAQAwDQYJKoZIhvcNAQEEBQAwgcQxCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkq
+hkiG9w0BCQEWF3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMB4XDTk2MDcyNzE4MDc1
+N1oXDTk4MDcyNzE4MDc1N1owgcQxCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0
+ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMUVGhhd3RlIENv
+bnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2
+aXNpb24xGTAXBgNVBAMTEFRoYXd0ZSBTZXJ2ZXIgQ0ExJjAkBgkqhkiG9w0BCQEW
+F3NlcnZlci1jZXJ0c0B0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQDTpFBuyP9Wa+bPXbbqDGh1R6KqwtqEJfyo9EdR2oW1IHSUhh4PdcnpCGH1
+Bm0wbhUZAulSwGLbTZme4moMRDjN/r7jZAlwxf6xaym2L0nIO9QnBCUQly/nkG3A
+KEKZ10xD3sP1IW1Un13DWOHA5NlbsLjctHvfNjrCtWYiEtaHDQIDAQABMA0GCSqG
+SIb3DQEBBAUAA4GBAIsvn7ifX3RUIrvYXtpI4DOfARkTogwm6o7OwVdl93yFhDcX
+7h5t0XZ11MUAMziKdde3rmTvzUYIUCYoY5b032IwGMTvdiclK+STN6NP2m5nvFAM
+qJT5gC5O+j/jBuZRQ4i0AMYQr5F4lT8oBJnhgafw6PL8aDY2vMHGSPl9+7uf
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIIDDTCCAnYCAQAwDQYJKoZIhvcNAQEEBQAwgc4xCzAJBgNVBAYTAlpBMRUwEwYD
+VQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsGA1UEChMU
+VGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2Vy
+dmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNlcnZlciBD
+QTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNvbTAeFw05
+NjA3MjcxODA3MTRaFw05ODA3MjcxODA3MTRaMIHOMQswCQYDVQQGEwJaQTEVMBMG
+A1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xHTAbBgNVBAoT
+FFRoYXd0ZSBDb25zdWx0aW5nIGNjMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNl
+cnZpY2VzIERpdmlzaW9uMSEwHwYDVQQDExhUaGF3dGUgUHJlbWl1bSBTZXJ2ZXIg
+Q0ExKDAmBgkqhkiG9w0BCQEWGXByZW1pdW0tc2VydmVyQHRoYXd0ZS5jb20wgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANI2NmqL18JbntqBQWKPOO5JBFXW0O8c
+G5UWR+8YSDU6UvQragaPOy/qVuOvho2eF/eetGV1Ak3vywmiIVHYm9Bn0LoNkgYU
+c9STy5cqAJxcTgy8+hVS/PJEbtoRSm4Iny8t4/mqOoZztkZTWMiJBb2DEbhzP6oH
+jfRCTedAnRw3AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAutFIgTRZVYerIZfL9lvR
+w9Eifvvo5KTZ3h+Bj+VzNnyw4Qc/IyXkPOu6SIiH9LQ3sCmWBdxpe+qr4l77rLj2
+GYuMtESFfn1XVALzkYgC7JcPuTOjMfIiMByt+uFf8AV8x0IW/Qkuv+hEQcyM9vxK
+3VZdLbCVIhNoEsysrxCpxcI=
+-----END CERTIFICATE-----
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
+-----END CERTIFICATE-----
+
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
+ subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+ issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
+YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
+MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
+SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
+U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
+RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
+3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
+z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
+hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
+YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
+LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
+KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
+Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
+ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
+dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
+IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
+ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
+TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
+LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
+BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
+53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
+2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
+p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+-----END CERTIFICATE-----
+
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
+ subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
+9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
+IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
+O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
+g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
+yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
+-----END CERTIFICATE-----
diff --git a/apps/sess_id.c b/apps/sess_id.c
new file mode 100644
index 0000000..03a8f46
--- /dev/null
+++ b/apps/sess_id.c
@@ -0,0 +1,305 @@
+/* apps/sess_id.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+
+#undef PROG
+#define PROG sess_id_main
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+static char *sess_id_usage[]={
+"usage: crl args\n",
+"\n",
+" -inform arg - input format - default PEM (one of DER, TXT or PEM)\n",
+" -outform arg - output format - default PEM\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -text - print ssl session id details\n",
+" -cert - output certificaet \n",
+" -noout - no CRL output\n",
+NULL
+};
+
+#ifndef NOPROTO
+static SSL_SESSION *load_sess_id(char *file, int format);
+#else
+static SSL_SESSION *load_sess_id();
+#endif
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ SSL_SESSION *x=NULL;
+ int ret=1,i,num,badops=0;
+ BIO *out=NULL;
+ int informat,outformat;
+ char *infile=NULL,*outfile=NULL;
+ int cert=0,noout=0,text=0;
+ char **pp;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+
+ argc--;
+ argv++;
+ num=0;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-text") == 0)
+ text= ++num;
+ else if (strcmp(*argv,"-cert") == 0)
+ cert= ++num;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout= ++num;
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=sess_id_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+ x=load_sess_id(infile,informat);
+ if (x == NULL) { goto end; }
+
+#ifdef undef
+ /* just testing for memory leaks :-) */
+ {
+ SSL_SESSION *s;
+ char buf[1024*10],*p;
+ int i;
+
+ s=SSL_SESSION_new();
+
+ p= &buf;
+ i=i2d_SSL_SESSION(x,&p);
+ p= &buf;
+ d2i_SSL_SESSION(&s,&p,(long)i);
+ p= &buf;
+ d2i_SSL_SESSION(&s,&p,(long)i);
+ p= &buf;
+ d2i_SSL_SESSION(&s,&p,(long)i);
+ SSL_SESSION_free(s);
+ }
+#endif
+
+ if (!noout || text)
+ {
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+ }
+
+ if (text)
+ {
+ SSL_SESSION_print(out,x);
+
+ if (cert)
+ {
+ if (x->peer == NULL)
+ BIO_puts(out,"No certificate present\n");
+ else
+ X509_print(out,x->peer);
+ }
+ }
+
+ if (!noout && !cert)
+ {
+ if (outformat == FORMAT_ASN1)
+ i=(int)i2d_SSL_SESSION_bio(out,x);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_SSL_SESSION(out,x);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err,"unable to write SSL_SESSION\n");
+ goto end;
+ }
+ }
+ else if (!noout && (x->peer != NULL)) /* just print the certificate */
+ {
+ if (outformat == FORMAT_ASN1)
+ i=(int)i2d_X509_bio(out,x->peer);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509(out,x->peer);
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err,"unable to write X509\n");
+ goto end;
+ }
+ }
+ ret=0;
+end:
+ if (out != NULL) BIO_free(out);
+ if (x != NULL) SSL_SESSION_free(x);
+ EXIT(ret);
+ }
+
+static SSL_SESSION *load_sess_id(infile, format)
+char *infile;
+int format;
+ {
+ SSL_SESSION *x=NULL;
+ BIO *in=NULL;
+
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ if (format == FORMAT_ASN1)
+ x=d2i_SSL_SESSION_bio(in,NULL);
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_SSL_SESSION(in,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input crl\n");
+ goto end;
+ }
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load SSL_SESSION\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+end:
+ if (in != NULL) BIO_free(in);
+ return(x);
+ }
+
diff --git a/apps/set/set-g-ca.pem b/apps/set/set-g-ca.pem
new file mode 100644
index 0000000..78499f0
--- /dev/null
+++ b/apps/set/set-g-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgYCYUeg8NJ9kO1q3z6vGCkAmPRfu5+Nur0FyGF79MADMw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtQ
+Q0ExMDIxMTgyODEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJyi5V7l1HohY6hN/2N9x6mvWeMy8rD1
+6lfXjgmiuGmhpaszWYaalesMcS2OGuG8Lq3PkaSzpVzqASKfIOjxLMsdpYyYJRub
+vRPDWi3xd8wlp9xUwWHKqn+ki8mPo0yN4eONwZZ4rcZr6K+tWd+5EJZSjuENJoQ/
+SRRmGRzdcS7XAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMjIwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwICBDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBn19R2
+AgGvpJDmfXrHTDdCoYyMkaP2MPzw0hFRwh+wqnw0/pqUXa7MrLXMqtD3rUyOWaNR
+9fYpJZd0Bh/1OeIc2+U+VNfUovLLuZ8nNemdxyq2KMYnHtnh7UdO7atZ+PFLVu8x
+a+J2Mtj8MGy12CJNTJcjLSrJ/1f3AuVrwELjlQ==
+-----END CERTIFICATE-----
diff --git a/apps/set/set-m-ca.pem b/apps/set/set-m-ca.pem
new file mode 100644
index 0000000..0e74caf
--- /dev/null
+++ b/apps/set/set-m-ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgEGvcf5aUnufALdVMa/dmPdflq1CoORGeK5DUwbqhVYcw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtN
+Q0ExMDIxMTgyNzEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALuWwr63YrT1GIZpYKfIeiVFHESG/FZO
+7RAJKml/p12ZyZ7D5YPP4BBXVsa1H8e8arR1LKC4rdCArrtKKlBeBiMo9+NB+u35
+FnLnTmfzM4iZ2Syw35DXY8+Xn/LM7RJ1RG+vMNcTqpoUg7QPye7flq2Pt7vVROPn
+SZxPyVxmILe3AgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMjEwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIDCDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQApaj0W
+GgyR47URZEZ7z83yivvnVErqtodub/nR1fMgJ4bDC0ofjA0SzXBP1/3eDq9VkPuS
+EKUw9BpM2XrSUKhJ6F1CbBjWpM0M7GC1nTSxMxmV+XL+Ab/Gn2SwozUApWtht29/
+x9VLB8qsi6wN2aOsVdQMl5iVCjGQYfEkyuoIgA==
+-----END CERTIFICATE-----
diff --git a/apps/set/set_b_ca.pem b/apps/set/set_b_ca.pem
new file mode 100644
index 0000000..eba7d5c
--- /dev/null
+++ b/apps/set/set_b_ca.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID1zCCAr+gAwIBAgIgYClSzXgB3u31VMarY+lXwPKU9DtoBMzaaivuVzV9a9kw
+DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
+ODI5MB4XDTk2MTAxNzAwMDAwMFoXDTk2MTExNjIzNTk1OVowRTELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC0JDQTEwMTcxMTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlBy
+b2R1Y3QgVHlwZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApPewvR0BwV02
+9E12ic48pMY/aMB6SkMEWPDx2hURr0DKYGJ6qMvzZn2pSfaVH1BqDtK6oK4Ye5Mj
+ItywwQIdXXO9Ut8+TLnvtzq9ByCJ0YThjZJBc7ZcpJxSV7QAoBON/lzxZuAVq3+L
+3uc39MgRwmBpRllZEpWrkojxs6166X0CAwEAAaOCAVcwggFTMFQGA1UdIwRNMEuh
+J6QlMCMxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtSQ0ExMDExMTgyOYIgVqenwCYv
+mmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYwDgYDVR0PAQH/BAQDAgEGMC4GA1Ud
+EAEB/wQkMCKADzE5OTYxMDE3MTc1NzAwWoEPMTk5NjExMTYyMzU5NTlaMBsGA1Ud
+IAEB/wQRMA8wDQYLYIZIAYb4RQEHAQEwEgYDVR0TAQH/BAgwBgEB/wIBATAPBgSG
+jW8DAQH/BAQDAgABMHkGBIaNbwcBAf8EbjBsMCQCAQAwCQYFKw4DAhoFAAQUMmY3
+NGIxYWY0ZmNjMDYwZjc2NzYTD3RlcnNlIHN0YXRlbWVudIAXaHR0cDovL3d3dy52
+ZXJpc2lnbi5jb22BGmdldHNldC1jZW50ZXJAdmVyaXNpZ24uY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQAWoMS8Aj2sO0LDxRoMcnWTKY8nd8Jw2vl2Mgsm+0qCvcndICM5
+43N0y9uHlP8WeCZULbFz95gTL8mfP/QTu4EctMUkQgRHJnx80f0XSF3HE/X6zBbI
+9rit/bF6yP1mhkdss/vGanReDpki7q8pLx+VIIcxWst/366HP3dW1Fb7ECW/WmVV
+VMN93f/xqk9I4sXchVZcVKQT3W4tzv+qQvugrEi1dSEkbAy1CITEAEGiaFhGUyCe
+WPox3guRXaEHoINNeajGrISe6d//alsz5EEroBoLnM2ryqWfLAtRsf4rjNzTgklw
+lbiz0fw7bNkXKp5ZVr0wlnOjQnoSM6dTI0AV
+-----END CERTIFICATE-----
diff --git a/apps/set/set_c_ca.pem b/apps/set/set_c_ca.pem
new file mode 100644
index 0000000..48b2cbd
--- /dev/null
+++ b/apps/set/set_c_ca.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDeDCCAuGgAwIBAgIgOnl8J6lAYNDdTWtIojWCGnloNf4ufHjOZ4Fkxwg5xOsw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0JDQTEwMTcx
+MTA0MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjIw
+MDAwMDBaFw05NjExMjEyMzU5NTlaMEUxCzAJBgNVBAYTAlVTMRQwEgYDVQQKEwtD
+Q0ExMDIxMTYxNjEgMB4GA1UEAxMXQnJhbmQgTmFtZTpQcm9kdWN0IFR5cGUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANA3a9+U8oXU3Dv1wJf8g0A7HjCRZAXc
+Y8E4OLOdye5aUssxifCE05qTPVqHMXo6cnCYcfroMdURhjQlswyTGtjQybgUnXjp
+pchw+V4D1DkN0ThErrMCh9ZFSykC0lUhQTRLESvbIb4Gal/HMAFAF5sj0GoOFi2H
+RRj7gpzBIU3xAgMBAAGjggFXMIIBUzBUBgNVHSMETTBLoSekJTAjMQswCQYDVQQG
+EwJVUzEUMBIGA1UEChMLUkNBMTAxMTE4MjmCIGApUs14Ad7t9VTGq2PpV8DylPQ7
+aATM2mor7lc1fWvZMA4GA1UdDwEB/wQEAwIBBjAuBgNVHRABAf8EJDAigA8xOTk2
+MTAyMjAxMTAwMFqBDzE5OTYxMTIxMjM1OTU5WjAbBgNVHSABAf8EETAPMA0GC2CG
+SAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYBAf8CAQAwDwYEho1vAwEB/wQEAwIEEDB5
+BgSGjW8HAQH/BG4wbDAkAgEAMAkGBSsOAwIaBQAEFDJmNzRiMWFmNGZjYzA2MGY3
+Njc2Ew90ZXJzZSBzdGF0ZW1lbnSAF2h0dHA6Ly93d3cudmVyaXNpZ24uY29tgRpn
+ZXRzZXQtY2VudGVyQHZlcmlzaWduLmNvbTANBgkqhkiG9w0BAQUFAAOBgQBteLaZ
+u/TASC64UWPfhxYAUdys9DQ1pG/J1qPWNTkjOmpXFvW+7l/3nkxyRPgUoFNwx1e7
+XVVPr6zhy8LaaXppwfIZvVryzAUdbtijiUf/MO0hvV3w7e9NlCVProdU5H9EvCXr
++IV8rH8fdEkirIVyw0JGHkuWhkmtS1HEwai9vg==
+-----END CERTIFICATE-----
diff --git a/apps/set/set_d_ct.pem b/apps/set/set_d_ct.pem
new file mode 100644
index 0000000..9f8c7d8
--- /dev/null
+++ b/apps/set/set_d_ct.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDdjCCAt+gAwIBAgIgRU5t24v72xVDpZ4iHpyoOAQaQmfio1yhTZAOkBfT2uUw
+DQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFDASBgNVBAoTC0NDQTEwMjEx
+NjE2MSAwHgYDVQQDExdCcmFuZCBOYW1lOlByb2R1Y3QgVHlwZTAeFw05NjEwMjQw
+MDAwMDBaFw05NjExMjMyMzU5NTlaMG4xCzAJBgNVBAYTAlVTMRAwDgYDVQQKEwdC
+cmFuZElEMSYwJAYDVQQLEx1Jc3N1aW5nIEZpbmFuY2lhbCBJbnN0aXR1dGlvbjEl
+MCMGA1UEAxMcR2lYb0t0VjViN1V0MHZKa2hkSG5RYmNzc2JrPTBcMA0GCSqGSIb3
+DQEBAQUAA0sAMEgCQQDIUxgpNB1aoSW585WErtN8WInCRWCqDj3RGT2mJye0F4SM
+/iT5ywdWMasmw18vpEpDlMypfZnRkUAdfyHcRABVAgMBAAGjggFwMIIBbDB2BgNV
+HSMEbzBtoUmkRzBFMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLQkNBMTAxNzExMDQx
+IDAeBgNVBAMTF0JyYW5kIE5hbWU6UHJvZHVjdCBUeXBlgiA6eXwnqUBg0N1Na0ii
+NYIaeWg1/i58eM5ngWTHCDnE6zAOBgNVHQ8BAf8EBAMCB4AwLgYDVR0QAQH/BCQw
+IoAPMTk5NjEwMjQwMTA0MDBagQ8xOTk2MTEyMzIzNTk1OVowGAYDVR0gBBEwDzAN
+BgtghkgBhvhFAQcBATAMBgNVHRMBAf8EAjAAMA8GBIaNbwMBAf8EBAMCB4AweQYE
+ho1vBwEB/wRuMGwwJAIBADAJBgUrDgMCGgUABBQzOTgyMzk4NzIzNzg5MTM0OTc4
+MhMPdGVyc2Ugc3RhdGVtZW50gBdodHRwOi8vd3d3LnZlcmlzaWduLmNvbYEaZ2V0
+c2V0LWNlbnRlckB2ZXJpc2lnbi5jb20wDQYJKoZIhvcNAQEFBQADgYEAVHCjhxeD
+mIFSkm3DpQAq7pGfcAFPWvSM9I9bK8qeFT1M5YQ+5fbPqaWlNcQlGKIe3cHd4+0P
+ndL5lb6UBhhA0kTzEYA38+HtBxPe/lokCv0bYfyWY9asUmvfbUrTYta0yjN7ixnV
+UqvxxHQHOAwhf6bcc7xNHapOxloWzGUU0RQ=
+-----END CERTIFICATE-----
diff --git a/apps/set/set_root.pem b/apps/set/set_root.pem
new file mode 100644
index 0000000..8dd104f
--- /dev/null
+++ b/apps/set/set_root.pem
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDZzCCAk+gAwIBAgIgVqenwCYvmmxUIvi9gUMCa+uJGJ60mZecw9HrISXnLaYw
+DQYJKoZIhvcNAQEFBQAwIzELMAkGA1UEBhMCVVMxFDASBgNVBAoTC1JDQTEwMTEx
+ODI5MB4XDTk2MTAxMjAwMDAwMFoXDTk2MTExMTIzNTk1OVowIzELMAkGA1UEBhMC
+VVMxFDASBgNVBAoTC1JDQTEwMTExODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAukca0PVUGFIYX7EyrShi+dVi9GTNzG0V2Wtdw6DqFzKfedba/KpE
+zqnRDV/wRZlBn3oXPS6kNCFiBPRV9mEFXI7y2W+q8/vPurjRDIXMsqQ+dAhKwf4q
+rofJBTiET4NUN0YTtpx6aYuoVubjiOgKdbqnUArxAWWP2Dkco17ipEYyUtd4sTAe
+/xKR02AHpbYGYPSHjMDS/nzUJ7uX4d51phs0rt7If48ExJSnDV/KoHMfm42mdmH2
+g23005qdHKY3UXeh10tZmb3QtGTSvF6OqpRZ+e9/ALklu7ZcIjqbb944ci4QWemb
+ZNWiDFrWWUoO1k942BI/iZ8Fh8pETYSDBQIDAQABo4GGMIGDMA4GA1UdDwEB/wQE
+AwIBBjAuBgNVHRABAf8EJDAigA8xOTk2MTAxMjAxMzQwMFqBDzE5OTYxMTExMjM1
+OTU5WjAbBgNVHSABAf8EETAPMA0GC2CGSAGG+EUBBwEBMBIGA1UdEwEB/wQIMAYB
+Af8CAQIwEAYEho1vAwEB/wQFAwMHAIAwDQYJKoZIhvcNAQEFBQADggEBAK4tntea
+y+ws7PdULwfqAS5osaoNvw73uBn5lROTpx91uhQbJyf0oZ3XG9GUuHZBpqG9qmr9
+vIL40RsvRpNMYgaNHKTxF716yx6rZmruAYZsrE3SpV63tQJCckKLPSge2E5uDhSQ
+O8UjusG+IRT9fKMXUHLv4OmZPOQVOSl1qTCN2XoJFqEPtC3Y9P4YR4xHL0P2jb1l
+DLdIbruuh+6omH+0XUZd5fKnQZTTi6gjl0iunj3wGnkcqGZtwr3j87ONiB/8tDwY
+vz8ceII4YYdX12PrNzn+fu3R5rChvPW4/ah/SaYQ2VQ0AupaIF4xrNJ/gLYYw0YO
+bxCrVJLd8tu9WgA=
+-----END CERTIFICATE-----
diff --git a/apps/speed.c b/apps/speed.c
new file mode 100644
index 0000000..e0aff27
--- /dev/null
+++ b/apps/speed.c
@@ -0,0 +1,1068 @@
+/* apps/speed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#undef SECONDS
+#define SECONDS 3
+#define RSA_SECONDS 10
+#define DSA_SECONDS 10
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#undef PROG
+#define PROG speed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "apps.h"
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "crypto.h"
+#include "rand.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#ifndef NO_DES
+#include "des.h"
+#endif
+#ifndef NO_MD2
+#include "md2.h"
+#endif
+#ifndef NO_MDC2
+#include "mdc2.h"
+#endif
+#ifndef NO_MD5
+#include "md5.h"
+#endif
+#if !defined(NO_SHA) && !defined(NO_SHA1)
+#include "sha.h"
+#endif
+#ifndef NO_RC4
+#include "rc4.h"
+#endif
+#ifndef NO_RC2
+#include "rc2.h"
+#endif
+#ifndef NO_IDEA
+#include "idea.h"
+#endif
+#ifndef NO_BLOWFISH
+#include "blowfish.h"
+#endif
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#include "x509.h"
+#include "./testrsa.h"
+#ifndef NO_DSA
+#include "./testdsa.h"
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+static void print_message(char *s,long num,int length);
+static void pkey_print_message(char *str,char *str2,long num,int bits,int sec);
+#else
+static double Time_F();
+static void print_message();
+static void pkey_print_message();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+static SIGRETTYPE sig_done(int sig);
+#else
+static SIGRETTYPE sig_done();
+#endif
+
+static SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+int MAIN(argc,argv)
+int argc;
+char **argv;
+ {
+ unsigned char *buf=NULL,*buf2=NULL;
+ int ret=1;
+#define ALGOR_NUM 11
+#define SIZE_NUM 5
+#define RSA_NUM 4
+#define DSA_NUM 3
+ long count,rsa_count;
+ int i,j,k,rsa_num,rsa_num2;
+ unsigned int kk;
+#ifndef NO_MD2
+ unsigned char md2[MD2_DIGEST_LENGTH];
+#endif
+#ifndef NO_MDC2
+ unsigned char mdc2[MDC2_DIGEST_LENGTH];
+#endif
+#ifndef NO_MD5
+ unsigned char md5[MD5_DIGEST_LENGTH];
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+ unsigned char sha[SHA_DIGEST_LENGTH];
+#endif
+#ifndef NO_RC4
+ RC4_KEY rc4_ks;
+#endif
+#ifndef NO_RC2
+ RC2_KEY rc2_ks;
+#endif
+#ifndef NO_IDEA
+ IDEA_KEY_SCHEDULE idea_ks;
+#endif
+#ifndef NO_BLOWFISH
+ BF_KEY bf_ks;
+#endif
+ static unsigned char key16[16]=
+ {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ unsigned char iv[8];
+#ifndef NO_DES
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+#endif
+#define D_MD2 0
+#define D_MDC2 1
+#define D_MD5 2
+#define D_SHA 3
+#define D_SHA1 4
+#define D_RC4 5
+#define D_CBC_DES 6
+#define D_EDE3_DES 7
+#define D_CBC_IDEA 8
+#define D_CBC_RC2 9
+#define D_CBC_BF 10
+ double d,results[ALGOR_NUM][SIZE_NUM];
+ static int lengths[SIZE_NUM]={8,64,256,1024,8*1024};
+ long c[ALGOR_NUM][SIZE_NUM];
+ static char *names[ALGOR_NUM]={
+ "md2","mdc2","md5","sha","sha1","rc4",
+ "des cbc","des ede3","idea cbc",
+ "rc2 cbc","blowfish cbc"};
+#define R_DSA_512 0
+#define R_DSA_1024 1
+#define R_DSA_2048 2
+#define R_RSA_512 0
+#define R_RSA_1024 1
+#define R_RSA_2048 2
+#define R_RSA_4096 3
+ RSA *rsa_key[RSA_NUM];
+ DSA *dsa_key[DSA_NUM];
+ long rsa_c[RSA_NUM][2];
+ long dsa_c[DSA_NUM][2];
+#ifndef NO_RSA
+ double rsa_results[RSA_NUM][2];
+#endif
+#ifndef NO_DSA
+ double dsa_results[DSA_NUM][2];
+#endif
+ static unsigned int rsa_bits[RSA_NUM]={512,1024,2048,4096};
+ static unsigned int dsa_bits[DSA_NUM]={512,1024,2048};
+ static unsigned char *rsa_data[RSA_NUM]=
+ {test512,test1024,test2048,test4096};
+ static int rsa_data_length[RSA_NUM]={
+ sizeof(test512),sizeof(test1024),
+ sizeof(test2048),sizeof(test4096)};
+ int doit[ALGOR_NUM];
+ int rsa_doit[RSA_NUM];
+ int dsa_doit[DSA_NUM];
+ int pr_header=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ for (i=0; i<RSA_NUM; i++)
+ rsa_key[i]=NULL;
+
+ if ((buf=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+ if ((buf2=(unsigned char *)Malloc((int)BUFSIZE)) == NULL)
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+
+ memset(c,0,sizeof(c));
+ memset(iv,0,sizeof(iv));
+
+ for (i=0; i<ALGOR_NUM; i++)
+ doit[i]=0;
+ for (i=0; i<RSA_NUM; i++)
+ rsa_doit[i]=0;
+ for (i=0; i<DSA_NUM; i++)
+ dsa_doit[i]=0;
+
+ j=0;
+ argc--;
+ argv++;
+ while (argc)
+ {
+#ifndef NO_MD2
+ if (strcmp(*argv,"md2") == 0) doit[D_MD2]=1;
+ else
+#endif
+#ifndef NO_MDC2
+ if (strcmp(*argv,"mdc2") == 0) doit[D_MDC2]=1;
+ else
+#endif
+#ifndef NO_MD5
+ if (strcmp(*argv,"md5") == 0) doit[D_MD5]=1;
+ else
+#endif
+#ifndef NO_SHA
+ if (strcmp(*argv,"sha") == 0) doit[D_SHA]=1;
+ else
+#endif
+#ifndef NO_SHA1
+ if (strcmp(*argv,"sha1") == 0) doit[D_SHA1]=1;
+ else
+#endif
+#ifndef NO_RC4
+ if (strcmp(*argv,"rc4") == 0) doit[D_RC4]=1;
+ else
+#endif
+#ifndef NO_DEF
+ if (strcmp(*argv,"des-cbc") == 0) doit[D_CBC_DES]=1;
+ else if (strcmp(*argv,"des-ede3") == 0) doit[D_EDE3_DES]=1;
+ else
+#endif
+#ifndef NO_RSA
+#ifdef RSAref
+ if (strcmp(*argv,"rsaref") == 0)
+ {
+ RSA_set_default_method(RSA_PKCS1_RSAref());
+ j--;
+ }
+ else
+#endif
+ if (strcmp(*argv,"ssleay") == 0)
+ {
+ RSA_set_default_method(RSA_PKCS1_SSLeay());
+ j--;
+ }
+ else
+#endif /* !NO_RSA */
+ if (strcmp(*argv,"dsa512") == 0) dsa_doit[R_DSA_512]=2;
+ else if (strcmp(*argv,"dsa1024") == 0) dsa_doit[R_DSA_1024]=2;
+ else if (strcmp(*argv,"dsa2048") == 0) dsa_doit[R_DSA_2048]=2;
+ else if (strcmp(*argv,"rsa512") == 0) rsa_doit[R_RSA_512]=2;
+ else if (strcmp(*argv,"rsa1024") == 0) rsa_doit[R_RSA_1024]=2;
+ else if (strcmp(*argv,"rsa2048") == 0) rsa_doit[R_RSA_2048]=2;
+ else if (strcmp(*argv,"rsa4096") == 0) rsa_doit[R_RSA_4096]=2;
+ else
+#ifndef NO_RC2
+ if (strcmp(*argv,"rc2-cbc") == 0) doit[D_CBC_RC2]=1;
+ else if (strcmp(*argv,"rc2") == 0) doit[D_CBC_RC2]=1;
+ else
+#endif
+#ifndef NO_IDEA
+ if (strcmp(*argv,"idea-cbc") == 0) doit[D_CBC_IDEA]=1;
+ else if (strcmp(*argv,"idea") == 0) doit[D_CBC_IDEA]=1;
+ else
+#endif
+#ifndef NO_BLOWFISH
+ if (strcmp(*argv,"bf-cbc") == 0) doit[D_CBC_BF]=1;
+ else if (strcmp(*argv,"blowfish") == 0) doit[D_CBC_BF]=1;
+ else
+#endif
+#ifndef NO_DES
+ if (strcmp(*argv,"des") == 0)
+ {
+ doit[D_CBC_DES]=1;
+ doit[D_EDE3_DES]=1;
+ }
+ else
+#endif
+#ifndef NO_RSA
+ if (strcmp(*argv,"rsa") == 0)
+ {
+ rsa_doit[R_RSA_512]=1;
+ rsa_doit[R_RSA_1024]=1;
+ rsa_doit[R_RSA_2048]=1;
+ rsa_doit[R_RSA_4096]=1;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (strcmp(*argv,"dsa") == 0)
+ {
+ dsa_doit[R_DSA_512]=1;
+ dsa_doit[R_DSA_1024]=1;
+ }
+ else
+#endif
+ {
+ BIO_printf(bio_err,"bad value, pick one of\n");
+ BIO_printf(bio_err,"md2 mdc2 md5 sha sha1\n");
+#ifndef NO_IDEA
+ BIO_printf(bio_err,"idea-cbc ");
+#endif
+#ifndef NO_RC2
+ BIO_printf(bio_err,"rc2-cbc ");
+#endif
+#ifndef NO_RC2
+ BIO_printf(bio_err,"bf-cbc");
+#endif
+#if !defined(NO_IDEA) && !defined(NO_RC2) && !defined(NO_BLOWFISH)
+ BIO_printf(bio_err,"\n");
+#endif
+ BIO_printf(bio_err,"des-cbc des-ede3 ");
+#ifndef NO_RC4
+ BIO_printf(bio_err,"rc4");
+#endif
+#ifndef NO_RSA
+ BIO_printf(bio_err,"\nrsa512 rsa1024 rsa2048 rsa4096\n");
+#endif
+#ifndef NO_DSA
+ BIO_printf(bio_err,"\ndsa512 dsa1024 dsa2048\n");
+#endif
+ BIO_printf(bio_err,"idea rc2 des rsa blowfish\n");
+ goto end;
+ }
+ argc--;
+ argv++;
+ j++;
+ }
+
+ if (j == 0)
+ {
+ for (i=0; i<ALGOR_NUM; i++)
+ doit[i]=1;
+ for (i=0; i<RSA_NUM; i++)
+ rsa_doit[i]=1;
+ for (i=0; i<DSA_NUM; i++)
+ dsa_doit[i]=1;
+ }
+ for (i=0; i<ALGOR_NUM; i++)
+ if (doit[i]) pr_header++;
+
+#ifndef TIMES
+ BIO_printf(bio_err,"To get the most accurate results, try to run this\n");
+ BIO_printf(bio_err,"program when this computer is idle.\n");
+#endif
+
+#ifndef NO_RSA
+ for (i=0; i<RSA_NUM; i++)
+ {
+ unsigned char *p;
+
+ p=rsa_data[i];
+ rsa_key[i]=d2i_RSAPrivateKey(NULL,&p,rsa_data_length[i]);
+ if (rsa_key[i] == NULL)
+ {
+ BIO_printf(bio_err,"internal error loading RSA key number %d\n",i);
+ goto end;
+ }
+ }
+#endif
+
+#ifndef NO_DSA
+ dsa_key[0]=get_dsa512();
+ dsa_key[1]=get_dsa1024();
+ dsa_key[2]=get_dsa2048();
+#endif
+
+#ifndef NO_DES
+ des_set_key((C_Block *)key,sch);
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+#endif
+#ifndef NO_IDEA
+ idea_set_encrypt_key(key16,&idea_ks);
+#endif
+#ifndef NO_RC4
+ RC4_set_key(&rc4_ks,16,key16);
+#endif
+#ifndef NO_RC2
+ RC2_set_key(&rc2_ks,16,key16,128);
+#endif
+#ifndef NO_BLOWFISH
+ BF_set_key(&bf_ks,16,key16);
+#endif
+
+ memset(rsa_c,0,sizeof(rsa_c));
+#ifndef SIGALRM
+ BIO_printf(bio_err,"First we calculate the approximate speed ...\n");
+ count=10;
+ do {
+ long i;
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_ecb_encrypt((C_Block *)buf,(C_Block *)buf,
+ &(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d <3);
+ c[D_MD2][0]=count/10;
+ c[D_MDC2][0]=count/10;
+ c[D_MD5][0]=count;
+ c[D_SHA][0]=count;
+ c[D_SHA1][0]=count;
+ c[D_RC4][0]=count*5;
+ c[D_CBC_DES][0]=count;
+ c[D_EDE3_DES][0]=count/3;
+ c[D_CBC_IDEA][0]=count;
+ c[D_CBC_RC2][0]=count;
+ c[D_CBC_BF][0]=count;
+
+ for (i=1; i<SIZE_NUM; i++)
+ {
+ c[D_MD2][i]=c[D_MD2][0]*4*lengths[0]/lengths[i];
+ c[D_MDC2][i]=c[D_MDC2][0]*4*lengths[0]/lengths[i];
+ c[D_MD5][i]=c[D_MD5][0]*4*lengths[0]/lengths[i];
+ c[D_SHA][i]=c[D_SHA][0]*4*lengths[0]/lengths[i];
+ c[D_SHA1][i]=c[D_SHA1][0]*4*lengths[0]/lengths[i];
+ }
+ for (i=1; i<SIZE_NUM; i++)
+ {
+ long l0,l1;
+
+ l0=(long)lengths[i-1];
+ l1=(long)lengths[i];
+ c[D_RC4][i]=c[D_RC4][i-1]*l0/l1;
+ c[D_CBC_DES][i]=c[D_CBC_DES][i-1]*l0/l1;
+ c[D_EDE3_DES][i]=c[D_EDE3_DES][i-1]*l0/l1;
+ c[D_CBC_IDEA][i]=c[D_CBC_IDEA][i-1]*l0/l1;
+ c[D_CBC_RC2][i]=c[D_CBC_RC2][i-1]*l0/l1;
+ c[D_CBC_BF][i]=c[D_CBC_BF][i-1]*l0/l1;
+ }
+ rsa_c[R_RSA_512][0]=count/2000;
+ rsa_c[R_RSA_512][1]=count/400;
+ for (i=1; i<RSA_NUM; i++)
+ {
+ rsa_c[i][0]=rsa_c[i-1][0]/8;
+ rsa_c[i][1]=rsa_c[i-1][1]/4;
+ if ((rsa_doit[i] <= 1) && (rsa_c[i][0] == 0))
+ rsa_doit[i]=0;
+ else
+ {
+ if (rsa_c[i] == 0)
+ {
+ rsa_c[i][0]=1;
+ rsa_c[i][1]=20;
+ }
+ }
+ }
+
+ dsa_c[R_DSA_512][0]=count/1000;
+ dsa_c[R_DSA_512][1]=count/1000/2;
+ for (i=1; i<DSA_NUM; i++)
+ {
+ dsa_c[i][0]=dsa_c[i-1][0]/4;
+ dsa_c[i][1]=dsa_c[i-1][1]/4;
+ if ((dsa_doit[i] <= 1) && (dsa_c[i][0] == 0))
+ dsa_doit[i]=0;
+ else
+ {
+ if (dsa_c[i] == 0)
+ {
+ dsa_c[i][0]=1;
+ dsa_c[i][1]=1;
+ }
+ }
+ }
+
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+#endif
+
+#ifndef NO_MD2
+ if (doit[D_MD2])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MD2],c[D_MD2][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_MD2][j]); count++)
+ MD2(buf,(unsigned long)lengths[j],&(md2[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MD2],d);
+ results[D_MD2][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_MDC2
+ if (doit[D_MDC2])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MDC2],c[D_MDC2][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_MDC2][j]); count++)
+ MDC2(buf,(unsigned long)lengths[j],&(mdc2[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MDC2],d);
+ results[D_MDC2][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
+#ifndef NO_MD5
+ if (doit[D_MD5])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_MD5],c[D_MD5][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_MD5][j]); count++)
+ MD5(buf,(unsigned long)lengths[j],&(md5[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_MD5],d);
+ results[D_MD5][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
+#ifndef NO_SHA
+ if (doit[D_SHA])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_SHA],c[D_SHA][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_SHA][j]); count++)
+ SHA(buf,(unsigned long)lengths[j],&(sha[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_SHA],d);
+ results[D_SHA][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_SHA1
+ if (doit[D_SHA1])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_SHA1],c[D_SHA1][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_SHA1][j]); count++)
+ SHA1(buf,(unsigned long)lengths[j],&(sha[0]));
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_SHA1],d);
+ results[D_SHA1][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_RC4
+ if (doit[D_RC4])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_RC4],c[D_RC4][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_RC4][j]); count++)
+ RC4(&rc4_ks,(unsigned int)lengths[j],
+ buf,buf);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_RC4],d);
+ results[D_RC4][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_DES
+ if (doit[D_CBC_DES])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_DES],c[D_CBC_DES][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_DES][j]); count++)
+ des_ncbc_encrypt((C_Block *)buf,
+ (C_Block *)buf,
+ (long)lengths[j],sch,
+ (C_Block *)&(iv[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_DES],d);
+ results[D_CBC_DES][j]=((double)count)/d*lengths[j];
+ }
+ }
+
+ if (doit[D_EDE3_DES])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_EDE3_DES],c[D_EDE3_DES][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_EDE3_DES][j]); count++)
+ des_ede3_cbc_encrypt((C_Block *)buf,
+ (C_Block *)buf,
+ (long)lengths[j],sch,sch2,sch3,
+ (C_Block *)&(iv[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_EDE3_DES],d);
+ results[D_EDE3_DES][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_IDEA
+ if (doit[D_CBC_IDEA])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_IDEA],c[D_CBC_IDEA][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_IDEA][j]); count++)
+ idea_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&idea_ks,
+ (unsigned char *)&(iv[0]),IDEA_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_IDEA],d);
+ results[D_CBC_IDEA][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_RC2
+ if (doit[D_CBC_RC2])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_RC2],c[D_CBC_RC2][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_RC2][j]); count++)
+ RC2_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&rc2_ks,
+ (unsigned char *)&(iv[0]),RC2_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_RC2],d);
+ results[D_CBC_RC2][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+#ifndef NO_BLOWFISH
+ if (doit[D_CBC_BF])
+ {
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ print_message(names[D_CBC_BF],c[D_CBC_BF][j],lengths[j]);
+ Time_F(START);
+ for (count=0,run=1; COND(c[D_CBC_BF][j]); count++)
+ BF_cbc_encrypt(buf,buf,
+ (unsigned long)lengths[j],&bf_ks,
+ (unsigned char *)&(iv[0]),BF_ENCRYPT);
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %s's in %.2fs\n",
+ count,names[D_CBC_BF],d);
+ results[D_CBC_BF][j]=((double)count)/d*lengths[j];
+ }
+ }
+#endif
+
+ RAND_bytes(buf,30);
+#ifndef NO_RSA
+ for (j=0; j<RSA_NUM; j++)
+ {
+ if (!rsa_doit[j]) continue;
+ pkey_print_message("private","rsa",rsa_c[j][0],rsa_bits[j],
+ RSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(rsa_c[j][0]); count++)
+ {
+ rsa_num=RSA_private_encrypt(30,buf,buf2,rsa_key[j],
+ RSA_PKCS1_PADDING);
+ if (rsa_num <= 0)
+ {
+ BIO_printf(bio_err,"RSA private encrypt failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit private RSA's in %.2fs\n",
+ count,rsa_bits[j],d);
+ rsa_results[j][0]=d/(double)count;
+ rsa_count=count;
+
+ pkey_print_message("public","rsa",rsa_c[j][1],rsa_bits[j],
+ RSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(rsa_c[j][1]); count++)
+ {
+ rsa_num2=RSA_public_decrypt(rsa_num,buf2,buf,rsa_key[j],
+ RSA_PKCS1_PADDING);
+ if (rsa_num2 <= 0)
+ {
+ BIO_printf(bio_err,"RSA public encrypt failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit public RSA's in %.2fs\n",
+ count,rsa_bits[j],d);
+ rsa_results[j][1]=d/(double)count;
+
+ if (rsa_count <= 1)
+ {
+ /* if longer than 10s, don't do any more */
+ for (j++; j<RSA_NUM; j++)
+ rsa_doit[j]=0;
+ }
+ }
+#endif
+
+ RAND_bytes(buf,20);
+#ifndef NO_DSA
+ for (j=0; j<DSA_NUM; j++)
+ {
+ if (!dsa_doit[j]) continue;
+ DSA_generate_key(dsa_key[j]);
+/* DSA_sign_setup(dsa_key[j],NULL); */
+ pkey_print_message("sign","dsa",dsa_c[j][0],dsa_bits[j],
+ DSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(dsa_c[j][0]); count++)
+ {
+ rsa_num=DSA_sign(EVP_PKEY_DSA,buf,20,buf2,
+ &kk,dsa_key[j]);
+ if (rsa_num <= 0)
+ {
+ BIO_printf(bio_err,"DSA sign failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit DSA signs in %.2fs\n",
+ count,dsa_bits[j],d);
+ dsa_results[j][0]=d/(double)count;
+ rsa_count=count;
+
+ pkey_print_message("verify","dsa",dsa_c[j][1],dsa_bits[j],
+ DSA_SECONDS);
+ Time_F(START);
+ for (count=0,run=1; COND(dsa_c[j][1]); count++)
+ {
+ rsa_num2=DSA_verify(EVP_PKEY_DSA,buf,20,buf2,
+ kk,dsa_key[j]);
+ if (rsa_num2 <= 0)
+ {
+ BIO_printf(bio_err,"DSA verify failure\n");
+ ERR_print_errors(bio_err);
+ count=1;
+ break;
+ }
+ }
+ d=Time_F(STOP);
+ BIO_printf(bio_err,"%ld %d bit DSA verify in %.2fs\n",
+ count,dsa_bits[j],d);
+ dsa_results[j][1]=d/(double)count;
+
+ if (rsa_count <= 1)
+ {
+ /* if longer than 10s, don't do any more */
+ for (j++; j<DSA_NUM; j++)
+ dsa_doit[j]=0;
+ }
+ }
+#endif
+
+ fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_VERSION));
+ fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_BUILT_ON));
+ printf("options:");
+ printf("%s ",BN_options());
+#ifndef NO_MD2
+ printf("%s ",MD2_options());
+#endif
+#ifndef NO_RC4
+ printf("%s ",RC4_options());
+#endif
+#ifndef NO_DES
+ printf("%s ",des_options());
+#endif
+#ifndef NO_IDEA
+ printf("%s ",idea_options());
+#endif
+#ifndef NO_BLOWFISH
+ printf("%s ",BF_options());
+#endif
+ fprintf(stdout,"%s\n",SSLeay_version(SSLEAY_CFLAGS));
+
+ if (pr_header)
+ {
+ fprintf(stdout,"The 'numbers' are in 1000s of bytes per second processed.\n");
+ fprintf(stdout,"type ");
+ for (j=0; j<SIZE_NUM; j++)
+ fprintf(stdout,"%7d bytes",lengths[j]);
+ fprintf(stdout,"\n");
+ }
+
+ for (k=0; k<ALGOR_NUM; k++)
+ {
+ if (!doit[k]) continue;
+ fprintf(stdout,"%-12s",names[k]);
+ for (j=0; j<SIZE_NUM; j++)
+ {
+ if (results[k][j] > 10000)
+ fprintf(stdout," %11.2fk",results[k][j]/1e3);
+ else
+ fprintf(stdout," %11.2f ",results[k][j]);
+ }
+ fprintf(stdout,"\n");
+ }
+#ifndef NO_RSA
+ j=1;
+ for (k=0; k<RSA_NUM; k++)
+ {
+ if (!rsa_doit[k]) continue;
+ if (j) { printf("%18ssign verify\n"," "); j=0; }
+ fprintf(stdout,"rsa %4d bits %8.4fs %8.4fs",
+ rsa_bits[k],rsa_results[k][0],rsa_results[k][1]);
+ fprintf(stdout,"\n");
+ }
+#endif
+#ifndef NO_DSA
+ j=1;
+ for (k=0; k<DSA_NUM; k++)
+ {
+ if (!dsa_doit[k]) continue;
+ if (j) { printf("%18ssign verify\n"," "); j=0; }
+ fprintf(stdout,"dsa %4d bits %8.4fs %8.4fs",
+ dsa_bits[k],dsa_results[k][0],dsa_results[k][1]);
+ fprintf(stdout,"\n");
+ }
+#endif
+ ret=0;
+end:
+ if (buf != NULL) Free(buf);
+ if (buf2 != NULL) Free(buf2);
+#ifndef NO_RSA
+ for (i=0; i<RSA_NUM; i++)
+ if (rsa_key[i] != NULL)
+ RSA_free(rsa_key[i]);
+#endif
+#ifndef NO_DSA
+ for (i=0; i<DSA_NUM; i++)
+ if (dsa_key[i] != NULL)
+ DSA_free(dsa_key[i]);
+#endif
+ EXIT(ret);
+ }
+
+static void print_message(s,num,length)
+char *s;
+long num;
+int length;
+ {
+#ifdef SIGALRM
+ BIO_printf(bio_err,"Doing %s for %ds on %d size blocks: ",s,SECONDS,length);
+ BIO_flush(bio_err);
+ alarm(SECONDS);
+#else
+ BIO_printf(bio_err,"Doing %s %ld times on %d size blocks: ",s,num,length);
+ BIO_flush(bio_err);
+#endif
+#ifdef LINT
+ num=num;
+#endif
+ }
+
+static void pkey_print_message(str,str2,num,bits,tm)
+char *str;
+char *str2;
+long num;
+int bits;
+int tm;
+ {
+#ifdef SIGALRM
+ BIO_printf(bio_err,"Doing %d bit %s %s's for %ds: ",bits,str,str2,tm);
+ BIO_flush(bio_err);
+ alarm(RSA_SECONDS);
+#else
+ BIO_printf(bio_err,"Doing %ld %d bit %s %s's: ",num,bits,str,str2);
+ BIO_flush(bio_err);
+#endif
+#ifdef LINT
+ num=num;
+#endif
+ }
diff --git a/apps/ssleay.c b/apps/ssleay.c
new file mode 100644
index 0000000..f69f14a
--- /dev/null
+++ b/apps/ssleay.c
@@ -0,0 +1,339 @@
+/* apps/ssleay.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define DEBUG
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "crypto.h"
+#include "lhash.h"
+#include "conf.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#define SSLEAY /* turn off a few special case MONOLITH macros */
+#define USE_SOCKETS /* needed for the _O_BINARY defs in the MS world */
+#define SSLEAY_SRC
+#include "apps.h"
+#include "s_apps.h"
+#include "err.h"
+
+
+#ifndef NOPROTO
+static unsigned long MS_CALLBACK hash(FUNCTION *a);
+static int MS_CALLBACK cmp(FUNCTION *a,FUNCTION *b);
+static LHASH *prog_init(void );
+static int do_cmd(LHASH *prog,int argc,char *argv[]);
+static void sig_stop(int i);
+#else
+static unsigned long MS_CALLBACK hash();
+static int MS_CALLBACK cmp();
+static LHASH *prog_init();
+static int do_cmd();
+static void sig_stop();
+#endif
+
+LHASH *config=NULL;
+char *default_config_file=NULL;
+
+#ifdef DEBUG
+static void sig_stop(i)
+int i;
+ {
+ char *a=NULL;
+
+ *a='\0';
+ }
+#endif
+
+/* Make sure there is only one when MONOLITH is defined */
+#ifdef MONOLITH
+BIO *bio_err=NULL;
+#endif
+
+int main(Argc,Argv)
+int Argc;
+char *Argv[];
+ {
+ ARGS arg;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+ FUNCTION f,*fp;
+ MS_STATIC char *prompt,buf[1024],config_name[256];
+ int n,i,ret=0;
+ int argc;
+ char **argv,*p;
+ LHASH *prog=NULL;
+ long errline;
+
+ arg.data=NULL;
+ arg.count=0;
+
+ /* SSLeay_add_ssl_algorithms(); is called in apps_startup() */
+ apps_startup();
+
+#if defined(DEBUG) && !defined(WINDOWS) && !defined(MSDOS)
+#ifdef SIGBUS
+ signal(SIGBUS,sig_stop);
+#endif
+#ifdef SIGSEGV
+ signal(SIGSEGV,sig_stop);
+#endif
+#endif
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ ERR_load_crypto_strings();
+
+ /* Lets load up our environment a little */
+ p=getenv("SSLEAY_CONF");
+ if (p == NULL)
+ {
+ strcpy(config_name,X509_get_default_cert_area());
+ strcat(config_name,"/lib/");
+ strcat(config_name,SSLEAY_CONF);
+ p=config_name;
+ }
+
+ default_config_file=p;
+
+ config=CONF_load(config,p,&errline);
+ if (config == NULL) ERR_clear_error();
+
+ prog=prog_init();
+
+ /* first check the program name */
+ program_name(Argv[0],pname,PROG_NAME_SIZE);
+
+ f.name=pname;
+ fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
+ if (fp != NULL)
+ {
+ Argv[0]=pname;
+ ret=fp->func(Argc,Argv);
+ goto end;
+ }
+
+ /* ok, now check that there are not arguments, if there are,
+ * run with them, shifting the ssleay off the front */
+ if (Argc != 1)
+ {
+ Argc--;
+ Argv++;
+ ret=do_cmd(prog,Argc,Argv);
+ if (ret < 0) ret=0;
+ goto end;
+ }
+
+ /* ok, lets enter the old 'SSLeay>' mode */
+
+ for (;;)
+ {
+ ret=0;
+ p=buf;
+ n=1024;
+ i=0;
+ for (;;)
+ {
+ p[0]='\0';
+ if (i++)
+ prompt=">";
+ else prompt="SSLeay>";
+ fputs(prompt,stdout);
+ fflush(stdout);
+ fgets(p,n,stdin);
+ if (p[0] == '\0') goto end;
+ i=strlen(p);
+ if (i <= 1) break;
+ if (p[i-2] != '\\') break;
+ i-=2;
+ p+=i;
+ n-=i;
+ }
+ if (!chopup_args(&arg,buf,&argc,&argv)) break;
+
+ ret=do_cmd(prog,argc,argv);
+ if (ret < 0)
+ {
+ ret=0;
+ goto end;
+ }
+ if (ret != 0)
+ BIO_printf(bio_err,"error in %s\n",argv[0]);
+ }
+ BIO_printf(bio_err,"bad exit\n");
+ ret=1;
+end:
+ if (config != NULL)
+ {
+ CONF_free(config);
+ config=NULL;
+ }
+ if (prog != NULL) lh_free(prog);
+ if (arg.data != NULL) Free(arg.data);
+ ERR_remove_state(0);
+
+ EVP_cleanup();
+
+ CRYPTO_mem_leaks(bio_err);
+ if (bio_err != NULL)
+ {
+ BIO_free(bio_err);
+ bio_err=NULL;
+ }
+ EXIT(ret);
+ }
+
+static int do_cmd(prog,argc,argv)
+LHASH *prog;
+int argc;
+char *argv[];
+ {
+ FUNCTION f,*fp;
+ int i,ret=1,tp,nl;
+
+ if ((argc <= 0) || (argv[0] == NULL))
+ { ret=0; goto end; }
+ f.name=argv[0];
+ fp=(FUNCTION *)lh_retrieve(prog,(char *)&f);
+ if (fp != NULL)
+ {
+ ret=fp->func(argc,argv);
+ }
+ else if ((strcmp(argv[0],"quit") == 0) ||
+ (strcmp(argv[0],"q") == 0) ||
+ (strcmp(argv[0],"exit") == 0) ||
+ (strcmp(argv[0],"bye") == 0))
+ {
+ ret= -1;
+ goto end;
+ }
+ else
+ {
+ BIO_printf(bio_err,"'%s' is a bad command, valid commands are",
+ argv[0]);
+ i=0;
+ fp=functions;
+ tp=0;
+ for (fp=functions; fp->name != NULL; fp++)
+ {
+ nl=0;
+ if (((i++) % 5) == 0)
+ {
+ BIO_printf(bio_err,"\n");
+ nl=1;
+ }
+ if (fp->type != tp)
+ {
+ tp=fp->type;
+ if (!nl) BIO_printf(bio_err,"\n");
+ if (tp == FUNC_TYPE_MD)
+ {
+ i=1;
+ BIO_printf(bio_err,
+ "Message Digest commands - see the dgst command for more details\n");
+ }
+ else if (tp == FUNC_TYPE_CIPHER)
+ {
+ i=1;
+ BIO_printf(bio_err,"Cipher commands - see the enc command for more details\n");
+ }
+ }
+ BIO_printf(bio_err,"%-15s",fp->name);
+ }
+ BIO_printf(bio_err,"\nquit\n");
+ ret=0;
+ }
+end:
+ return(ret);
+ }
+
+static LHASH *prog_init()
+ {
+ LHASH *ret;
+ FUNCTION *f;
+
+ if ((ret=lh_new(hash,cmp)) == NULL) return(NULL);
+
+ for (f=functions; f->name != NULL; f++)
+ lh_insert(ret,(char *)f);
+ return(ret);
+ }
+
+static int MS_CALLBACK cmp(a,b)
+FUNCTION *a,*b;
+ {
+ return(strncmp(a->name,b->name,8));
+ }
+
+static unsigned long MS_CALLBACK hash(a)
+FUNCTION *a;
+ {
+ return(lh_strhash(a->name));
+ }
+
+#undef SSLEAY
diff --git a/apps/ssleay.cnf b/apps/ssleay.cnf
new file mode 100644
index 0000000..0b3bfa6
--- /dev/null
+++ b/apps/ssleay.cnf
@@ -0,0 +1,116 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = $ENV::HOME/.rnd
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = ./demoCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/newcerts # default place for new certs.
+
+certificate = $dir/cacert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/cakey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+x509_extensions = x509v3_extensions # The extentions to add to the cert
+default_days = 365 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = md5 # which md to use.
+preserve = no # keep passed DN ordering
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 1024
+default_keyfile = privkey.pem
+distinguished_name = req_distinguished_name
+attributes = req_attributes
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_min = 2
+countryName_max = 2
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Some-State
+
+localityName = Locality Name (eg, city)
+
+0.organizationName = Organization Name (eg, company)
+0.organizationName_default = Internet Widgits Pty Ltd
+
+# we can do this but it is not needed normally :-)
+#1.organizationName = Second Organization Name (eg, company)
+#1.organizationName_default = CryptSoft Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+#organizationalUnitName_default =
+
+commonName = Common Name (eg, YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 40
+
+[ req_attributes ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+[ x509v3_extensions ]
+
+nsCaRevocationUrl = http://www.cryptsoft.com/ca-crl.pem
+nsComment = "This is a comment"
+
+# under ASN.1, the 0 bit would be encoded as 80
+nsCertType = 0x40
+
+#nsBaseUrl
+#nsRevocationUrl
+#nsRenewalUrl
+#nsCaPolicyUrl
+#nsSslServerName
+#nsCertSequence
+#nsCertExt
+#nsDataType
+
diff --git a/apps/stuff/pkcs12.der b/apps/stuff/pkcs12.der
new file mode 100644
index 0000000..49c28b4
--- /dev/null
+++ b/apps/stuff/pkcs12.der
Binary files differ
diff --git a/apps/stuff/pkcs7.ex1 b/apps/stuff/pkcs7.ex1
new file mode 100644
index 0000000..0eed41b
--- /dev/null
+++ b/apps/stuff/pkcs7.ex1
@@ -0,0 +1,25 @@
+-----BEGIN xxx-----
+MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIB
+rTCCAUkCAgC2MA0GCSqGSIb3DQEBAgUAME0xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEcMBoGA1UECxMT
+UGVyc29uYSBDZXJ0aWZpY2F0ZTAeFw05NDA0MDkwMDUwMzdaFw05NDA4
+MDIxODM4NTdaMGcxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEcMBoGA1UECxMTUGVyc29uYSBDZXJ0aWZp
+Y2F0ZTEYMBYGA1UEAxMPU2V0ZWMgQXN0cm9ub215MFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAMy8QcW7RMrB4sTdQ8Nmb2DFmJmkWn+el+NdeamI
+DElX/qw9mIQu4xNj1FfepfJNxzPvA0OtMKhy6+bkrlyMEU8CAwEAATAN
+BgkqhkiG9w0BAQIFAANPAAYn7jDgirhiIL4wnP8nGzUisGSpsFsF4/7z
+2P2wqne6Qk8Cg/Dstu3RyaN78vAMGP8d82H5+Ndfhi2mRp4YHiGHz0Hl
+K6VbPfnyvS2wdjCCAccwggFRAgUCQAAAFDANBgkqhkiG9w0BAQIFADBf
+MQswCQYDVQQGEwJVUzEgMB4GA1UEChMXUlNBIERhdGEgU2VjdXJpdHks
+IEluYy4xLjAsBgNVBAsTJUxvdyBBc3N1cmFuY2UgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkwHhcNOTQwMTA3MDAwMDAwWhcNOTYwMTA3MjM1OTU5
+WjBNMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXUlNBIERhdGEgU2VjdXJp
+dHksIEluYy4xHDAaBgNVBAsTE1BlcnNvbmEgQ2VydGlmaWNhdGUwaTAN
+BgkqhkiG9w0BAQEFAANYADBVAk4GqghQDa9Xi/2zAdYEqJVIcYhlLN1F
+pI9tXQ1m6zZ39PYXK8Uhoj0Es7kWRv8hC04vqkOKwndWbzVtvoHQOmP8
+nOkkuBi+AQvgFoRcgOUCAwEAATANBgkqhkiG9w0BAQIFAANhAD/5Uo7x
+Ddp49oZm9GoNcPhZcW1e+nojLvHXWAU/CBkwfcR+FSf4hQ5eFu1AjYv6
+Wqf430Xe9Et5+jgnMTiq4LnwgTdA8xQX4elJz9QzQobkE3XVOjVAtCFc
+miin80RB8AAAMYAAAAAAAAAAAA==
+-----END xxx-----
diff --git a/apps/stuff/pkcs7.ex2 b/apps/stuff/pkcs7.ex2
new file mode 100644
index 0000000..2b21a67
--- /dev/null
+++ b/apps/stuff/pkcs7.ex2
@@ -0,0 +1,11 @@
+-----BEGIN PRIVACY-ENHANCED MESSAGE-----
+MIAGCSqGSIb3DQEHBqCAMIACAQAwgAYJKoZIhvcNAQcBMBEGBSsOAwIHBAifqtdy
+x6uIMYCCARgvFzJtOZBn773DtmXlx037ck3giqnV0WC0QAx5f+fesAiGaxMqWcir
+r9XvT0nT0LgSQ/8tiLCDBEKdyCNgdcJAduy3D0r2sb5sNTT0TyL9uydG3w55vTnW
+aPbCPCWLudArI1UHDZbnoJICrVehxG/sYX069M8v6VO8PsJS7//hh1yM+0nekzQ5
+l1p0j7uWKu4W0csrlGqhLvEJanj6dQAGSTNCOoH3jzEXGQXntgesk8poFPfHdtj0
+5RH4MuJRajDmoEjlrNcnGl/BdHAd2JaCo6uZWGcnGAgVJ/TVfSVSwN5nlCK87tXl
+nL7DJwaPRYwxb3mnPKNq7ATiJPf5u162MbwxrddmiE7e3sST7naSN+GS0ateY5X7
+AAAAAAAAAAA=
+-----END PRIVACY-ENHANCED MESSAGE-----
+
diff --git a/apps/stuff/pkcs7.ex3 b/apps/stuff/pkcs7.ex3
new file mode 100644
index 0000000..b2eabef
--- /dev/null
+++ b/apps/stuff/pkcs7.ex3
@@ -0,0 +1,12 @@
+-----BEGIN PRIVACY-ENHANCED MESSAGE-----
+MIAGCSqGSIb3DQEHA6CAMIACAQAxgDCBqQIBADBTME0xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEcMBoGA1UECxMTUGVyc29u
+YSBDZXJ0aWZpY2F0ZQICALYwDQYJKoZIhvcNAQEBBQAEQCU/R+YCJSUsV6XLilHG
+cNVzwqKcWzmT/rZ+duOv8Ggb7oO/d8H3xUVGQ2LsX4kYGq2szwj8Q6eWhsmhf4oz
+lvMAADCABgkqhkiG9w0BBwEwEQYFKw4DAgcECFif7BadXlw3oIAEgZBNcMexKe16
++mNxx8YQPukBCL0bWqS86lvws/AgRkKPELmysBi5lco8MBCsWK/fCyrnxIRHs1oK
+BXBVlsAhKkkusk1kCf/GbXSAphdSgG+d6LxrNZwHbBFOX6A2hYS63Iczd5bOVDDW
+Op2gcgUtMJq6k2LFrs4L7HHqRPPlqNJ6j5mFP4xkzOCNIQynpD1rV6EECMIk/T7k
+1JLSAAAAAAAAAAAAAA==
+-----END PRIVACY-ENHANCED MESSAGE-----
+
diff --git a/apps/stuff/pkcs7.pem b/apps/stuff/pkcs7.pem
new file mode 100644
index 0000000..eef654c
--- /dev/null
+++ b/apps/stuff/pkcs7.pem
@@ -0,0 +1,46 @@
+-----BEGIN PKCS7-----
+MIIIEgYJKoZIhvcNAQcCMIIIAwIBATEAMAsGCSqGSIb3DQEHAaCCBDUwggIhMIIB
+jgIFAnIAAGcwDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
+F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk1MDUxNzAwMDAwMFoXDTk1MTEx
+NjIzNTk1OVowdzELMAkGA1UEBhMCVVMxFzAVBgNVBAgTDk5vcnRoIENhcm9saW5h
+MRIwEAYDVQQHEwlDaGFybG90dGUxIzAhBgNVBAoTGlZuZXQgSW50ZXJuZXQgQWNj
+ZXNzLCBJbmMuMRYwFAYDVQQDFA13d3cqLnZuZXQubmV0MHwwDQYJKoZIhvcNAQEB
+BQADawAwaAJhAOngW+io4W1lAp1b2k4+KqICaLHatp6AWkPLpa3Li2mwmggSGeRD
+AmTI4FQB0EFrDMfKLOteHgGoDJ0vifmV5cKvevRt5Gn+xPn54Halu7i145iUldyv
+oViUNpWmLJhKTQIDAQABMA0GCSqGSIb3DQEBAgUAA34AQkyfJje6H8fxtN68TvXV
+RibnPpQol2jMbh0VnK9cP9ePvsXy+7JoGuWxj6zlgjZGwia49xITggZ+0b+wP51l
+5e8xEEc2K7eC5QVD0qh/NSqdPcVP+UG6UK/LT25w/yLuZgqJ3g87kGbOo9myLhkZ
+3jr3kXnsriBmwmqcjgUwggIMMIIBlgIFAkAAAEUwDQYJKoZIhvcNAQECBQAwXzEL
+MAkGA1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4w
+LAYDVQQLEyVMb3cgQXNzdXJhbmNlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4X
+DTk0MTEwOTIzMTk0NFoXDTk5MTIzMTIzMTk0NFowXzELMAkGA1UEBhMCVVMxIDAe
+BgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUg
+U2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGbMA0GCSqGSIb3DQEBAQUA
+A4GJADCBhQJ+AJLOesGugz5aqomDV6wlAXYMra6OLDfO6zV4ZFQD5YRAUcm/jwji
+ioII0haGN1XpsSECrXZogZoFokvJSyVmIlZsiAeP94FZbYQHZXATcXY+m3dM41CJ
+VphIuR2nKRoTLkoRWZweFdVJVCxzOmmCsZc5nG1wZ0jl3S3WyB57AgMBAAEwDQYJ
+KoZIhvcNAQECBQADYQAjOCnuhWTdRq+8PhUBSzKbOhmafQQPQ8Ltw+49U8N1zgq9
+1ROaW46znUQykAPUdaAIflEfV2e0ULuyOWCwDJ2ME7NUmWL86SLkk6QLC9iItjva
+h+tdpLV/+TerjmrxCWChggOyMIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxIDAeBgNVBAoTF1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYD
+VQQLEyVTZWN1cmUgU2VydmVyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1
+MDIwMjEyMjZaFw05NTA2MDEwMDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcy
+NDI2WjAWAgUCQQAACRcNOTUwMjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAx
+MjQ5WjAWAgUCQQAADBcNOTUwMjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0
+MDQ5WjAWAgUCQQAAFhcNOTUwMzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0
+MDQxWjAWAgUCQQAAHxcNOTUwMzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAw
+NzExWjAWAgUCcgAAERcNOTUwMzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDEx
+MzIxWjAWAgUCcgAAHhcNOTUwNDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcx
+NzI0WjAWAgUCcgAAOBcNOTUwNDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIx
+MjI2WjANBgkqhkiG9w0BAQIFAAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6q
+QmK92W0hW158wpJg+ovV3+wQwvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3M
+rJBnZ4GaZDu4FutZh72MR3GtJaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFA
+yp0vMIIBHTCBqDANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEgMB4GA1UE
+ChMXUlNBIERhdGEgU2VjdXJpdHksIEluYy4xLjAsBgNVBAsTJUxvdyBBc3N1cmFu
+Y2UgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkXDTk1MDUwMTE5MjcyOVoXDTk1MDYw
+MTA4MDAwMFowGDAWAgUCQAAAXhcNOTUwMjA4MDE0NjIyWjANBgkqhkiG9w0BAQIF
+AANhAF70VxEAKgGlS2otYkWSqYJ286MMDbdAIoEGCDTtVuLCOP3YKHOSTjFhbIhL
+5mBd+Q/W+lKSqdoyYhdObaBk4I4Wk+/BE2QK1x4QhtYG144spESXIRIKAbhffg1g
+rRe/ETEA
+-----END PKCS7-----
diff --git a/apps/test.ssl b/apps/test.ssl
new file mode 100644
index 0000000..d0566e0
--- /dev/null
+++ b/apps/test.ssl
@@ -0,0 +1,16 @@
+www.microsoft.com:443
+sectest.microsoft.com:443
+https://sectest.microsoft.com/ClientAuth/test.asp
+ssl3.netscape.com:443
+ssl3.netscape.com:444
+www.openmarket.com:443 - no session ID caching. - no swap
+
+Servers
+bad www.openmarket.com Open-Market-Secure-WebServer/V2.1
+bad www.microsoft.com Server: Microsoft-IIS/3.0
+good transact.netscape.com Netscape-Enterprise/2.01
+
+clients
+good netscape
+hmm MSIE
+
diff --git a/apps/testCA.pem b/apps/testCA.pem
new file mode 100644
index 0000000..dcb710a
--- /dev/null
+++ b/apps/testCA.pem
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBBzCBsgIBADBNMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEX
+MBUGA1UEChMOTWluY29tIFB0eSBMdGQxEDAOBgNVBAMTB1RFU1QgQ0EwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEAzW9brgA8efT2ODB+NrsflJZj3KKqKsm4OrXTRqfL
+VETj1ws/zCXl42XJAxdWQMCP0liKfc9Ut4xi1qCVI7N07wIDAQABoAAwDQYJKoZI
+hvcNAQEEBQADQQBjZZ42Det9Uw0AFwJy4ufUEy5Cv74pxBp5SZnljgHY+Az0Hs2S
+uNkIegr2ITX5azKi9nOkg9ZmsmGG13FIjiC/
+-----END CERTIFICATE REQUEST-----
diff --git a/apps/testdsa.h b/apps/testdsa.h
new file mode 100644
index 0000000..8e8aea6
--- /dev/null
+++ b/apps/testdsa.h
@@ -0,0 +1,155 @@
+/* NOCW */
+#ifndef NOPROTO
+DSA *get_dsa512(void );
+DSA *get_dsa1024(void );
+DSA *get_dsa2048(void );
+#else
+DSA *get_dsa512();
+DSA *get_dsa1024();
+DSA *get_dsa2048();
+#endif
+
+static unsigned char dsa512_p[]={
+ 0x9D,0x1B,0x69,0x8E,0x26,0xDB,0xF2,0x2B,0x11,0x70,0x19,0x86,
+ 0xF6,0x19,0xC8,0xF8,0x19,0xF2,0x18,0x53,0x94,0x46,0x06,0xD0,
+ 0x62,0x50,0x33,0x4B,0x02,0x3C,0x52,0x30,0x03,0x8B,0x3B,0xF9,
+ 0x5F,0xD1,0x24,0x06,0x4F,0x7B,0x4C,0xBA,0xAA,0x40,0x9B,0xFD,
+ 0x96,0xE4,0x37,0x33,0xBB,0x2D,0x5A,0xD7,0x5A,0x11,0x40,0x66,
+ 0xA2,0x76,0x7D,0x31,
+ };
+static unsigned char dsa512_q[]={
+ 0xFB,0x53,0xEF,0x50,0xB4,0x40,0x92,0x31,0x56,0x86,0x53,0x7A,
+ 0xE8,0x8B,0x22,0x9A,0x49,0xFB,0x71,0x8F,
+ };
+static unsigned char dsa512_g[]={
+ 0x83,0x3E,0x88,0xE5,0xC5,0x89,0x73,0xCE,0x3B,0x6C,0x01,0x49,
+ 0xBF,0xB3,0xC7,0x9F,0x0A,0xEA,0x44,0x91,0xE5,0x30,0xAA,0xD9,
+ 0xBE,0x5B,0x5F,0xB7,0x10,0xD7,0x89,0xB7,0x8E,0x74,0xFB,0xCF,
+ 0x29,0x1E,0xEB,0xA8,0x2C,0x54,0x51,0xB8,0x10,0xDE,0xA0,0xCE,
+ 0x2F,0xCC,0x24,0x6B,0x90,0x77,0xDE,0xA2,0x68,0xA6,0x52,0x12,
+ 0xA2,0x03,0x9D,0x20,
+ };
+
+DSA *get_dsa512()
+ {
+ DSA *dsa;
+
+ if ((dsa=DSA_new()) == NULL) return(NULL);
+ dsa->p=BN_bin2bn(dsa512_p,sizeof(dsa512_p),NULL);
+ dsa->q=BN_bin2bn(dsa512_q,sizeof(dsa512_q),NULL);
+ dsa->g=BN_bin2bn(dsa512_g,sizeof(dsa512_g),NULL);
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(NULL);
+ return(dsa);
+ }
+
+static unsigned char dsa1024_p[]={
+ 0xA7,0x3F,0x6E,0x85,0xBF,0x41,0x6A,0x29,0x7D,0xF0,0x9F,0x47,
+ 0x19,0x30,0x90,0x9A,0x09,0x1D,0xDA,0x6A,0x33,0x1E,0xC5,0x3D,
+ 0x86,0x96,0xB3,0x15,0xE0,0x53,0x2E,0x8F,0xE0,0x59,0x82,0x73,
+ 0x90,0x3E,0x75,0x31,0x99,0x47,0x7A,0x52,0xFB,0x85,0xE4,0xD9,
+ 0xA6,0x7B,0x38,0x9B,0x68,0x8A,0x84,0x9B,0x87,0xC6,0x1E,0xB5,
+ 0x7E,0x86,0x4B,0x53,0x5B,0x59,0xCF,0x71,0x65,0x19,0x88,0x6E,
+ 0xCE,0x66,0xAE,0x6B,0x88,0x36,0xFB,0xEC,0x28,0xDC,0xC2,0xD7,
+ 0xA5,0xBB,0xE5,0x2C,0x39,0x26,0x4B,0xDA,0x9A,0x70,0x18,0x95,
+ 0x37,0x95,0x10,0x56,0x23,0xF6,0x15,0xED,0xBA,0x04,0x5E,0xDE,
+ 0x39,0x4F,0xFD,0xB7,0x43,0x1F,0xB5,0xA4,0x65,0x6F,0xCD,0x80,
+ 0x11,0xE4,0x70,0x95,0x5B,0x50,0xCD,0x49,
+ };
+static unsigned char dsa1024_q[]={
+ 0xF7,0x07,0x31,0xED,0xFA,0x6C,0x06,0x03,0xD5,0x85,0x8A,0x1C,
+ 0xAC,0x9C,0x65,0xE7,0x50,0x66,0x65,0x6F,
+ };
+static unsigned char dsa1024_g[]={
+ 0x4D,0xDF,0x4C,0x03,0xA6,0x91,0x8A,0xF5,0x19,0x6F,0x50,0x46,
+ 0x25,0x99,0xE5,0x68,0x6F,0x30,0xE3,0x69,0xE1,0xE5,0xB3,0x5D,
+ 0x98,0xBB,0x28,0x86,0x48,0xFC,0xDE,0x99,0x04,0x3F,0x5F,0x88,
+ 0x0C,0x9C,0x73,0x24,0x0D,0x20,0x5D,0xB9,0x2A,0x9A,0x3F,0x18,
+ 0x96,0x27,0xE4,0x62,0x87,0xC1,0x7B,0x74,0x62,0x53,0xFC,0x61,
+ 0x27,0xA8,0x7A,0x91,0x09,0x9D,0xB6,0xF1,0x4D,0x9C,0x54,0x0F,
+ 0x58,0x06,0xEE,0x49,0x74,0x07,0xCE,0x55,0x7E,0x23,0xCE,0x16,
+ 0xF6,0xCA,0xDC,0x5A,0x61,0x01,0x7E,0xC9,0x71,0xB5,0x4D,0xF6,
+ 0xDC,0x34,0x29,0x87,0x68,0xF6,0x5E,0x20,0x93,0xB3,0xDB,0xF5,
+ 0xE4,0x09,0x6C,0x41,0x17,0x95,0x92,0xEB,0x01,0xB5,0x73,0xA5,
+ 0x6A,0x7E,0xD8,0x32,0xED,0x0E,0x02,0xB8,
+ };
+
+DSA *get_dsa1024()
+ {
+ DSA *dsa;
+
+ if ((dsa=DSA_new()) == NULL) return(NULL);
+ dsa->p=BN_bin2bn(dsa1024_p,sizeof(dsa1024_p),NULL);
+ dsa->q=BN_bin2bn(dsa1024_q,sizeof(dsa1024_q),NULL);
+ dsa->g=BN_bin2bn(dsa1024_g,sizeof(dsa1024_g),NULL);
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(NULL);
+ return(dsa);
+ }
+
+static unsigned char dsa2048_p[]={
+ 0xA0,0x25,0xFA,0xAD,0xF4,0x8E,0xB9,0xE5,0x99,0xF3,0x5D,0x6F,
+ 0x4F,0x83,0x34,0xE2,0x7E,0xCF,0x6F,0xBF,0x30,0xAF,0x6F,0x81,
+ 0xEB,0xF8,0xC4,0x13,0xD9,0xA0,0x5D,0x8B,0x5C,0x8E,0xDC,0xC2,
+ 0x1D,0x0B,0x41,0x32,0xB0,0x1F,0xFE,0xEF,0x0C,0xC2,0xA2,0x7E,
+ 0x68,0x5C,0x28,0x21,0xE9,0xF5,0xB1,0x58,0x12,0x63,0x4C,0x19,
+ 0x4E,0xFF,0x02,0x4B,0x92,0xED,0xD2,0x07,0x11,0x4D,0x8C,0x58,
+ 0x16,0x5C,0x55,0x8E,0xAD,0xA3,0x67,0x7D,0xB9,0x86,0x6E,0x0B,
+ 0xE6,0x54,0x6F,0x40,0xAE,0x0E,0x67,0x4C,0xF9,0x12,0x5B,0x3C,
+ 0x08,0x7A,0xF7,0xFC,0x67,0x86,0x69,0xE7,0x0A,0x94,0x40,0xBF,
+ 0x8B,0x76,0xFE,0x26,0xD1,0xF2,0xA1,0x1A,0x84,0xA1,0x43,0x56,
+ 0x28,0xBC,0x9A,0x5F,0xD7,0x3B,0x69,0x89,0x8A,0x36,0x2C,0x51,
+ 0xDF,0x12,0x77,0x2F,0x57,0x7B,0xA0,0xAA,0xDD,0x7F,0xA1,0x62,
+ 0x3B,0x40,0x7B,0x68,0x1A,0x8F,0x0D,0x38,0xBB,0x21,0x5D,0x18,
+ 0xFC,0x0F,0x46,0xF7,0xA3,0xB0,0x1D,0x23,0xC3,0xD2,0xC7,0x72,
+ 0x51,0x18,0xDF,0x46,0x95,0x79,0xD9,0xBD,0xB5,0x19,0x02,0x2C,
+ 0x87,0xDC,0xE7,0x57,0x82,0x7E,0xF1,0x8B,0x06,0x3D,0x00,0xA5,
+ 0x7B,0x6B,0x26,0x27,0x91,0x0F,0x6A,0x77,0xE4,0xD5,0x04,0xE4,
+ 0x12,0x2C,0x42,0xFF,0xD2,0x88,0xBB,0xD3,0x92,0xA0,0xF9,0xC8,
+ 0x51,0x64,0x14,0x5C,0xD8,0xF9,0x6C,0x47,0x82,0xB4,0x1C,0x7F,
+ 0x09,0xB8,0xF0,0x25,0x83,0x1D,0x3F,0x3F,0x05,0xB3,0x21,0x0A,
+ 0x5D,0xA7,0xD8,0x54,0xC3,0x65,0x7D,0xC3,0xB0,0x1D,0xBF,0xAE,
+ 0xF8,0x68,0xCF,0x9B,
+ };
+static unsigned char dsa2048_q[]={
+ 0x97,0xE7,0x33,0x4D,0xD3,0x94,0x3E,0x0B,0xDB,0x62,0x74,0xC6,
+ 0xA1,0x08,0xDD,0x19,0xA3,0x75,0x17,0x1B,
+ };
+static unsigned char dsa2048_g[]={
+ 0x2C,0x78,0x16,0x59,0x34,0x63,0xF4,0xF3,0x92,0xFC,0xB5,0xA5,
+ 0x4F,0x13,0xDE,0x2F,0x1C,0xA4,0x3C,0xAE,0xAD,0x38,0x3F,0x7E,
+ 0x90,0xBF,0x96,0xA6,0xAE,0x25,0x90,0x72,0xF5,0x8E,0x80,0x0C,
+ 0x39,0x1C,0xD9,0xEC,0xBA,0x90,0x5B,0x3A,0xE8,0x58,0x6C,0x9E,
+ 0x30,0x42,0x37,0x02,0x31,0x82,0xBC,0x6A,0xDF,0x6A,0x09,0x29,
+ 0xE3,0xC0,0x46,0xD1,0xCB,0x85,0xEC,0x0C,0x30,0x5E,0xEA,0xC8,
+ 0x39,0x8E,0x22,0x9F,0x22,0x10,0xD2,0x34,0x61,0x68,0x37,0x3D,
+ 0x2E,0x4A,0x5B,0x9A,0xF5,0xC1,0x48,0xC6,0xF6,0xDC,0x63,0x1A,
+ 0xD3,0x96,0x64,0xBA,0x34,0xC9,0xD1,0xA0,0xD1,0xAE,0x6C,0x2F,
+ 0x48,0x17,0x93,0x14,0x43,0xED,0xF0,0x21,0x30,0x19,0xC3,0x1B,
+ 0x5F,0xDE,0xA3,0xF0,0x70,0x78,0x18,0xE1,0xA8,0xE4,0xEE,0x2E,
+ 0x00,0xA5,0xE4,0xB3,0x17,0xC8,0x0C,0x7D,0x6E,0x42,0xDC,0xB7,
+ 0x46,0x00,0x36,0x4D,0xD4,0x46,0xAA,0x3D,0x3C,0x46,0x89,0x40,
+ 0xBF,0x1D,0x84,0x77,0x0A,0x75,0xF3,0x87,0x1D,0x08,0x4C,0xA6,
+ 0xD1,0xA9,0x1C,0x1E,0x12,0x1E,0xE1,0xC7,0x30,0x28,0x76,0xA5,
+ 0x7F,0x6C,0x85,0x96,0x2B,0x6F,0xDB,0x80,0x66,0x26,0xAE,0xF5,
+ 0x93,0xC7,0x8E,0xAE,0x9A,0xED,0xE4,0xCA,0x04,0xEA,0x3B,0x72,
+ 0xEF,0xDC,0x87,0xED,0x0D,0xA5,0x4C,0x4A,0xDD,0x71,0x22,0x64,
+ 0x59,0x69,0x4E,0x8E,0xBF,0x43,0xDC,0xAB,0x8E,0x66,0xBB,0x01,
+ 0xB6,0xF4,0xE7,0xFD,0xD2,0xAD,0x9F,0x36,0xC1,0xA0,0x29,0x99,
+ 0xD1,0x96,0x70,0x59,0x06,0x78,0x35,0xBD,0x65,0x55,0x52,0x9E,
+ 0xF8,0xB2,0xE5,0x38,
+ };
+
+DSA *get_dsa2048()
+ {
+ DSA *dsa;
+
+ if ((dsa=DSA_new()) == NULL) return(NULL);
+ dsa->p=BN_bin2bn(dsa2048_p,sizeof(dsa2048_p),NULL);
+ dsa->q=BN_bin2bn(dsa2048_q,sizeof(dsa2048_q),NULL);
+ dsa->g=BN_bin2bn(dsa2048_g,sizeof(dsa2048_g),NULL);
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(NULL);
+ return(dsa);
+ }
+
diff --git a/apps/testrsa.h b/apps/testrsa.h
new file mode 100644
index 0000000..5f83878
--- /dev/null
+++ b/apps/testrsa.h
@@ -0,0 +1,531 @@
+/* apps/testrsa.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static unsigned char test512[]={
+ 0x30,0x82,0x01,0x39,0x02,0x01,0x00,0x02,0x40,0x48,
+ 0xd3,0xa9,0x8f,0x3b,0x92,0xce,0x20,0xcc,0xc7,0xe8,
+ 0x1f,0x28,0x67,0xdb,0xd1,0xb3,0x06,0x94,0x7d,0x9b,
+ 0x88,0x05,0x9d,0xf5,0xab,0x36,0xaa,0x3f,0x15,0xcd,
+ 0x40,0x0a,0x76,0xfd,0xab,0x33,0xfa,0x07,0x31,0xc8,
+ 0x0d,0xa8,0x23,0x60,0x4e,0xd4,0xda,0x2e,0xed,0xbc,
+ 0x43,0x8a,0xc0,0xd8,0xd9,0xf4,0xcb,0xfa,0x12,0xa2,
+ 0xec,0x49,0x31,0x02,0x03,0x01,0x00,0x01,0x02,0x40,
+ 0x02,0x5e,0x80,0x61,0x9c,0x7a,0x86,0x22,0x23,0x07,
+ 0x4d,0xd1,0xd5,0xaa,0xab,0x48,0x03,0x1e,0xef,0xad,
+ 0xb6,0x65,0x92,0x69,0x35,0x18,0xc0,0xca,0x81,0x0a,
+ 0xe0,0x86,0x6f,0xec,0x00,0x0f,0x1d,0x08,0x43,0xc8,
+ 0x82,0x7d,0x89,0xc4,0x3a,0xc4,0x44,0x6a,0x10,0xc6,
+ 0xdd,0xd0,0x63,0x1c,0x65,0xd6,0x09,0xc5,0x00,0x51,
+ 0x2b,0xc3,0x7c,0xc1,0x02,0x21,0x00,0x8f,0x03,0xfc,
+ 0x35,0x08,0xae,0x85,0x41,0x35,0x30,0x02,0xbd,0x96,
+ 0xaa,0x84,0x60,0x75,0xb5,0x0c,0x2b,0x64,0xbf,0x28,
+ 0x26,0xe2,0x76,0xfd,0xec,0xdc,0x94,0x36,0xcd,0x02,
+ 0x21,0x00,0x82,0x5c,0x6f,0x13,0x93,0x98,0x41,0xf7,
+ 0x81,0x54,0x3f,0xd7,0x8e,0x06,0x64,0xd9,0x29,0x04,
+ 0xfc,0x12,0x46,0x17,0xab,0x9a,0x9f,0xa7,0xd3,0x8a,
+ 0xa0,0xcd,0x33,0xf5,0x02,0x21,0x00,0x8a,0xf4,0xe7,
+ 0x4f,0xac,0x40,0xcd,0xae,0xbe,0xfc,0x08,0x1d,0xa7,
+ 0xcf,0xc4,0x51,0x68,0xec,0xe1,0x87,0x24,0x1b,0x6b,
+ 0xea,0xe4,0x2d,0x93,0xa9,0x59,0xe5,0x14,0x9d,0x02,
+ 0x20,0x70,0x6b,0xd2,0x86,0xe9,0x74,0x16,0xff,0xa1,
+ 0x92,0xcc,0x73,0xd2,0x51,0x85,0x4b,0x19,0xea,0xe8,
+ 0x8f,0xc1,0xce,0xcb,0xf8,0xce,0xd2,0xe6,0xc5,0xd8,
+ 0xa2,0xde,0xb9,0x02,0x20,0x0f,0x73,0xf0,0xf0,0x91,
+ 0x53,0xdf,0x4f,0x37,0xf8,0x3f,0x1f,0x82,0x59,0xe3,
+ 0xe8,0xaa,0x04,0x64,0xd1,0x51,0x77,0xa8,0x36,0x65,
+ 0x8c,0x6d,0x91,0xf8,0xb2,0xc3,0x03,
+ };
+
+static unsigned char test1024[]={
+ 0x30,0x82,0x02,0x58,0x02,0x01,0x00,0x02,
+ 0x81,0x80,0x53,0x66,0xb3,0x9b,0xd1,0xde,
+ 0xb6,0x55,0x67,0xdc,0xe1,0x91,0xdb,0xc7,
+ 0xf2,0xef,0xcc,0x98,0x48,0xbe,0x22,0xb2,
+ 0xa5,0x92,0x88,0xa2,0xe7,0xf6,0x8a,0xea,
+ 0xc1,0x5e,0xd8,0xb3,0xd6,0xb8,0x9a,0xb7,
+ 0xf8,0xaa,0x9d,0x0a,0xa1,0x9e,0xb5,0x81,
+ 0xd4,0xd9,0x86,0x92,0x49,0x1d,0x30,0x50,
+ 0x18,0x4f,0x40,0x52,0x3c,0xf2,0xb7,0x14,
+ 0x5f,0x06,0x4d,0x92,0xab,0x0d,0xe5,0x61,
+ 0x9a,0xb3,0xdf,0xb0,0xaa,0x88,0x7d,0x47,
+ 0x78,0xbf,0xd5,0x15,0x88,0x6b,0xe7,0x43,
+ 0xd3,0x96,0x15,0xed,0x5b,0x33,0xff,0x9d,
+ 0x06,0x88,0xb6,0xe1,0x21,0xcb,0xe8,0xb5,
+ 0xe3,0x3c,0xef,0xb6,0xe7,0x89,0xc0,0x44,
+ 0x71,0x6b,0x38,0xe2,0x7a,0xd4,0x92,0x49,
+ 0x14,0xcf,0x36,0xc1,0x7d,0xa4,0x13,0x7a,
+ 0xb7,0x3f,0x02,0x01,0x03,0x02,0x81,0x80,
+ 0x37,0x99,0xcd,0x12,0x8b,0xe9,0xce,0xe3,
+ 0x9a,0x93,0x41,0x0b,0xe7,0xda,0xa1,0xf5,
+ 0x33,0x10,0x30,0x7e,0xc1,0xcc,0x6e,0x61,
+ 0xb0,0x6c,0x9a,0xa4,0x5c,0x9c,0x80,0xe9,
+ 0xe5,0xcd,0x39,0xd0,0x67,0x25,0x50,0x71,
+ 0xbe,0x07,0x16,0x69,0xce,0x56,0x8d,0xe6,
+ 0x59,0xb6,0xdb,0x68,0xca,0xe0,0x10,0x34,
+ 0xd5,0x8c,0x28,0xa1,0xcf,0x62,0xea,0x03,
+ 0x70,0xc5,0x5e,0x5e,0x08,0x04,0xb3,0x37,
+ 0x06,0x45,0x20,0xe5,0x69,0x8a,0x49,0x7d,
+ 0x05,0x47,0x1a,0x33,0x0d,0xfd,0x7f,0xf7,
+ 0x7b,0xac,0x2a,0x07,0xc3,0x04,0xbf,0xb2,
+ 0x41,0x26,0xfa,0xf8,0xf1,0x88,0x06,0x25,
+ 0xb7,0xe7,0x57,0xe4,0x4c,0xc6,0x57,0xd1,
+ 0x6a,0xbb,0x9a,0xdc,0x45,0x5f,0x48,0x6f,
+ 0x8d,0x75,0xb5,0x7d,0xd6,0x6a,0x03,0x2b,
+ 0x02,0x41,0x00,0x97,0x52,0x4f,0x91,0xe0,
+ 0xc1,0x67,0x42,0xb0,0x41,0xf2,0xc5,0x56,
+ 0x6f,0x66,0x5e,0x5c,0x4e,0x7f,0xc7,0xaf,
+ 0xef,0x2d,0x60,0xbd,0x00,0x3b,0x07,0xed,
+ 0xec,0xfa,0x12,0x14,0xd0,0xc1,0x32,0xd3,
+ 0x47,0x50,0xb9,0x0f,0xd5,0xbd,0x0d,0xd1,
+ 0xcf,0xef,0x71,0x1c,0x0c,0xa4,0x2c,0x74,
+ 0x2a,0xed,0x5d,0x9b,0x00,0x68,0xec,0x51,
+ 0x33,0x73,0xa1,0x02,0x41,0x00,0x8d,0x18,
+ 0x4d,0xee,0xf8,0x99,0x26,0x9e,0xa6,0x07,
+ 0x06,0x6b,0x08,0x88,0xa4,0x25,0xf0,0xdc,
+ 0x61,0x57,0xa2,0x58,0x66,0x42,0x1f,0x6a,
+ 0xe1,0x20,0x6d,0x28,0xec,0xeb,0x40,0x55,
+ 0xe8,0x23,0xab,0x22,0x89,0x4b,0x4c,0x06,
+ 0x26,0xa5,0x7b,0x4a,0xfe,0x3f,0xfc,0xbc,
+ 0x6e,0x5d,0xb6,0x0f,0x3a,0xca,0x47,0x90,
+ 0x84,0x7b,0x00,0xa8,0x3e,0xdf,0x02,0x40,
+ 0x64,0xe1,0x8a,0x61,0x40,0x80,0xef,0x81,
+ 0xca,0xd6,0xa1,0xd8,0xe4,0x4a,0x44,0x3e,
+ 0xe8,0x34,0x55,0x2f,0xca,0x9f,0x73,0x95,
+ 0xd3,0x55,0x7c,0xaf,0xf3,0xf3,0x51,0x61,
+ 0x63,0x35,0xd6,0x21,0xe2,0x2f,0x8b,0x26,
+ 0x0a,0x8e,0x7e,0x09,0x36,0x8a,0x9f,0xa0,
+ 0xbd,0x5d,0xc2,0xc8,0x4d,0x71,0xf3,0x93,
+ 0xbc,0xaa,0xf0,0x9d,0x8b,0x77,0xa2,0x6b,
+ 0x02,0x40,0x5e,0x10,0x33,0xf4,0xa5,0xbb,
+ 0x6f,0x14,0x6e,0xaf,0x59,0x9c,0xb0,0x5b,
+ 0x18,0x19,0x4b,0x3d,0x96,0x3a,0x6c,0x3a,
+ 0xee,0xd6,0xbf,0x9c,0x96,0x15,0x9e,0x1b,
+ 0x48,0x9c,0xd5,0x8e,0x9a,0xc2,0x72,0x17,
+ 0x06,0x32,0x32,0xae,0xc4,0x6e,0x52,0x31,
+ 0xfe,0xd5,0x53,0x28,0x49,0x93,0xce,0xb4,
+ 0xd1,0xdc,0x2f,0xb5,0xad,0xa7,0x55,0xc5,
+ 0x7f,0x3f,0x02,0x40,0x37,0xa4,0xcc,0xd7,
+ 0x63,0x63,0x6b,0x53,0xd6,0xf3,0xf2,0xfe,
+ 0xeb,0x8d,0x4a,0x3d,0xab,0x97,0xfe,0xf8,
+ 0x27,0xc5,0x87,0xc7,0xbf,0x2c,0xef,0xae,
+ 0xcb,0x61,0x62,0x5e,0x30,0x86,0x8f,0xb5,
+ 0x0e,0xeb,0x9a,0xa9,0x09,0x6a,0x4e,0x1c,
+ 0xc7,0x1e,0xa2,0xce,0x8e,0xc2,0xc8,0x15,
+ 0x13,0x06,0x47,0x9e,0x7c,0x2a,0x3c,0x62,
+ 0x26,0xf0,0x9c,0x86,
+ };
+
+static unsigned char test2048[]={
+ 0x30,0x82,0x04,0xa1,0x02,0x01,0x00,0x02,0x82,0x01,
+ 0x00,0x7a,0x52,0xa1,0xd0,0xdb,0x8c,0x38,0xcf,0x0f,
+ 0x01,0x25,0x98,0xee,0x84,0xc1,0xf3,0x8e,0x90,0xb5,
+ 0x85,0x5e,0x5f,0x3a,0x33,0x8f,0xc6,0x49,0xe0,0x07,
+ 0xd3,0x66,0x26,0xcc,0x47,0xc3,0x04,0xcf,0x91,0x74,
+ 0x65,0x07,0x56,0x35,0x7d,0x0a,0xbf,0xcd,0xd2,0x8a,
+ 0xf9,0x05,0x62,0xc0,0x63,0xc2,0x54,0xb8,0x14,0x89,
+ 0x88,0x58,0x1c,0xeb,0xbc,0xbf,0xf2,0x0d,0xcb,0x05,
+ 0x62,0x1c,0xe9,0x48,0x0f,0x2b,0x8d,0x28,0x67,0x92,
+ 0x31,0x86,0xe3,0xa4,0x20,0x80,0xfc,0x5c,0x41,0x9d,
+ 0x21,0x6d,0x7f,0x12,0x6b,0x54,0xb1,0x04,0x0f,0x87,
+ 0x15,0xd7,0xbf,0xc5,0x6b,0x13,0x81,0x80,0x88,0x1e,
+ 0x86,0x16,0x66,0xd9,0xcf,0xa5,0x4e,0xe1,0xcf,0xa4,
+ 0x4c,0x38,0xdd,0xf9,0x5d,0x5f,0x30,0xdf,0x0d,0x2b,
+ 0xfa,0xa0,0x1f,0xb8,0xe3,0x3c,0x62,0xff,0x13,0xf0,
+ 0x61,0xc1,0xcd,0x3c,0xb7,0xc3,0xf7,0xec,0x91,0xcf,
+ 0x7c,0x4e,0x11,0x4e,0x96,0x7e,0xe5,0x6c,0x9e,0x1b,
+ 0xbe,0x3f,0x71,0xc5,0xb1,0xe6,0xeb,0x7e,0xa3,0x97,
+ 0xc1,0xd6,0x1b,0x48,0x4f,0x84,0xaf,0x69,0xc2,0x96,
+ 0xed,0xbc,0x81,0xdf,0x5f,0xc6,0xda,0xd3,0x25,0x2d,
+ 0xc6,0x9f,0x62,0xd2,0x1c,0xef,0xcb,0x0a,0x75,0xd0,
+ 0x23,0x1c,0x3b,0x88,0x22,0x70,0x08,0x05,0x46,0xed,
+ 0x8a,0xda,0x45,0x94,0x8d,0x0d,0x9b,0x61,0xf3,0x07,
+ 0xdc,0x81,0xaa,0x3c,0xcc,0xad,0x06,0x24,0xd7,0xbc,
+ 0x28,0x98,0xb4,0x43,0xe3,0x9b,0x0f,0x93,0xa4,0x6e,
+ 0x49,0xea,0x3a,0xe6,0x1e,0x56,0x5a,0xff,0x0c,0x93,
+ 0x9e,0x9b,0x28,0x7e,0x63,0xb7,0x71,0x02,0x03,0x01,
+ 0x00,0x01,0x02,0x82,0x01,0x00,0x34,0xd9,0x5c,0xb6,
+ 0x5b,0x14,0xd3,0x3a,0x8a,0x96,0x09,0x43,0x70,0xd2,
+ 0x04,0xe6,0x10,0xd3,0x6e,0xc9,0xc7,0x83,0x47,0x27,
+ 0x1d,0xd8,0x22,0xf4,0xdb,0x0c,0xb7,0xd6,0xcd,0x6d,
+ 0xb7,0xd1,0x6d,0x48,0xbf,0xcc,0x22,0x86,0x59,0xa7,
+ 0xc3,0xac,0x28,0xe5,0xed,0x4b,0x37,0xcb,0x79,0xa9,
+ 0xe0,0x3d,0x30,0x27,0x17,0x60,0xc4,0x09,0x02,0xc4,
+ 0xd2,0xfd,0x66,0x7e,0x2f,0xbe,0x3b,0x15,0x83,0x1f,
+ 0xa2,0xc6,0x63,0x0d,0x94,0x79,0x37,0x79,0x44,0xe1,
+ 0x12,0x39,0x76,0x36,0x97,0x07,0xe9,0x41,0xfc,0x98,
+ 0x48,0xc8,0x0e,0x24,0x13,0x4e,0x19,0x9f,0xee,0x50,
+ 0x9b,0xe5,0xd8,0xbd,0x76,0xca,0xa2,0x05,0x1f,0xd7,
+ 0xf9,0xe9,0x01,0xe0,0xef,0x70,0x4b,0x25,0x84,0x66,
+ 0x96,0x09,0x0c,0x65,0x0f,0x0b,0xa8,0xd6,0xf5,0xc2,
+ 0xe3,0xcb,0x3c,0x43,0x66,0xa4,0x15,0x36,0xa5,0xe2,
+ 0x9d,0xe9,0xf7,0x32,0x10,0x0e,0x96,0x57,0xaa,0x84,
+ 0xf9,0x4d,0x91,0x37,0x5a,0x80,0x01,0x05,0x63,0x1c,
+ 0x6e,0xe6,0x8c,0xf7,0x70,0xc1,0x03,0x4f,0x5d,0xde,
+ 0x19,0x90,0x1e,0x53,0x98,0xc9,0xc6,0x41,0x66,0xb0,
+ 0xc2,0x6f,0x30,0xfe,0xb1,0x26,0x47,0x82,0x0a,0x7b,
+ 0x50,0xf8,0x7c,0x88,0x13,0x4d,0x77,0xa0,0xd0,0xba,
+ 0x60,0x87,0x21,0xdd,0x74,0xaa,0x32,0xdb,0xbe,0x23,
+ 0xee,0x81,0xc0,0xca,0xc9,0x94,0x2f,0x75,0x78,0x08,
+ 0xc4,0x04,0x4e,0x67,0x3c,0xb9,0x99,0xd5,0xe5,0xbc,
+ 0x4d,0x6b,0x12,0x59,0xfe,0x55,0xff,0x28,0x0a,0x8d,
+ 0x6c,0xb1,0xd3,0x23,0x7c,0x33,0x87,0x35,0xba,0x8c,
+ 0xb3,0x51,0x02,0x81,0x81,0x00,0xcb,0xbc,0x6f,0x2c,
+ 0xa4,0xbb,0x7b,0x51,0x0e,0xfe,0xdb,0x16,0x83,0x16,
+ 0x91,0x4a,0xb9,0x31,0x42,0x81,0x8b,0x39,0x44,0x11,
+ 0x8b,0x82,0x6f,0x19,0x58,0xd4,0xba,0x38,0x44,0x95,
+ 0xec,0x99,0x32,0x4d,0x98,0xd7,0xad,0x3d,0xd1,0x00,
+ 0xd4,0x1e,0x62,0x90,0xc4,0xac,0x65,0x29,0xb7,0x5c,
+ 0x7c,0x54,0x55,0x33,0xb9,0x22,0x55,0x61,0xc8,0x08,
+ 0xdd,0x5d,0x4d,0xc0,0x19,0xa6,0x89,0x3a,0x33,0x19,
+ 0xc7,0x1d,0x43,0x16,0x9e,0x7e,0x47,0xce,0xe3,0xde,
+ 0xbb,0x52,0x8d,0xcd,0xe3,0x6a,0xe3,0x79,0x9e,0x27,
+ 0x0f,0x6d,0x3b,0x74,0x25,0x39,0xe7,0x87,0x3a,0xad,
+ 0x98,0x82,0xfc,0xae,0x7d,0x53,0x41,0x79,0x7e,0xb6,
+ 0xdc,0xc5,0x75,0x69,0x47,0xd5,0x83,0x26,0x56,0x32,
+ 0xfb,0xdf,0x77,0x9d,0x02,0x81,0x81,0x00,0x99,0xb3,
+ 0xb3,0x33,0x1e,0xea,0x65,0x5d,0x57,0x27,0x99,0xad,
+ 0xd4,0xb7,0xb5,0x5e,0x6a,0x53,0x9d,0x60,0xe9,0x4f,
+ 0xa5,0xd9,0x18,0x24,0x05,0x5b,0xda,0x9a,0x24,0xbe,
+ 0xdc,0xb1,0xa9,0x2e,0x18,0xc6,0x54,0xb1,0xff,0x65,
+ 0x8a,0xaa,0x2b,0x98,0xab,0x27,0x83,0xe6,0x33,0xf5,
+ 0x97,0xa1,0x0b,0x09,0x68,0x98,0x0d,0xa2,0x85,0x06,
+ 0x99,0x73,0xec,0x1c,0x6d,0x5c,0x9d,0x23,0x49,0xef,
+ 0x05,0xea,0x92,0x99,0xeb,0x0b,0xe8,0x15,0xbc,0x87,
+ 0xb3,0x30,0xbf,0x10,0xfe,0x99,0x3b,0xd6,0xe5,0x6c,
+ 0x8b,0x58,0xa6,0xfb,0xae,0xe5,0x4f,0x10,0xb0,0x28,
+ 0xea,0x85,0x5b,0x9b,0x08,0x38,0x75,0x56,0xc3,0xeb,
+ 0x3b,0x47,0xea,0x60,0x86,0x77,0x9b,0x84,0xee,0xc1,
+ 0x58,0x60,0x88,0x33,0x18,0xe5,0x02,0x81,0x80,0x17,
+ 0x3a,0x74,0xb2,0x72,0x55,0xad,0xc9,0xa0,0x1c,0x0e,
+ 0x7e,0x92,0x93,0x90,0x1d,0x24,0xe0,0x28,0xe4,0xfc,
+ 0x2a,0x9b,0x48,0x24,0xcf,0xca,0x3a,0xe9,0x95,0xd7,
+ 0x65,0x72,0xec,0x64,0xfd,0x52,0x6e,0xe6,0x6e,0x30,
+ 0xa2,0x4b,0xa1,0xfc,0x8d,0x3a,0x4f,0xa7,0x1c,0xc0,
+ 0xab,0xf0,0xeb,0xea,0x80,0xf2,0xf5,0xe2,0xb5,0xb7,
+ 0x66,0x5e,0x98,0x24,0x24,0xef,0x28,0x67,0xc4,0x45,
+ 0x01,0x0d,0xb2,0x72,0xb1,0x33,0x64,0xf0,0xcd,0x15,
+ 0x02,0xd1,0x98,0x23,0x63,0x56,0x27,0x93,0x36,0x2c,
+ 0x99,0x41,0x1e,0xd2,0xf3,0x71,0x43,0xdc,0xba,0xad,
+ 0x5b,0x0d,0xa5,0x9d,0x2d,0xd2,0x01,0x52,0xe8,0x9b,
+ 0x1e,0x6f,0x04,0x0a,0x47,0xb9,0x0b,0x37,0xd5,0x70,
+ 0x0e,0x7e,0xe5,0x71,0x32,0x19,0x41,0x02,0x81,0x80,
+ 0x23,0xc3,0x55,0x51,0xf2,0xc2,0x95,0x5d,0x57,0x97,
+ 0x26,0x41,0xf5,0x39,0xdd,0xa0,0x9f,0x5a,0xdf,0x46,
+ 0x9a,0x62,0xe6,0xf3,0x11,0x93,0xe8,0x0f,0x4c,0x59,
+ 0x0b,0x6d,0xc1,0x8a,0x31,0x14,0x41,0xbd,0x7c,0x1d,
+ 0x82,0x90,0x8c,0xe8,0x35,0x86,0xab,0x64,0x61,0x63,
+ 0x61,0xf9,0xa6,0x13,0x59,0xaf,0x11,0xc0,0x37,0x83,
+ 0xf6,0x31,0xe7,0xe8,0xba,0x2a,0x8f,0x23,0xba,0x88,
+ 0x68,0x7e,0x8e,0x40,0xdb,0x65,0xa6,0xf4,0x39,0x47,
+ 0x3d,0x7b,0xd1,0xac,0xe8,0xf8,0x3a,0x55,0x4b,0x40,
+ 0x20,0x57,0xd6,0x40, 0x85,0x72,0x10,0x6a,0xd8,0xaf,
+ 0xc8,0x5d,0x6c,0xdc,0x24,0xc9,0x78,0xeb,0x32,0x1a,
+ 0x43,0x31,0xeb,0xb4,0x3b,0x0b,0xc4,0x9d,0xf5,0xf8,
+ 0xc3,0x59,0x07,0x88,0x46,0x88,0xa5,0x25,0x02,0x81,
+ 0x80,0x55,0xf5,0x12,0x2e,0x48,0xce,0xef,0xb3,0x1d,
+ 0xbf,0xab,0x06,0xf7,0x09,0x8c,0xf0,0x1a,0xe9,0xfa,
+ 0x01,0xf9,0x97,0xa4,0x57,0x6f,0x7a,0x73,0x63,0x2a,
+ 0x57,0x30,0x97,0xce,0xf7,0xe5,0xd4,0x8c,0x35,0xa2,
+ 0x12,0xb7,0xf3,0xf6,0x66,0x76,0x9e,0x90,0x3f,0xb4,
+ 0x70,0x0f,0x99,0x7a,0xc9,0x36,0xcf,0x46,0x74,0x39,
+ 0x91,0xf2,0x66,0xa2,0x55,0x19,0x1b,0x70,0xe3,0xd6,
+ 0x9a,0x8b,0x94,0x79,0x18,0x8a,0x93,0xcf,0x27,0x2a,
+ 0xc1,0xb3,0xda,0x51,0x52,0x9d,0x14,0xb7,0xc9,0x2e,
+ 0x2f,0x75,0x6d,0xc9,0xdb,0x8f,0x69,0xa7,0xc9,0x5e,
+ 0x1f,0x9d,0x3c,0x6e,0x1f,0xa4,0x08,0x33,0x0a,0x7a,
+ 0xde,0x90,0x18,0xf2,0x43,0xf7,0x60,0x8b,0x51,0xa3,
+ 0x50,0xf8,0x52,0xfc,0xed,0x5c,0x63,0xbc,0x1a,
+ };
+
+static unsigned char test4096[]={
+ 0x30,0x82,0x09,0x28,0x02,0x01,0x00,0x02,0x82,0x02,
+ 0x01,0x00,0x92,0x1f,0x39,0xc3,0x7c,0xc2,0xfe,0x5c,
+ 0x2c,0x83,0x5d,0x08,0x5e,0x76,0xe6,0x53,0x30,0x86,
+ 0x47,0x62,0xe9,0x21,0x22,0x2c,0xeb,0x3b,0xe5,0xb3,
+ 0x30,0xbf,0x1c,0x37,0x23,0xe2,0x4b,0x27,0xf2,0x8c,
+ 0x6a,0x8c,0xcb,0x54,0xf0,0x47,0x91,0xbc,0x3b,0x41,
+ 0x6d,0xa6,0xe3,0x9b,0x25,0x3e,0x2f,0x3d,0x8e,0x67,
+ 0x9d,0xe9,0x2b,0x7d,0xcd,0x39,0xf5,0xc9,0x2b,0xd0,
+ 0xe5,0xe6,0xe7,0x62,0x1e,0x6c,0xe1,0x8f,0xc2,0xa3,
+ 0xc9,0x02,0x11,0xf3,0x51,0x63,0x27,0x25,0x82,0x01,
+ 0xaa,0x0a,0x68,0x6d,0x4c,0x02,0x5c,0xaf,0xb1,0x72,
+ 0xb5,0xf4,0x53,0x43,0xb1,0x90,0x28,0x1b,0x54,0xdd,
+ 0xfd,0x57,0x36,0xac,0xf8,0x44,0x34,0x7a,0x85,0x66,
+ 0x37,0x62,0xe9,0x80,0xd2,0xe2,0xdc,0xa0,0xe8,0x76,
+ 0x09,0x6d,0xc1,0x38,0xac,0x55,0x57,0x44,0xbe,0x0e,
+ 0x81,0x0d,0x81,0x63,0xb7,0x73,0xd7,0xbf,0x5d,0x84,
+ 0x2f,0x31,0xdc,0x79,0x69,0xf5,0xa9,0x7e,0x60,0x5b,
+ 0xc1,0x92,0x26,0xb1,0xf0,0xdf,0x0c,0xe4,0x76,0xf7,
+ 0xa3,0x68,0x79,0x9f,0x14,0x5c,0x52,0x97,0x21,0x76,
+ 0xd7,0x19,0x8b,0x47,0xc0,0xb6,0x36,0x01,0xa8,0x73,
+ 0x54,0xfc,0x61,0xd1,0x64,0x44,0xd3,0x36,0x4b,0xbe,
+ 0xc8,0x26,0xcd,0x24,0xb5,0x35,0xdc,0x5a,0xe9,0x25,
+ 0x26,0xb4,0x60,0x19,0x1f,0xc7,0x57,0x47,0xd6,0xf1,
+ 0x5a,0xae,0xc8,0x16,0xfd,0xa8,0x85,0x0b,0x3a,0xbd,
+ 0xd7,0x4c,0xfb,0xd1,0x75,0xa4,0x86,0x91,0x4a,0xb8,
+ 0x0a,0x1b,0x83,0xe4,0xce,0x10,0xd2,0x2b,0xe3,0xe4,
+ 0x87,0x8c,0xfd,0xb9,0xfb,0x8d,0xb6,0x70,0xa5,0x2b,
+ 0xbe,0xe6,0x43,0x4c,0x44,0x09,0x6b,0xd6,0x5a,0xcc,
+ 0x89,0x78,0xb7,0xd8,0xc9,0xa9,0x24,0xe9,0xa6,0x87,
+ 0x2f,0xd4,0x3f,0xad,0x98,0x32,0x57,0x19,0xf0,0xdd,
+ 0x65,0x2e,0x69,0x5f,0x83,0x24,0x3c,0xea,0xc0,0x36,
+ 0x88,0xd2,0x1c,0x27,0x29,0x83,0x80,0xd0,0xdf,0xf1,
+ 0x1e,0x2d,0x62,0x4c,0x24,0xb1,0xb8,0xa2,0x70,0xc7,
+ 0xc5,0xdf,0x8d,0xea,0xf7,0xea,0xb8,0x68,0x99,0x7c,
+ 0xd6,0xf0,0x3b,0x6b,0xb0,0xc5,0xb0,0x0c,0x96,0xfd,
+ 0x07,0x46,0x5f,0xc8,0xde,0xb4,0x4f,0x7b,0x0f,0xd1,
+ 0x71,0x1e,0x84,0x27,0x93,0x95,0xfc,0x7b,0x3f,0x3a,
+ 0xf1,0xe9,0x82,0x4f,0x09,0xc0,0x79,0x35,0xb1,0xe4,
+ 0x45,0x87,0x26,0xe7,0xf9,0x9a,0xcd,0x63,0x42,0x98,
+ 0x9a,0xf8,0x11,0x20,0xf1,0x42,0xd2,0x31,0xdc,0x03,
+ 0xb5,0xa9,0xeb,0x87,0x08,0x2a,0x76,0xb4,0xbf,0x0e,
+ 0x5b,0xa9,0x52,0xd5,0x12,0xda,0x87,0xfa,0x01,0x23,
+ 0x5b,0x78,0x97,0x73,0xcc,0xf8,0x0e,0xf0,0xde,0x34,
+ 0x9f,0xb2,0xcd,0x8c,0x5a,0xce,0xd6,0x3f,0x17,0xe1,
+ 0x45,0xd5,0xeb,0xab,0x6a,0x47,0x0f,0x3c,0x02,0xfb,
+ 0xa5,0xcd,0x85,0x54,0x07,0x0b,0xba,0x74,0x16,0x87,
+ 0x2e,0x9e,0xe5,0x2a,0x80,0x4c,0x27,0xc6,0x9e,0xe2,
+ 0xfd,0x60,0xa7,0x89,0x13,0x3e,0x03,0x7f,0x55,0xf5,
+ 0xd2,0x67,0xab,0x37,0x40,0xbf,0x33,0x03,0xe2,0xd1,
+ 0x60,0xcb,0x48,0xae,0x80,0x30,0x87,0xf6,0xd8,0x34,
+ 0xef,0x61,0xb3,0x9b,0x75,0x25,0x2a,0xe9,0xfa,0xb6,
+ 0x08,0xbe,0xbf,0x80,0x63,0x46,0x77,0x89,0xe7,0x9c,
+ 0xd0,0xe4,0x50,0xa9,0x02,0x03,0x01,0x00,0x01,0x02,
+ 0x82,0x02,0x00,0x73,0xcb,0x78,0xfc,0x18,0xbf,0x71,
+ 0xd0,0xdb,0x99,0x92,0x3d,0x12,0x97,0x08,0xb9,0x3e,
+ 0x07,0xfb,0x44,0x3f,0xd8,0xf8,0xfb,0x3d,0xc2,0xee,
+ 0xa9,0x8c,0xe4,0xb5,0xd8,0x60,0x80,0x70,0xec,0x8c,
+ 0x42,0x88,0x21,0x60,0xf4,0xc3,0xa1,0x03,0xb5,0x76,
+ 0x03,0xc8,0x80,0x6b,0x78,0x44,0x10,0x3e,0x61,0x7a,
+ 0x9b,0x54,0x41,0x36,0x2c,0xf0,0x58,0x91,0x15,0x45,
+ 0xba,0xba,0xa5,0xbc,0x11,0x3e,0x69,0x2c,0x6a,0xbf,
+ 0x65,0x09,0xe2,0xb1,0x14,0xf0,0x17,0x32,0x2b,0x80,
+ 0x16,0x0f,0x89,0x45,0xed,0xef,0x41,0x23,0xf0,0x3b,
+ 0x1f,0xdb,0x5f,0x6e,0x28,0x83,0xea,0xe8,0x4d,0x98,
+ 0x78,0x7e,0xce,0x01,0x4f,0x1b,0x42,0xf9,0x8f,0x6a,
+ 0x6d,0x71,0x50,0xda,0x18,0x33,0x86,0x82,0x2e,0xa5,
+ 0x68,0xfc,0xd9,0xd4,0x38,0x34,0x21,0x41,0x12,0x01,
+ 0xc6,0xfe,0xb0,0x14,0x2c,0x50,0x71,0xe5,0xb4,0x09,
+ 0xc8,0xb9,0x99,0xba,0xcd,0x20,0x92,0x04,0x2a,0x58,
+ 0xf3,0xfd,0xb6,0xf3,0x21,0x29,0xef,0xa8,0x88,0xd8,
+ 0x5a,0x30,0x4d,0x97,0xab,0xdf,0xf7,0xb5,0x9f,0x7c,
+ 0x6e,0x6f,0xd1,0x17,0x55,0xda,0x3a,0xcb,0x1b,0x8f,
+ 0x41,0x2e,0x44,0xfe,0xc3,0x6f,0xc1,0x36,0xdb,0x9d,
+ 0x34,0xe7,0xea,0x0f,0xc1,0x9a,0x34,0xbf,0x95,0xef,
+ 0x92,0x78,0x54,0x92,0x9e,0xf6,0x57,0x03,0x2c,0xb4,
+ 0x01,0xf9,0xc9,0xee,0x58,0x81,0xd5,0x6c,0xf1,0x54,
+ 0x30,0xa3,0x10,0xa7,0xb1,0xfa,0x97,0x51,0xe8,0x8b,
+ 0x9c,0xc2,0xad,0xc1,0x5c,0xad,0x8c,0x18,0xf1,0x9d,
+ 0x1c,0x39,0xeb,0x1a,0x1a,0xab,0x65,0x47,0x00,0x54,
+ 0x89,0x4d,0xf4,0x22,0xaf,0x35,0x8a,0x2b,0x11,0x9d,
+ 0x73,0xb3,0x48,0xf9,0xe9,0x9b,0x73,0xa8,0xeb,0x32,
+ 0x4f,0xf2,0x33,0x5e,0xc8,0xc7,0xe3,0xdb,0xbf,0xcd,
+ 0x8a,0x5b,0xbe,0x19,0x91,0xe1,0x34,0x2c,0x6a,0xd8,
+ 0x56,0xe4,0x92,0x89,0x6f,0x9c,0xda,0x4d,0x9e,0xca,
+ 0xd4,0x2d,0xbb,0x06,0x4b,0x77,0x79,0xe1,0x2e,0xab,
+ 0x2e,0x14,0x0f,0xe3,0x6b,0xc6,0x44,0x18,0xdb,0xd0,
+ 0x51,0xb4,0x72,0xf5,0x77,0x57,0xe8,0x9c,0xad,0x35,
+ 0xb2,0x6c,0x24,0x8b,0x67,0xcc,0xc2,0x6a,0xfa,0xf0,
+ 0xd4,0x40,0x19,0xf1,0x76,0x24,0x42,0x25,0x7b,0x5b,
+ 0xe1,0x25,0xde,0xa4,0x4d,0x00,0xf1,0x80,0x02,0xd0,
+ 0x09,0x48,0x65,0x76,0x8c,0xb3,0x2d,0xe2,0xad,0x87,
+ 0x4f,0xbb,0x76,0xa9,0xac,0xa3,0x1d,0xb9,0x0d,0x4c,
+ 0xb3,0xba,0xdf,0x62,0x91,0xb5,0x3b,0x00,0x11,0x2b,
+ 0x6f,0x74,0x87,0x6d,0xe8,0xed,0x04,0xc4,0xc9,0xf4,
+ 0xc9,0xa3,0xc7,0x0a,0xb8,0x80,0xd8,0x5d,0x30,0x4b,
+ 0xdc,0x79,0x4a,0x5b,0xa4,0x7d,0xf5,0xb2,0x16,0x02,
+ 0x48,0x6d,0x89,0x3a,0xb6,0x3f,0x2d,0x1f,0x91,0xaa,
+ 0xd3,0xc8,0x54,0x17,0x5e,0xb3,0x59,0x05,0xb5,0xf3,
+ 0xe5,0x2e,0xb1,0x41,0xd6,0x87,0xa5,0xcb,0xd1,0xeb,
+ 0x03,0x35,0x7b,0x94,0x06,0x09,0xbb,0x7b,0x67,0x14,
+ 0x83,0x65,0xa1,0x82,0x52,0x70,0xf8,0x3c,0xf2,0x21,
+ 0xb7,0x26,0xa8,0xdd,0x56,0x75,0xc8,0xda,0xc8,0x05,
+ 0x6f,0xba,0xea,0x6a,0x14,0x0f,0x13,0xc6,0x9d,0xea,
+ 0xc3,0xb4,0x95,0x9b,0xc4,0x6b,0x35,0xbd,0x10,0xce,
+ 0xb6,0xf6,0x07,0x72,0xbd,0x02,0x82,0x01,0x01,0x00,
+ 0xcb,0x3c,0x4c,0xfb,0xcf,0xae,0xa9,0xb8,0x2a,0xcc,
+ 0x31,0xa3,0x5d,0xce,0x43,0xbf,0xf9,0x93,0x18,0xcc,
+ 0x17,0x50,0x67,0x7e,0x52,0x6c,0xd5,0xbf,0x3e,0xc2,
+ 0x99,0x56,0xbc,0x7a,0x1a,0xc5,0x92,0x76,0xb3,0x38,
+ 0xbf,0xf4,0xf8,0xae,0x41,0x17,0xb0,0x17,0x1b,0x1a,
+ 0x4d,0x6b,0x3d,0x0c,0xc1,0x25,0x5c,0x54,0xa7,0x39,
+ 0x2c,0x38,0x72,0x1f,0x0a,0xe9,0xd4,0x5b,0xa4,0x81,
+ 0x5d,0xf1,0xc2,0xf7,0xd2,0x5c,0x4c,0x7e,0x24,0x02,
+ 0x81,0xa1,0x3a,0xf5,0xd0,0x11,0x15,0x4e,0x03,0x3d,
+ 0x82,0xfa,0xcd,0x32,0x89,0x10,0xe1,0x4f,0x47,0x32,
+ 0x54,0xfc,0x95,0xf2,0x3a,0x58,0x8e,0xbb,0x9b,0xbf,
+ 0x7c,0x5b,0xc0,0x73,0x25,0xdc,0x04,0xf6,0x98,0xc1,
+ 0xed,0xa9,0x2a,0x6a,0x7b,0xc4,0x8d,0x2a,0x0f,0x51,
+ 0xb3,0xa3,0x75,0x79,0x40,0x76,0xf6,0xbe,0xb2,0xd9,
+ 0xc1,0x6e,0xb1,0xfa,0x96,0xd2,0xea,0x07,0xee,0xe9,
+ 0xf2,0xdb,0x3f,0x20,0xdc,0xe0,0x63,0xdc,0x86,0x7f,
+ 0xbb,0xfb,0x60,0x2f,0xc6,0xaf,0x5f,0x46,0x26,0x39,
+ 0xcf,0xc4,0x10,0x60,0xf1,0x24,0x9b,0x49,0x5f,0x91,
+ 0x3e,0xac,0x7a,0x53,0x3e,0x84,0x71,0xcd,0x9d,0x45,
+ 0x3a,0x75,0x87,0x2c,0x96,0xfb,0x03,0xa5,0xc7,0x59,
+ 0x9a,0xaa,0x99,0xcf,0x8e,0x89,0x3a,0xdc,0x26,0x06,
+ 0xdf,0x14,0x6a,0x95,0xf7,0x88,0x72,0xcb,0x4e,0x91,
+ 0xde,0xeb,0x14,0x23,0xac,0x58,0x69,0x84,0x2b,0xea,
+ 0xdf,0xc8,0x35,0xb2,0x01,0x9d,0x7f,0xaa,0x73,0x51,
+ 0xf5,0xc7,0x2e,0xba,0xa0,0xb4,0x49,0xb6,0x74,0xa3,
+ 0x73,0x17,0xc2,0xfa,0xc8,0xf3,0x02,0x82,0x01,0x01,
+ 0x00,0xb8,0x0e,0xf8,0x50,0x74,0x42,0x79,0x90,0xd0,
+ 0x47,0x8d,0x48,0x2e,0x84,0x3b,0x30,0xe0,0x26,0x31,
+ 0x95,0x54,0x34,0x93,0xa0,0x30,0xd5,0x03,0x50,0xb2,
+ 0x19,0xbf,0xe8,0x22,0x1f,0xbe,0x40,0xec,0x94,0xd8,
+ 0x21,0x17,0xaa,0x95,0xf9,0x62,0xa5,0xf5,0x25,0xd1,
+ 0x72,0x36,0x22,0x67,0x94,0xcf,0xc0,0x06,0x22,0x93,
+ 0x0d,0x6a,0x22,0xfe,0xff,0xb3,0xc2,0xde,0x8f,0x5f,
+ 0x75,0x84,0xe4,0x88,0xf3,0xe4,0x04,0xbb,0x9c,0x6b,
+ 0xb3,0x14,0x9d,0xb7,0xb4,0xa9,0x63,0x3f,0xdc,0xe8,
+ 0x0c,0x05,0xa8,0x76,0xab,0xa1,0xbb,0x23,0x1d,0x6a,
+ 0xcd,0x31,0xbc,0x19,0xb5,0x49,0xa1,0x71,0xee,0x93,
+ 0x46,0x71,0xce,0xba,0xd2,0xa8,0x4e,0x08,0x8d,0x7b,
+ 0x85,0x3d,0x77,0x46,0x9a,0x71,0x71,0xeb,0x03,0x5c,
+ 0xd2,0x0f,0xb1,0xf4,0x78,0xb4,0xf4,0x8d,0xd4,0xd9,
+ 0x9b,0x79,0x99,0xce,0x9b,0xa9,0x38,0xaa,0xd6,0x76,
+ 0x9f,0x9c,0xb1,0xbd,0xd3,0x7c,0x18,0x54,0x62,0xbc,
+ 0x54,0x2a,0x0f,0xef,0x76,0x39,0xd5,0x10,0x2f,0xbf,
+ 0xc5,0x60,0x92,0x21,0x99,0x46,0xbc,0x36,0x65,0x0b,
+ 0x31,0xb6,0x6f,0xa8,0x5d,0x8e,0x2f,0xf0,0xed,0x86,
+ 0x8c,0xf2,0x2a,0x83,0xa7,0x34,0x11,0x06,0xd9,0x6f,
+ 0xb3,0xf5,0x7b,0x31,0x45,0x17,0x5a,0xdc,0x22,0xc3,
+ 0xe8,0xe1,0x89,0x78,0xde,0xae,0x49,0x1a,0x5f,0x4d,
+ 0x06,0xf6,0xb5,0x23,0x66,0xe0,0x00,0xd6,0x37,0x8d,
+ 0xb4,0x5b,0x67,0xb0,0xdb,0x7a,0x10,0x03,0x91,0x64,
+ 0xa6,0xaa,0xc6,0x30,0x49,0x3c,0x81,0x72,0x57,0x9f,
+ 0xd9,0x72,0xae,0xa9,0xce,0xa6,0xf3,0x02,0x82,0x01,
+ 0x01,0x00,0xa3,0x69,0x55,0xe0,0xf6,0xe9,0x52,0xaf,
+ 0xb1,0x41,0xc3,0xfb,0xbe,0x56,0x36,0x25,0x6a,0xef,
+ 0xfa,0x75,0x47,0x9d,0xaf,0xc9,0x63,0x4e,0xfd,0x42,
+ 0xab,0x9c,0xde,0x9c,0x5e,0x29,0xb3,0xd2,0xfe,0x64,
+ 0x10,0xd0,0xe5,0x8f,0x7c,0x50,0xe8,0x27,0xba,0xbf,
+ 0xa9,0x5c,0x29,0xb9,0xbb,0x39,0xc1,0x27,0x60,0x28,
+ 0xf4,0xd8,0x44,0x95,0x12,0x35,0xa1,0x99,0xc7,0xd4,
+ 0xf3,0xdd,0xcd,0x02,0xb2,0x28,0x7f,0x6d,0x15,0x58,
+ 0x2b,0x6e,0x14,0x7a,0xe6,0x24,0x75,0xea,0xf6,0x7d,
+ 0x66,0x9f,0x93,0xec,0x43,0x07,0x8a,0x2c,0x17,0x6d,
+ 0x9e,0x2a,0x7b,0x29,0x29,0x0b,0xbe,0x1c,0x2c,0x8f,
+ 0xee,0xb8,0x35,0xae,0xb4,0x7c,0x21,0x89,0xda,0x37,
+ 0xc9,0x35,0xcc,0xf9,0x43,0x10,0xa1,0x79,0xb5,0xa3,
+ 0x86,0xf3,0xc3,0x83,0xff,0xd5,0xc1,0x9e,0xa5,0xe1,
+ 0x49,0x7f,0x4b,0x47,0xcd,0x35,0x57,0x06,0x39,0x84,
+ 0xad,0x76,0x50,0x7e,0x37,0x31,0x1e,0x48,0x12,0x23,
+ 0x63,0xc5,0xdb,0x09,0x51,0x1a,0xb9,0x1f,0x93,0x74,
+ 0x9d,0x11,0xc8,0xdb,0xb5,0xeb,0xac,0x99,0x29,0x7f,
+ 0x02,0xa7,0x8f,0x84,0x31,0x4b,0x33,0xae,0x5c,0xae,
+ 0xdd,0xf0,0xa7,0x03,0x8e,0xef,0xac,0x6a,0x22,0x51,
+ 0xae,0x8b,0x7e,0x90,0x03,0xe2,0x5e,0x92,0x3a,0xd0,
+ 0x7e,0x86,0xf1,0xe1,0xc1,0x9d,0xd9,0x8d,0x4d,0xf7,
+ 0xe8,0xb1,0xe3,0x52,0x93,0x3b,0xe7,0xbc,0xa3,0x02,
+ 0xd2,0x29,0x25,0x4c,0x1e,0xd8,0x84,0xf1,0xf5,0x8f,
+ 0xc0,0xef,0xba,0xb6,0x2f,0xfd,0x81,0x6f,0xd5,0x01,
+ 0x2e,0xa1,0xa9,0xce,0x06,0x49,0x8d,0x3f,0x02,0x82,
+ 0x01,0x00,0x16,0x9d,0x20,0x3d,0x22,0x4b,0x98,0x8c,
+ 0x06,0x4b,0x04,0x3c,0xbe,0x1a,0x58,0xfb,0x64,0x4e,
+ 0xcd,0x00,0xbf,0xdb,0xc5,0xd7,0x84,0xa8,0x67,0x43,
+ 0xde,0xdd,0xf3,0x0a,0x1e,0x47,0x30,0x24,0xe1,0xec,
+ 0x57,0xb1,0x99,0x2a,0xc8,0x4a,0x5f,0xa8,0x6c,0x3a,
+ 0x3d,0x45,0x7f,0x09,0x33,0x18,0xc1,0x7d,0xa2,0x43,
+ 0x55,0x35,0xec,0xb8,0x68,0x04,0x1a,0x9d,0xf2,0xa2,
+ 0x42,0xe4,0x39,0x73,0xaa,0xaf,0xec,0x6f,0xf8,0x6c,
+ 0xfb,0x7e,0x81,0x25,0xef,0x90,0x2e,0xcf,0x96,0xe5,
+ 0x19,0x4d,0x80,0xd4,0x75,0xe0,0x18,0x7a,0xd9,0x91,
+ 0x9f,0xb1,0x9e,0x4e,0xb2,0x09,0xe8,0x06,0x01,0xed,
+ 0x82,0x02,0xc1,0xb0,0xd8,0x9b,0x51,0x3a,0x65,0x2a,
+ 0x9c,0xe6,0x7d,0xea,0xcd,0xad,0xe4,0x0a,0x4f,0x09,
+ 0x96,0xb9,0xe8,0x5b,0xc0,0xe1,0xa3,0xb9,0xf8,0x43,
+ 0x12,0x89,0x5b,0xa3,0x5e,0x13,0x19,0xf3,0x70,0x69,
+ 0xf1,0x21,0x23,0x2b,0x63,0x5b,0x3c,0x7f,0xf0,0xbe,
+ 0x40,0xcd,0x46,0x6d,0xb6,0xca,0x1b,0xc8,0xe5,0xb8,
+ 0x38,0x23,0x93,0xfd,0xe0,0x4a,0xe8,0xb9,0xef,0x24,
+ 0xf2,0xff,0x24,0x9f,0x0b,0x5c,0x93,0x3f,0xa8,0xa6,
+ 0x46,0x45,0xc2,0xeb,0x1e,0x49,0xc8,0xc7,0xde,0xc3,
+ 0x90,0x49,0xd7,0xfb,0x4e,0xce,0x62,0x54,0x33,0x7f,
+ 0xc1,0xfa,0x36,0xdb,0xa1,0x12,0x1a,0xef,0xb8,0x61,
+ 0xc5,0x20,0xf9,0xe6,0xbf,0x76,0xc0,0x46,0xda,0x0a,
+ 0xf1,0x4a,0x1b,0x80,0xdd,0xe5,0xd9,0x55,0x66,0x5a,
+ 0xd2,0xb6,0xf7,0x7c,0x6a,0x2a,0x55,0x58,0xc2,0x27,
+ 0xa9,0xe8,0x19,0x83,0x04,0x31,0xf3,0xa9,0x02,0x82,
+ 0x01,0x00,0x5f,0x4d,0xd9,0x71,0x24,0x28,0x84,0xbd,
+ 0x39,0x5a,0x17,0x19,0x78,0x0a,0x95,0x01,0xf7,0x42,
+ 0x23,0x16,0xb9,0x86,0x51,0x4b,0xa0,0x59,0x0e,0x30,
+ 0xf3,0xa2,0x61,0xbd,0x66,0x4e,0xa7,0x26,0xc0,0xdc,
+ 0xa7,0x31,0x94,0x1e,0xc2,0x96,0x41,0xe6,0x91,0x4e,
+ 0x6c,0x9a,0xcc,0x80,0xf4,0xb8,0x0a,0x06,0x58,0xb1,
+ 0x20,0x16,0x89,0xb0,0xaa,0x2a,0x31,0x0c,0x7c,0xae,
+ 0x79,0x1e,0x63,0x9a,0x3c,0x8c,0xc4,0x02,0x51,0x3a,
+ 0x58,0x75,0xf7,0xb7,0x2c,0x02,0xc8,0x4c,0x8b,0x09,
+ 0xd2,0x69,0xff,0xcd,0xa3,0x5d,0x9b,0x09,0x1c,0x27,
+ 0xb5,0xc0,0xf0,0x0c,0xa7,0x54,0xc0,0xef,0x86,0x0b,
+ 0x20,0x71,0x46,0x04,0xe4,0x02,0x82,0x7b,0xac,0x26,
+ 0x80,0xc3,0xb1,0x22,0x19,0x6f,0xc6,0x3a,0xdd,0xdc,
+ 0x68,0x3d,0x95,0x5c,0xff,0xc5,0xbf,0x0c,0xf1,0x8f,
+ 0x5e,0xca,0x74,0xd0,0xf3,0xa9,0xe3,0x21,0x34,0x11,
+ 0x11,0xd9,0xc1,0x91,0x65,0xc0,0xde,0x54,0x2e,0xb5,
+ 0xac,0x17,0xb1,0x46,0x3f,0x8e,0xbe,0xbc,0x48,0x0c,
+ 0x96,0x4f,0x48,0x13,0xd4,0x4e,0xb5,0xe4,0xc4,0xbe,
+ 0x55,0xe8,0x7b,0x00,0x36,0x1b,0xd0,0x85,0x24,0xdb,
+ 0x29,0xaf,0x76,0x82,0xb5,0x90,0xcb,0xb1,0xbd,0xb4,
+ 0x45,0x57,0x61,0xcd,0x6e,0xa8,0x23,0xf2,0x7a,0x47,
+ 0x4e,0x01,0x52,0x92,0x55,0x61,0xe5,0xd0,0x4e,0x0a,
+ 0xe7,0x18,0x65,0xf1,0x33,0x2b,0x71,0xf3,0x4b,0x8b,
+ 0xdb,0x28,0x63,0x65,0x9b,0x02,0x5d,0x00,0xc1,0xd1,
+ 0x26,0x9d,0x2a,0x15,0x12,0xf2,0xc8,0xd9,0xb9,0x87,
+ 0x56,0x2c,0xe7,0xa6,0x6d,0xc2,0xd7,0x6b,
+ };
diff --git a/apps/tkca b/apps/tkca
new file mode 100644
index 0000000..bdaf216
--- /dev/null
+++ b/apps/tkca
@@ -0,0 +1,66 @@
+#!/usr/local/bin/perl5
+#
+# This is only something I'm playing with, it does not work :-)
+#
+
+use Tk;
+
+my $main=MainWindow->new();
+my $f=$main->Frame(-relief => "ridge", -borderwidth => 2);
+$f->pack(-fill => 'x');
+
+my $ff=$f->Frame;
+$ff->pack(-fill => 'x');
+my $l=$ff->Label(-text => "TkCA - SSLeay",
+ -relief => "ridge", -borderwidth => 2);
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Certify");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Review");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Revoke");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my $l=$ff->Button(-text => "Generate CRL");
+$l->pack(-fill => 'x', -ipady => 5);
+
+my($db)=&load_db("demoCA/index.txt");
+
+MainLoop;
+
+sub load_db
+ {
+ my(%ret);
+ my($file)=@_;
+ my(*IN);
+ my(%db_serial,%db_name,@f,@db_s);
+
+ $ret{'serial'}=\%db_serial;
+ $ret{'name'}=\%db_name;
+
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ while (<IN>)
+ {
+ chop;
+ s/([^\\])\t/\1\t\t/g;
+ my(@f)=split(/\t\t/);
+ die "wrong number of fields in $file, line $.\n"
+ if ($#f != 5);
+
+ my(%f);
+ $f{'type'}=$f[0];
+ $f{'exp'}=$f[1];
+ $f{'rev'}=$f[2];
+ $f{'serial'}=$f[3];
+ $f{'file'}=$f[4];
+ $f{'name'}=$f[5];
+ die "serial number $f{'serial'} appears twice (line $.)\n"
+ if (defined($db{$f{'serial'}}))
+ $db_serial{$f{'serial'}}=\%f;
+ $db_name{$f{'name'}}.=$f{'serial'}." ";
+ }
+ return \%ret;
+ }
diff --git a/apps/verify.c b/apps/verify.c
new file mode 100644
index 0000000..809f4c4
--- /dev/null
+++ b/apps/verify.c
@@ -0,0 +1,240 @@
+/* apps/verify.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "bio.h"
+#include "err.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG verify_main
+
+#ifndef NOPROTO
+static int MS_CALLBACK cb(int ok, X509_STORE_CTX *ctx);
+static int check(X509_STORE *ctx,char *file);
+#else
+static int MS_CALLBACK cb();
+static int check();
+#endif
+
+static int v_verbose=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,ret=1;
+ char *CApath=NULL,*CAfile=NULL;
+ X509_STORE *cert_ctx=NULL;
+ X509_LOOKUP *lookup=NULL;
+
+ cert_ctx=X509_STORE_new();
+ if (cert_ctx == NULL) goto end;
+ X509_STORE_set_verify_cb_func(cert_ctx,cb);
+
+ ERR_load_crypto_strings();
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ argc--;
+ argv++;
+ for (;;)
+ {
+ if (argc >= 1)
+ {
+ if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (argc-- < 1) goto end;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (argc-- < 1) goto end;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-help") == 0)
+ goto end;
+ else if (strcmp(*argv,"-verbose") == 0)
+ v_verbose=1;
+ else if (argv[0][0] == '-')
+ goto end;
+ else
+ break;
+ argc--;
+ argv++;
+ }
+ else
+ break;
+ }
+
+ lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_file());
+ if (lookup == NULL) abort();
+ if (!X509_LOOKUP_load_file(lookup,CAfile,X509_FILETYPE_PEM))
+ X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+ lookup=X509_STORE_add_lookup(cert_ctx,X509_LOOKUP_hash_dir());
+ if (lookup == NULL) abort();
+ if (!X509_LOOKUP_add_dir(lookup,CApath,X509_FILETYPE_PEM))
+ X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+
+ if (argc < 1) check(cert_ctx,NULL);
+ else
+ for (i=0; i<argc; i++)
+ check(cert_ctx,argv[i]);
+ ret=0;
+end:
+ if (ret == 1)
+ BIO_printf(bio_err,"usage: verify [-verbose] [-CApath path] [-CAfile file] cert1 cert2 ...\n");
+ if (cert_ctx != NULL) X509_STORE_free(cert_ctx);
+ EXIT(ret);
+ }
+
+static int check(ctx,file)
+X509_STORE *ctx;
+char *file;
+ {
+ X509 *x=NULL;
+ BIO *in=NULL;
+ int i=0,ret=0;
+ X509_STORE_CTX csc;
+
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (file == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ }
+
+ x=PEM_read_bio_X509(in,NULL,NULL);
+ if (x == NULL)
+ {
+ fprintf(stdout,"%s: unable to load certificate file\n",
+ (file == NULL)?"stdin":file);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ fprintf(stdout,"%s: ",(file == NULL)?"stdin":file);
+
+ X509_STORE_CTX_init(&csc,ctx,x,NULL);
+ i=X509_verify_cert(&csc);
+ X509_STORE_CTX_cleanup(&csc);
+
+ ret=0;
+end:
+ if (i)
+ {
+ fprintf(stdout,"OK\n");
+ ret=1;
+ }
+ else
+ ERR_print_errors(bio_err);
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+
+ return(ret);
+ }
+
+static int MS_CALLBACK cb(ok,ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+
+ if (!ok)
+ {
+ /* since we are just checking the certificates, it is
+ * ok if they are self signed. */
+ if (ctx->error == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
+ ok=1;
+ else
+ {
+ X509_NAME_oneline(
+ X509_get_subject_name(ctx->current_cert),buf,256);
+ printf("%s\n",buf);
+ printf("error %d at %d depth lookup:%s\n",ctx->error,
+ ctx->error_depth,
+ X509_verify_cert_error_string(ctx->error));
+ if (ctx->error == X509_V_ERR_CERT_HAS_EXPIRED)
+ ok=1;
+ }
+ }
+ if (!v_verbose)
+ ERR_clear_error();
+ return(ok);
+ }
+
diff --git a/apps/version.c b/apps/version.c
new file mode 100644
index 0000000..a849433
--- /dev/null
+++ b/apps/version.c
@@ -0,0 +1,128 @@
+/* apps/version.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "evp.h"
+#include "crypto.h"
+
+#undef PROG
+#define PROG version_main
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,ret=0;
+ int cflags=0,version=0,date=0,options=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ if (argc == 1) version=1;
+ for (i=1; i<argc; i++)
+ {
+ if (strcmp(argv[i],"-v") == 0)
+ version=1;
+ else if (strcmp(argv[i],"-b") == 0)
+ date=1;
+ else if (strcmp(argv[i],"-f") == 0)
+ cflags=1;
+ else if (strcmp(argv[i],"-o") == 0)
+ options=1;
+ else if (strcmp(argv[i],"-a") == 0)
+ date=version=cflags=options=1;
+ else
+ {
+ BIO_printf(bio_err,"usage:version [-a] [-v] [-b] [-o] [-f]\n");
+ ret=1;
+ goto end;
+ }
+ }
+
+ if (version) printf("%s\n",SSLeay_version(SSLEAY_VERSION));
+ if (date) printf("%s\n",SSLeay_version(SSLEAY_BUILT_ON));
+ if (options)
+ {
+ printf("options:");
+ printf("%s ",BN_options());
+#ifndef NO_MD2
+ printf("%s ",MD2_options());
+#endif
+#ifndef NO_RC4
+ printf("%s ",RC4_options());
+#endif
+#ifndef NO_DES
+ printf("%s ",des_options());
+#endif
+#ifndef NO_IDEA
+ printf("%s ",idea_options());
+#endif
+#ifndef NO_BLOWFISH
+ printf("%s ",BF_options());
+#endif
+ }
+ if (cflags) printf("%s\n",SSLeay_version(SSLEAY_CFLAGS));
+end:
+ EXIT(ret);
+ }
diff --git a/apps/x509.c b/apps/x509.c
new file mode 100644
index 0000000..ec20654
--- /dev/null
+++ b/apps/x509.c
@@ -0,0 +1,1042 @@
+/* apps/x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "apps.h"
+#include "bio.h"
+#include "asn1.h"
+#include "err.h"
+#include "bn.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#undef PROG
+#define PROG x509_main
+
+#undef POSTFIX
+#define POSTFIX ".srl"
+#define DEF_DAYS 30
+
+#define FORMAT_UNDEF 0
+#define FORMAT_ASN1 1
+#define FORMAT_TEXT 2
+#define FORMAT_PEM 3
+
+#define CERT_HDR "certificate"
+
+static char *x509_usage[]={
+"usage: x509 args\n",
+" -inform arg - input format - default PEM (one of DER, NET or PEM)\n",
+" -outform arg - output format - default PEM (one of DER, NET or PEM\n",
+" -keyform arg - private key format - default PEM\n",
+" -CAform arg - CA format - default PEM\n",
+" -CAkeyform arg - CA key format - default PEM\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -serial - print serial number value\n",
+" -hash - print hash value\n",
+" -subject - print subject DN\n",
+" -issuer - print issuer DN\n",
+" -startdate - notBefore field\n",
+" -enddate - notAfter field\n",
+" -dates - both Before and After dates\n",
+" -modulus - print the RSA key modulus\n",
+" -fingerprint - print the certificate fingerprint\n",
+" -noout - no certificate output\n",
+
+" -days arg - How long till expiry of a signed certificate - def 30 days\n",
+" -signkey arg - self sign cert with arg\n",
+" -x509toreq - output a certification request object\n",
+" -req - input is a certificate request, sign and output.\n",
+" -CA arg - set the CA certificate, must be PEM format.\n",
+" -CAkey arg - set the CA key, must be PEM format\n",
+" missing, it is asssumed to be in the CA file.\n",
+" -CAcreateserial - create serial number file if it does not exist\n",
+" -CAserial - serial file\n",
+" -text - print the certitificate in text form\n",
+" -C - print out C code forms\n",
+" -md2/-md5/-sha1/-mdc2 - digest to do an RSA sign with\n",
+NULL
+};
+
+#ifndef NOPROTO
+static int MS_CALLBACK callb(int ok, X509_STORE_CTX *ctx);
+static EVP_PKEY *load_key(char *file, int format);
+static X509 *load_cert(char *file, int format);
+static int sign (X509 *x, EVP_PKEY *pkey,int days,EVP_MD *digest);
+static int x509_certify (X509_STORE *ctx,char *CAfile, EVP_MD *digest,X509 *x,
+ X509 *xca, EVP_PKEY *pkey,char *serial, int create, int days);
+#else
+static int MS_CALLBACK callb();
+static EVP_PKEY *load_key();
+static X509 *load_cert();
+static int sign ();
+static int x509_certify ();
+#endif
+
+static int reqfile=0;
+
+int MAIN(argc, argv)
+int argc;
+char **argv;
+ {
+ int ret=1;
+ X509_REQ *req=NULL;
+ X509 *x=NULL,*xca=NULL;
+ EVP_PKEY *Upkey=NULL,*CApkey=NULL;
+ int i,num,badops=0;
+ BIO *out=NULL;
+ BIO *STDout=NULL;
+ int informat,outformat,keyformat,CAformat,CAkeyformat;
+ char *infile=NULL,*outfile=NULL,*keyfile=NULL,*CAfile=NULL;
+ char *CAkeyfile=NULL,*CAserial=NULL;
+ int text=0,serial=0,hash=0,subject=0,issuer=0,startdate=0,enddate=0;
+ int noout=0,sign_flag=0,CA_flag=0,CA_createserial=0;
+ int C=0;
+ int x509req=0,days=DEF_DAYS,modulus=0;
+ char **pp;
+ X509_STORE *ctx=NULL;
+ X509_REQ *rq=NULL;
+ int fingerprint=0;
+ char buf[256];
+ EVP_MD *md_alg,*digest=EVP_md5();
+
+ reqfile=0;
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ STDout=BIO_new_fp(stdout,BIO_NOCLOSE);
+
+ informat=FORMAT_PEM;
+ outformat=FORMAT_PEM;
+ keyformat=FORMAT_PEM;
+ CAformat=FORMAT_PEM;
+ CAkeyformat=FORMAT_PEM;
+
+ ctx=X509_STORE_new();
+ if (ctx == NULL) goto end;
+ X509_STORE_set_verify_cb_func(ctx,callb);
+
+ argc--;
+ argv++;
+ num=0;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-inform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ informat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-outform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-keyform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-req") == 0)
+ reqfile=1;
+ else if (strcmp(*argv,"-CAform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-CAkeyform") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAformat=str2fmt(*(++argv));
+ }
+ else if (strcmp(*argv,"-days") == 0)
+ {
+ if (--argc < 1) goto bad;
+ days=atoi(*(++argv));
+ if (days == 0)
+ {
+ BIO_printf(bio_err,"bad number of days\n");
+ goto bad;
+ }
+ }
+ else if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-signkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keyfile= *(++argv);
+ sign_flag= ++num;
+ }
+ else if (strcmp(*argv,"-CA") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ CA_flag= ++num;
+ }
+ else if (strcmp(*argv,"-CAkey") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAkeyfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAserial") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAserial= *(++argv);
+ }
+ else if (strcmp(*argv,"-C") == 0)
+ C= ++num;
+ else if (strcmp(*argv,"-serial") == 0)
+ serial= ++num;
+ else if (strcmp(*argv,"-modulus") == 0)
+ modulus= ++num;
+ else if (strcmp(*argv,"-x509toreq") == 0)
+ x509req= ++num;
+ else if (strcmp(*argv,"-text") == 0)
+ text= ++num;
+ else if (strcmp(*argv,"-hash") == 0)
+ hash= ++num;
+ else if (strcmp(*argv,"-subject") == 0)
+ subject= ++num;
+ else if (strcmp(*argv,"-issuer") == 0)
+ issuer= ++num;
+ else if (strcmp(*argv,"-fingerprint") == 0)
+ fingerprint= ++num;
+ else if (strcmp(*argv,"-dates") == 0)
+ {
+ startdate= ++num;
+ enddate= ++num;
+ }
+ else if (strcmp(*argv,"-startdate") == 0)
+ startdate= ++num;
+ else if (strcmp(*argv,"-enddate") == 0)
+ enddate= ++num;
+ else if (strcmp(*argv,"-noout") == 0)
+ noout= ++num;
+ else if (strcmp(*argv,"-CAcreateserial") == 0)
+ CA_createserial= ++num;
+ else if ((md_alg=EVP_get_digestbyname(&((*argv)[1]))) != NULL)
+ {
+ /* ok */
+ digest=md_alg;
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=x509_usage; (*pp != NULL); pp++)
+ BIO_printf(bio_err,*pp);
+ goto end;
+ }
+
+ ERR_load_crypto_strings();
+
+ if (!X509_STORE_set_default_paths(ctx))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if ((CAkeyfile == NULL) && (CA_flag) && (CAformat == FORMAT_PEM))
+ { CAkeyfile=CAfile; }
+ else if ((CA_flag) && (CAkeyfile == NULL))
+ {
+ BIO_printf(bio_err,"need to specify a CAkey if using the CA command\n");
+ goto end;
+ }
+
+ if (reqfile)
+ {
+ EVP_PKEY *pkey;
+ X509_CINF *ci;
+ BIO *in;
+
+ if (!sign_flag && !CA_flag)
+ {
+ BIO_printf(bio_err,"We need a private key to sign with\n");
+ goto end;
+ }
+ in=BIO_new(BIO_s_file());
+ if (in == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (infile == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,infile) <= 0)
+ {
+ perror(infile);
+ goto end;
+ }
+ }
+ req=PEM_read_bio_X509_REQ(in,NULL,NULL);
+ BIO_free(in);
+
+ if (req == NULL) { perror(infile); goto end; }
+
+ if ( (req->req_info == NULL) ||
+ (req->req_info->pubkey == NULL) ||
+ (req->req_info->pubkey->public_key == NULL) ||
+ (req->req_info->pubkey->public_key->data == NULL))
+ {
+ BIO_printf(bio_err,"The certificate request appears to corrupted\n");
+ BIO_printf(bio_err,"It does not contain a public key\n");
+ goto end;
+ }
+ if ((pkey=X509_REQ_get_pubkey(req)) == NULL)
+ {
+ BIO_printf(bio_err,"error unpacking public key\n");
+ goto end;
+ }
+ i=X509_REQ_verify(req,pkey);
+ if (i < 0)
+ {
+ BIO_printf(bio_err,"Signature verification error\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (i == 0)
+ {
+ BIO_printf(bio_err,"Signature did not match the certificate request\n");
+ goto end;
+ }
+ else
+ BIO_printf(bio_err,"Signature ok\n");
+
+ X509_NAME_oneline(req->req_info->subject,buf,256);
+ BIO_printf(bio_err,"subject=%s\n",buf);
+
+ if ((x=X509_new()) == NULL) goto end;
+ ci=x->cert_info;
+
+ if (!ASN1_INTEGER_set(X509_get_serialNumber(x),0)) goto end;
+ if (!X509_set_issuer_name(x,req->req_info->subject)) goto end;
+ if (!X509_set_subject_name(x,req->req_info->subject)) goto end;
+
+ X509_gmtime_adj(X509_get_notBefore(x),0);
+ X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
+
+ X509_PUBKEY_free(ci->key);
+ ci->key=req->req_info->pubkey;
+ req->req_info->pubkey=NULL;
+ }
+ else
+ x=load_cert(infile,informat);
+
+ if (x == NULL) goto end;
+ if (CA_flag)
+ {
+ xca=load_cert(CAfile,CAformat);
+ if (xca == NULL) goto end;
+ }
+
+ if (!noout || text)
+ {
+ OBJ_create_and_add_object("2.99999.3",
+ "SET.ex3","SET x509v3 extension 3");
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (outfile == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outfile) <= 0)
+ {
+ perror(outfile);
+ goto end;
+ }
+ }
+ }
+
+ if (num)
+ {
+ for (i=1; i<=num; i++)
+ {
+ if (issuer == i)
+ {
+ X509_NAME_oneline(X509_get_issuer_name(x),
+ buf,256);
+ fprintf(stdout,"issuer= %s\n",buf);
+ }
+ else if (subject == i)
+ {
+ X509_NAME_oneline(X509_get_subject_name(x),
+ buf,256);
+ fprintf(stdout,"subject=%s\n",buf);
+ }
+ else if (serial == i)
+ {
+ fprintf(stdout,"serial=");
+ i2a_ASN1_INTEGER(STDout,x->cert_info->serialNumber);
+ fprintf(stdout,"\n");
+ }
+ else if (hash == i)
+ {
+ fprintf(stdout,"%08lx\n",
+ X509_subject_name_hash(x));
+ }
+ else
+#ifndef NO_RSA
+ if (modulus == i)
+ {
+ EVP_PKEY *pkey;
+
+ pkey=X509_get_pubkey(x);
+ if (pkey == NULL)
+ {
+ fprintf(stdout,"Modulus=unavailable\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ fprintf(stdout,"Modulus=");
+ if (pkey->type == EVP_PKEY_RSA)
+ BN_print(STDout,pkey->pkey.rsa->n);
+ else
+ fprintf(stdout,"Wrong Algorithm type");
+ fprintf(stdout,"\n");
+ }
+ else
+#endif
+ if (C == i)
+ {
+ unsigned char *d;
+ char *m;
+ int y,z;
+
+ X509_NAME_oneline(X509_get_subject_name(x),
+ buf,256);
+ printf("/* subject:%s */\n",buf);
+ m=X509_NAME_oneline(
+ X509_get_issuer_name(x),buf,256);
+ printf("/* issuer :%s */\n",buf);
+
+ z=i2d_X509(x,NULL);
+ m=Malloc(z);
+
+ d=(unsigned char *)m;
+ z=i2d_X509_NAME(X509_get_subject_name(x),&d);
+ printf("unsigned char XXX_subject_name[%d]={\n",z);
+ d=(unsigned char *)m;
+ for (y=0; y<z; y++)
+ {
+ printf("0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) printf("\n");
+ }
+ if (y%16 != 0) printf("\n");
+ printf("};\n");
+
+ z=i2d_X509_PUBKEY(X509_get_X509_PUBKEY(x),&d);
+ printf("unsigned char XXX_public_key[%d]={\n",z);
+ d=(unsigned char *)m;
+ for (y=0; y<z; y++)
+ {
+ printf("0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) printf("\n");
+ }
+ if (y%16 != 0) printf("\n");
+ printf("};\n");
+
+ z=i2d_X509(x,&d);
+ printf("unsigned char XXX_certificate[%d]={\n",z);
+ d=(unsigned char *)m;
+ for (y=0; y<z; y++)
+ {
+ printf("0x%02X,",d[y]);
+ if ((y & 0x0f) == 0x0f) printf("\n");
+ }
+ if (y%16 != 0) printf("\n");
+ printf("};\n");
+
+ Free(m);
+ }
+ else if (text == i)
+ {
+ X509_print(out,x);
+ }
+ else if (startdate == i)
+ {
+ BIO_puts(STDout,"notBefore=");
+ ASN1_UTCTIME_print(STDout,X509_get_notBefore(x));
+ BIO_puts(STDout,"\n");
+ }
+ else if (enddate == i)
+ {
+ BIO_puts(STDout,"notAfter=");
+ ASN1_UTCTIME_print(STDout,X509_get_notAfter(x));
+ BIO_puts(STDout,"\n");
+ }
+ else if (fingerprint == i)
+ {
+ int j;
+ unsigned int n;
+ unsigned char md[EVP_MAX_MD_SIZE];
+
+ if (!X509_digest(x,EVP_md5(),md,&n))
+ {
+ BIO_printf(bio_err,"out of memory\n");
+ goto end;
+ }
+ fprintf(stdout,"MD5 Fingerprint=");
+ for (j=0; j<(int)n; j++)
+ {
+ fprintf(stdout,"%02X%c",md[j],
+ (j+1 == (int)n)
+ ?'\n':':');
+ }
+ }
+
+ /* should be in the library */
+ else if ((sign_flag == i) && (x509req == 0))
+ {
+ BIO_printf(bio_err,"Getting Private key\n");
+ if (Upkey == NULL)
+ {
+ Upkey=load_key(keyfile,keyformat);
+ if (Upkey == NULL) goto end;
+ }
+#ifndef NO_DSA
+ if (Upkey->type == EVP_PKEY_DSA)
+ digest=EVP_dss1();
+#endif
+
+ if (!sign(x,Upkey,days,digest)) goto end;
+ }
+ else if (CA_flag == i)
+ {
+ BIO_printf(bio_err,"Getting CA Private Key\n");
+ if (CAkeyfile != NULL)
+ {
+ CApkey=load_key(CAkeyfile,CAkeyformat);
+ if (CApkey == NULL) goto end;
+ }
+#ifndef NO_DSA
+ if (CApkey->type == EVP_PKEY_DSA)
+ digest=EVP_dss1();
+#endif
+ if (!x509_certify(ctx,CAfile,digest,x,xca,
+ CApkey,
+ CAserial,CA_createserial,days))
+ goto end;
+ }
+ else if (x509req == i)
+ {
+ EVP_PKEY *pk;
+
+ BIO_printf(bio_err,"Getting request Private Key\n");
+ if (keyfile == NULL)
+ {
+ BIO_printf(bio_err,"no request key file specified\n");
+ goto end;
+ }
+ else
+ {
+ pk=load_key(keyfile,FORMAT_PEM);
+ if (pk == NULL) goto end;
+ }
+
+ BIO_printf(bio_err,"Generating certificate request\n");
+
+ rq=X509_to_X509_REQ(x,pk);
+ EVP_PKEY_free(pk);
+ if (rq == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (!noout)
+ {
+ X509_REQ_print(out,rq);
+ PEM_write_bio_X509_REQ(out,rq);
+ }
+ noout=1;
+ }
+ }
+ }
+
+ if (noout)
+ {
+ ret=0;
+ goto end;
+ }
+
+ if (outformat == FORMAT_ASN1)
+ i=i2d_X509_bio(out,x);
+ else if (outformat == FORMAT_PEM)
+ i=PEM_write_bio_X509(out,x);
+ else if (outformat == FORMAT_NETSCAPE)
+ {
+ ASN1_HEADER ah;
+ ASN1_OCTET_STRING os;
+
+ os.data=(unsigned char *)CERT_HDR;
+ os.length=strlen(CERT_HDR);
+ ah.header= &os;
+ ah.data=(char *)x;
+ ah.meth=X509_asn1_meth();
+
+ /* no macro for this one yet */
+ i=ASN1_i2d_bio(i2d_ASN1_HEADER,out,(unsigned char *)&ah);
+ }
+ else {
+ BIO_printf(bio_err,"bad output format specified for outfile\n");
+ goto end;
+ }
+ if (!i) {
+ BIO_printf(bio_err,"unable to write certificate\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ ret=0;
+end:
+ OBJ_cleanup();
+ if (out != NULL) BIO_free(out);
+ if (STDout != NULL) BIO_free(STDout);
+ if (ctx != NULL) X509_STORE_free(ctx);
+ if (req != NULL) X509_REQ_free(req);
+ if (x != NULL) X509_free(x);
+ if (xca != NULL) X509_free(xca);
+ if (Upkey != NULL) EVP_PKEY_free(Upkey);
+ if (CApkey != NULL) EVP_PKEY_free(CApkey);
+ if (rq != NULL) X509_REQ_free(rq);
+ EXIT(ret);
+ }
+
+static int x509_certify(ctx,CAfile,digest,x,xca,pkey,serialfile,create,days)
+X509_STORE *ctx;
+char *CAfile;
+EVP_MD *digest;
+X509 *x;
+X509 *xca;
+EVP_PKEY *pkey;
+char *serialfile;
+int create;
+int days;
+ {
+ int ret=0;
+ BIO *io=NULL;
+ MS_STATIC char buf2[1024];
+ char *buf=NULL,*p;
+ BIGNUM *serial=NULL;
+ ASN1_INTEGER *bs=NULL,bs2;
+ X509_STORE_CTX xsc;
+ EVP_PKEY *upkey;
+
+ EVP_PKEY_copy_parameters(X509_get_pubkey(xca),pkey);
+
+ X509_STORE_CTX_init(&xsc,ctx,x,NULL);
+ buf=(char *)Malloc(EVP_PKEY_size(pkey)*2+
+ ((serialfile == NULL)
+ ?(strlen(CAfile)+strlen(POSTFIX)+1)
+ :(strlen(serialfile)))+1);
+ if (buf == NULL) { BIO_printf(bio_err,"out of mem\n"); goto end; }
+ if (serialfile == NULL)
+ {
+ strcpy(buf,CAfile);
+ for (p=buf; *p; p++)
+ if (*p == '.')
+ {
+ *p='\0';
+ break;
+ }
+ strcat(buf,POSTFIX);
+ }
+ else
+ strcpy(buf,serialfile);
+ serial=BN_new();
+ bs=ASN1_INTEGER_new();
+ if ((serial == NULL) || (bs == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ io=BIO_new(BIO_s_file());
+ if (io == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (BIO_read_filename(io,buf) <= 0)
+ {
+ if (!create)
+ {
+ perror(buf);
+ goto end;
+ }
+ else
+ {
+ ASN1_INTEGER_set(bs,0);
+ BN_zero(serial);
+ }
+ }
+ else
+ {
+ if (!a2i_ASN1_INTEGER(io,bs,buf2,1024))
+ {
+ BIO_printf(bio_err,"unable to load serial number from %s\n",buf);
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ else
+ {
+ serial=BN_bin2bn(bs->data,bs->length,serial);
+ if (serial == NULL)
+ {
+ BIO_printf(bio_err,"error converting bin 2 bn");
+ goto end;
+ }
+ }
+ }
+
+ if (!BN_add_word(serial,1))
+ { BIO_printf(bio_err,"add_word failure\n"); goto end; }
+ bs2.data=(unsigned char *)buf2;
+ bs2.length=BN_bn2bin(serial,bs2.data);
+
+ if (BIO_write_filename(io,buf) <= 0)
+ {
+ BIO_printf(bio_err,"error attempting to write serial number file\n");
+ perror(buf);
+ goto end;
+ }
+ i2a_ASN1_INTEGER(io,&bs2);
+ BIO_puts(io,"\n");
+ BIO_free(io);
+ io=NULL;
+
+ if (!X509_STORE_add_cert(ctx,x)) goto end;
+
+ /* NOTE: this certificate can/should be self signed, unless it was
+ * a certificate request in which case it is not. */
+ X509_STORE_CTX_set_cert(&xsc,x);
+ if (!reqfile && !X509_verify_cert(&xsc))
+ goto end;
+
+ if (!X509_set_issuer_name(x,X509_get_subject_name(xca))) goto end;
+ if (!X509_set_serialNumber(x,bs)) goto end;
+
+ if (X509_gmtime_adj(X509_get_notBefore(x),0L) == NULL)
+ goto end;
+
+ /* hardwired expired */
+ if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
+ goto end;
+
+ /* don't save DSA parameters in child if parent has them. */
+ upkey=X509_get_pubkey(x);
+ if (!EVP_PKEY_missing_parameters(pkey))
+ {
+ EVP_PKEY_save_parameters(upkey,0);
+ /* Force a re-write */
+ X509_set_pubkey(x,upkey);
+ }
+
+ if (!X509_sign(x,pkey,digest)) goto end;
+ ret=1;
+end:
+ X509_STORE_CTX_cleanup(&xsc);
+ if (!ret)
+ ERR_print_errors(bio_err);
+ if (buf != NULL) Free(buf);
+ if (bs != NULL) ASN1_INTEGER_free(bs);
+ if (io != NULL) BIO_free(io);
+ if (serial != NULL) BN_free(serial);
+ return(ret);
+ }
+
+static int MS_CALLBACK callb(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ int err;
+ X509 *err_cert;
+
+ /* it is ok to use a self signed certificate
+ * This case will catch both the initial ok == 0 and the
+ * final ok == 1 calls to this function */
+ err=X509_STORE_CTX_get_error(ctx);
+ if (err == X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT)
+ return(1);
+
+ /* BAD we should have gotten an error. Normally if everything
+ * worked X509_STORE_CTX_get_error(ctx) will still be set to
+ * DEPTH_ZERO_SELF_.... */
+ if (ok)
+ {
+ printf("error with certificate to be certified - should be self signed\n");
+ return(0);
+ }
+ else
+ {
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ printf("%s\n",buf);
+ printf("error with certificate - error %d at depth %d\n%s\n",
+ err,X509_STORE_CTX_get_error_depth(ctx),
+ X509_verify_cert_error_string(err));
+ return(1);
+ }
+ }
+
+static EVP_PKEY *load_key(file, format)
+char *file;
+int format;
+ {
+ BIO *key=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ if (file == NULL)
+ {
+ BIO_printf(bio_err,"no keyfile specified\n");
+ goto end;
+ }
+ key=BIO_new(BIO_s_file());
+ if (key == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (BIO_read_filename(key,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+#ifndef NO_RSA
+ if (format == FORMAT_ASN1)
+ {
+ RSA *rsa;
+
+ rsa=d2i_RSAPrivateKey_bio(key,NULL);
+ if (rsa != NULL)
+ {
+ if ((pkey=EVP_PKEY_new()) != NULL)
+ EVP_PKEY_assign_RSA(pkey,rsa);
+ else
+ RSA_free(rsa);
+ }
+ }
+ else
+#endif
+ if (format == FORMAT_PEM)
+ {
+ pkey=PEM_read_bio_PrivateKey(key,NULL,NULL);
+ }
+ else
+ {
+ BIO_printf(bio_err,"bad input format specified for key\n");
+ goto end;
+ }
+end:
+ if (key != NULL) BIO_free(key);
+ if (pkey == NULL)
+ BIO_printf(bio_err,"unable to load Private Key\n");
+ return(pkey);
+ }
+
+static X509 *load_cert(file, format)
+char *file;
+int format;
+ {
+ ASN1_HEADER *ah=NULL;
+ BUF_MEM *buf=NULL;
+ X509 *x=NULL;
+ BIO *cert;
+
+ if ((cert=BIO_new(BIO_s_file())) == NULL)
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (file == NULL)
+ BIO_set_fp(cert,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(cert,file) <= 0)
+ {
+ perror(file);
+ goto end;
+ }
+ }
+ if (format == FORMAT_ASN1)
+ x=d2i_X509_bio(cert,NULL);
+ else if (format == FORMAT_NETSCAPE)
+ {
+ unsigned char *p,*op;
+ int size=0,i;
+
+ /* We sort of have to do it this way because it is sort of nice
+ * to read the header first and check it, then
+ * try to read the certificate */
+ buf=BUF_MEM_new();
+ for (;;)
+ {
+ if ((buf == NULL) || (!BUF_MEM_grow(buf,size+1024*10)))
+ goto end;
+ i=BIO_read(cert,&(buf->data[size]),1024*10);
+ size+=i;
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("reading certificate");
+ goto end;
+ }
+ }
+ p=(unsigned char *)buf->data;
+ op=p;
+
+ /* First load the header */
+ if ((ah=d2i_ASN1_HEADER(NULL,&p,(long)size)) == NULL)
+ goto end;
+ if ((ah->header == NULL) || (ah->header->data == NULL) ||
+ (strncmp(CERT_HDR,(char *)ah->header->data,
+ ah->header->length) != 0))
+ {
+ BIO_printf(bio_err,"Error reading header on certificate\n");
+ goto end;
+ }
+ /* header is ok, so now read the object */
+ p=op;
+ ah->meth=X509_asn1_meth();
+ if ((ah=d2i_ASN1_HEADER(&ah,&p,(long)size)) == NULL)
+ goto end;
+ x=(X509 *)ah->data;
+ ah->data=NULL;
+ }
+ else if (format == FORMAT_PEM)
+ x=PEM_read_bio_X509(cert,NULL,NULL);
+ else {
+ BIO_printf(bio_err,"bad input format specified for input cert\n");
+ goto end;
+ }
+end:
+ if (x == NULL)
+ {
+ BIO_printf(bio_err,"unable to load certificate\n");
+ ERR_print_errors(bio_err);
+ }
+ if (ah != NULL) ASN1_HEADER_free(ah);
+ if (cert != NULL) BIO_free(cert);
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(x);
+ }
+
+/* self sign */
+static int sign(x, pkey, days, digest)
+X509 *x;
+EVP_PKEY *pkey;
+int days;
+EVP_MD *digest;
+ {
+
+ EVP_PKEY_copy_parameters(X509_get_pubkey(x),pkey);
+ EVP_PKEY_save_parameters(X509_get_pubkey(x),1);
+
+ if (!X509_set_issuer_name(x,X509_get_subject_name(x))) goto err;
+ if (X509_gmtime_adj(X509_get_notBefore(x),0) == NULL) goto err;
+
+ /* Lets just make it 12:00am GMT, Jan 1 1970 */
+ /* memcpy(x->cert_info->validity->notBefore,"700101120000Z",13); */
+ /* 28 days to be certified */
+
+ if (X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days) == NULL)
+ goto err;
+
+ if (!X509_set_pubkey(x,pkey)) goto err;
+ if (!X509_sign(x,pkey,digest)) goto err;
+ return(1);
+err:
+ ERR_print_errors(bio_err);
+ return(0);
+ }
diff --git a/bugs/MS b/bugs/MS
new file mode 100644
index 0000000..a1dcfb9
--- /dev/null
+++ b/bugs/MS
@@ -0,0 +1,7 @@
+If you use the function that does an fopen inside the DLL, it's malloc
+will be used and when the function is then written inside, more
+hassles
+....
+
+
+think about it.
diff --git a/bugs/SSLv3 b/bugs/SSLv3
new file mode 100644
index 0000000..2e22a65
--- /dev/null
+++ b/bugs/SSLv3
@@ -0,0 +1,41 @@
+So far...
+
+ssl3.netscape.com:443 does not support client side dynamic
+session-renegotiation.
+
+ssl3.netscape.com:444 (asks for client cert) sends out all the CA RDN
+in an invalid format (the outer sequence is removed).
+
+Netscape-Commerce/1.12, when talking SSLv2, accepts a 32 byte
+challenge but then appears to only use 16 bytes when generating the
+encryption keys. Using 16 bytes is ok but it should be ok to use 32.
+According to the SSLv3 spec, one should use 32 bytes for the challenge
+when opperating in SSLv2/v3 compatablity mode, but as mentioned above,
+this breaks this server so 16 bytes is the way to go.
+
+www.microsoft.com - when talking SSLv2, if session-id reuse is
+performed, the session-id passed back in the server-finished message
+is different from the one decided upon.
+
+ssl3.netscape.com:443, first a connection is established with RC4-MD5.
+If it is then resumed, we end up using DES-CBC3-SHA. It should be
+RC4-MD5 according to 7.6.1.3, 'cipher_suite'.
+Netscape-Enterprise/2.01 (https://merchant.netscape.com) has this bug.
+It only really shows up when connecting via SSLv2/v3 then reconnecting
+via SSLv3. The cipher list changes....
+NEW INFORMATION. Try connecting with a cipher list of just
+DES-CBC-SHA:RC4-MD5. For some weird reason, each new connection uses
+RC4-MD5, but a re-connect tries to use DES-CBC-SHA. So netscape, when
+doing a re-connect, always takes the first cipher in the cipher list.
+
+If we accept a netscape connection, demand a client cert, have a
+non-self-sighed CA which does not have it's CA in netscape, and the
+browser has a cert, it will crash/hang. Works for 3.x and 4.xbeta
+
+Netscape browsers do not really notice the server sending a
+close notify message. I was sending one, and then some invalid data.
+netscape complained of an invalid mac. (a fork()ed child doing a
+SSL_shutdown() and still sharing the socket with its parent).
+
+Netscape, when using export ciphers, will accept a 1024 bit temporary
+RSA key. It is supposed to only accept 512.
diff --git a/bugs/VC16.bug b/bugs/VC16.bug
new file mode 100644
index 0000000..7815bb5
--- /dev/null
+++ b/bugs/VC16.bug
@@ -0,0 +1,18 @@
+Microsoft (R) C/C++ Optimizing Compiler Version 8.00c
+
+Compile with /O2 chokes the compiler on these files
+
+crypto\md\md5_dgst.c warning '@(#)reg86.c:1.26', line 1110
+crypto\des\ofb64ede.c warning '@(#)grammar.c:1.147', line 168
+crypto\des\ofb64enc.c warning '@(#)grammar.c:1.147', line 168
+crypto\des\qud_cksm.c warning '@(#)grammar.c:1.147', line 168
+crypto\rc2\rc2ofb64.c warning '@(#)grammar.c:1.147', line 168
+crypto\objects\obj_dat.c warning '@(#)grammar.c:1.147', line 168
+ fatal '@(#)grammar.c:1.147', line 168
+crypto\objects\obj_lib.c warning '@(#)grammar.c:1.147', line 168
+ fatal '@(#)grammar.c:1.147', line 168
+ssl\ssl_auth.c warning '@(#)grammar.c:1.147', line 168
+ fatal '@(#)grammar.c:1.147', line 168
+
+Turning on /G3 with build flags that worked fine for /G2 came up with
+divide by zero errors in 'normal' code in speed.c :-(
diff --git a/bugs/alpha.c b/bugs/alpha.c
new file mode 100644
index 0000000..419379b
--- /dev/null
+++ b/bugs/alpha.c
@@ -0,0 +1,91 @@
+/* bugs/alpha.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* while not exactly a bug (ASN1 C leaves this undefined) it is
+ * something to watch out for. This was fine on linux/NT/Solaris but not
+ * Alpha */
+
+/* it is basically an example of
+ * func(*(a++),*(a++))
+ * which parameter is evaluated first? It is not defined in ASN1 C.
+ */
+
+#include <stdio.h>
+
+#define TYPE unsigned int
+
+void func(a,b)
+TYPE *a;
+TYPE b;
+ {
+ printf("%ld -1 == %ld\n",a[0],b);
+ }
+
+main()
+ {
+ TYPE data[5]={1L,2L,3L,4L,5L};
+ TYPE *p;
+ int i;
+
+ p=data;
+
+ for (i=0; i<4; i++)
+ {
+ func(p,*(p++));
+ }
+ }
diff --git a/bugs/dggccbug.c b/bugs/dggccbug.c
new file mode 100644
index 0000000..30e07a6
--- /dev/null
+++ b/bugs/dggccbug.c
@@ -0,0 +1,45 @@
+/* NOCW */
+/* dggccbug.c */
+/* bug found by Eric Young (eay@cryptsoft.com) - May 1995 */
+
+#include <stdio.h>
+
+/* There is a bug in
+ * gcc version 2.5.8 (88open OCS/BCS, DG-2.5.8.3, Oct 14 1994)
+ * as shipped with DGUX 5.4R3.10 that can be bypassed by defining
+ * DG_GCC_BUG in my code.
+ * The bug manifests itself by the vaule of a pointer that is
+ * used only by reference, not having it's value change when it is used
+ * to check for exiting the loop. Probably caused by there being 2
+ * copies of the valiable, one in a register and one being an address
+ * that is passed. */
+
+/* compare the out put from
+ * gcc dggccbug.c; ./a.out
+ * and
+ * gcc -O dggccbug.c; ./a.out
+ * compile with -DFIXBUG to remove the bug when optimising.
+ */
+
+void inc(a)
+int *a;
+ {
+ (*a)++;
+ }
+
+main()
+ {
+ int p=0;
+#ifdef FIXBUG
+ int dummy;
+#endif
+
+ while (p<3)
+ {
+ fprintf(stderr,"%08X\n",p);
+ inc(&p);
+#ifdef FIXBUG
+ dummy+=p;
+#endif
+ }
+ }
diff --git a/bugs/sgiccbug.c b/bugs/sgiccbug.c
new file mode 100644
index 0000000..48bd060
--- /dev/null
+++ b/bugs/sgiccbug.c
@@ -0,0 +1,55 @@
+/* NOCW */
+/* sgibug.c */
+/* bug found by Eric Young (eay@mincom.oz.au) May 95 */
+
+#include <stdio.h>
+
+/* This compiler bug it present on IRIX 5.3, 5.1 and 4.0.5 (these are
+ * the only versions of IRIX I have access to.
+ * defining FIXBUG removes the bug.
+ */
+
+/* Compare the output from
+ * cc sgiccbug.c; ./a.out
+ * and
+ * cc -O sgiccbug.c; ./a.out
+ */
+
+static unsigned long a[4]={0x01234567,0x89ABCDEF,0xFEDCBA98,0x76543210};
+static unsigned long b[4]={0x89ABCDEF,0xFEDCBA98,0x76543210,0x01234567};
+static unsigned long c[4]={0x77777778,0x8ACF1357,0x88888888,0x7530ECA9};
+
+main()
+ {
+ unsigned long r[4];
+ sub(r,a,b);
+ fprintf(stderr,"input a= %08X %08X %08X %08X\n",a[3],a[2],a[1],a[0]);
+ fprintf(stderr,"input b= %08X %08X %08X %08X\n",b[3],b[2],b[1],b[0]);
+ fprintf(stderr,"output = %08X %08X %08X %08X\n",r[3],r[2],r[1],r[0]);
+ fprintf(stderr,"correct= %08X %08X %08X %08X\n",c[3],c[2],c[1],c[0]);
+ }
+
+int sub(r,a,b)
+unsigned long *r,*a,*b;
+ {
+ register unsigned long t1,t2,*ap,*bp,*rp;
+ int i,carry;
+#ifdef FIXBUG
+ unsigned long dummy;
+#endif
+
+ ap=a;
+ bp=b;
+ rp=r;
+ carry=0;
+ for (i=0; i<4; i++)
+ {
+ t1= *(ap++);
+ t2= *(bp++);
+ t1=(t1-t2);
+#ifdef FIXBUG
+ dummy=t1;
+#endif
+ *(rp++)=t1&0xffffffff;
+ }
+ }
diff --git a/bugs/sslref.dif b/bugs/sslref.dif
new file mode 100644
index 0000000..0aa92bf
--- /dev/null
+++ b/bugs/sslref.dif
@@ -0,0 +1,26 @@
+The February 9th, 1995 version of the SSL document differs from
+https://www.netscape.com in the following ways.
+=====
+The key material for generating a SSL_CK_DES_64_CBC_WITH_MD5 key is
+KEY-MATERIAL-0 = MD5[MASTER-KEY,"0",CHALLENGE,CONNECTION-ID]
+not
+KEY-MATERIAL-0 = MD5[MASTER-KEY,CHALLENGE,CONNECTION-ID]
+as specified in the documentation.
+=====
+From the section 2.6 Server Only Protocol Messages
+
+If the SESSION-ID-HIT flag is non-zero then the CERTIFICATE-TYPE,
+CERTIFICATE-LENGTH and CIPHER-SPECS-LENGTH fields will be zero.
+
+This is not true for https://www.netscape.com. The CERTIFICATE-TYPE
+is returned as 1.
+=====
+I have not tested the following but it is reported by holtzman@mit.edu.
+
+SSLref clients wait to recieve a server-verify before they send a
+client-finished. Besides this not being evident from the examples in
+2.2.1, it makes more sense to always send all packets you can before
+reading. SSLeay was waiting in the server to recieve a client-finish
+before sending the server-verify :-). I have changed SSLeay to send a
+server-verify before trying to read the client-finished.
+
diff --git a/bugs/stream.c b/bugs/stream.c
new file mode 100644
index 0000000..155b7b9
--- /dev/null
+++ b/bugs/stream.c
@@ -0,0 +1,131 @@
+/* bugs/stream.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rc4.h"
+#ifdef NO_DES
+#include <des.h>
+#else
+#include "des.h"
+#endif
+
+/* show how stream ciphers are not very good. The mac has no affect
+ * on RC4 while it does for cfb DES
+ */
+
+main()
+ {
+ fprintf(stderr,"rc4\n");
+ rc4();
+ fprintf(stderr,"cfb des\n");
+ des();
+ }
+
+int des()
+ {
+ des_key_schedule ks;
+ des_cblock iv,key;
+ int num;
+ static char *keystr="01234567";
+ static char *in1="0123456789ABCEDFdata 12345";
+ static char *in2="9876543210abcdefdata 12345";
+ unsigned char out[100];
+ int i;
+
+ des_set_key((des_cblock *)keystr,ks);
+
+ num=0;
+ memset(iv,0,8);
+ des_cfb64_encrypt(in1,out,26,ks,(des_cblock *)iv,&num,1);
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+
+ num=0;
+ memset(iv,0,8);
+ des_cfb64_encrypt(in2,out,26,ks,(des_cblock *)iv,&num,1);
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+ }
+
+int rc4()
+ {
+ static char *keystr="0123456789abcdef";
+ RC4_KEY key;
+ unsigned char in[100],out[100];
+ int i;
+
+ RC4_set_key(&key,16,keystr);
+ in[0]='\0';
+ strcpy(in,"0123456789ABCEDFdata 12345");
+ RC4(key,26,in,out);
+
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+
+ RC4_set_key(&key,16,keystr);
+ in[0]='\0';
+ strcpy(in,"9876543210abcdefdata 12345");
+ RC4(key,26,in,out);
+
+ for (i=0; i<26; i++)
+ fprintf(stderr,"%02X ",out[i]);
+ fprintf(stderr,"\n");
+ }
diff --git a/certs/ca-cert.pem b/certs/ca-cert.pem
new file mode 100644
index 0000000..6dd974d
--- /dev/null
+++ b/certs/ca-cert.pem
@@ -0,0 +1,31 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJjCCAY8CAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0M1oXDTAxMDYw
+OTEzNTc0M1owWzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYDVQQDExJUZXN0IENBICgxMDI0
+IGJpdCkwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKO7o8t116VP6cgybTsZ
+DCZhr95nYlZuya3aCi1IKoztqwWnjbmDFIriOqGFPrZQ+moMETC9D59iRW/dFXSv
+1F65ka/XY2hLh9exCCo7XuUcDs53Qp3bI3AmMqHjgzE8oO3ajyJAzJkTTOUecQU2
+mw/gI4tMM0LqWMQS7luTy4+xAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAM7achv3v
+hLQJcv/65eGEpBXM40ZDVoFQFFJWaY5p883HTqLB1x4FdzsXHH0QKBTcKpWwqyu4
+YDm3fb8oDugw72bCzfyZK/zVZPR/hVlqI/fvU109Qoc+7oPvIXWky71HfcK6ZBCA
+q30KIqGM/uoM60INq97qjDmCJapagcNBGQs=
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXQIBAAKBgQCju6PLddelT+nIMm07GQwmYa/eZ2JWbsmt2gotSCqM7asFp425
+gxSK4jqhhT62UPpqDBEwvQ+fYkVv3RV0r9ReuZGv12NoS4fXsQgqO17lHA7Od0Kd
+2yNwJjKh44MxPKDt2o8iQMyZE0zlHnEFNpsP4COLTDNC6ljEEu5bk8uPsQIDAQAB
+AoGAVZmpFZsDZfr0l2S9tLLwpjRWNOlKATQkno6q2WesT0eGLQufTciY+c8ypfU6
+hyio8r5iUl/VhhdjhAtKx1mRpiotftHo/eYf8rtsrnprOnWG0bWjLjtIoMbcxGn2
+J3bN6LJmbJMjDs0eJ3KnTu646F3nDUw2oGAwmpzKXA1KAP0CQQDRvQhxk2D3Pehs
+HvG665u2pB5ipYQngEFlZO7RHJZzJOZEWSLuuMqaF/7pTfA5jiBvWqCgJeCRRInL
+21ru4dlPAkEAx9jj7BgKn5TYnMoBSSe0afjsV9oApVpN1Nacb1YDtCwy+scp3++s
+nFxlv98wxIlSdpwMUn+AUWfjiWR7Tu/G/wJBAJ/KjwZIrFVxewP0x2ILYsTRYLzz
+MS4PDsO7FB+I0i7DbBOifXS2oNSpd3I0CNMwrxFnUHzynpbOStVfN3ZL5w0CQQCa
+pwFahxBRhkJKsxhjoFJBX9yl75JoY4Wvm5Tbo9ih6UJaRx3kqfkN14L2BKYcsZgb
+KY9vmDOYy6iNfjDeWTfJAkBkfPUb8oTJ/nSP5zN6sqGxSY4krc4xLxpRmxoJ8HL2
+XfhqXkTzbU13RX9JJ/NZ8vQN9Vm2NhxRGJocQkmcdVtJ
+-----END RSA PRIVATE KEY-----
diff --git a/certs/dsa-ca.pem b/certs/dsa-ca.pem
new file mode 100644
index 0000000..9eb08f3
--- /dev/null
+++ b/certs/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/certs/dsa-pca.pem b/certs/dsa-pca.pem
new file mode 100644
index 0000000..e3641ad
--- /dev/null
+++ b/certs/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/certs/factory.pem b/certs/factory.pem
new file mode 100644
index 0000000..8e28b39
--- /dev/null
+++ b/certs/factory.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICTTCCAbagAwIBAgIBADANBgkqhkiG9w0BAQQFADBMMQswCQYDVQQGEwJHQjEM
+MAoGA1UEChMDVUNMMRgwFgYDVQQLEw9JQ0UtVEVMIFByb2plY3QxFTATBgNVBAMT
+DFRydXN0RmFjdG9yeTAeFw05NzA0MjIxNDM5MTRaFw05ODA0MjIxNDM5MTRaMEwx
+CzAJBgNVBAYTAkdCMQwwCgYDVQQKEwNVQ0wxGDAWBgNVBAsTD0lDRS1URUwgUHJv
+amVjdDEVMBMGA1UEAxMMVHJ1c3RGYWN0b3J5MIGcMAoGBFUIAQECAgQAA4GNADCB
+iQKBgQCEieR8NcXkUW1f0G6aC6u0i8q/98JqS6RxK5YmHIGKCkuTWAUjzLfUa4dt
+U9igGCjTuxaDqlzEim+t/02pmiBZT9HaX++35MjQPUWmsChcYU5WyzGErXi+rQaw
+zlwS73zM8qiPj/97lXYycWhgL0VaiDSPxRXEUdWoaGruom4mNQIDAQABo0IwQDAd
+BgNVHQ4EFgQUHal1LZr7oVg5z6lYzrhTgZRCmcUwDgYDVR0PAQH/BAQDAgH2MA8G
+A1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAfaggfl6FZoioecjv0dq8
+/DXo/u11iMZvXn08gjX/zl2b4wtPbShOSY5FhkSm8GeySasz+/Nwb/uzfnIhokWi
+lfPZHtlCWtXbIy/TN51eJyq04ceDCQDWvLC2enVg9KB+GJ34b5c5VaPRzq8MBxsA
+S7ELuYGtmYgYm9NZOIr7yU0=
+-----END CERTIFICATE-----
diff --git a/certs/nortelCA.pem b/certs/nortelCA.pem
new file mode 100644
index 0000000..207f34a
--- /dev/null
+++ b/certs/nortelCA.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICajCCAdMCBDGA0QUwDQYJKoZIhvcNAQEEBQAwfTELMAkGA1UEBhMCQ2ExDzAN
+BgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmlsaXR5IEFjY2VwdGVkMR8w
+HQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRwwGgYDVQQDExNFbnRydXN0
+IERlbW8gV2ViIENBMB4XDTk2MDQyNjEzMzUwMVoXDTA2MDQyNjEzMzUwMVowfTEL
+MAkGA1UEBhMCQ2ExDzANBgNVBAcTBk5lcGVhbjEeMBwGA1UECxMVTm8gTGlhYmls
+aXR5IEFjY2VwdGVkMR8wHQYDVQQKExZGb3IgRGVtbyBQdXJwb3NlcyBPbmx5MRww
+GgYDVQQDExNFbnRydXN0IERlbW8gV2ViIENBMIGdMA0GCSqGSIb3DQEBAQUAA4GL
+ADCBhwKBgQCaroS7O1DA0hm4IefNYU1cx/nqOmzEnk291d1XqznDeF4wEgakbkCc
+zTKxK791yNpXG5RmngqH7cygDRTHZJ6mfCRn0wGC+AI00F2vYTGqPGRQL1N3lZT0
+YDKFC0SQeMMjFIZ1aeQigroFQnHo0VB3zWIMpNkka8PY9lxHZAmWwQIBAzANBgkq
+hkiG9w0BAQQFAAOBgQBAx0UMVA1s54lMQyXjMX5kj99FJN5itb8bK1Rk+cegPQPF
+cWO9SEWyEjjBjIkjjzAwBkaEszFsNGxemxtXvwjIm1xEUMTVlPEWTs2qnDvAUA9W
+YqhWbhH0toGT36236QAsqCZ76rbTRVSSX2BHyJwJMG2tCRv7kRJ//NIgxj3H4w==
+-----END CERTIFICATE-----
+
diff --git a/certs/pca-cert.pem b/certs/pca-cert.pem
new file mode 100644
index 0000000..140e9a6
--- /dev/null
+++ b/certs/pca-cert.pem
@@ -0,0 +1,31 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test PCA (1024 bit)
+-----BEGIN CERTIFICATE-----
+MIICJzCCAZACAQAwDQYJKoZIhvcNAQEEBQAwXDELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYD
+VQQDExNUZXN0IFBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTczN1oXDTAxMDYw
+OTEzNTczN1owXDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxGjAY
+BgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRwwGgYDVQQDExNUZXN0IFBDQSAoMTAy
+NCBiaXQpMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdoWk/3+WcMlfjIrkg
+40ketmnQaEogQe1LLcuOJV6rKfUSAsPgwgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp
+22Jp85PmemiDzyUIStwk72qhp1imbANZvlmlCFKiQrjUyuDfu4TABmn+kkt3vR1Y
+BEOGt+IFye1UBVSATVdRJ2UVhwIDAQABMA0GCSqGSIb3DQEBBAUAA4GBABNA1u/S
+Cg/LJZWb7GliiKJsvuhxlE4E5JxQF2zMub/CSNbF97//tYSyj96sxeFQxZXbcjm9
+xt6mr/xNLA4szNQMJ4P+L7b5e/jC5DSqlwS+CUYJgaFs/SP+qJoCSu1bR3IM9XWO
+cRBpDmcBbYLkSyB92WURvsZ1LtjEcn+cdQVI
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIICXAIBAAKBgQCdoWk/3+WcMlfjIrkg40ketmnQaEogQe1LLcuOJV6rKfUSAsPg
+wgsabJ/wn8TxA1yy3eKJbFl3OiUXMRsp22Jp85PmemiDzyUIStwk72qhp1imbANZ
+vlmlCFKiQrjUyuDfu4TABmn+kkt3vR1YBEOGt+IFye1UBVSATVdRJ2UVhwIDAQAB
+AoGAba4fTtuap5l7/8ZsbE7Z1O32KJY4ZcOZukLOLUUhXxXduT+FTgGWujc0/rgc
+z9qYCLlNZHOouMYTgtSfYvuMuLZ11VIt0GYH+nRioLShE59Yy+zCRyC+gPigS1kz
+xvo14AsOIPYV14Tk/SsHyq6E0eTk7VzaIE197giiINUERPECQQDSKmtPTh/lRKw7
+HSZSM0I1mFWn/1zqrAbontRQY5w98QWIOe5qmzYyFbPXYT3d9BzlsMyhgiRNoBbD
+yvohSHXJAkEAwAHx6ezAZeWWzD5yXD36nyjpkVCw7Tk7TSmOceLJMWt1QcrCfqlS
+xA5jjpQ6Z8suU5DdtWAryM2sAir1WisYzwJAd6Zcx56jvAQ3xcPXsE6scBTVFzrj
+7FqZ6E+cclPzfLQ+QQsyOBE7bpI6e/FJppY26XGZXo3YGzV8IGXrt40oOQJALETG
+h86EFXo3qGOFbmsDy4pdP5nBERCu8X1xUCSfintiD4c2DInxgS5oGclnJeMcjTvL
+QjQoJCX3UJCi/OUO1QJBAKgcDHWjMvt+l1pjJBsSEZ0HX9AAIIVx0RQmbFGS+F2Q
+hhu5l77WnnZOQ9vvhV5u7NPCUF9nhU3jh60qWWO8mkc=
+-----END RSA PRIVATE KEY-----
diff --git a/certs/rsa-cca.pem b/certs/rsa-cca.pem
new file mode 100644
index 0000000..69f5c1c
--- /dev/null
+++ b/certs/rsa-cca.pem
@@ -0,0 +1,19 @@
+subject=/C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Commercial Certification Authority
+notBefore=941104185834Z
+notAfter =991103185834Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICIzCCAZACBQJBAAAWMA0GCSqGSIb3DQEBAgUAMFwxCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVy
+Y2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDQxODU4MzRaFw05
+OTExMDMxODU4MzRaMFwxCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0YSBT
+ZWN1cml0eSwgSW5jLjErMCkGA1UECxMiQ29tbWVyY2lhbCBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCk+4Fie84QJ93o
+975sbsZwmdu41QUDaSiCnHJ/lj+O7Kwpkj+KFPhCdr69XQO5kNTQvAayUTNfxMK/
+touPmbZiImDd298ggrTKoi8tUO2UMt7gVY3UaOLgTNLNBRYulWZcYVI4HlGogqHE
+7yXpCuaLK44xZtn42f29O2nZ6wIDAQABMA0GCSqGSIb3DQEBAgUAA34AdrW2EP4j
+9/dZYkuwX5zBaLxJu7NJbyFHXSudVMQAKD+YufKKg5tgf+tQx6sFEC097TgCwaVI
+0v5loMC86qYjFmZsGySp8+x5NRhPJsjjr1BKx6cxa9B8GJ1Qv6km+iYrRpwUqbtb
+MJhCKLVLU7tDCZJAuqiqWqTGtotXTcU=
+-----END X509 CERTIFICATE-----
diff --git a/certs/rsa-ssca.pem b/certs/rsa-ssca.pem
new file mode 100644
index 0000000..c940321
--- /dev/null
+++ b/certs/rsa-ssca.pem
@@ -0,0 +1,19 @@
+subject=/C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+issuer= /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority
+notBefore=941109235417Z
+notAfter =991231235417Z
+-----BEGIN X509 CERTIFICATE-----
+
+MIICKTCCAZYCBQJBAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMSAw
+HgYDVQQKExdSU0EgRGF0YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJl
+IFNlcnZlciBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NDExMDkyMzU0MTda
+Fw05OTEyMzEyMzU0MTdaMF8xCzAJBgNVBAYTAlVTMSAwHgYDVQQKExdSU0EgRGF0
+YSBTZWN1cml0eSwgSW5jLjEuMCwGA1UECxMlU2VjdXJlIFNlcnZlciBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBmzANBgkqhkiG9w0BAQEFAAOBiQAwgYUCfgCSznrB
+roM+WqqJg1esJQF2DK2ujiw3zus1eGRUA+WEQFHJv48I4oqCCNIWhjdV6bEhAq12
+aIGaBaJLyUslZiJWbIgHj/eBWW2EB2VwE3F2Ppt3TONQiVaYSLkdpykaEy5KEVmc
+HhXVSVQsczppgrGXOZxtcGdI5d0t1sgeewIDAQABMA0GCSqGSIb3DQEBAgUAA34A
+iNHReSHO4ovo+MF9NFM/YYPZtgs4F7boviGNjwC4i1N+RGceIr2XJ+CchcxK9oU7
+suK+ktPlDemvXA4MRpX/oRxePug2WHpzpgr4IhFrwwk4fia7c+8AvQKk8xQNMD9h
+cHsg/jKjn7P0Z1LctO6EjJY2IN6BCINxIYoPnqk=
+-----END X509 CERTIFICATE-----
diff --git a/certs/thawteCb.pem b/certs/thawteCb.pem
new file mode 100644
index 0000000..27df192
--- /dev/null
+++ b/certs/thawteCb.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
+MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
+MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
+DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
+dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
+cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
+DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
+yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
+L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
+EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
+7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
+QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
+qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
+-----END CERTIFICATE-----
diff --git a/certs/thawteCp.pem b/certs/thawteCp.pem
new file mode 100644
index 0000000..51285e3
--- /dev/null
+++ b/certs/thawteCp.pem
@@ -0,0 +1,19 @@
+-----BEGIN CERTIFICATE-----
+MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
+dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
+MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
+A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
+cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
+VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
+ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
+uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
+hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
+pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
+-----END CERTIFICATE-----
diff --git a/certs/timCA.pem b/certs/timCA.pem
new file mode 100644
index 0000000..9c8d5bf
--- /dev/null
+++ b/certs/timCA.pem
@@ -0,0 +1,16 @@
+Tims test GCI CA
+
+-----BEGIN CERTIFICATE-----
+MIIB8DCCAZoCAQAwDQYJKoZIhvcNAQEEBQAwgYIxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBD
+cnlwdFNvZnQgRGV2IENBMB4XDTk3MDMyMjEzMzQwNFoXDTk4MDMyMjEzMzQwNFow
+gYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhC
+cmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxFDASBgNVBAsTC2Rl
+dmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQgRGV2IENBMFwwDQYJKoZIhvcN
+AQEBBQADSwAwSAJBAOAOAqogG5QwAmLhzyO4CoRnx/wVy4NZP4dxJy83O1EnL0rw
+OdsamJKvPOLHgSXo3gDu9uVyvCf/QJmZAmC5ml8CAwEAATANBgkqhkiG9w0BAQQF
+AANBADRRS/GVdd7rAqRW6SdmgLJduOU2yq3avBu99kRqbp9A/dLu6r6jU+eP4oOA
+TfdbFZtAAD2Hx9jUtY3tfdrJOb8=
+-----END CERTIFICATE-----
+
diff --git a/certs/tjhCA.pem b/certs/tjhCA.pem
new file mode 100644
index 0000000..67bee1b
--- /dev/null
+++ b/certs/tjhCA.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICVjCCAgACAQAwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAkFVMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5
+cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsTI1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9O
+IEFVVEhPUklUSUVTMTQwMgYDVQQDEytaRVJPIFZBTFVFIENBIC0gREVNT05TVFJB
+VElPTiBQVVJQT1NFUyBPTkxZMB4XDTk3MDQwMzEzMjI1NFoXDTk4MDQwMzEzMjI1
+NFowgbUxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNsYW5kMREwDwYDVQQH
+EwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxLDAqBgNVBAsT
+I1dPUlRITEVTUyBDRVJUSUZJQ0FUSU9OIEFVVEhPUklUSUVTMTQwMgYDVQQDEyta
+RVJPIFZBTFVFIENBIC0gREVNT05TVFJBVElPTiBQVVJQT1NFUyBPTkxZMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAOZ7T7yqP/tyspcko3yPY1y0Cm2EmwNvzW4QgVXR
+Fjs3HmJ4xtSpXdo6mwcGezL3Abt/aQXaxv9PU8xt+Jr0OFUCAwEAATANBgkqhkiG
+9w0BAQQFAANBAOQpYmGgyCqCy1OljgJhCqQOu627oVlHzK1L+t9vBaMfn40AVUR4
+WzQVWO31KTgi5vTK1U+3h46fgUWqQ0h+6rU=
+-----END CERTIFICATE-----
diff --git a/certs/vsign1.pem b/certs/vsign1.pem
new file mode 100644
index 0000000..08c70f2
--- /dev/null
+++ b/certs/vsign1.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIAwgKADAgECAgEAMA0GCSqGSIb3DQEBBAUAMGIxETAPBgNVBAcTCEludGVybmV0
+MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjAeFw05NjA0MDgxMDIwMjda
+Fw05NzA0MDgxMDIwMjdaMGIxETAPBgNVBAcTCEludGVybmV0MRcwFQYDVQQKEw5W
+ZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xhc3MgMSBDQSAtIElu
+ZGl2aWR1YWwgU3Vic2NyaWJlcjCAMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2
+FKbPTdAFDdjKI9BvqrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7j
+W80GqLd5HUQq7XPysVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cari
+QPJUObwW7s987LrbP2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABAAAAADANBgkqhkiG
+9w0BAQQFAAOBgQA+1nJryNt8VBRjRr07ArDAV/3jAH7GjDc9jsrxZS68ost9v06C
+TvTNKGL+LISNmFLXl+JXhgGB0JZ9fvyYzNgHQ46HBUng1H6voalfJgS2KdEo50wW
+8EFZYMDkT1k4uynwJqkVN2QJK/2q4/A/VCov5h6SlM8Affg2W+1TLqvqkwAA
+-----END CERTIFICATE-----
+
diff --git a/certs/vsign2.pem b/certs/vsign2.pem
new file mode 100644
index 0000000..2386e14
--- /dev/null
+++ b/certs/vsign2.pem
@@ -0,0 +1,31 @@
+ subject=/L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+ issuer= /L=Internet/O=VeriSign, Inc./OU=VeriSign Class 2 CA - Individual Subscriber
+
+-----BEGIN CERTIFICATE-----
+MIIEkzCCA/ygAwIBAgIRANDTUpSRL3nTFeMrMayFSPAwDQYJKoZIhvcNAQECBQAw
+YjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQw
+MgYDVQQLEytWZXJpU2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3Jp
+YmVyMB4XDTk2MDYwNDAwMDAwMFoXDTk4MDYwNDIzNTk1OVowYjERMA8GA1UEBxMI
+SW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJp
+U2lnbiBDbGFzcyAyIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC6A+2czKGRcYMfm8gdnk+0de99TDDzsqo0v5nb
+RsbUmMcdRQ7nsMbRWe0SAb/9QoLTZ/cJ0iOBqdrkz7UpqqKarVoTSdlSMVM92tWp
+3bJncZHQD1t4xd6lQVdI1/T6R+5J0T1ukOdsI9Jmf+F28S6g3R3L1SFwiHKeZKZv
+z+793wIDAQABo4ICRzCCAkMwggIpBgNVHQMBAf8EggIdMIICGTCCAhUwggIRBgtg
+hkgBhvhFAQcBATCCAgAWggGrVGhpcyBjZXJ0aWZpY2F0ZSBpbmNvcnBvcmF0ZXMg
+YnkgcmVmZXJlbmNlLCBhbmQgaXRzIHVzZSBpcyBzdHJpY3RseSBzdWJqZWN0IHRv
+LCB0aGUgVmVyaVNpZ24gQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg
+KENQUyksIGF2YWlsYWJsZSBhdDogaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQ
+Uy0xLjA7IGJ5IEUtbWFpbCBhdCBDUFMtcmVxdWVzdHNAdmVyaXNpZ24uY29tOyBv
+ciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMuLCAyNTkzIENvYXN0IEF2ZS4sIE1v
+dW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBUZWwuICsxICg0MTUpIDk2MS04ODMw
+IENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2lnbiwgSW5jLiAgQWxsIFJpZ2h0cyBS
+ZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVTIERJU0NMQUlNRUQgYW5kIExJQUJJ
+TElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcBAQGhDgYMYIZIAYb4RQEHAQECMC8w
+LRYraHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvQ1BTLTEuMDAU
+BglghkgBhvhCAQEBAf8EBAMCAgQwDQYJKoZIhvcNAQECBQADgYEApRJRkNBqLLgs
+53IR/d18ODdLOWMTZ+QOOxBrq460iBEdUwgF8vmPRX1ku7UiDeNzaLlurE6eFqHq
+2zPyK5j60zfTLVJMWKcQWwTJLjHtXrW8pxhNtFc6Fdvy5ZkHnC/9NIl7/t4U6WqB
+p4y+p7SdMIkEwIZfds0VbnQyX5MRUJY=
+-----END CERTIFICATE-----
+
diff --git a/certs/vsign3.pem b/certs/vsign3.pem
new file mode 100644
index 0000000..e6e3187
--- /dev/null
+++ b/certs/vsign3.pem
@@ -0,0 +1,16 @@
+ subject=/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKhAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMyBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyVxZ
+nvIbigEUtBDfBEDb41evakVAj4QMC9Ez2dkRz+4CWB8l9yqoRAWq7AMfeH+ek7ma
+AKojfdashaJjRcdyJ8z0TMZ1cdI5709C8HXfCpDGjiBvmA/4rCNfcCk2pMmG57Ga
+IMtTpYXnPb59mv4kRTPcdhXtD6JxZExlLoFoRacCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQB1Zmw+0c2B27X4LzZRtvdCvM1Cr9wO+hVs+GeTVzrrtpLotgHKjLeOQ7RJ
+Zfk+7r11Ri7J/CVdqMcvi5uPaM+0nJcYwE3vH9mvgrPmZLiEXIqaB1JDYft0nls6
+NvxMsvwaPxUupVs8G5DsiCnkWRb5zget7Ond2tIxik/W2O8XjQ==
+-----END CERTIFICATE-----
diff --git a/certs/vsign4.pem b/certs/vsign4.pem
new file mode 100644
index 0000000..b5bcef4
--- /dev/null
+++ b/certs/vsign4.pem
@@ -0,0 +1,16 @@
+ subject=/C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+ issuer= /C=US/O=VeriSign, Inc./OU=Class 4 Public Primary Certification Authority
+-----BEGIN CERTIFICATE-----
+MIICMTCCAZoCBQKmAAABMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcw
+FQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMg
+UHJpbWFyeSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAeFw05NjAxMjkwMDAwMDBa
+Fw05OTEyMzEyMzU5NTlaMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5WZXJpU2ln
+biwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgNCBQdWJsaWMgUHJpbWFyeSBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0LJ1
+9njQrlpQ9OlQqZ+M1++RlHDo0iSQdomF1t+s5gEXMoDwnZNHvJplnR+Xrr/phnVj
+IIm9gFidBAydqMEk6QvlMXi9/C0MN2qeeIDpRnX57aP7E3vIwUzSo+/1PLBij0pd
+O92VZ48TucE81qcmm+zDO3rZTbxtm+gVAePwR6kCAwEAATANBgkqhkiG9w0BAQIF
+AAOBgQBT3dPwnCR+QKri/AAa19oM/DJhuBUNlvP6Vxt/M3yv6ZiaYch6s7f/sdyZ
+g9ysEvxwyR84Qu1E9oAuW2szaayc01znX1oYx7EteQSWQZGZQbE8DbqEOcY7l/Am
+yY7uvcxClf8exwI/VAx49byqYHwCaejcrOICdmHEPgPq0ook0Q==
+-----END CERTIFICATE-----
diff --git a/crypto/Makefile.ssl b/crypto/Makefile.ssl
new file mode 100644
index 0000000..9cb45e4
--- /dev/null
+++ b/crypto/Makefile.ssl
@@ -0,0 +1,156 @@
+#
+# SSLeay/crypto/Makefile
+#
+
+DIR= crypto
+TOP= ..
+CC= cc
+INCLUDE= -I. -I../include
+INCLUDES= -I.. -I../../include
+CFLAG= -g
+INSTALLTOP= /usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+RM= /bin/rm -f
+AR= ar r
+
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+
+PEX_LIBS=
+EX_LIBS=
+
+CFLAGS= $(INCLUDE) $(CFLAG) -DCFLAGS=" \"$(CC) $(CFLAG)\" "
+
+LIBS=
+
+SDIRS= md sha mdc2 \
+ des rc4 rc2 idea bf \
+ bn rsa dsa dh \
+ buffer bio stack lhash rand err objects \
+ evp pem x509 \
+ asn1 conf txt_db pkcs7
+
+GENERAL=Makefile README
+
+LIB= $(TOP)/libcrypto.a
+LIBSRC= cryptlib.c mem.c cversion.c
+LIBOBJ= cryptlib.o mem.o cversion.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= crypto.h cryptall.h
+HEADER= cryptlib.h date.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ @(cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: date.h lib subdirs
+
+date.h: ../Makefile.ssl ../VERSION
+ echo "#define DATE \"`date`\"" >date.h
+
+subdirs:
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making all in $$i..."; \
+ $(MAKE) CC='$(CC)' INCLUDES='${INCLUDES}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' BN_MULW='${BN_MULW}' DES_ENC='${DES_ENC}' BF_ENC='${BF_ENC}' AR='${AR}' all ); \
+ done;
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making 'files' in $$i..."; \
+ $(MAKE) files ); \
+ done;
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../include $(EXHEADER) ;
+ $(TOP)/util/mklink.sh ../test $(TEST) ;
+ $(TOP)/util/mklink.sh ../apps $(APPS) ;
+ $(TOP)/util/point.sh Makefile.ssl Makefile;
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making links in $$i..."; \
+ $(MAKE) links ); \
+ done;
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+libs:
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making libs in $$i..."; \
+ $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' lib ); \
+ done;
+
+tests:
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making tests in $$i..."; \
+ $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' AR='${AR}' tests ); \
+ done;
+
+install:
+ @for i in $(EXHEADER) ;\
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making install in $$i..."; \
+ $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' install ); \
+ done;
+
+lint:
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making lint in $$i..."; \
+ $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' lint ); \
+ done;
+
+depend:
+ $(MAKEDEPEND) $(INCLUDE) $(PROGS) $(LIBSRC)
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making depend in $$i..."; \
+ $(MAKE) MAKEFILE='${MAKEFILE}' INCLUDES='${INCLUDES}' MAKEDEPEND='${MAKEDEPEND}' depend ); \
+ done;
+
+clean:
+ /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making clean in $$i..."; \
+ $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' clean ); \
+ done;
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making dclean in $$i..."; \
+ $(MAKE) CC='$(CC)' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' dclean ); \
+ done;
+
+errors:
+ perl ./err/err_code.pl */*.c ../ssl/*.c ../rsaref/*.c
+ @for i in $(SDIRS) ;\
+ do \
+ (cd $$i; echo "making errors in $$i..."; \
+ $(MAKE) errors ); \
+ done;
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/asn1/Makefile.ssl b/crypto/asn1/Makefile.ssl
new file mode 100644
index 0000000..a39e009
--- /dev/null
+++ b/crypto/asn1/Makefile.ssl
@@ -0,0 +1,118 @@
+#
+# SSLeay/crypto/asn1/Makefile
+#
+
+DIR= asn1
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=asn1
+ERRC=asn1_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= a_object.c a_bitstr.c a_utctm.c a_int.c a_octet.c a_print.c \
+ a_type.c a_set.c a_dup.c a_d2i_fp.c a_i2d_fp.c \
+ a_sign.c a_digest.c a_verify.c \
+ x_algor.c x_val.c x_pubkey.c x_sig.c x_req.c x_attrib.c \
+ x_name.c x_cinf.c x_x509.c x_crl.c x_info.c x_spki.c \
+ d2i_r_pr.c i2d_r_pr.c d2i_r_pu.c i2d_r_pu.c \
+ d2i_s_pr.c i2d_s_pr.c d2i_s_pu.c i2d_s_pu.c \
+ d2i_pu.c d2i_pr.c i2d_pu.c i2d_pr.c\
+ t_req.c t_x509.c t_pkey.c \
+ p7_i_s.c p7_signi.c p7_signd.c p7_recip.c p7_enc_c.c p7_evp.c \
+ p7_dgst.c p7_s_e.c p7_enc.c p7_lib.c \
+ f_int.c f_string.c i2d_dhp.c i2d_dsap.c d2i_dhp.c d2i_dsap.c n_pkey.c \
+ a_hdr.c x_pkey.c a_bool.c x_exten.c \
+ asn1_par.c asn1_lib.c $(ERRC).c a_meth.c a_bytes.c
+LIBOBJ= a_object.o a_bitstr.o a_utctm.o a_int.o a_octet.o a_print.o \
+ a_type.o a_set.o a_dup.o a_d2i_fp.o a_i2d_fp.o \
+ a_sign.o a_digest.o a_verify.o \
+ x_algor.o x_val.o x_pubkey.o x_sig.o x_req.o x_attrib.o \
+ x_name.o x_cinf.o x_x509.o x_crl.o x_info.o x_spki.o \
+ d2i_r_pr.o i2d_r_pr.o d2i_r_pu.o i2d_r_pu.o \
+ d2i_s_pr.o i2d_s_pr.o d2i_s_pu.o i2d_s_pu.o \
+ d2i_pu.o d2i_pr.o i2d_pu.o i2d_pr.o \
+ t_req.o t_x509.o t_pkey.o \
+ p7_i_s.o p7_signi.o p7_signd.o p7_recip.o p7_enc_c.o p7_evp.o \
+ p7_dgst.o p7_s_e.o p7_enc.o p7_lib.o \
+ f_int.o f_string.o i2d_dhp.o i2d_dsap.o d2i_dhp.o d2i_dsap.o n_pkey.o \
+ a_hdr.o x_pkey.o a_bool.o x_exten.o \
+ asn1_par.o asn1_lib.o $(ERRC).o a_meth.o a_bytes.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= asn1.h asn1_mac.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test: test.c
+ cc -g -I../../include -c test.c
+ cc -g -I../../include -o test test.o -L../.. -lcrypto
+
+pk: pk.c
+ cc -g -I../../include -c pk.c
+ cc -g -I../../include -o pk pk.o -L../.. -lcrypto
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/asn1/a_bitstr.c b/crypto/asn1/a_bitstr.c
new file mode 100644
index 0000000..eb99ebc
--- /dev/null
+++ b/crypto/asn1/a_bitstr.c
@@ -0,0 +1,158 @@
+/* crypto/asn1/a_bitstr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_STRING_NEW,ASN1_R_STRING_TOO_SHORT);
+ * ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,ASN1_R_EXPECTING_A_BIT_STRING);
+ */
+
+int i2d_ASN1_BIT_STRING(a,pp)
+ASN1_BIT_STRING *a;
+unsigned char **pp;
+ {
+ int ret,j,r,bits;
+ unsigned char *p,*d;
+
+ if (a == NULL) return(0);
+
+ /* our bit strings are always a multiple of 8 :-) */
+ bits=0;
+ ret=1+a->length;
+ r=ASN1_object_size(0,ret,V_ASN1_BIT_STRING);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,ret,V_ASN1_BIT_STRING,V_ASN1_UNIVERSAL);
+ if (bits == 0)
+ j=0;
+ else j=8-bits;
+ *(p++)=(unsigned char)j;
+ d=a->data;
+ memcpy(p,d,a->length);
+ p+=a->length;
+ if (a->length > 0) p[-1]&=(0xff<<j);
+ *pp=p;
+ return(r);
+ }
+
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(a, pp, length)
+ASN1_BIT_STRING **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_BIT_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_BIT_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_BIT_STRING)
+ {
+ i=ASN1_R_EXPECTING_A_BIT_STRING;
+ goto err;
+ }
+ if (len < 1) { i=ASN1_R_STRING_TOO_SHORT; goto err; }
+
+ i= *(p++);
+ if (len-- > 1) /* using one because of the bits left byte */
+ {
+ s=(unsigned char *)Malloc((int)len);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ memcpy(s,p,(int)len);
+ s[len-1]&=(0xff<<i);
+ p+=len;
+ }
+ else
+ s=NULL;
+
+ ret->length=(int)len;
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=s;
+ ret->type=V_ASN1_BIT_STRING;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_BIT_STRING,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_BIT_STRING_free(ret);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/a_bool.c b/crypto/asn1/a_bool.c
new file mode 100644
index 0000000..83607b5
--- /dev/null
+++ b/crypto/asn1/a_bool.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/a_bool.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_EXPECTING_A_BOOLEAN);
+ * ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,ASN1_R_BOOLEAN_IS_WRONG_LENGTH);
+ */
+
+int i2d_ASN1_BOOLEAN(a,pp)
+int a;
+unsigned char **pp;
+ {
+ int r;
+ unsigned char *p;
+
+ r=ASN1_object_size(0,1,V_ASN1_BOOLEAN);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,1,V_ASN1_BOOLEAN,V_ASN1_UNIVERSAL);
+ *(p++)= (unsigned char)a;
+ *pp=p;
+ return(r);
+ }
+
+int d2i_ASN1_BOOLEAN(a, pp, length)
+int *a;
+unsigned char **pp;
+long length;
+ {
+ int ret= -1;
+ unsigned char *p;
+ long len;
+ int inf,tag,xclass;
+ int i=0;
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_BOOLEAN)
+ {
+ i=ASN1_R_EXPECTING_A_BOOLEAN;
+ goto err;
+ }
+
+ if (len != 1)
+ {
+ i=ASN1_R_BOOLEAN_IS_WRONG_LENGTH;
+ goto err;
+ }
+ ret= (int)*(p++);
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_BOOLEAN,i);
+ return(ret);
+ }
diff --git a/crypto/asn1/a_bytes.c b/crypto/asn1/a_bytes.c
new file mode 100644
index 0000000..0c91324
--- /dev/null
+++ b/crypto/asn1/a_bytes.c
@@ -0,0 +1,337 @@
+/* crypto/asn1/a_bytes.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,ASN1_R_WRONG_TYPE);
+ * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
+ */
+
+static unsigned long tag2bit[32]={
+0, 0, 0, 0, /* tags 0 - 3 */
+B_ASN1_OCTET_STRING, 0, 0, B_ASN1_UNKNOWN,/* tags 4- 7 */
+B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 8-11 */
+B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN, B_ASN1_UNKNOWN,/* tags 12-15 */
+0, 0, B_ASN1_NUMERICSTRING,B_ASN1_PRINTABLESTRING,
+B_ASN1_T61STRING,B_ASN1_VIDEOTEXSTRING,B_ASN1_IA5STRING,0,
+0,B_ASN1_GRAPHICSTRING,B_ASN1_ISO64STRING,B_ASN1_GENERALSTRING,
+B_ASN1_UNIVERSALSTRING,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,B_ASN1_UNKNOWN,
+ };
+
+#ifndef NOPROTO
+static int asn1_collate_primative(ASN1_STRING *a, ASN1_CTX *c);
+#else
+static int asn1_collate_primative();
+#endif
+
+/* type is a 'bitmap' of acceptable string types to be accepted.
+ */
+ASN1_STRING *d2i_ASN1_type_bytes(a, pp, length, type)
+ASN1_STRING **a;
+unsigned char **pp;
+long length;
+int type;
+ {
+ ASN1_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i=0;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80) goto err;
+
+ if (tag >= 32)
+ {
+ i=ASN1_R_TAG_VALUE_TOO_HIGH;;
+ goto err;
+ }
+ if (!(tag2bit[tag] & type))
+ {
+ i=ASN1_R_WRONG_TYPE;
+ goto err;
+ }
+ if (len != 0)
+ {
+ s=(unsigned char *)Malloc((int)len+1);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ memcpy(s,p,(int)len);
+ s[len]='\0';
+ p+=len;
+ }
+ else
+ s=NULL;
+
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->length=(int)len;
+ ret->data=s;
+ ret->type=tag;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_STRING_free(ret);
+ return(NULL);
+ }
+
+int i2d_ASN1_bytes(a, pp, tag, xclass)
+ASN1_STRING *a;
+unsigned char **pp;
+int tag;
+int xclass;
+ {
+ int ret,r,constructed;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+ ret=a->length;
+ r=ASN1_object_size(0,ret,tag);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ if ((tag == V_ASN1_SEQUENCE) || (tag == V_ASN1_SET))
+ constructed=1;
+ else
+ constructed=0;
+ ASN1_put_object(&p,constructed,ret,tag,xclass);
+ memcpy(p,a->data,a->length);
+ p+=a->length;
+ *pp= p;
+ return(r);
+ }
+
+ASN1_STRING *d2i_ASN1_bytes(a, pp, length, Ptag, Pclass)
+ASN1_STRING **a;
+unsigned char **pp;
+long length;
+int Ptag;
+int Pclass;
+ {
+ ASN1_STRING *ret=NULL;
+ unsigned char *p,*s;
+ long len;
+ int inf,tag,xclass;
+ int i=0;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_STRING_new()) == NULL) return(NULL);
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != Ptag)
+ {
+ i=ASN1_R_WRONG_TAG;
+ goto err;
+ }
+
+ if (inf & V_ASN1_CONSTRUCTED)
+ {
+ ASN1_CTX c;
+
+ c.pp=pp;
+ c.p=p;
+ c.inf=inf;
+ c.slen=len;
+ c.tag=Ptag;
+ c.xclass=Pclass;
+ c.max=(length == 0)?0:(p+length);
+ if (!asn1_collate_primative(ret,&c))
+ goto err;
+ else
+ {
+ p=c.p;
+ }
+ }
+ else
+ {
+ if (len != 0)
+ {
+ if (ret->length < len)
+ {
+ if (ret->data != NULL) Free((char *)ret->data);
+ s=(unsigned char *)Malloc((int)len);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ }
+ else
+ s=ret->data;
+ memcpy(s,p,(int)len);
+ p+=len;
+ }
+ else
+ {
+ s=NULL;
+ if (ret->data != NULL) Free((char *)ret->data);
+ }
+
+ ret->length=(int)len;
+ ret->data=s;
+ ret->type=Ptag;
+ }
+
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_STRING_free(ret);
+ ASN1err(ASN1_F_D2I_ASN1_BYTES,i);
+ return(NULL);
+ }
+
+
+/* We are about to parse 0..n d2i_ASN1_bytes objects, we are to collapes
+ * them into the one struture that is then returned */
+/* There have been a few bug fixes for this function from
+ * Paul Keogh <paul.keogh@sse.ie>, many thanks to him */
+static int asn1_collate_primative(a,c)
+ASN1_STRING *a;
+ASN1_CTX *c;
+ {
+ ASN1_STRING *os=NULL;
+ BUF_MEM b;
+ int num;
+
+ b.length=0;
+ b.max=0;
+ b.data=NULL;
+
+ if (a == NULL)
+ {
+ c->error=ERR_R_PASSED_NULL_PARAMETER;
+ goto err;
+ }
+
+ num=0;
+ for (;;)
+ {
+ if (c->inf & 1)
+ {
+ c->eos=ASN1_check_infinite_end(&c->p,
+ (long)(c->max-c->p));
+ if (c->eos) break;
+ }
+ else
+ {
+ if (c->slen <= 0) break;
+ }
+
+ c->q=c->p;
+ if (d2i_ASN1_bytes(&os,&c->p,c->max-c->p,c->tag,c->xclass)
+ == NULL)
+ {
+ c->error=ERR_R_ASN1_LIB;
+ goto err;
+ }
+
+ if (!BUF_MEM_grow(&b,num+os->length))
+ {
+ c->error=ERR_R_BUF_LIB;
+ goto err;
+ }
+ memcpy(&(b.data[num]),os->data,os->length);
+ if (!(c->inf & 1))
+ c->slen-=(c->p-c->q);
+ num+=os->length;
+ }
+
+ if (!asn1_Finish(c)) goto err;
+
+ a->length=num;
+ if (a->data != NULL) Free(a->data);
+ a->data=(unsigned char *)b.data;
+ if (os != NULL) ASN1_STRING_free(os);
+ return(1);
+err:
+ ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,c->error);
+ if (os != NULL) ASN1_STRING_free(os);
+ if (b.data != NULL) Free(b.data);
+ return(0);
+ }
+
diff --git a/crypto/asn1/a_d2i_fp.c b/crypto/asn1/a_d2i_fp.c
new file mode 100644
index 0000000..5c9c9cf
--- /dev/null
+++ b/crypto/asn1/a_d2i_fp.c
@@ -0,0 +1,200 @@
+/* crypto/asn1/a_d2i_fp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1_mac.h"
+
+#define HEADER_SIZE 8
+
+#ifndef WIN16
+char *ASN1_d2i_fp(xnew,d2i,in,x)
+char *(*xnew)();
+char *(*d2i)();
+FILE *in;
+unsigned char **x;
+ {
+ BIO *b;
+ char *ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_FP,ERR_R_BUF_LIB);
+ return(NULL);
+ }
+ BIO_set_fp(b,in,BIO_NOCLOSE);
+ ret=ASN1_d2i_bio(xnew,d2i,b,x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+char *ASN1_d2i_bio(xnew,d2i,in,x)
+char *(*xnew)();
+char *(*d2i)();
+BIO *in;
+unsigned char **x;
+ {
+ BUF_MEM *b;
+ unsigned char *p;
+ int i;
+ char *ret=NULL;
+ ASN1_CTX c;
+ int want=HEADER_SIZE;
+ int eos=0;
+ int off=0;
+ int len=0;
+
+ b=BUF_MEM_new();
+ if (b == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ for (;;)
+ {
+ if (want >= (len-off))
+ {
+ want-=(len-off);
+
+ if (!BUF_MEM_grow(b,len+want))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=BIO_read(in,&(b->data[len]),want);
+ if ((i < 0) && ((len-off) == 0))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
+ if (i > 0)
+ len+=i;
+ }
+ /* else data already loaded */
+
+ p=(unsigned char *)&(b->data[off]);
+ c.p=p;
+ c.inf=ASN1_get_object(&(c.p),&(c.slen),&(c.tag),&(c.xclass),
+ len-off);
+ if (c.inf & 0x80)
+ {
+ unsigned long e;
+
+ e=ERR_GET_REASON(ERR_peek_error());
+ if (e != ASN1_R_TOO_LONG)
+ goto err;
+ else
+ ERR_get_error(); /* clear error */
+ }
+ i=c.p-p;/* header length */
+ off+=i; /* end of data */
+
+ if (c.inf & 1)
+ {
+ /* no data body so go round again */
+ eos++;
+ want=HEADER_SIZE;
+ }
+ else if (eos && (c.slen == 0) && (c.tag == V_ASN1_EOC))
+ {
+ /* eos value, so go back and read another header */
+ eos--;
+ if (eos <= 0)
+ break;
+ else
+ want=HEADER_SIZE;
+ }
+ else
+ {
+ /* suck in c.slen bytes of data */
+ want=(int)c.slen;
+ if (want > (len-off))
+ {
+ want-=(len-off);
+ if (!BUF_MEM_grow(b,len+want))
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=BIO_read(in,&(b->data[len]),want);
+ if (i <= 0)
+ {
+ ASN1err(ASN1_F_ASN1_D2I_BIO,ASN1_R_NOT_ENOUGH_DATA);
+ goto err;
+ }
+ len+=i;
+ }
+ off+=(int)c.slen;
+ if (eos <= 0)
+ {
+ break;
+ }
+ else
+ want=HEADER_SIZE;
+ }
+ }
+
+ p=(unsigned char *)b->data;
+ ret=d2i(x,&p,off);
+err:
+ if (b != NULL) BUF_MEM_free(b);
+ return(ret);
+ }
diff --git a/crypto/asn1/a_digest.c b/crypto/asn1/a_digest.c
new file mode 100644
index 0000000..8f395d9
--- /dev/null
+++ b/crypto/asn1/a_digest.c
@@ -0,0 +1,91 @@
+/* crypto/asn1/a_digest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "evp.h"
+#include "x509.h"
+#include "buffer.h"
+
+int ASN1_digest(i2d,type,data,md,len)
+int (*i2d)();
+EVP_MD *type;
+char *data;
+unsigned char *md;
+unsigned int *len;
+ {
+ EVP_MD_CTX ctx;
+ int i;
+ unsigned char *str,*p;
+
+ i=i2d(data,NULL);
+ if ((str=(unsigned char *)Malloc(i)) == NULL) return(0);
+ p=str;
+ i2d(data,&p);
+
+ EVP_DigestInit(&ctx,type);
+ EVP_DigestUpdate(&ctx,str,i);
+ EVP_DigestFinal(&ctx,md,len);
+ Free(str);
+ return(1);
+ }
+
diff --git a/crypto/asn1/a_dup.c b/crypto/asn1/a_dup.c
new file mode 100644
index 0000000..51ed105
--- /dev/null
+++ b/crypto/asn1/a_dup.c
@@ -0,0 +1,86 @@
+/* crypto/asn1/a_dup.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+#define READ_CHUNK 2048
+
+char *ASN1_dup(i2d,d2i,x)
+int (*i2d)();
+char *(*d2i)();
+char *x;
+ {
+ unsigned char *b,*p;
+ long i;
+ char *ret;
+
+ if (x == NULL) return(NULL);
+
+ i=(long)i2d(x,NULL);
+ b=(unsigned char *)Malloc((unsigned int)i+10);
+ if (b == NULL)
+ { ASN1err(ASN1_F_ASN1_DUP,ERR_R_MALLOC_FAILURE); return(NULL); }
+ p= b;
+ i=i2d(x,&p);
+ p= b;
+ ret=d2i(NULL,&p,i);
+ Free((char *)b);
+ return(ret);
+ }
diff --git a/crypto/asn1/a_hdr.c b/crypto/asn1/a_hdr.c
new file mode 100644
index 0000000..b7de335
--- /dev/null
+++ b/crypto/asn1/a_hdr.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/a_hdr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "asn1.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_ASN1_HEADER,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_I2D_ASN1_HEADER,ASN1_R_BAD_GET_OBJECT);
+ * ASN1err(ASN1_F_ASN1_HEADER_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+int i2d_ASN1_HEADER(a,pp)
+ASN1_HEADER *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->header, i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(a->data, a->meth->i2d);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->header, i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(a->data, a->meth->i2d);
+
+ M_ASN1_I2D_finish();
+ }
+
+ASN1_HEADER *d2i_ASN1_HEADER(a,pp,length)
+ASN1_HEADER **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,ASN1_HEADER *,ASN1_HEADER_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->header,d2i_ASN1_OCTET_STRING);
+ if (ret->meth != NULL)
+ {
+ M_ASN1_D2I_get(ret->data,ret->meth->d2i);
+ }
+ else
+ {
+ if (a != NULL) (*a)=ret;
+ return(ret);
+ }
+ M_ASN1_D2I_Finish(a,ASN1_HEADER_free,ASN1_F_D2I_ASN1_HEADER);
+ }
+
+ASN1_HEADER *ASN1_HEADER_new()
+ {
+ ASN1_HEADER *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,ASN1_HEADER);
+ M_ASN1_New(ret->header,ASN1_OCTET_STRING_new);
+ ret->meth=NULL;
+ ret->data=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_ASN1_HEADER_NEW);
+ }
+
+void ASN1_HEADER_free(a)
+ASN1_HEADER *a;
+ {
+ if (a == NULL) return;
+ ASN1_OCTET_STRING_free(a->header);
+ if (a->meth != NULL)
+ a->meth->destroy(a->data);
+ Free((char *)a);
+ }
diff --git a/crypto/asn1/a_i2d_fp.c b/crypto/asn1/a_i2d_fp.c
new file mode 100644
index 0000000..eab127e
--- /dev/null
+++ b/crypto/asn1/a_i2d_fp.c
@@ -0,0 +1,119 @@
+/* crypto/asn1/a_i2d_fp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1_mac.h"
+
+#ifndef WIN16
+int ASN1_i2d_fp(i2d,out,x)
+int (*i2d)();
+FILE *out;
+unsigned char *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_I2D_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,out,BIO_NOCLOSE);
+ ret=ASN1_i2d_bio(i2d,b,x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int ASN1_i2d_bio(i2d,out,x)
+int (*i2d)();
+BIO *out;
+unsigned char *x;
+ {
+ char *b;
+ unsigned char *p;
+ int i,j=0,n,ret=1;
+
+ n=i2d(x,NULL);
+ b=(char *)Malloc(n);
+ if (b == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_I2D_BIO,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+ p=(unsigned char *)b;
+ i2d(x,&p);
+
+ for (;;)
+ {
+ i=BIO_write(out,&(b[j]),n);
+ if (i == n) break;
+ if (i <= 0)
+ {
+ ret=0;
+ break;
+ }
+ j+=i;
+ n-=i;
+ }
+ Free((char *)b);
+ return(ret);
+ }
diff --git a/crypto/asn1/a_int.c b/crypto/asn1/a_int.c
new file mode 100644
index 0000000..ce0921d
--- /dev/null
+++ b/crypto/asn1/a_int.c
@@ -0,0 +1,304 @@
+/* crypto/asn1/a_int.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_INTEGER,ASN1_R_EXPECTING_AN_INTEGER);
+ */
+
+int i2d_ASN1_INTEGER(a,pp)
+ASN1_INTEGER *a;
+unsigned char **pp;
+ {
+ int pad=0,ret,r,i,t;
+ unsigned char *p,*pt,*n,pb=0;
+
+ if ((a == NULL) || (a->data == NULL)) return(0);
+ t=a->type;
+ if (a->length == 0)
+ ret=1;
+ else
+ {
+ ret=a->length;
+ i=a->data[0];
+ if ((t == V_ASN1_INTEGER) && (i > 127))
+ {
+ pad=1;
+ pb=0;
+ }
+ else if ((t == V_ASN1_NEG_INTEGER) && (i>128))
+ {
+ pad=1;
+ pb=0xFF;
+ }
+ ret+=pad;
+ }
+ r=ASN1_object_size(0,ret,V_ASN1_INTEGER);
+ if (pp == NULL) return(r);
+ p= *pp;
+
+ ASN1_put_object(&p,0,ret,V_ASN1_INTEGER,V_ASN1_UNIVERSAL);
+ if (pad) *(p++)=pb;
+ if (a->length == 0)
+ *(p++)=0;
+ else if (t == V_ASN1_INTEGER)
+ {
+ memcpy(p,a->data,(unsigned int)a->length);
+ p+=a->length;
+ }
+ else
+ {
+ n=a->data;
+ pt=p;
+ for (i=a->length; i>0; i--)
+ *(p++)= (*(n++)^0xFF)+1;
+ if (!pad) *pt|=0x80;
+ }
+
+ *pp=p;
+ return(r);
+ }
+
+ASN1_INTEGER *d2i_ASN1_INTEGER(a, pp, length)
+ASN1_INTEGER **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_INTEGER *ret=NULL;
+ unsigned char *p,*to,*s;
+ long len;
+ int inf,tag,xclass;
+ int i;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_INTEGER_new()) == NULL) return(NULL);
+ ret->type=V_ASN1_INTEGER;
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_INTEGER)
+ {
+ i=ASN1_R_EXPECTING_AN_INTEGER;
+ goto err;
+ }
+
+ /* We must Malloc stuff, even for 0 bytes otherwise it
+ * signifies a missing NULL parameter. */
+ s=(unsigned char *)Malloc((int)len+1);
+ if (s == NULL)
+ {
+ i=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+ to=s;
+ if (*p & 0x80) /* a negative number */
+ {
+ ret->type=V_ASN1_NEG_INTEGER;
+ if (*p == 0xff)
+ {
+ p++;
+ len--;
+ }
+ for (i=(int)len; i>0; i--)
+ *(to++)= (*(p++)^0xFF)+1;
+ }
+ else
+ {
+ ret->type=V_ASN1_INTEGER;
+ if ((*p == 0) && (len != 1))
+ {
+ p++;
+ len--;
+ }
+ memcpy(s,p,(int)len);
+ p+=len;
+ }
+
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=s;
+ ret->length=(int)len;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_INTEGER,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_INTEGER_free(ret);
+ return(NULL);
+ }
+
+int ASN1_INTEGER_set(a,v)
+ASN1_INTEGER *a;
+long v;
+ {
+ int i,j,k;
+ unsigned char buf[sizeof(long)+1];
+ long d;
+
+ a->type=V_ASN1_INTEGER;
+ if (a->length < (sizeof(long)+1))
+ {
+ if (a->data != NULL)
+ Free((char *)a->data);
+ if ((a->data=(unsigned char *)Malloc(sizeof(long)+1)) != NULL)
+ memset((char *)a->data,0,sizeof(long)+1);
+ }
+ if (a->data == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_INTEGER_SET,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ d=v;
+ if (d < 0)
+ {
+ d= -d;
+ a->type=V_ASN1_NEG_INTEGER;
+ }
+
+ for (i=0; i<sizeof(long); i++)
+ {
+ if (d == 0) break;
+ buf[i]=(int)d&0xff;
+ d>>=8;
+ }
+ j=0;
+ if (v < 0) a->data[j++]=0;
+ for (k=i-1; k >=0; k--)
+ a->data[j++]=buf[k];
+ a->length=j;
+ return(1);
+ }
+
+long ASN1_INTEGER_get(a)
+ASN1_INTEGER *a;
+ {
+ int neg=0,i;
+ long r=0;
+
+ if (a == NULL) return(0L);
+ i=a->type;
+ if (i == V_ASN1_NEG_INTEGER)
+ neg=1;
+ else if (i != V_ASN1_INTEGER)
+ return(0);
+
+ if (a->length > sizeof(long))
+ {
+ return(0xFFFFFFFFL);
+ }
+ if (a->data == NULL)
+ return(0);
+
+ for (i=0; i<a->length; i++)
+ {
+ r<<=8;
+ r|=(unsigned char)a->data[i];
+ }
+ if (neg) r= -r;
+ return(r);
+ }
+
+ASN1_INTEGER *BN_to_ASN1_INTEGER(bn,ai)
+BIGNUM *bn;
+ASN1_INTEGER *ai;
+ {
+ ASN1_INTEGER *ret;
+ int len,j;
+
+ if (ai == NULL)
+ ret=ASN1_INTEGER_new();
+ else
+ ret=ai;
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_BN_TO_ASN1_INTEGER,ASN1_R_ERROR_STACK);
+ goto err;
+ }
+ ret->type=V_ASN1_INTEGER;
+ j=BN_num_bits(bn);
+ len=((j == 0)?0:((j/8)+1));
+ ret->data=(unsigned char *)Malloc(len+4);
+ ret->length=BN_bn2bin(bn,ret->data);
+ return(ret);
+err:
+ if (ret != ai) ASN1_INTEGER_free(ret);
+ return(NULL);
+ }
+
+BIGNUM *ASN1_INTEGER_to_BN(ai,bn)
+ASN1_INTEGER *ai;
+BIGNUM *bn;
+ {
+ BIGNUM *ret;
+
+ if ((ret=BN_bin2bn(ai->data,ai->length,bn)) == NULL)
+ ASN1err(ASN1_F_ASN1_INTEGER_TO_BN,ASN1_R_BN_LIB);
+ return(ret);
+ }
diff --git a/crypto/asn1/a_meth.c b/crypto/asn1/a_meth.c
new file mode 100644
index 0000000..0beb958
--- /dev/null
+++ b/crypto/asn1/a_meth.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/a_meth.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+static ASN1_METHOD ia5string_meth={
+ (int (*)()) i2d_ASN1_IA5STRING,
+ (char *(*)()) d2i_ASN1_IA5STRING,
+ (char *(*)()) ASN1_STRING_new,
+ (void (*)()) ASN1_STRING_free};
+
+static ASN1_METHOD bit_string_meth={
+ (int (*)()) i2d_ASN1_BIT_STRING,
+ (char *(*)()) d2i_ASN1_BIT_STRING,
+ (char *(*)()) ASN1_STRING_new,
+ (void (*)()) ASN1_STRING_free};
+
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth()
+ {
+ return(&ia5string_meth);
+ }
+
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth()
+ {
+ return(&bit_string_meth);
+ }
diff --git a/crypto/asn1/a_object.c b/crypto/asn1/a_object.c
new file mode 100644
index 0000000..897915c
--- /dev/null
+++ b/crypto/asn1/a_object.c
@@ -0,0 +1,369 @@
+/* crypto/asn1/a_object.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1.h"
+#include "objects.h"
+
+/* ASN1err(ASN1_F_ASN1_OBJECT_NEW,ASN1_R_EXPECTING_AN_OBJECT);
+ * ASN1err(ASN1_F_D2I_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
+ * ASN1err(ASN1_F_I2A_ASN1_OBJECT,ASN1_R_BAD_OBJECT_HEADER);
+ */
+
+int i2d_ASN1_OBJECT(a, pp)
+ASN1_OBJECT *a;
+unsigned char **pp;
+ {
+ unsigned char *p;
+
+ if ((a == NULL) || (a->data == NULL)) return(0);
+
+ if (pp == NULL)
+ return(ASN1_object_size(0,a->length,V_ASN1_OBJECT));
+
+ p= *pp;
+ ASN1_put_object(&p,0,a->length,V_ASN1_OBJECT,V_ASN1_UNIVERSAL);
+ memcpy(p,a->data,a->length);
+ p+=a->length;
+
+ *pp=p;
+ return(a->length);
+ }
+
+int a2d_ASN1_OBJECT(out,olen,buf,num)
+unsigned char *out;
+int olen;
+char *buf;
+int num;
+ {
+ int i,first,len=0,c;
+ char tmp[24],*p;
+ unsigned long l;
+
+ if (num == 0)
+ return(0);
+ else if (num == -1)
+ num=strlen(buf);
+
+ p=buf;
+ c= *(p++);
+ num--;
+ if ((c >= '0') && (c <= '2'))
+ {
+ first=(c-'0')*40;
+ }
+ else
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_FIRST_NUM_TOO_LARGE);
+ goto err;
+ }
+
+ if (num <= 0)
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_MISSING_SECOND_NUMBER);
+ goto err;
+ }
+ c= *(p++);
+ num--;
+ for (;;)
+ {
+ if (num <= 0) break;
+ if ((c != '.') && (c != ' '))
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_SEPARATOR);
+ goto err;
+ }
+ l=0;
+ for (;;)
+ {
+ if (num <= 0) break;
+ num--;
+ c= *(p++);
+ if ((c == ' ') || (c == '.'))
+ break;
+ if ((c < '0') || (c > '9'))
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_INVALID_DIGIT);
+ goto err;
+ }
+ l=l*10L+(long)(c-'0');
+ }
+ if (len == 0)
+ {
+ if ((first < 2) && (l >= 40))
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_SECOND_NUMBER_TOO_LARGE);
+ goto err;
+ }
+ l+=(long)first;
+ }
+ i=0;
+ for (;;)
+ {
+ tmp[i++]=(unsigned char)l&0x7f;
+ l>>=7L;
+ if (l == 0L) break;
+ }
+ if (out != NULL)
+ {
+ if (len+i > olen)
+ {
+ ASN1err(ASN1_F_A2D_ASN1_OBJECT,ASN1_R_BUFFER_TOO_SMALL);
+ goto err;
+ }
+ while (--i > 0)
+ out[len++]=tmp[i]|0x80;
+ out[len++]=tmp[0];
+ }
+ else
+ len+=i;
+ }
+ return(len);
+err:
+ return(0);
+ }
+
+int i2a_ASN1_OBJECT(bp,a)
+BIO *bp;
+ASN1_OBJECT *a;
+ {
+ int j,i,idx=0,n=0,len,nid,reason=ERR_R_BUF_LIB;
+ unsigned long l;
+ unsigned char *p;
+ char buf[20];
+ char *s;
+
+ if ((a == NULL) || (a->data == NULL))
+ {
+ return(BIO_write(bp,"NULL",4));
+ }
+
+ nid=OBJ_obj2nid(a);
+ if (nid == NID_undef)
+ {
+ len=a->length;
+ p=a->data;
+
+ idx=0;
+ l=0;
+ while (idx < a->length)
+ {
+ l|=(p[idx]&0x7f);
+ if (!(p[idx] & 0x80)) break;
+ l<<=7L;
+ idx++;
+ }
+ idx++;
+ i=(int)(l/40);
+ if (i > 2) i=2;
+ l-=(long)(i*40);
+
+ sprintf(buf,"%d.%ld",i,l);
+ i=strlen(buf);
+ if (BIO_write(bp,buf,i) != i)
+ goto err;
+ n+=i;
+
+ l=0;
+ for (; idx<len; idx++)
+ {
+ l|=p[idx]&0x7f;
+ if (!(p[idx] & 0x80))
+ {
+ sprintf(buf,".%ld",l);
+ i=strlen(buf);
+ if (BIO_write(bp,buf,i) != i) goto err;
+ n+=i;
+ l=0;
+ }
+ l<<=7L;
+ }
+ }
+ else
+ {
+ s=(char *)OBJ_nid2ln(nid);
+ if (s == NULL)
+ s=(char *)OBJ_nid2sn(nid);
+ j=strlen(s);
+ if (BIO_write(bp,s,j) != j) goto err;
+ n=j;
+ }
+ return(n);
+err:
+ ASN1err(ASN1_F_I2A_ASN1_OBJECT,reason);
+ return(-1);
+ }
+
+ASN1_OBJECT *d2i_ASN1_OBJECT(a, pp, length)
+ASN1_OBJECT **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_OBJECT *ret=NULL;
+ unsigned char *p;
+ long len;
+ int tag,xclass;
+ int inf,i;
+
+ /* only the ASN1_OBJECTs from the 'table' will have values
+ * for ->sn or ->ln */
+ if ((a == NULL) || ((*a) == NULL) ||
+ !((*a)->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+ {
+ if ((ret=ASN1_OBJECT_new()) == NULL) return(NULL);
+ }
+ else ret=(*a);
+
+ p= *pp;
+
+ inf=ASN1_get_object(&p,&len,&tag,&xclass,length);
+ if (inf & 0x80)
+ {
+ i=ASN1_R_BAD_OBJECT_HEADER;
+ goto err;
+ }
+
+ if (tag != V_ASN1_OBJECT)
+ {
+ i=ASN1_R_EXPECTING_AN_OBJECT;
+ goto err;
+ }
+ if ((ret->data == NULL) || (ret->length < len))
+ {
+ if (ret->data != NULL) Free((char *)ret->data);
+ ret->data=(unsigned char *)Malloc((int)len);
+ ret->flags|=ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ if (ret->data == NULL)
+ { i=ERR_R_MALLOC_FAILURE; goto err; }
+ }
+ memcpy(ret->data,p,(int)len);
+ ret->length=(int)len;
+ ret->sn=NULL;
+ ret->ln=NULL;
+ /* ret->flags=ASN1_OBJECT_FLAG_DYNAMIC; we know it is dynamic */
+ p+=len;
+
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ ASN1err(ASN1_F_D2I_ASN1_OBJECT,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_OBJECT_free(ret);
+ return(NULL);
+ }
+
+ASN1_OBJECT *ASN1_OBJECT_new()
+ {
+ ASN1_OBJECT *ret;
+
+ ret=(ASN1_OBJECT *)Malloc(sizeof(ASN1_OBJECT));
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_OBJECT_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->length=0;
+ ret->data=NULL;
+ ret->nid=0;
+ ret->sn=NULL;
+ ret->ln=NULL;
+ ret->flags=ASN1_OBJECT_FLAG_DYNAMIC;
+ return(ret);
+ }
+
+void ASN1_OBJECT_free(a)
+ASN1_OBJECT *a;
+ {
+ if (a == NULL) return;
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_STRINGS)
+ {
+ if (a->sn != NULL) Free(a->sn);
+ if (a->ln != NULL) Free(a->ln);
+ a->sn=a->ln=NULL;
+ }
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC_DATA)
+ {
+ if (a->data != NULL) Free(a->data);
+ a->data=NULL;
+ a->length=0;
+ }
+ if (a->flags & ASN1_OBJECT_FLAG_DYNAMIC)
+ Free((char *)a);
+ }
+
+ASN1_OBJECT *ASN1_OBJECT_create(nid,data,len,sn,ln)
+int nid;
+unsigned char *data;
+int len;
+char *sn,*ln;
+ {
+ ASN1_OBJECT o;
+
+ o.sn=sn;
+ o.ln=ln;
+ o.data=data;
+ o.nid=nid;
+ o.length=len;
+ o.flags=ASN1_OBJECT_FLAG_DYNAMIC|
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS|ASN1_OBJECT_FLAG_DYNAMIC_DATA;
+ return(OBJ_dup(&o));
+ }
+
diff --git a/crypto/asn1/a_octet.c b/crypto/asn1/a_octet.c
new file mode 100644
index 0000000..e4ef15a
--- /dev/null
+++ b/crypto/asn1/a_octet.c
@@ -0,0 +1,90 @@
+/* crypto/asn1/a_octet.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_EXPECTING_AN_OCTET_STRING);
+ */
+
+int i2d_ASN1_OCTET_STRING(a, pp)
+ASN1_OCTET_STRING *a;
+unsigned char **pp;
+ {
+ return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+ V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL));
+ }
+
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(a, pp, length)
+ASN1_OCTET_STRING **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_OCTET_STRING *ret=NULL;
+
+ ret=(ASN1_OCTET_STRING *)d2i_ASN1_bytes((ASN1_STRING **)a,
+ pp,length,V_ASN1_OCTET_STRING,V_ASN1_UNIVERSAL);
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_OCTET_STRING,ASN1_R_ERROR_STACK);
+ return(NULL);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/asn1/a_print.c b/crypto/asn1/a_print.c
new file mode 100644
index 0000000..a1bbc35
--- /dev/null
+++ b/crypto/asn1/a_print.c
@@ -0,0 +1,161 @@
+/* crypto/asn1/a_print.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_WRONG_PRINTABLE_TYPE);
+ * ASN1err(ASN1_F_D2I_ASN1_PRINT_TYPE,ASN1_R_TAG_VALUE_TOO_HIGH);
+ */
+
+int i2d_ASN1_IA5STRING(a,pp)
+ASN1_IA5STRING *a;
+unsigned char **pp;
+ { return(M_i2d_ASN1_IA5STRING(a,pp)); }
+
+ASN1_IA5STRING *d2i_ASN1_IA5STRING(a,pp,l)
+ASN1_IA5STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_IA5STRING(a,pp,l)); }
+
+ASN1_T61STRING *d2i_ASN1_T61STRING(a,pp,l)
+ASN1_T61STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_T61STRING(a,pp,l)); }
+
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(a,pp,l)
+ASN1_PRINTABLESTRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_PRINTABLESTRING(a,pp,l)); }
+
+int i2d_ASN1_PRINTABLE(a,pp)
+ASN1_STRING *a;
+unsigned char **pp;
+ { return(M_i2d_ASN1_PRINTABLE(a,pp)); }
+
+ASN1_STRING *d2i_ASN1_PRINTABLE(a,pp,l)
+ASN1_STRING **a;
+unsigned char **pp;
+long l;
+ { return(M_d2i_ASN1_PRINTABLE(a,pp,l)); }
+
+int ASN1_PRINTABLE_type(s,len)
+unsigned char *s;
+int len;
+ {
+ int c;
+ int ia5=0;
+ int t61=0;
+
+ if (len <= 0) len= -1;
+ if (s == NULL) return(V_ASN1_PRINTABLESTRING);
+
+ while ((*s) && (len-- != 0))
+ {
+ c= *(s++);
+ if (!( ((c >= 'a') && (c <= 'z')) ||
+ ((c >= 'A') && (c <= 'Z')) ||
+ (c == ' ') ||
+ ((c >= '0') && (c <= '9')) ||
+ (c == ' ') || (c == '\'') ||
+ (c == '(') || (c == ')') ||
+ (c == '+') || (c == ',') ||
+ (c == '-') || (c == '.') ||
+ (c == '/') || (c == ':') ||
+ (c == '=') || (c == '?')))
+ ia5=1;
+ if (c&0x80)
+ t61=1;
+ }
+ if (t61) return(V_ASN1_T61STRING);
+ if (ia5) return(V_ASN1_IA5STRING);
+ return(V_ASN1_PRINTABLESTRING);
+ }
+
+int ASN1_UNIVERSALSTRING_to_string(s)
+ASN1_UNIVERSALSTRING *s;
+ {
+ int i;
+ unsigned char *p;
+
+ if (s->type != V_ASN1_UNIVERSALSTRING) return(0);
+ if ((s->length%4) != 0) return(0);
+ p=s->data;
+ for (i=0; i<s->length; i+=4)
+ {
+ if ((p[0] != '\0') || (p[1] != '\0') || (p[2] != '\0'))
+ break;
+ else
+ p+=4;
+ }
+ if (i < s->length) return(0);
+ p=s->data;
+ for (i=3; i<s->length; i+=4)
+ {
+ *(p++)=s->data[i];
+ }
+ *(p)='\0';
+ s->length/=4;
+ s->type=ASN1_PRINTABLE_type(s->data,s->length);
+ return(1);
+ }
+
diff --git a/crypto/asn1/a_set.c b/crypto/asn1/a_set.c
new file mode 100644
index 0000000..5752fbb
--- /dev/null
+++ b/crypto/asn1/a_set.c
@@ -0,0 +1,149 @@
+/* crypto/asn1/a_set.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ERR_R_MALLOC_FAILURE);
+ */
+
+int i2d_ASN1_SET(a,pp,func,ex_tag,ex_class)
+STACK *a;
+unsigned char **pp;
+int (*func)();
+int ex_tag;
+int ex_class;
+ {
+ int ret=0,r;
+ int i;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+ for (i=sk_num(a)-1; i>=0; i--)
+ ret+=func(sk_value(a,i),NULL);
+ r=ASN1_object_size(1,ret,ex_tag);
+ if (pp == NULL) return(r);
+
+ p= *pp;
+ ASN1_put_object(&p,1,ret,ex_tag,ex_class);
+ for (i=0; i<sk_num(a); i++)
+ func(sk_value(a,i),&p);
+
+ *pp=p;
+ return(r);
+ }
+
+STACK *d2i_ASN1_SET(a,pp,length,func,ex_tag,ex_class)
+STACK **a;
+unsigned char **pp;
+long length;
+char *(*func)();
+int ex_tag;
+int ex_class;
+ {
+ ASN1_CTX c;
+ STACK *ret=NULL;
+
+ if ((a == NULL) || ((*a) == NULL))
+ { if ((ret=sk_new(NULL)) == NULL) goto err; }
+ else
+ ret=(*a);
+
+ c.p= *pp;
+ c.max=(length == 0)?0:(c.p+length);
+
+ c.inf=ASN1_get_object(&c.p,&c.slen,&c.tag,&c.xclass,c.max-c.p);
+ if (c.inf & 0x80) goto err;
+ if (ex_class != c.xclass)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_CLASS);
+ goto err;
+ }
+ if (ex_tag != c.tag)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_BAD_TAG);
+ goto err;
+ }
+ if ((c.slen+c.p) > c.max)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_SET,ASN1_R_LENGTH_ERROR);
+ goto err;
+ }
+ /* check for infinite constructed - it can be as long
+ * as the amount of data passed to us */
+ if (c.inf == (V_ASN1_CONSTRUCTED+1))
+ c.slen=length+ *pp-c.p;
+ c.max=c.p+c.slen;
+
+ while (c.p < c.max)
+ {
+ char *s;
+
+ if (M_ASN1_D2I_end_sequence()) break;
+ if ((s=func(NULL,&c.p,c.slen,c.max-c.p)) == NULL) goto err;
+ if (!sk_push(ret,s)) goto err;
+ }
+ if (a != NULL) (*a)=ret;
+ *pp=c.p;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) sk_free(ret);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/a_sign.c b/crypto/asn1/a_sign.c
new file mode 100644
index 0000000..2925ce3
--- /dev/null
+++ b/crypto/asn1/a_sign.c
@@ -0,0 +1,147 @@
+/* crypto/asn1/a_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+int ASN1_sign(i2d,algor1,algor2,signature,data,pkey,type)
+int (*i2d)();
+X509_ALGOR *algor1;
+X509_ALGOR *algor2;
+ASN1_BIT_STRING *signature;
+char *data;
+EVP_PKEY *pkey;
+EVP_MD *type;
+ {
+ EVP_MD_CTX ctx;
+ unsigned char *p,*buf_in=NULL,*buf_out=NULL;
+ int i,inl=0,outl=0,outll=0;
+ X509_ALGOR *a;
+
+ for (i=0; i<2; i++)
+ {
+ if (i == 0)
+ a=algor1;
+ else
+ a=algor2;
+ if (a == NULL) continue;
+ if ( (a->parameter == NULL) ||
+ (a->parameter->type != V_ASN1_NULL))
+ {
+ ASN1_TYPE_free(a->parameter);
+ if ((a->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ a->parameter->type=V_ASN1_NULL;
+ }
+ ASN1_OBJECT_free(a->algorithm);
+ a->algorithm=OBJ_nid2obj(type->pkey_type);
+ if (a->algorithm == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_UNKNOWN_OBJECT_TYPE);
+ goto err;
+ }
+ if (a->algorithm->length == 0)
+ {
+ ASN1err(ASN1_F_ASN1_SIGN,ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+ goto err;
+ }
+ }
+ inl=i2d(data,NULL);
+ buf_in=(unsigned char *)Malloc((unsigned int)inl);
+ outll=outl=EVP_PKEY_size(pkey);
+ buf_out=(unsigned char *)Malloc((unsigned int)outl);
+ if ((buf_in == NULL) || (buf_out == NULL))
+ {
+ outl=0;
+ ASN1err(ASN1_F_ASN1_SIGN,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf_in;
+
+ i2d(data,&p);
+ EVP_SignInit(&ctx,type);
+ EVP_SignUpdate(&ctx,(unsigned char *)buf_in,inl);
+ if (!EVP_SignFinal(&ctx,(unsigned char *)buf_out,
+ (unsigned int *)&outl,pkey))
+ {
+ outl=0;
+ ASN1err(ASN1_F_ASN1_SIGN,ERR_R_EVP_LIB);
+ goto err;
+ }
+ if (signature->data != NULL) Free((char *)signature->data);
+ signature->data=buf_out;
+ buf_out=NULL;
+ signature->length=outl;
+
+err:
+ memset(&ctx,0,sizeof(ctx));
+ if (buf_in != NULL)
+ { memset((char *)buf_in,0,(unsigned int)inl); Free((char *)buf_in); }
+ if (buf_out != NULL)
+ { memset((char *)buf_out,0,outll); Free((char *)buf_out); }
+ return(outl);
+ }
diff --git a/crypto/asn1/a_type.c b/crypto/asn1/a_type.c
new file mode 100644
index 0000000..abaf70d
--- /dev/null
+++ b/crypto/asn1/a_type.c
@@ -0,0 +1,317 @@
+/* crypto/asn1/a_type.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_ASN1_TYPE_NEW,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_ERROR_STACK);
+ * ASN1err(ASN1_F_D2I_ASN1_BYTES,ASN1_R_WRONG_TAG);
+ * ASN1err(ASN1_F_ASN1_COLLATE_PRIMATIVE,ASN1_R_WRONG_TAG);
+ */
+
+#ifndef NOPROTO
+static void ASN1_TYPE_component_free(ASN1_TYPE *a);
+#else
+static void ASN1_TYPE_component_free();
+#endif
+
+int i2d_ASN1_TYPE(a,pp)
+ASN1_TYPE *a;
+unsigned char **pp;
+ {
+ int r=0;
+
+ if (a == NULL) return(0);
+
+ switch (a->type)
+ {
+ case V_ASN1_NULL:
+ if (pp != NULL)
+ ASN1_put_object(pp,0,0,V_ASN1_NULL,V_ASN1_UNIVERSAL);
+ r=2;
+ break;
+ case V_ASN1_INTEGER:
+ case V_ASN1_NEG_INTEGER:
+ r=i2d_ASN1_INTEGER(a->value.integer,pp);
+ break;
+ case V_ASN1_BIT_STRING:
+ r=i2d_ASN1_BIT_STRING(a->value.bit_string,pp);
+ break;
+ case V_ASN1_OCTET_STRING:
+ r=i2d_ASN1_OCTET_STRING(a->value.octet_string,pp);
+ break;
+ case V_ASN1_OBJECT:
+ r=i2d_ASN1_OBJECT(a->value.object,pp);
+ break;
+ case V_ASN1_PRINTABLESTRING:
+ r=M_i2d_ASN1_PRINTABLESTRING(a->value.printablestring,pp);
+ break;
+ case V_ASN1_T61STRING:
+ r=M_i2d_ASN1_T61STRING(a->value.t61string,pp);
+ break;
+ case V_ASN1_IA5STRING:
+ r=M_i2d_ASN1_IA5STRING(a->value.ia5string,pp);
+ break;
+ case V_ASN1_GENERALSTRING:
+ r=M_i2d_ASN1_GENERALSTRING(a->value.generalstring,pp);
+ break;
+ case V_ASN1_UNIVERSALSTRING:
+ r=M_i2d_ASN1_UNIVERSALSTRING(a->value.universalstring,pp);
+ break;
+ case V_ASN1_UTCTIME:
+ r=i2d_ASN1_UTCTIME(a->value.utctime,pp);
+ break;
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ if (a->value.set == NULL)
+ r=0;
+ else
+ {
+ r=a->value.set->length;
+ if (pp != NULL)
+ {
+ memcpy(*pp,a->value.set->data,r);
+ *pp+=r;
+ }
+ }
+ break;
+ }
+ return(r);
+ }
+
+ASN1_TYPE *d2i_ASN1_TYPE(a,pp,length)
+ASN1_TYPE **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_TYPE *ret=NULL;
+ unsigned char *q,*p,*max;
+ int inf,tag,xclass;
+ long len;
+
+ if ((a == NULL) || ((*a) == NULL))
+ {
+ if ((ret=ASN1_TYPE_new()) == NULL) goto err;
+ }
+ else
+ ret=(*a);
+
+ p= *pp;
+ q=p;
+ max=(p+length);
+
+ inf=ASN1_get_object(&q,&len,&tag,&xclass,length);
+ if (inf & 0x80) goto err;
+
+ ASN1_TYPE_component_free(ret);
+
+ switch (tag)
+ {
+ case V_ASN1_NULL:
+ p=q;
+ ret->value.ptr=NULL;
+ break;
+ case V_ASN1_INTEGER:
+ if ((ret->value.integer=
+ d2i_ASN1_INTEGER(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_BIT_STRING:
+ if ((ret->value.bit_string=
+ d2i_ASN1_BIT_STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_OCTET_STRING:
+ if ((ret->value.octet_string=
+ d2i_ASN1_OCTET_STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_OBJECT:
+ if ((ret->value.object=
+ d2i_ASN1_OBJECT(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_PRINTABLESTRING:
+ if ((ret->value.printablestring=
+ d2i_ASN1_PRINTABLESTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_T61STRING:
+ if ((ret->value.t61string=
+ M_d2i_ASN1_T61STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_IA5STRING:
+ if ((ret->value.ia5string=
+ M_d2i_ASN1_IA5STRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_GENERALSTRING:
+ if ((ret->value.generalstring=
+ M_d2i_ASN1_GENERALSTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_UNIVERSALSTRING:
+ if ((ret->value.universalstring=
+ M_d2i_ASN1_UNIVERSALSTRING(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_UTCTIME:
+ if ((ret->value.utctime=
+ d2i_ASN1_UTCTIME(NULL,&p,max-p)) == NULL)
+ goto err;
+ break;
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ /* Sets and sequences are left complete */
+ if ((ret->value.set=ASN1_STRING_new()) == NULL) goto err;
+ ret->value.set->type=tag;
+ len+=(q-p);
+ if (!ASN1_STRING_set(ret->value.set,p,(int)len)) goto err;
+ p+=len;
+ break;
+ default:
+ ASN1err(ASN1_F_D2I_ASN1_TYPE,ASN1_R_BAD_TYPE);
+ goto err;
+ }
+
+ ret->type=tag;
+ if (a != NULL) (*a)=ret;
+ *pp=p;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) ASN1_TYPE_free(ret);
+ return(NULL);
+ }
+
+ASN1_TYPE *ASN1_TYPE_new()
+ {
+ ASN1_TYPE *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,ASN1_TYPE);
+ ret->type= -1;
+ ret->value.ptr=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_ASN1_TYPE_NEW);
+ }
+
+void ASN1_TYPE_free(a)
+ASN1_TYPE *a;
+ {
+ if (a == NULL) return;
+ ASN1_TYPE_component_free(a);
+ Free((char *)(char *)a);
+ }
+
+int ASN1_TYPE_get(a)
+ASN1_TYPE *a;
+ {
+ if (a->value.ptr != NULL)
+ return(a->type);
+ else
+ return(0);
+ }
+
+void ASN1_TYPE_set(a,type,value)
+ASN1_TYPE *a;
+int type;
+char *value;
+ {
+ if (a->value.ptr != NULL)
+ ASN1_TYPE_component_free(a);
+ a->type=type;
+ a->value.ptr=value;
+ }
+
+static void ASN1_TYPE_component_free(a)
+ASN1_TYPE *a;
+ {
+ if (a == NULL) return;
+
+ if (a->value.ptr != NULL)
+ {
+ switch (a->type)
+ {
+ case V_ASN1_OBJECT:
+ ASN1_OBJECT_free(a->value.object);
+ break;
+ case V_ASN1_INTEGER:
+ case V_ASN1_NEG_INTEGER:
+ case V_ASN1_BIT_STRING:
+ case V_ASN1_OCTET_STRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ case V_ASN1_IA5STRING:
+ case V_ASN1_UNIVERSALSTRING:
+ case V_ASN1_GENERALSTRING:
+ case V_ASN1_UTCTIME:
+ case V_ASN1_SET:
+ case V_ASN1_SEQUENCE:
+ ASN1_STRING_free((ASN1_STRING *)a->value.ptr);
+ break;
+ default:
+ /* MEMORY LEAK */
+ break;
+ }
+ a->type=0;
+ a->value.ptr=NULL;
+ }
+ }
+
diff --git a/crypto/asn1/a_utctm.c b/crypto/asn1/a_utctm.c
new file mode 100644
index 0000000..cc3c692
--- /dev/null
+++ b/crypto/asn1/a_utctm.c
@@ -0,0 +1,190 @@
+/* crypto/asn1/a_utctm.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "asn1.h"
+
+/* ASN1err(ASN1_F_ASN1_UTCTIME_NEW,ASN1_R_UTCTIME_TOO_LONG);
+ * ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_EXPECTING_A_UTCTIME);
+ */
+
+int i2d_ASN1_UTCTIME(a,pp)
+ASN1_UTCTIME *a;
+unsigned char **pp;
+ {
+ return(i2d_ASN1_bytes((ASN1_STRING *)a,pp,
+ V_ASN1_UTCTIME,V_ASN1_UNIVERSAL));
+ }
+
+
+ASN1_UTCTIME *d2i_ASN1_UTCTIME(a, pp, length)
+ASN1_UTCTIME **a;
+unsigned char **pp;
+long length;
+ {
+ ASN1_UTCTIME *ret=NULL;
+
+ ret=(ASN1_UTCTIME *)d2i_ASN1_bytes((ASN1_STRING **)a,pp,length,
+ V_ASN1_UTCTIME,V_ASN1_UNIVERSAL);
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_ERROR_STACK);
+ return(NULL);
+ }
+ if (!ASN1_UTCTIME_check(ret))
+ {
+ ASN1err(ASN1_F_D2I_ASN1_UTCTIME,ASN1_R_INVALID_TIME_FORMAT);
+ goto err;
+ }
+
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret)))
+ ASN1_UTCTIME_free(ret);
+ return(NULL);
+ }
+
+int ASN1_UTCTIME_check(d)
+ASN1_UTCTIME *d;
+ {
+ static int min[8]={ 0, 1, 1, 0, 0, 0, 0, 0};
+ static int max[8]={99,12,31,23,59,59,12,59};
+ char *a;
+ int n,i,l,o;
+
+ if (d->type != V_ASN1_UTCTIME) return(0);
+ l=d->length;
+ a=(char *)d->data;
+ o=0;
+
+ if (l < 11) goto err;
+ for (i=0; i<6; i++)
+ {
+ if ((i == 5) && ((a[o] == 'Z') ||
+ (a[o] == '+') || (a[o] == '-')))
+ { i++; break; }
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n= a[o]-'0';
+ if (++o > l) goto err;
+
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n=(n*10)+ a[o]-'0';
+ if (++o > l) goto err;
+
+ if ((n < min[i]) || (n > max[i])) goto err;
+ }
+ if (a[o] == 'Z')
+ o++;
+ else if ((a[o] == '+') || (a[o] == '-'))
+ {
+ o++;
+ if (o+4 > l) goto err;
+ for (i=6; i<8; i++)
+ {
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n= a[o]-'0';
+ o++;
+ if ((a[o] < '0') || (a[o] > '9')) goto err;
+ n=(n*10)+ a[o]-'0';
+ if ((n < min[i]) || (n > max[i])) goto err;
+ o++;
+ }
+ }
+ return(o == l);
+err:
+ return(0);
+ }
+
+ASN1_UTCTIME *ASN1_UTCTIME_set(s, t)
+ASN1_UTCTIME *s;
+time_t t;
+ {
+ char *p;
+ struct tm *ts;
+#if defined(THREADS)
+ struct tm data;
+#endif
+
+ if (s == NULL)
+ s=ASN1_UTCTIME_new();
+ if (s == NULL)
+ return(NULL);
+
+#if defined(THREADS)
+ ts=(struct tm *)gmtime_r(&t,&data);
+#else
+ ts=(struct tm *)gmtime(&t);
+#endif
+ p=(char *)s->data;
+ if ((p == NULL) || (s->length < 14))
+ {
+ p=Malloc(20);
+ if (p == NULL) return(NULL);
+ if (s->data != NULL)
+ Free(s->data);
+ s->data=(unsigned char *)p;
+ }
+
+ sprintf(p,"%02d%02d%02d%02d%02d%02dZ",ts->tm_year%100,
+ ts->tm_mon+1,ts->tm_mday,ts->tm_hour,ts->tm_min,ts->tm_sec);
+ s->length=strlen(p);
+ s->type=V_ASN1_UTCTIME;
+ return(s);
+ }
diff --git a/crypto/asn1/a_verify.c b/crypto/asn1/a_verify.c
new file mode 100644
index 0000000..567552f
--- /dev/null
+++ b/crypto/asn1/a_verify.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/a_verify.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "bn.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "evp.h"
+#include "pem.h"
+
+int ASN1_verify(i2d,a,signature,data,pkey)
+int (*i2d)();
+X509_ALGOR *a;
+ASN1_BIT_STRING *signature;
+char *data;
+EVP_PKEY *pkey;
+ {
+ EVP_MD_CTX ctx;
+ EVP_MD *type;
+ unsigned char *p,*buf_in=NULL;
+ int ret= -1,i,inl;
+
+ i=OBJ_obj2nid(a->algorithm);
+ type=EVP_get_digestbyname(OBJ_nid2sn(i));
+ if (type == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM);
+ goto err;
+ }
+
+ inl=i2d(data,NULL);
+ buf_in=(unsigned char *)Malloc((unsigned int)inl);
+ if (buf_in == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf_in;
+
+ i2d(data,&p);
+ EVP_VerifyInit(&ctx,type);
+ EVP_VerifyUpdate(&ctx,(unsigned char *)buf_in,inl);
+
+ memset(buf_in,0,(unsigned int)inl);
+ Free((char *)buf_in);
+
+ if (EVP_VerifyFinal(&ctx,(unsigned char *)signature->data,
+ (unsigned int)signature->length,pkey) <= 0)
+ {
+ ASN1err(ASN1_F_ASN1_VERIFY,ERR_R_EVP_LIB);
+ ret=0;
+ goto err;
+ }
+ /* we don't need to zero the 'ctx' because we just checked
+ * public information */
+ /* memset(&ctx,0,sizeof(ctx)); */
+ ret=1;
+err:
+ return(ret);
+ }
diff --git a/crypto/asn1/asn1.err b/crypto/asn1/asn1.err
new file mode 100644
index 0000000..cbf27ab
--- /dev/null
+++ b/crypto/asn1/asn1.err
@@ -0,0 +1,178 @@
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+#define ASN1_F_A2D_ASN1_OBJECT 100
+#define ASN1_F_A2I_ASN1_INTEGER 101
+#define ASN1_F_A2I_ASN1_STRING 102
+#define ASN1_F_ASN1_COLLATE_PRIMATIVE 103
+#define ASN1_F_ASN1_D2I_BIO 104
+#define ASN1_F_ASN1_D2I_FP 105
+#define ASN1_F_ASN1_DUP 106
+#define ASN1_F_ASN1_GET_OBJECT 107
+#define ASN1_F_ASN1_HEADER_NEW 108
+#define ASN1_F_ASN1_I2D_BIO 109
+#define ASN1_F_ASN1_I2D_FP 110
+#define ASN1_F_ASN1_INTEGER_SET 111
+#define ASN1_F_ASN1_INTEGER_TO_BN 112
+#define ASN1_F_ASN1_OBJECT_NEW 113
+#define ASN1_F_ASN1_SIGN 114
+#define ASN1_F_ASN1_STRING_NEW 115
+#define ASN1_F_ASN1_STRING_TYPE_NEW 116
+#define ASN1_F_ASN1_TYPE_NEW 117
+#define ASN1_F_ASN1_UTCTIME_NEW 118
+#define ASN1_F_ASN1_VERIFY 119
+#define ASN1_F_BN_TO_ASN1_INTEGER 120
+#define ASN1_F_D2I_ASN1_BIT_STRING 121
+#define ASN1_F_D2I_ASN1_BOOLEAN 122
+#define ASN1_F_D2I_ASN1_BYTES 123
+#define ASN1_F_D2I_ASN1_HEADER 124
+#define ASN1_F_D2I_ASN1_INTEGER 125
+#define ASN1_F_D2I_ASN1_OBJECT 126
+#define ASN1_F_D2I_ASN1_OCTET_STRING 127
+#define ASN1_F_D2I_ASN1_PRINT_TYPE 128
+#define ASN1_F_D2I_ASN1_SET 129
+#define ASN1_F_D2I_ASN1_TYPE 130
+#define ASN1_F_D2I_ASN1_TYPE_BYTES 131
+#define ASN1_F_D2I_ASN1_UTCTIME 132
+#define ASN1_F_D2I_DHPARAMS 133
+#define ASN1_F_D2I_DSAPARAMS 134
+#define ASN1_F_D2I_DSAPRIVATEKEY 135
+#define ASN1_F_D2I_DSAPUBLICKEY 136
+#define ASN1_F_D2I_NETSCAPE_PKEY 137
+#define ASN1_F_D2I_NETSCAPE_RSA 138
+#define ASN1_F_D2I_NETSCAPE_RSA_2 139
+#define ASN1_F_D2I_NETSCAPE_SPKAC 140
+#define ASN1_F_D2I_NETSCAPE_SPKI 141
+#define ASN1_F_D2I_PKCS7 142
+#define ASN1_F_D2I_PKCS7_DIGEST 143
+#define ASN1_F_D2I_PKCS7_ENCRYPT 144
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT 145
+#define ASN1_F_D2I_PKCS7_ENVELOPE 146
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 147
+#define ASN1_F_D2I_PKCS7_RECIP_INFO 148
+#define ASN1_F_D2I_PKCS7_SIGNED 149
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO 150
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 151
+#define ASN1_F_D2I_PRIVATEKEY 152
+#define ASN1_F_D2I_PUBLICKEY 153
+#define ASN1_F_D2I_RSAPRIVATEKEY 154
+#define ASN1_F_D2I_RSAPUBLICKEY 155
+#define ASN1_F_D2I_X509 156
+#define ASN1_F_D2I_X509_ALGOR 157
+#define ASN1_F_D2I_X509_ATTRIBUTE 158
+#define ASN1_F_D2I_X509_CINF 159
+#define ASN1_F_D2I_X509_CRL 160
+#define ASN1_F_D2I_X509_CRL_INFO 161
+#define ASN1_F_D2I_X509_EXTENSION 162
+#define ASN1_F_D2I_X509_KEY 163
+#define ASN1_F_D2I_X509_NAME 164
+#define ASN1_F_D2I_X509_NAME_ENTRY 165
+#define ASN1_F_D2I_X509_PKEY 166
+#define ASN1_F_D2I_X509_PUBKEY 167
+#define ASN1_F_D2I_X509_REQ 168
+#define ASN1_F_D2I_X509_REQ_INFO 169
+#define ASN1_F_D2I_X509_REVOKED 170
+#define ASN1_F_D2I_X509_SIG 171
+#define ASN1_F_D2I_X509_VAL 172
+#define ASN1_F_I2A_ASN1_OBJECT 173
+#define ASN1_F_I2D_ASN1_HEADER 174
+#define ASN1_F_I2D_DHPARAMS 175
+#define ASN1_F_I2D_DSAPARAMS 176
+#define ASN1_F_I2D_DSAPRIVATEKEY 177
+#define ASN1_F_I2D_DSAPUBLICKEY 178
+#define ASN1_F_I2D_NETSCAPE_RSA 179
+#define ASN1_F_I2D_PKCS7 180
+#define ASN1_F_I2D_PRIVATEKEY 181
+#define ASN1_F_I2D_PUBLICKEY 182
+#define ASN1_F_I2D_RSAPRIVATEKEY 183
+#define ASN1_F_I2D_RSAPUBLICKEY 184
+#define ASN1_F_I2D_X509_ATTRIBUTE 185
+#define ASN1_F_NETSCAPE_PKEY_NEW 186
+#define ASN1_F_NETSCAPE_SPKAC_NEW 187
+#define ASN1_F_NETSCAPE_SPKI_NEW 188
+#define ASN1_F_PKCS7_DIGEST_NEW 189
+#define ASN1_F_PKCS7_ENCRYPT_NEW 190
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW 191
+#define ASN1_F_PKCS7_ENVELOPE_NEW 192
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 193
+#define ASN1_F_PKCS7_NEW 194
+#define ASN1_F_PKCS7_RECIP_INFO_NEW 195
+#define ASN1_F_PKCS7_SIGNED_NEW 196
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW 197
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 198
+#define ASN1_F_X509_ALGOR_NEW 199
+#define ASN1_F_X509_ATTRIBUTE_NEW 200
+#define ASN1_F_X509_CINF_NEW 201
+#define ASN1_F_X509_CRL_INFO_NEW 202
+#define ASN1_F_X509_CRL_NEW 203
+#define ASN1_F_X509_DHPARAMS_NEW 204
+#define ASN1_F_X509_EXTENSION_NEW 205
+#define ASN1_F_X509_INFO_NEW 206
+#define ASN1_F_X509_KEY_NEW 207
+#define ASN1_F_X509_NAME_ENTRY_NEW 208
+#define ASN1_F_X509_NAME_NEW 209
+#define ASN1_F_X509_NEW 210
+#define ASN1_F_X509_PKEY_NEW 211
+#define ASN1_F_X509_PUBKEY_NEW 212
+#define ASN1_F_X509_REQ_INFO_NEW 213
+#define ASN1_F_X509_REQ_NEW 214
+#define ASN1_F_X509_REVOKED_NEW 215
+#define ASN1_F_X509_SIG_NEW 216
+#define ASN1_F_X509_VAL_FREE 217
+#define ASN1_F_X509_VAL_NEW 218
+
+/* Reason codes. */
+#define ASN1_R_BAD_CLASS 100
+#define ASN1_R_BAD_GET_OBJECT 101
+#define ASN1_R_BAD_OBJECT_HEADER 102
+#define ASN1_R_BAD_PASSWORD_READ 103
+#define ASN1_R_BAD_PKCS7_CONTENT 104
+#define ASN1_R_BAD_PKCS7_TYPE 105
+#define ASN1_R_BAD_TAG 106
+#define ASN1_R_BAD_TYPE 107
+#define ASN1_R_BN_LIB 108
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109
+#define ASN1_R_BUFFER_TOO_SMALL 110
+#define ASN1_R_DECODING_ERROR 111
+#define ASN1_R_ERROR_STACK 112
+#define ASN1_R_EXPECTING_AN_INTEGER 113
+#define ASN1_R_EXPECTING_AN_OBJECT 114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
+#define ASN1_R_EXPECTING_A_BIT_STRING 116
+#define ASN1_R_EXPECTING_A_BOOLEAN 117
+#define ASN1_R_EXPECTING_A_SEQUENCE 118
+#define ASN1_R_EXPECTING_A_UTCTIME 119
+#define ASN1_R_FIRST_NUM_TOO_LARGE 120
+#define ASN1_R_HEADER_TOO_LONG 121
+#define ASN1_R_INVALID_DIGIT 122
+#define ASN1_R_INVALID_SEPARATOR 123
+#define ASN1_R_INVALID_TIME_FORMAT 124
+#define ASN1_R_IV_TOO_LARGE 125
+#define ASN1_R_LENGTH_ERROR 126
+#define ASN1_R_LENGTH_MISMATCH 127
+#define ASN1_R_MISSING_EOS 128
+#define ASN1_R_MISSING_SECOND_NUMBER 129
+#define ASN1_R_NON_HEX_CHARACTERS 130
+#define ASN1_R_NOT_ENOUGH_DATA 131
+#define ASN1_R_ODD_NUMBER_OF_CHARS 132
+#define ASN1_R_PARSING 133
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 134
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE 135
+#define ASN1_R_SHORT_LINE 136
+#define ASN1_R_STRING_TOO_SHORT 137
+#define ASN1_R_TAG_VALUE_TOO_HIGH 138
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 139
+#define ASN1_R_TOO_LONG 140
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 142
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 143
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 144
+#define ASN1_R_UNKNOWN_OBJECT_TYPE 145
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 146
+#define ASN1_R_UNSUPPORTED_CIPHER 147
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 148
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 149
+#define ASN1_R_UTCTIME_TOO_LONG 150
+#define ASN1_R_WRONG_PRINTABLE_TYPE 151
+#define ASN1_R_WRONG_TAG 152
+#define ASN1_R_WRONG_TYPE 153
diff --git a/crypto/asn1/asn1.h b/crypto/asn1/asn1.h
new file mode 100644
index 0000000..cdc3429
--- /dev/null
+++ b/crypto/asn1/asn1.h
@@ -0,0 +1,786 @@
+/* crypto/asn1/asn1.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_H
+#define HEADER_ASN1_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <time.h>
+#include "bn.h"
+#include "stack.h"
+
+#define V_ASN1_UNIVERSAL 0x00
+#define V_ASN1_APPLICATION 0x40
+#define V_ASN1_CONTEXT_SPECIFIC 0x80
+#define V_ASN1_PRIVATE 0xc0
+
+#define V_ASN1_CONSTRUCTED 0x20
+#define V_ASN1_PRIMATIVE_TAG 0x1f
+
+#define V_ASN1_APP_CHOOSE -2 /* let the recipent choose */
+
+#define V_ASN1_UNDEF -1
+#define V_ASN1_EOC 0
+#define V_ASN1_BOOLEAN 1 /**/
+#define V_ASN1_INTEGER 2
+#define V_ASN1_NEG_INTEGER (2+0x100)
+#define V_ASN1_BIT_STRING 3
+#define V_ASN1_OCTET_STRING 4
+#define V_ASN1_NULL 5
+#define V_ASN1_OBJECT 6
+#define V_ASN1_REAL 9
+#define V_ASN1_ENUMERATED 10 /* microsoft weirdness */
+#define V_ASN1_SEQUENCE 16
+#define V_ASN1_SET 17
+#define V_ASN1_NUMERICSTRING 18 /**/
+#define V_ASN1_PRINTABLESTRING 19
+#define V_ASN1_T61STRING 20
+#define V_ASN1_TELETEXSTRING 20 /* alias */
+#define V_ASN1_VIDEOTEXSTRING 21 /**/
+#define V_ASN1_IA5STRING 22
+#define V_ASN1_UTCTIME 23
+#define V_ASN1_GENERALIZEDTIME 24 /**/
+#define V_ASN1_GRAPHICSTRING 25 /**/
+#define V_ASN1_ISO64STRING 26 /**/
+#define V_ASN1_VISIBLESTRING 26 /* alias */
+#define V_ASN1_GENERALSTRING 27 /**/
+#define V_ASN1_UNIVERSALSTRING 28 /**/
+
+/* For use with d2i_ASN1_type_bytes() */
+#define B_ASN1_NUMERICSTRING 0x0001
+#define B_ASN1_PRINTABLESTRING 0x0002
+#define B_ASN1_T61STRING 0x0004
+#define B_ASN1_VIDEOTEXSTRING 0x0008
+#define B_ASN1_IA5STRING 0x0010
+#define B_ASN1_GRAPHICSTRING 0x0020
+#define B_ASN1_ISO64STRING 0x0040
+#define B_ASN1_GENERALSTRING 0x0080
+#define B_ASN1_UNIVERSALSTRING 0x0100
+#define B_ASN1_OCTET_STRING 0x0200
+#define B_ASN1_UNKNOWN 0x1000
+
+#ifndef DEBUG
+
+#define ASN1_INTEGER ASN1_STRING
+#define ASN1_BIT_STRING ASN1_STRING
+#define ASN1_OCTET_STRING ASN1_STRING
+#define ASN1_PRINTABLESTRING ASN1_STRING
+#define ASN1_T61STRING ASN1_STRING
+#define ASN1_IA5STRING ASN1_STRING
+#define ASN1_UTCTIME ASN1_STRING
+#define ASN1_GENERALSTRING ASN1_STRING
+#define ASN1_UNIVERSALSTRING ASN1_STRING
+
+#else
+
+typedef struct asn1_integer_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_INTEGER;
+
+typedef struct asn1_bit_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_BIT_STRING;
+
+typedef struct asn1_octet_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_OCTET_STRING;
+
+typedef struct asn1_printablestring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_PRINTABLESTRING;
+
+typedef struct asn1_t61string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_T61STRING;
+
+typedef struct asn1_ia5string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_IA5STRING;
+
+typedef struct asn1_generalstring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_GENERALSTRING;
+
+typedef struct asn1_universalstring_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_UNIVERSALSTRING;
+
+typedef struct asn1_utctime_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_UTCTIME;
+
+#endif
+
+typedef struct asn1_ctx_st
+ {
+ unsigned char *p;/* work char pointer */
+ int eos; /* end of sequence read for indefinite encoding */
+ int error; /* error code to use when returning an error */
+ int inf; /* constructed if 0x20, indefinite is 0x21 */
+ int tag; /* tag from last 'get object' */
+ int xclass; /* class from last 'get object' */
+ long slen; /* length of last 'get object' */
+ unsigned char *max; /* largest value of p alowed */
+ unsigned char *q;/* temporary variable */
+ unsigned char **pp;/* variable */
+ } ASN1_CTX;
+
+/* These are used internally in the ASN1_OBJECT to keep track of
+ * whether the names and data need to be free()ed */
+#define ASN1_OBJECT_FLAG_DYNAMIC 0x01 /* internal use */
+#define ASN1_OBJECT_FLAG_CRITICAL 0x02 /* critical x509v3 object id */
+#define ASN1_OBJECT_FLAG_DYNAMIC_STRINGS 0x04 /* internal use */
+#define ASN1_OBJECT_FLAG_DYNAMIC_DATA 0x08 /* internal use */
+typedef struct asn1_object_st
+ {
+ char *sn,*ln;
+ int nid;
+ int length;
+ unsigned char *data;
+ int flags; /* Should we free this one */
+ } ASN1_OBJECT;
+
+/* This is the base type that holds just about everything :-) */
+typedef struct asn1_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_STRING;
+
+typedef struct asn1_type_st
+ {
+ int type;
+ union {
+ char *ptr;
+ ASN1_STRING * asn1_string;
+ ASN1_OBJECT * object;
+ ASN1_INTEGER * integer;
+ ASN1_BIT_STRING * bit_string;
+ ASN1_OCTET_STRING * octet_string;
+ ASN1_PRINTABLESTRING * printablestring;
+ ASN1_T61STRING * t61string;
+ ASN1_IA5STRING * ia5string;
+ ASN1_GENERALSTRING * generalstring;
+ ASN1_UNIVERSALSTRING * universalstring;
+ ASN1_UTCTIME * utctime;
+ /* set and sequence are left complete and still
+ * contain the set or sequence bytes */
+ ASN1_STRING * set;
+ ASN1_STRING * sequence;
+ } value;
+ } ASN1_TYPE;
+
+typedef struct asn1_method_st
+ {
+ int (*i2d)();
+ char *(*d2i)();
+ char *(*create)();
+ void (*destroy)();
+ } ASN1_METHOD;
+
+/* This is used when parsing some Netscape objects */
+typedef struct asn1_header_st
+ {
+ ASN1_OCTET_STRING *header;
+ char *data;
+ ASN1_METHOD *meth;
+ } ASN1_HEADER;
+
+#define ASN1_STRING_type(x) ((x)->type)
+#define ASN1_STRING_data(x) ((x)->data)
+
+/* Macros for string operations */
+#define ASN1_BIT_STRING_new() (ASN1_BIT_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_BIT_STRING)
+#define ASN1_BIT_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_BIT_STRING_dup(a) (ASN1_BIT_STRING *)\
+ ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_BIT_STRING_cmp(a,b) ASN1_STRING_cmp(\
+ (ASN1_STRING *)a,(ASN1_STRING *)b)
+#define ASN1_BIT_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+/* i2d_ASN1_BIT_STRING() is a function */
+/* d2i_ASN1_BIT_STRING() is a function */
+
+#define ASN1_INTEGER_new() (ASN1_INTEGER *)\
+ ASN1_STRING_type_new(V_ASN1_INTEGER)
+#define ASN1_INTEGER_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_INTEGER_dup(a) (ASN1_INTEGER *)ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_INTEGER_cmp(a,b) ASN1_STRING_cmp(\
+ (ASN1_STRING *)a,(ASN1_STRING *)b)
+/* ASN1_INTEGER_set() is a function, also see BN_to_ASN1_INTEGER() */
+/* ASN1_INTEGER_get() is a function, also see ASN1_INTEGER_to_BN() */
+/* i2d_ASN1_INTEGER() is a function */
+/* d2i_ASN1_INTEGER() is a function */
+
+#define ASN1_OCTET_STRING_new() (ASN1_OCTET_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_OCTET_STRING)
+#define ASN1_OCTET_STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_OCTET_STRING_dup(a) (ASN1_OCTET_STRING *)\
+ ASN1_STRING_dup((ASN1_STRING *)a)
+#define ASN1_OCTET_STRING_cmp(a,b) ASN1_STRING_cmp(\
+ (ASN1_STRING *)a,(ASN1_STRING *)b)
+#define ASN1_OCTET_STRING_set(a,b,c) ASN1_STRING_set((ASN1_STRING *)a,b,c)
+#define ASN1_OCTET_STRING_print(a,b) ASN1_STRING_print(a,(ASN1_STRING *)b)
+#define M_i2d_ASN1_OCTET_STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_OCTET_STRING,\
+ V_ASN1_OCTET_STRING)
+/* d2i_ASN1_OCTET_STRING() is a function */
+
+#define ASN1_PRINTABLE_new() ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define ASN1_PRINTABLE_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLE(a,pp) i2d_ASN1_bytes((ASN1_STRING *)a,\
+ pp,a->type,V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLE(a,pp,l) \
+ d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l, \
+ B_ASN1_PRINTABLESTRING| \
+ B_ASN1_T61STRING| \
+ B_ASN1_IA5STRING| \
+ B_ASN1_UNIVERSALSTRING|\
+ B_ASN1_UNKNOWN)
+
+#define ASN1_PRINTABLESTRING_new() (ASN1_PRINTABLESTRING_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_PRINTABLESTRING)
+#define ASN1_PRINTABLESTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_PRINTABLESTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_PRINTABLESTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_PRINTABLESTRING(a,pp,l) \
+ (ASN1_PRINTABLESTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_PRINTABLESTRING)
+
+#define ASN1_T61STRING_new() (ASN1_T61STRING_STRING *)\
+ ASN1_STRING_type_new(V_ASN1_T61STRING)
+#define ASN1_T61STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_T61STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_T61STRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_T61STRING(a,pp,l) \
+ (ASN1_T61STRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_T61STRING)
+
+#define ASN1_IA5STRING_new() (ASN1_IA5STRING *)\
+ ASN1_STRING_type_new(V_ASN1_IA5STRING)
+#define ASN1_IA5STRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_IA5STRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_IA5STRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_IA5STRING(a,pp,l) \
+ (ASN1_IA5STRING *)d2i_ASN1_type_bytes((ASN1_STRING **)a,pp,l,\
+ B_ASN1_IA5STRING)
+
+#define ASN1_UTCTIME_new() (ASN1_UTCTIME *)\
+ ASN1_STRING_type_new(V_ASN1_UTCTIME)
+#define ASN1_UTCTIME_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define ASN1_UTCTIME_dup(a) (ASN1_UTCTIME *)ASN1_STRING_dup((ASN1_STRING *)a)
+/* i2d_ASN1_UTCTIME() is a function */
+/* d2i_ASN1_UTCTIME() is a function */
+/* ASN1_UTCTIME_set() is a function */
+/* ASN1_UTCTIME_check() is a function */
+/* ASN1_UTCTIME_set() is a function */
+
+#define ASN1_GENERALSTRING_new() (ASN1_GENERALSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_GENERALSTRING)
+#define ASN1_GENERALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_GENERALSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_GENERALSTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_GENERALSTRING(a,pp,l) \
+ (ASN1_GENERALSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_GENERALSTRING)
+
+#define ASN1_UNIVERSALSTRING_new() (ASN1_UNIVERSALSTRING *)\
+ ASN1_STRING_type_new(V_ASN1_UNIVERSALSTRING)
+#define ASN1_UNIVERSALSTRING_free(a) ASN1_STRING_free((ASN1_STRING *)a)
+#define M_i2d_ASN1_UNIVERSALSTRING(a,pp) \
+ i2d_ASN1_bytes((ASN1_STRING *)a,pp,V_ASN1_UNIVERSALSTRING,\
+ V_ASN1_UNIVERSAL)
+#define M_d2i_ASN1_UNIVERSALSTRING(a,pp,l) \
+ (ASN1_UNIVERSALSTRING *)d2i_ASN1_type_bytes\
+ ((ASN1_STRING **)a,pp,l,B_ASN1_UNIVERSALSTRING)
+
+#ifndef NOPROTO
+ASN1_TYPE * ASN1_TYPE_new(void );
+void ASN1_TYPE_free(ASN1_TYPE *a);
+int i2d_ASN1_TYPE(ASN1_TYPE *a,unsigned char **pp);
+ASN1_TYPE * d2i_ASN1_TYPE(ASN1_TYPE **a,unsigned char **pp,long length);
+int ASN1_TYPE_get(ASN1_TYPE *a);
+void ASN1_TYPE_set(ASN1_TYPE *a, int type, char *value);
+
+ASN1_OBJECT * ASN1_OBJECT_new(void );
+void ASN1_OBJECT_free(ASN1_OBJECT *a);
+int i2d_ASN1_OBJECT(ASN1_OBJECT *a,unsigned char **pp);
+ASN1_OBJECT * d2i_ASN1_OBJECT(ASN1_OBJECT **a,unsigned char **pp,
+ long length);
+
+ASN1_STRING * ASN1_STRING_new(void );
+void ASN1_STRING_free(ASN1_STRING *a);
+ASN1_STRING * ASN1_STRING_dup(ASN1_STRING *a);
+ASN1_STRING * ASN1_STRING_type_new(int type );
+int ASN1_STRING_cmp(ASN1_STRING *a, ASN1_STRING *b);
+int ASN1_STRING_set(ASN1_STRING *str,unsigned char *data, int len);
+
+int i2d_ASN1_BIT_STRING(ASN1_BIT_STRING *a,unsigned char **pp);
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING(ASN1_BIT_STRING **a,unsigned char **pp,
+ long length);
+
+int i2d_ASN1_BOOLEAN(int a,unsigned char **pp);
+int d2i_ASN1_BOOLEAN(int *a,unsigned char **pp,long length);
+
+int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
+ long length);
+
+int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_set(ASN1_UTCTIME *s,time_t t);
+
+int i2d_ASN1_OCTET_STRING(ASN1_OCTET_STRING *a,unsigned char **pp);
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING(ASN1_OCTET_STRING **a,
+ unsigned char **pp,long length);
+
+int i2d_ASN1_PRINTABLE(ASN1_STRING *a,unsigned char **pp);
+ASN1_STRING *d2i_ASN1_PRINTABLE(ASN1_STRING **a,
+ unsigned char **pp, long l);
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING(ASN1_PRINTABLESTRING **a,
+ unsigned char **pp, long l);
+
+ASN1_T61STRING *d2i_ASN1_T61STRING(ASN1_T61STRING **a,
+ unsigned char **pp, long l);
+int i2d_ASN1_IA5STRING(ASN1_IA5STRING *a,unsigned char **pp);
+ASN1_IA5STRING *d2i_ASN1_IA5STRING(ASN1_IA5STRING **a,
+ unsigned char **pp, long l);
+
+int i2d_ASN1_UTCTIME(ASN1_UTCTIME *a,unsigned char **pp);
+ASN1_UTCTIME * d2i_ASN1_UTCTIME(ASN1_UTCTIME **a,unsigned char **pp,
+ long length);
+
+int i2d_ASN1_SET(STACK *a, unsigned char **pp,
+ int (*func)(), int ex_tag, int ex_class);
+STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
+ char *(*func)(), int ex_tag, int ex_class);
+
+#ifdef HEADER_BIO_H
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
+int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *a);
+int a2i_ASN1_STRING(BIO *bp,ASN1_STRING *bs,char *buf,int size);
+int i2a_ASN1_STRING(BIO *bp, ASN1_STRING *a, int type);
+#endif
+
+int a2d_ASN1_OBJECT(unsigned char *out,int olen, char *buf, int num);
+ASN1_OBJECT *ASN1_OBJECT_create(int nid, unsigned char *data,int len,
+ char *sn, char *ln);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+
+/* General */
+/* given a string, return the correct type, max is the maximum length */
+int ASN1_PRINTABLE_type(unsigned char *s, int max);
+
+int i2d_ASN1_bytes(ASN1_STRING *a, unsigned char **pp, int tag, int xclass);
+ASN1_STRING *d2i_ASN1_bytes(ASN1_STRING **a, unsigned char **pp,
+ long length, int Ptag, int Pclass);
+/* type is one or more of the B_ASN1_ values. */
+ASN1_STRING *d2i_ASN1_type_bytes(ASN1_STRING **a,unsigned char **pp,
+ long length,int type);
+
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
+ int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p,long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+ int tag, int xclass);
+int ASN1_object_size(int constructed, int length, int tag);
+
+/* Used to implement other functions */
+char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
+
+#ifndef WIN16
+char *ASN1_d2i_fp(char *(*xnew)(),char *(*d2i)(),FILE *fp,unsigned char **x);
+int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
+#endif
+
+#ifdef HEADER_BIO_H
+char *ASN1_d2i_bio(char *(*xnew)(),char *(*d2i)(),BIO *bp,unsigned char **x);
+int ASN1_i2d_bio(int (*i2d)(),BIO *out,unsigned char *x);
+int ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
+int ASN1_STRING_print(BIO *bp,ASN1_STRING *v);
+int ASN1_parse(BIO *bp,unsigned char *pp,long len,int indent);
+#endif
+
+/* Used to load and write netscape format cert/key */
+int i2d_ASN1_HEADER(ASN1_HEADER *a,unsigned char **pp);
+ASN1_HEADER *d2i_ASN1_HEADER(ASN1_HEADER **a,unsigned char **pp, long length);
+ASN1_HEADER *ASN1_HEADER_new(void );
+void ASN1_HEADER_free(ASN1_HEADER *a);
+
+int ASN1_UNIVERSALSTRING_to_string(ASN1_UNIVERSALSTRING *s);
+
+void ERR_load_ASN1_strings(void);
+
+/* Not used that much at this point, except for the first two */
+ASN1_METHOD *X509_asn1_meth(void);
+ASN1_METHOD *RSAPrivateKey_asn1_meth(void);
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth(void);
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth(void);
+
+#else
+
+ASN1_TYPE * ASN1_TYPE_new();
+void ASN1_TYPE_free();
+int i2d_ASN1_TYPE();
+ASN1_TYPE * d2i_ASN1_TYPE();
+int ASN1_TYPE_get();
+void ASN1_TYPE_set();
+
+ASN1_OBJECT * ASN1_OBJECT_new();
+void ASN1_OBJECT_free();
+int i2d_ASN1_OBJECT();
+ASN1_OBJECT * d2i_ASN1_OBJECT();
+ASN1_STRING * ASN1_STRING_new();
+void ASN1_STRING_free();
+ASN1_STRING * ASN1_STRING_dup();
+ASN1_STRING * ASN1_STRING_type_new();
+int ASN1_STRING_cmp();
+int ASN1_STRING_set();
+int i2d_ASN1_BIT_STRING();
+ASN1_BIT_STRING *d2i_ASN1_BIT_STRING();
+int i2d_ASN1_BOOLEAN();
+int d2i_ASN1_BOOLEAN();
+int i2d_ASN1_INTEGER();
+ASN1_INTEGER *d2i_ASN1_INTEGER();
+int ASN1_UTCTIME_check();
+ASN1_UTCTIME *ASN1_UTCTIME_set();
+int i2d_ASN1_OCTET_STRING();
+ASN1_OCTET_STRING *d2i_ASN1_OCTET_STRING();
+int i2d_ASN1_PRINTABLE();
+ASN1_STRING *d2i_ASN1_PRINTABLE();
+ASN1_PRINTABLESTRING *d2i_ASN1_PRINTABLESTRING();
+ASN1_T61STRING *d2i_ASN1_T61STRING();
+int i2d_ASN1_IA5STRING();
+ASN1_IA5STRING *d2i_ASN1_IA5STRING();
+int i2d_ASN1_UTCTIME();
+ASN1_UTCTIME * d2i_ASN1_UTCTIME();
+int i2d_ASN1_SET();
+STACK * d2i_ASN1_SET();
+int a2d_ASN1_OBJECT();
+ASN1_OBJECT *ASN1_OBJECT_create();
+int ASN1_INTEGER_set();
+long ASN1_INTEGER_get();
+ASN1_INTEGER *BN_to_ASN1_INTEGER();
+BIGNUM *ASN1_INTEGER_to_BN();
+int ASN1_PRINTABLE_type();
+int i2d_ASN1_bytes();
+ASN1_STRING *d2i_ASN1_bytes();
+ASN1_STRING *d2i_ASN1_type_bytes();
+int asn1_Finish();
+int ASN1_get_object();
+int ASN1_check_infinite_end();
+void ASN1_put_object();
+int ASN1_object_size();
+char *ASN1_dup();
+#ifndef WIN16
+char *ASN1_d2i_fp();
+int ASN1_i2d_fp();
+#endif
+
+char *ASN1_d2i_bio();
+int ASN1_i2d_bio();
+int ASN1_UTCTIME_print();
+int ASN1_STRING_print();
+int ASN1_parse();
+int i2a_ASN1_INTEGER();
+int a2i_ASN1_INTEGER();
+int i2a_ASN1_OBJECT();
+int a2i_ASN1_STRING();
+int i2a_ASN1_STRING();
+
+int i2d_ASN1_HEADER();
+ASN1_HEADER *d2i_ASN1_HEADER();
+ASN1_HEADER *ASN1_HEADER_new();
+void ASN1_HEADER_free();
+void ERR_load_ASN1_strings();
+ASN1_METHOD *X509_asn1_meth();
+ASN1_METHOD *RSAPrivateKey_asn1_meth();
+ASN1_METHOD *ASN1_IA5STRING_asn1_meth();
+ASN1_METHOD *ASN1_BIT_STRING_asn1_meth();
+
+int ASN1_UNIVERSALSTRING_to_string();
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the ASN1 functions. */
+
+/* Function codes. */
+#define ASN1_F_A2D_ASN1_OBJECT 100
+#define ASN1_F_A2I_ASN1_INTEGER 101
+#define ASN1_F_A2I_ASN1_STRING 102
+#define ASN1_F_ASN1_COLLATE_PRIMATIVE 103
+#define ASN1_F_ASN1_D2I_BIO 104
+#define ASN1_F_ASN1_D2I_FP 105
+#define ASN1_F_ASN1_DUP 106
+#define ASN1_F_ASN1_GET_OBJECT 107
+#define ASN1_F_ASN1_HEADER_NEW 108
+#define ASN1_F_ASN1_I2D_BIO 109
+#define ASN1_F_ASN1_I2D_FP 110
+#define ASN1_F_ASN1_INTEGER_SET 111
+#define ASN1_F_ASN1_INTEGER_TO_BN 112
+#define ASN1_F_ASN1_OBJECT_NEW 113
+#define ASN1_F_ASN1_SIGN 114
+#define ASN1_F_ASN1_STRING_NEW 115
+#define ASN1_F_ASN1_STRING_TYPE_NEW 116
+#define ASN1_F_ASN1_TYPE_NEW 117
+#define ASN1_F_ASN1_UTCTIME_NEW 118
+#define ASN1_F_ASN1_VERIFY 119
+#define ASN1_F_BN_TO_ASN1_INTEGER 120
+#define ASN1_F_D2I_ASN1_BIT_STRING 121
+#define ASN1_F_D2I_ASN1_BOOLEAN 122
+#define ASN1_F_D2I_ASN1_BYTES 123
+#define ASN1_F_D2I_ASN1_HEADER 124
+#define ASN1_F_D2I_ASN1_INTEGER 125
+#define ASN1_F_D2I_ASN1_OBJECT 126
+#define ASN1_F_D2I_ASN1_OCTET_STRING 127
+#define ASN1_F_D2I_ASN1_PRINT_TYPE 128
+#define ASN1_F_D2I_ASN1_SET 129
+#define ASN1_F_D2I_ASN1_TYPE 130
+#define ASN1_F_D2I_ASN1_TYPE_BYTES 131
+#define ASN1_F_D2I_ASN1_UTCTIME 132
+#define ASN1_F_D2I_DHPARAMS 133
+#define ASN1_F_D2I_DSAPARAMS 134
+#define ASN1_F_D2I_DSAPRIVATEKEY 135
+#define ASN1_F_D2I_DSAPUBLICKEY 136
+#define ASN1_F_D2I_NETSCAPE_PKEY 137
+#define ASN1_F_D2I_NETSCAPE_RSA 138
+#define ASN1_F_D2I_NETSCAPE_RSA_2 139
+#define ASN1_F_D2I_NETSCAPE_SPKAC 140
+#define ASN1_F_D2I_NETSCAPE_SPKI 141
+#define ASN1_F_D2I_PKCS7 142
+#define ASN1_F_D2I_PKCS7_DIGEST 143
+#define ASN1_F_D2I_PKCS7_ENCRYPT 144
+#define ASN1_F_D2I_PKCS7_ENC_CONTENT 145
+#define ASN1_F_D2I_PKCS7_ENVELOPE 146
+#define ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL 147
+#define ASN1_F_D2I_PKCS7_RECIP_INFO 148
+#define ASN1_F_D2I_PKCS7_SIGNED 149
+#define ASN1_F_D2I_PKCS7_SIGNER_INFO 150
+#define ASN1_F_D2I_PKCS7_SIGN_ENVELOPE 151
+#define ASN1_F_D2I_PRIVATEKEY 152
+#define ASN1_F_D2I_PUBLICKEY 153
+#define ASN1_F_D2I_RSAPRIVATEKEY 154
+#define ASN1_F_D2I_RSAPUBLICKEY 155
+#define ASN1_F_D2I_X509 156
+#define ASN1_F_D2I_X509_ALGOR 157
+#define ASN1_F_D2I_X509_ATTRIBUTE 158
+#define ASN1_F_D2I_X509_CINF 159
+#define ASN1_F_D2I_X509_CRL 160
+#define ASN1_F_D2I_X509_CRL_INFO 161
+#define ASN1_F_D2I_X509_EXTENSION 162
+#define ASN1_F_D2I_X509_KEY 163
+#define ASN1_F_D2I_X509_NAME 164
+#define ASN1_F_D2I_X509_NAME_ENTRY 165
+#define ASN1_F_D2I_X509_PKEY 166
+#define ASN1_F_D2I_X509_PUBKEY 167
+#define ASN1_F_D2I_X509_REQ 168
+#define ASN1_F_D2I_X509_REQ_INFO 169
+#define ASN1_F_D2I_X509_REVOKED 170
+#define ASN1_F_D2I_X509_SIG 171
+#define ASN1_F_D2I_X509_VAL 172
+#define ASN1_F_I2A_ASN1_OBJECT 173
+#define ASN1_F_I2D_ASN1_HEADER 174
+#define ASN1_F_I2D_DHPARAMS 175
+#define ASN1_F_I2D_DSAPARAMS 176
+#define ASN1_F_I2D_DSAPRIVATEKEY 177
+#define ASN1_F_I2D_DSAPUBLICKEY 178
+#define ASN1_F_I2D_NETSCAPE_RSA 179
+#define ASN1_F_I2D_PKCS7 180
+#define ASN1_F_I2D_PRIVATEKEY 181
+#define ASN1_F_I2D_PUBLICKEY 182
+#define ASN1_F_I2D_RSAPRIVATEKEY 183
+#define ASN1_F_I2D_RSAPUBLICKEY 184
+#define ASN1_F_I2D_X509_ATTRIBUTE 185
+#define ASN1_F_NETSCAPE_PKEY_NEW 186
+#define ASN1_F_NETSCAPE_SPKAC_NEW 187
+#define ASN1_F_NETSCAPE_SPKI_NEW 188
+#define ASN1_F_PKCS7_DIGEST_NEW 189
+#define ASN1_F_PKCS7_ENCRYPT_NEW 190
+#define ASN1_F_PKCS7_ENC_CONTENT_NEW 191
+#define ASN1_F_PKCS7_ENVELOPE_NEW 192
+#define ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW 193
+#define ASN1_F_PKCS7_NEW 194
+#define ASN1_F_PKCS7_RECIP_INFO_NEW 195
+#define ASN1_F_PKCS7_SIGNED_NEW 196
+#define ASN1_F_PKCS7_SIGNER_INFO_NEW 197
+#define ASN1_F_PKCS7_SIGN_ENVELOPE_NEW 198
+#define ASN1_F_X509_ALGOR_NEW 199
+#define ASN1_F_X509_ATTRIBUTE_NEW 200
+#define ASN1_F_X509_CINF_NEW 201
+#define ASN1_F_X509_CRL_INFO_NEW 202
+#define ASN1_F_X509_CRL_NEW 203
+#define ASN1_F_X509_DHPARAMS_NEW 204
+#define ASN1_F_X509_EXTENSION_NEW 205
+#define ASN1_F_X509_INFO_NEW 206
+#define ASN1_F_X509_KEY_NEW 207
+#define ASN1_F_X509_NAME_ENTRY_NEW 208
+#define ASN1_F_X509_NAME_NEW 209
+#define ASN1_F_X509_NEW 210
+#define ASN1_F_X509_PKEY_NEW 211
+#define ASN1_F_X509_PUBKEY_NEW 212
+#define ASN1_F_X509_REQ_INFO_NEW 213
+#define ASN1_F_X509_REQ_NEW 214
+#define ASN1_F_X509_REVOKED_NEW 215
+#define ASN1_F_X509_SIG_NEW 216
+#define ASN1_F_X509_VAL_FREE 217
+#define ASN1_F_X509_VAL_NEW 218
+
+/* Reason codes. */
+#define ASN1_R_BAD_CLASS 100
+#define ASN1_R_BAD_GET_OBJECT 101
+#define ASN1_R_BAD_OBJECT_HEADER 102
+#define ASN1_R_BAD_PASSWORD_READ 103
+#define ASN1_R_BAD_PKCS7_CONTENT 104
+#define ASN1_R_BAD_PKCS7_TYPE 105
+#define ASN1_R_BAD_TAG 106
+#define ASN1_R_BAD_TYPE 107
+#define ASN1_R_BN_LIB 108
+#define ASN1_R_BOOLEAN_IS_WRONG_LENGTH 109
+#define ASN1_R_BUFFER_TOO_SMALL 110
+#define ASN1_R_DECODING_ERROR 111
+#define ASN1_R_ERROR_STACK 112
+#define ASN1_R_EXPECTING_AN_INTEGER 113
+#define ASN1_R_EXPECTING_AN_OBJECT 114
+#define ASN1_R_EXPECTING_AN_OCTET_STRING 115
+#define ASN1_R_EXPECTING_A_BIT_STRING 116
+#define ASN1_R_EXPECTING_A_BOOLEAN 117
+#define ASN1_R_EXPECTING_A_SEQUENCE 118
+#define ASN1_R_EXPECTING_A_UTCTIME 119
+#define ASN1_R_FIRST_NUM_TOO_LARGE 120
+#define ASN1_R_HEADER_TOO_LONG 121
+#define ASN1_R_INVALID_DIGIT 122
+#define ASN1_R_INVALID_SEPARATOR 123
+#define ASN1_R_INVALID_TIME_FORMAT 124
+#define ASN1_R_IV_TOO_LARGE 125
+#define ASN1_R_LENGTH_ERROR 126
+#define ASN1_R_LENGTH_MISMATCH 127
+#define ASN1_R_MISSING_EOS 128
+#define ASN1_R_MISSING_SECOND_NUMBER 129
+#define ASN1_R_NON_HEX_CHARACTERS 130
+#define ASN1_R_NOT_ENOUGH_DATA 131
+#define ASN1_R_ODD_NUMBER_OF_CHARS 132
+#define ASN1_R_PARSING 133
+#define ASN1_R_PRIVATE_KEY_HEADER_MISSING 134
+#define ASN1_R_SECOND_NUMBER_TOO_LARGE 135
+#define ASN1_R_SHORT_LINE 136
+#define ASN1_R_STRING_TOO_SHORT 137
+#define ASN1_R_TAG_VALUE_TOO_HIGH 138
+#define ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 139
+#define ASN1_R_TOO_LONG 140
+#define ASN1_R_UNABLE_TO_DECODE_RSA_KEY 141
+#define ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY 142
+#define ASN1_R_UNKNOWN_ATTRIBUTE_TYPE 143
+#define ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM 144
+#define ASN1_R_UNKNOWN_OBJECT_TYPE 145
+#define ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE 146
+#define ASN1_R_UNSUPPORTED_CIPHER 147
+#define ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM 148
+#define ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE 149
+#define ASN1_R_UTCTIME_TOO_LONG 150
+#define ASN1_R_WRONG_PRINTABLE_TYPE 151
+#define ASN1_R_WRONG_TAG 152
+#define ASN1_R_WRONG_TYPE 153
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/asn1/asn1_err.c b/crypto/asn1/asn1_err.c
new file mode 100644
index 0000000..5e6a41b
--- /dev/null
+++ b/crypto/asn1/asn1_err.c
@@ -0,0 +1,256 @@
+/* lib/asn1/asn1_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "asn1.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA ASN1_str_functs[]=
+ {
+{ERR_PACK(0,ASN1_F_A2D_ASN1_OBJECT,0), "a2d_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_INTEGER,0), "a2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_A2I_ASN1_STRING,0), "a2i_ASN1_STRING"},
+{ERR_PACK(0,ASN1_F_ASN1_COLLATE_PRIMATIVE,0), "ASN1_COLLATE_PRIMATIVE"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_BIO,0), "ASN1_d2i_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_D2I_FP,0), "ASN1_d2i_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_DUP,0), "ASN1_dup"},
+{ERR_PACK(0,ASN1_F_ASN1_GET_OBJECT,0), "ASN1_get_object"},
+{ERR_PACK(0,ASN1_F_ASN1_HEADER_NEW,0), "ASN1_HEADER_new"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_BIO,0), "ASN1_i2d_bio"},
+{ERR_PACK(0,ASN1_F_ASN1_I2D_FP,0), "ASN1_i2d_fp"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_SET,0), "ASN1_INTEGER_set"},
+{ERR_PACK(0,ASN1_F_ASN1_INTEGER_TO_BN,0), "ASN1_INTEGER_to_BN"},
+{ERR_PACK(0,ASN1_F_ASN1_OBJECT_NEW,0), "ASN1_OBJECT_new"},
+{ERR_PACK(0,ASN1_F_ASN1_SIGN,0), "ASN1_SIGN"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_NEW,0), "ASN1_STRING_new"},
+{ERR_PACK(0,ASN1_F_ASN1_STRING_TYPE_NEW,0), "ASN1_STRING_type_new"},
+{ERR_PACK(0,ASN1_F_ASN1_TYPE_NEW,0), "ASN1_TYPE_new"},
+{ERR_PACK(0,ASN1_F_ASN1_UTCTIME_NEW,0), "ASN1_UTCTIME_NEW"},
+{ERR_PACK(0,ASN1_F_ASN1_VERIFY,0), "ASN1_VERIFY"},
+{ERR_PACK(0,ASN1_F_BN_TO_ASN1_INTEGER,0), "BN_to_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BIT_STRING,0), "d2i_ASN1_BIT_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BOOLEAN,0), "d2i_ASN1_BOOLEAN"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_BYTES,0), "d2i_ASN1_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_HEADER,0), "d2i_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_INTEGER,0), "d2i_ASN1_INTEGER"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OBJECT,0), "d2i_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_OCTET_STRING,0), "d2i_ASN1_OCTET_STRING"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_PRINT_TYPE,0), "D2I_ASN1_PRINT_TYPE"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_SET,0), "d2i_ASN1_SET"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE,0), "d2i_ASN1_TYPE"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_TYPE_BYTES,0), "d2i_ASN1_type_bytes"},
+{ERR_PACK(0,ASN1_F_D2I_ASN1_UTCTIME,0), "d2i_ASN1_UTCTIME"},
+{ERR_PACK(0,ASN1_F_D2I_DHPARAMS,0), "D2I_DHPARAMS"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPARAMS,0), "D2I_DSAPARAMS"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPRIVATEKEY,0), "D2I_DSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_DSAPUBLICKEY,0), "D2I_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_PKEY,0), "D2I_NETSCAPE_PKEY"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA,0), "D2I_NETSCAPE_RSA"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_RSA_2,0), "D2I_NETSCAPE_RSA_2"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKAC,0), "D2I_NETSCAPE_SPKAC"},
+{ERR_PACK(0,ASN1_F_D2I_NETSCAPE_SPKI,0), "D2I_NETSCAPE_SPKI"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7,0), "D2I_PKCS7"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_DIGEST,0), "D2I_PKCS7_DIGEST"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENCRYPT,0), "D2I_PKCS7_ENCRYPT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENC_CONTENT,0), "D2I_PKCS7_ENC_CONTENT"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ENVELOPE,0), "D2I_PKCS7_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,0), "D2I_PKCS7_ISSUER_AND_SERIAL"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_RECIP_INFO,0), "D2I_PKCS7_RECIP_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNED,0), "D2I_PKCS7_SIGNED"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGNER_INFO,0), "D2I_PKCS7_SIGNER_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,0), "D2I_PKCS7_SIGN_ENVELOPE"},
+{ERR_PACK(0,ASN1_F_D2I_PRIVATEKEY,0), "D2I_PRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_PUBLICKEY,0), "D2I_PUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_RSAPRIVATEKEY,0), "D2I_RSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_D2I_RSAPUBLICKEY,0), "D2I_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509,0), "D2I_X509"},
+{ERR_PACK(0,ASN1_F_D2I_X509_ALGOR,0), "D2I_X509_ALGOR"},
+{ERR_PACK(0,ASN1_F_D2I_X509_ATTRIBUTE,0), "D2I_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CINF,0), "D2I_X509_CINF"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CRL,0), "D2I_X509_CRL"},
+{ERR_PACK(0,ASN1_F_D2I_X509_CRL_INFO,0), "D2I_X509_CRL_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_X509_EXTENSION,0), "D2I_X509_EXTENSION"},
+{ERR_PACK(0,ASN1_F_D2I_X509_KEY,0), "D2I_X509_KEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME,0), "D2I_X509_NAME"},
+{ERR_PACK(0,ASN1_F_D2I_X509_NAME_ENTRY,0), "D2I_X509_NAME_ENTRY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PKEY,0), "D2I_X509_PKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_PUBKEY,0), "D2I_X509_PUBKEY"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REQ,0), "D2I_X509_REQ"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REQ_INFO,0), "D2I_X509_REQ_INFO"},
+{ERR_PACK(0,ASN1_F_D2I_X509_REVOKED,0), "D2I_X509_REVOKED"},
+{ERR_PACK(0,ASN1_F_D2I_X509_SIG,0), "D2I_X509_SIG"},
+{ERR_PACK(0,ASN1_F_D2I_X509_VAL,0), "D2I_X509_VAL"},
+{ERR_PACK(0,ASN1_F_I2A_ASN1_OBJECT,0), "i2a_ASN1_OBJECT"},
+{ERR_PACK(0,ASN1_F_I2D_ASN1_HEADER,0), "i2d_ASN1_HEADER"},
+{ERR_PACK(0,ASN1_F_I2D_DHPARAMS,0), "I2D_DHPARAMS"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPARAMS,0), "I2D_DSAPARAMS"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPRIVATEKEY,0), "I2D_DSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_DSAPUBLICKEY,0), "I2D_DSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_NETSCAPE_RSA,0), "I2D_NETSCAPE_RSA"},
+{ERR_PACK(0,ASN1_F_I2D_PKCS7,0), "I2D_PKCS7"},
+{ERR_PACK(0,ASN1_F_I2D_PRIVATEKEY,0), "I2D_PRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_PUBLICKEY,0), "I2D_PUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_RSAPRIVATEKEY,0), "I2D_RSAPRIVATEKEY"},
+{ERR_PACK(0,ASN1_F_I2D_RSAPUBLICKEY,0), "I2D_RSAPUBLICKEY"},
+{ERR_PACK(0,ASN1_F_I2D_X509_ATTRIBUTE,0), "I2D_X509_ATTRIBUTE"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_PKEY_NEW,0), "NETSCAPE_PKEY_NEW"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_SPKAC_NEW,0), "NETSCAPE_SPKAC_NEW"},
+{ERR_PACK(0,ASN1_F_NETSCAPE_SPKI_NEW,0), "NETSCAPE_SPKI_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_DIGEST_NEW,0), "PKCS7_DIGEST_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENCRYPT_NEW,0), "PKCS7_ENCRYPT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENC_CONTENT_NEW,0), "PKCS7_ENC_CONTENT_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ENVELOPE_NEW,0), "PKCS7_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,0), "PKCS7_ISSUER_AND_SERIAL_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_NEW,0), "PKCS7_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_RECIP_INFO_NEW,0), "PKCS7_RECIP_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNED_NEW,0), "PKCS7_SIGNED_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGNER_INFO_NEW,0), "PKCS7_SIGNER_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,0), "PKCS7_SIGN_ENVELOPE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_ALGOR_NEW,0), "X509_ALGOR_NEW"},
+{ERR_PACK(0,ASN1_F_X509_ATTRIBUTE_NEW,0), "X509_ATTRIBUTE_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CINF_NEW,0), "X509_CINF_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_INFO_NEW,0), "X509_CRL_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_CRL_NEW,0), "X509_CRL_NEW"},
+{ERR_PACK(0,ASN1_F_X509_DHPARAMS_NEW,0), "X509_DHPARAMS_NEW"},
+{ERR_PACK(0,ASN1_F_X509_EXTENSION_NEW,0), "X509_EXTENSION_NEW"},
+{ERR_PACK(0,ASN1_F_X509_INFO_NEW,0), "X509_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_KEY_NEW,0), "X509_KEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NAME_ENTRY_NEW,0), "X509_NAME_ENTRY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NAME_NEW,0), "X509_NAME_NEW"},
+{ERR_PACK(0,ASN1_F_X509_NEW,0), "X509_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PKEY_NEW,0), "X509_PKEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_PUBKEY_NEW,0), "X509_PUBKEY_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REQ_INFO_NEW,0), "X509_REQ_INFO_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REQ_NEW,0), "X509_REQ_NEW"},
+{ERR_PACK(0,ASN1_F_X509_REVOKED_NEW,0), "X509_REVOKED_NEW"},
+{ERR_PACK(0,ASN1_F_X509_SIG_NEW,0), "X509_SIG_NEW"},
+{ERR_PACK(0,ASN1_F_X509_VAL_FREE,0), "X509_VAL_FREE"},
+{ERR_PACK(0,ASN1_F_X509_VAL_NEW,0), "X509_VAL_NEW"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA ASN1_str_reasons[]=
+ {
+{ASN1_R_BAD_CLASS ,"bad class"},
+{ASN1_R_BAD_GET_OBJECT ,"bad get object"},
+{ASN1_R_BAD_OBJECT_HEADER ,"bad object header"},
+{ASN1_R_BAD_PASSWORD_READ ,"bad password read"},
+{ASN1_R_BAD_PKCS7_CONTENT ,"bad pkcs7 content"},
+{ASN1_R_BAD_PKCS7_TYPE ,"bad pkcs7 type"},
+{ASN1_R_BAD_TAG ,"bad tag"},
+{ASN1_R_BAD_TYPE ,"bad type"},
+{ASN1_R_BN_LIB ,"bn lib"},
+{ASN1_R_BOOLEAN_IS_WRONG_LENGTH ,"boolean is wrong length"},
+{ASN1_R_BUFFER_TOO_SMALL ,"buffer too small"},
+{ASN1_R_DECODING_ERROR ,"decoding error"},
+{ASN1_R_ERROR_STACK ,"error stack"},
+{ASN1_R_EXPECTING_AN_INTEGER ,"expecting an integer"},
+{ASN1_R_EXPECTING_AN_OBJECT ,"expecting an object"},
+{ASN1_R_EXPECTING_AN_OCTET_STRING ,"expecting an octet string"},
+{ASN1_R_EXPECTING_A_BIT_STRING ,"expecting a bit string"},
+{ASN1_R_EXPECTING_A_BOOLEAN ,"expecting a boolean"},
+{ASN1_R_EXPECTING_A_SEQUENCE ,"expecting a sequence"},
+{ASN1_R_EXPECTING_A_UTCTIME ,"expecting a utctime"},
+{ASN1_R_FIRST_NUM_TOO_LARGE ,"first num too large"},
+{ASN1_R_HEADER_TOO_LONG ,"header too long"},
+{ASN1_R_INVALID_DIGIT ,"invalid digit"},
+{ASN1_R_INVALID_SEPARATOR ,"invalid separator"},
+{ASN1_R_INVALID_TIME_FORMAT ,"invalid time format"},
+{ASN1_R_IV_TOO_LARGE ,"iv too large"},
+{ASN1_R_LENGTH_ERROR ,"length error"},
+{ASN1_R_LENGTH_MISMATCH ,"length mismatch"},
+{ASN1_R_MISSING_EOS ,"missing eos"},
+{ASN1_R_MISSING_SECOND_NUMBER ,"missing second number"},
+{ASN1_R_NON_HEX_CHARACTERS ,"non hex characters"},
+{ASN1_R_NOT_ENOUGH_DATA ,"not enough data"},
+{ASN1_R_ODD_NUMBER_OF_CHARS ,"odd number of chars"},
+{ASN1_R_PARSING ,"parsing"},
+{ASN1_R_PRIVATE_KEY_HEADER_MISSING ,"private key header missing"},
+{ASN1_R_SECOND_NUMBER_TOO_LARGE ,"second number too large"},
+{ASN1_R_SHORT_LINE ,"short line"},
+{ASN1_R_STRING_TOO_SHORT ,"string too short"},
+{ASN1_R_TAG_VALUE_TOO_HIGH ,"tag value too high"},
+{ASN1_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{ASN1_R_TOO_LONG ,"too long"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_KEY ,"unable to decode rsa key"},
+{ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY ,"unable to decode rsa private key"},
+{ASN1_R_UNKNOWN_ATTRIBUTE_TYPE ,"unknown attribute type"},
+{ASN1_R_UNKNOWN_MESSAGE_DIGEST_ALGORITHM ,"unknown message digest algorithm"},
+{ASN1_R_UNKNOWN_OBJECT_TYPE ,"unknown object type"},
+{ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE ,"unknown public key type"},
+{ASN1_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM ,"unsupported encryption algorithm"},
+{ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE ,"unsupported public key type"},
+{ASN1_R_UTCTIME_TOO_LONG ,"utctime too long"},
+{ASN1_R_WRONG_PRINTABLE_TYPE ,"wrong printable type"},
+{ASN1_R_WRONG_TAG ,"wrong tag"},
+{ASN1_R_WRONG_TYPE ,"wrong type"},
+{0,NULL},
+ };
+
+void ERR_load_ASN1_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_ASN1,ASN1_str_functs);
+ ERR_load_strings(ERR_LIB_ASN1,ASN1_str_reasons);
+ }
+ }
diff --git a/crypto/asn1/asn1_lib.c b/crypto/asn1/asn1_lib.c
new file mode 100644
index 0000000..bdd706b
--- /dev/null
+++ b/crypto/asn1/asn1_lib.c
@@ -0,0 +1,433 @@
+/* crypto/asn1/asn1_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+#ifndef NOPROTO
+static int asn1_get_length(unsigned char **pp,int *inf,long *rl,int max);
+static void asn1_put_length(unsigned char **pp, int length);
+#else
+static int asn1_get_length();
+static void asn1_put_length();
+#endif
+
+char *ASN1_version="ASN1 part of SSLeay 0.8.1b 29-Jun-1998";
+
+int ASN1_check_infinite_end(p,len)
+unsigned char **p;
+long len;
+ {
+ /* If there is 0 or 1 byte left, the length check should pick
+ * things up */
+ if (len <= 0)
+ return(1);
+ else if ((len >= 2) && ((*p)[0] == 0) && ((*p)[1] == 0))
+ {
+ (*p)+=2;
+ return(1);
+ }
+ return(0);
+ }
+
+
+int ASN1_get_object(pp, plength, ptag, pclass, omax)
+unsigned char **pp;
+long *plength;
+int *ptag;
+int *pclass;
+long omax;
+ {
+ int i,ret;
+ long l;
+ unsigned char *p= *pp;
+ int tag,xclass,inf;
+ long max=omax;
+
+ if (!max) goto err;
+ ret=(*p&V_ASN1_CONSTRUCTED);
+ xclass=(*p&V_ASN1_PRIVATE);
+ i= *p&V_ASN1_PRIMATIVE_TAG;
+ if (i == V_ASN1_PRIMATIVE_TAG)
+ { /* high-tag */
+ p++;
+ if (--max == 0) goto err;
+ l=0;
+ while (*p&0x80)
+ {
+ l<<=7L;
+ l|= *(p++)&0x7f;
+ if (--max == 0) goto err;
+ }
+ l<<=7L;
+ l|= *(p++)&0x7f;
+ tag=(int)l;
+ }
+ else
+ {
+ tag=i;
+ p++;
+ if (--max == 0) goto err;
+ }
+ *ptag=tag;
+ *pclass=xclass;
+ if (!asn1_get_length(&p,&inf,plength,(int)max)) goto err;
+
+#ifdef undef
+ fprintf(stderr,"p=%d + *plength=%d > omax=%d + *pp=%d (%d > %d)\n",
+ p,*plength,omax,*pp,(p+ *plength),omax+ *pp);
+#endif
+
+ if ((p+ *plength) > (omax+ *pp))
+ {
+ ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_TOO_LONG);
+ /* Set this so that even if things are not long enough
+ * the values are set correctly */
+ ret|=0x80;
+ }
+ *pp=p;
+ return(ret+inf);
+err:
+ ASN1err(ASN1_F_ASN1_GET_OBJECT,ASN1_R_HEADER_TOO_LONG);
+ return(0x80);
+ }
+
+static int asn1_get_length(pp,inf,rl,max)
+unsigned char **pp;
+int *inf;
+long *rl;
+int max;
+ {
+ unsigned char *p= *pp;
+ long ret=0;
+ int i;
+
+ if (max-- < 1) return(0);
+ if (*p == 0x80)
+ {
+ *inf=1;
+ ret=0;
+ p++;
+ }
+ else
+ {
+ *inf=0;
+ i= *p&0x7f;
+ if (*(p++) & 0x80)
+ {
+ if (max-- == 0) return(0);
+ while (i-- > 0)
+ {
+ ret<<=8L;
+ ret|= *(p++);
+ if (max-- == 0) return(0);
+ }
+ }
+ else
+ ret=i;
+ }
+ *pp=p;
+ *rl=ret;
+ return(1);
+ }
+
+/* class 0 is constructed
+ * constructed == 2 for indefinitle length constructed */
+void ASN1_put_object(pp,constructed,length,tag,xclass)
+unsigned char **pp;
+int constructed;
+int length;
+int tag;
+int xclass;
+ {
+ unsigned char *p= *pp;
+ int i;
+
+ i=(constructed)?V_ASN1_CONSTRUCTED:0;
+ i|=(xclass&V_ASN1_PRIVATE);
+ if (tag < 31)
+ *(p++)=i|(tag&V_ASN1_PRIMATIVE_TAG);
+ else
+ {
+ *(p++)=i|V_ASN1_PRIMATIVE_TAG;
+ while (tag > 0x7f)
+ {
+ *(p++)=(tag&0x7f)|0x80;
+ tag>>=7;
+ }
+ *(p++)=(tag&0x7f);
+ }
+ if ((constructed == 2) && (length == 0))
+ *(p++)=0x80; /* der_put_length would output 0 instead */
+ else
+ asn1_put_length(&p,length);
+ *pp=p;
+ }
+
+static void asn1_put_length(pp, length)
+unsigned char **pp;
+int length;
+ {
+ unsigned char *p= *pp;
+ int i,l;
+ if (length <= 127)
+ *(p++)=(unsigned char)length;
+ else
+ {
+ l=length;
+ for (i=0; l > 0; i++)
+ l>>=8;
+ *(p++)=i|0x80;
+ l=i;
+ while (i-- > 0)
+ {
+ p[i]=length&0xff;
+ length>>=8;
+ }
+ p+=l;
+ }
+ *pp=p;
+ }
+
+int ASN1_object_size(constructed, length, tag)
+int constructed;
+int length;
+int tag;
+ {
+ int ret;
+
+ ret=length;
+ ret++;
+ if (tag >= 31)
+ {
+ while (tag > 0)
+ {
+ tag>>=7;
+ ret++;
+ }
+ }
+ if ((length == 0) && (constructed == 2))
+ ret+=2;
+ ret++;
+ if (length > 127)
+ {
+ while (length > 0)
+ {
+ length>>=8;
+ ret++;
+ }
+ }
+ return(ret);
+ }
+
+int asn1_Finish(c)
+ASN1_CTX *c;
+ {
+ if ((c->inf == (1|V_ASN1_CONSTRUCTED)) && (!c->eos))
+ {
+ if (!ASN1_check_infinite_end(&c->p,c->slen))
+ {
+ c->error=ASN1_R_MISSING_EOS;
+ return(0);
+ }
+ }
+ if ( ((c->slen != 0) && !(c->inf & 1)) ||
+ ((c->slen < 0) && (c->inf & 1)))
+ {
+ c->error=ASN1_R_LENGTH_MISMATCH;
+ return(0);
+ }
+ return(1);
+ }
+
+int asn1_GetSequence(c,length)
+ASN1_CTX *c;
+long *length;
+ {
+ unsigned char *q;
+
+ q=c->p;
+ c->inf=ASN1_get_object(&(c->p),&(c->slen),&(c->tag),&(c->xclass),
+ *length);
+ if (c->inf & 0x80)
+ {
+ c->error=ASN1_R_BAD_GET_OBJECT;
+ return(0);
+ }
+ if (c->tag != V_ASN1_SEQUENCE)
+ {
+ c->error=ASN1_R_EXPECTING_A_SEQUENCE;
+ return(0);
+ }
+ (*length)-=(c->p-q);
+ if (c->max && (*length < 0))
+ {
+ c->error=ASN1_R_LENGTH_MISMATCH;
+ return(0);
+ }
+ if (c->inf == (1|V_ASN1_CONSTRUCTED))
+ c->slen= *length+ *(c->pp)-c->p;
+ c->eos=0;
+ return(1);
+ }
+
+ASN1_STRING *ASN1_STRING_dup(str)
+ASN1_STRING *str;
+ {
+ ASN1_STRING *ret;
+
+ if (str == NULL) return(NULL);
+ if ((ret=ASN1_STRING_type_new(str->type)) == NULL)
+ return(NULL);
+ if (!ASN1_STRING_set(ret,str->data,str->length))
+ {
+ ASN1_STRING_free(ret);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+int ASN1_STRING_set(str,data,len)
+ASN1_STRING *str;
+unsigned char *data;
+int len;
+ {
+ char *c;
+
+ if (len < 0)
+ {
+ if (data == NULL)
+ return(0);
+ else
+ len=strlen((char *)data);
+ }
+ if ((str->length < len) || (str->data == NULL))
+ {
+ c=(char *)str->data;
+ if (c == NULL)
+ str->data=(unsigned char *)Malloc(len+1);
+ else
+ str->data=(unsigned char *)Realloc(c,len+1);
+
+ if (str->data == NULL)
+ {
+ str->data=(unsigned char *)c;
+ return(0);
+ }
+ }
+ str->length=len;
+ if (data != NULL)
+ {
+ memcpy(str->data,data,len);
+ /* an alowance for strings :-) */
+ str->data[len]='\0';
+ }
+ return(1);
+ }
+
+ASN1_STRING *ASN1_STRING_new()
+ {
+ return(ASN1_STRING_type_new(V_ASN1_OCTET_STRING));
+ }
+
+
+ASN1_STRING *ASN1_STRING_type_new(type)
+int type;
+ {
+ ASN1_STRING *ret;
+
+ ret=(ASN1_STRING *)Malloc(sizeof(ASN1_STRING));
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_ASN1_STRING_TYPE_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->length=0;
+ ret->type=type;
+ ret->data=NULL;
+ return(ret);
+ }
+
+void ASN1_STRING_free(a)
+ASN1_STRING *a;
+ {
+ if (a == NULL) return;
+ if (a->data != NULL) Free((char *)a->data);
+ Free((char *)a);
+ }
+
+int ASN1_STRING_cmp(a,b)
+ASN1_STRING *a,*b;
+ {
+ int i;
+
+ i=(a->length-b->length);
+ if (i == 0)
+ {
+ i=memcmp(a->data,b->data,a->length);
+ if (i == 0)
+ return(a->type-b->type);
+ else
+ return(i);
+ }
+ else
+ return(i);
+ }
+
diff --git a/crypto/asn1/asn1_mac.h b/crypto/asn1/asn1_mac.h
new file mode 100644
index 0000000..e4ce0aa
--- /dev/null
+++ b/crypto/asn1/asn1_mac.h
@@ -0,0 +1,318 @@
+/* crypto/asn1/asn1_mac.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ASN1_MAC_H
+#define HEADER_ASN1_MAC_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "asn1.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+#define M_ASN1_D2I_vars(a,type,func) \
+ ASN1_CTX c; \
+ type ret=NULL; \
+ \
+ c.pp=pp; \
+ c.error=ASN1_R_ERROR_STACK; \
+ if ((a == NULL) || ((*a) == NULL)) \
+ { if ((ret=(type)func()) == NULL) goto err; } \
+ else ret=(*a);
+
+#define M_ASN1_D2I_Init() \
+ c.p= *pp; \
+ c.max=(length == 0)?0:(c.p+length);
+
+#define M_ASN1_D2I_Finish_2(a) \
+ if (!asn1_Finish(&c)) goto err; \
+ *pp=c.p; \
+ if (a != NULL) (*a)=ret; \
+ return(ret);
+
+#define M_ASN1_D2I_Finish(a,func,e) \
+ M_ASN1_D2I_Finish_2(a); \
+err:\
+ ASN1err((e),c.error); \
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) func(ret); \
+ return(NULL)
+
+#define M_ASN1_D2I_start_sequence() \
+ if (!asn1_GetSequence(&c,&length)) goto err;
+
+#define M_ASN1_D2I_end_sequence() \
+ (((c.inf&1) == 0)?(c.slen <= 0): \
+ (c.eos=ASN1_check_infinite_end(&c.p,c.slen)))
+
+#define M_ASN1_D2I_get(b,func) \
+ c.q=c.p; \
+ if (func(&(b),&c.p,c.slen) == NULL) goto err; \
+ c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_opt(b,func,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) \
+ == (V_ASN1_UNIVERSAL|(type)))) \
+ { \
+ M_ASN1_D2I_get(b,func); \
+ }
+
+#define M_ASN1_D2I_get_IMP_opt(b,func,tag,type) \
+ if ((c.slen != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED)) == \
+ (V_ASN1_CONTEXT_SPECIFIC|(tag)))) \
+ { \
+ unsigned char tmp; \
+ tmp=M_ASN1_next; \
+ M_ASN1_next=(tmp& ~V_ASN1_PRIMATIVE_TAG)|type; \
+ M_ASN1_D2I_get(b,func); \
+ M_ASN1_next_prev=tmp; \
+ }
+
+#define M_ASN1_D2I_get_set(r,func) \
+ M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_IMP_set_opt(b,func,tag) \
+ if ((c.slen != 0) && \
+ (M_ASN1_next == \
+ (V_ASN1_CONTEXT_SPECIFIC|V_ASN1_CONSTRUCTED|(tag))))\
+ { \
+ M_ASN1_D2I_get_imp_set(b,func,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ }
+
+#define M_ASN1_D2I_get_seq(r,func) \
+ M_ASN1_D2I_get_imp_set(r,func,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_D2I_get_seq_opt(r,func) \
+ if ((c.slen != 0) && (M_ASN1_next == (V_ASN1_UNIVERSAL| \
+ V_ASN1_CONSTRUCTED|V_ASN1_SEQUENCE)))\
+ { M_ASN1_D2I_get_seq(r,func); }
+
+#define M_ASN1_D2I_get_IMP_set(r,func,x) \
+ M_ASN1_D2I_get_imp_set(r,func,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_D2I_get_imp_set(r,func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_SET(&(r),&c.p,c.slen,(char *(*)())func,a,b) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_set_strings(r,func,a,b) \
+ c.q=c.p; \
+ if (d2i_ASN1_STRING_SET(&(r),&c.p,c.slen,a,b) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q);
+
+#define M_ASN1_D2I_get_EXP_opt(r,func,tag) \
+ if ((c.slen != 0L) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+ if (func(&(r),&c.p,Tlen) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q); \
+ }
+
+#define M_ASN1_D2I_get_EXP_set_opt(r,func,tag,b) \
+ if ((c.slen != 0) && (M_ASN1_next == \
+ (V_ASN1_CONSTRUCTED|V_ASN1_CONTEXT_SPECIFIC|tag))) \
+ { \
+ int Tinf,Ttag,Tclass; \
+ long Tlen; \
+ \
+ c.q=c.p; \
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,c.slen); \
+ if (Tinf & 0x80) \
+ { c.error=ASN1_R_BAD_OBJECT_HEADER; goto err; } \
+ if (d2i_ASN1_SET(&(r),&c.p,Tlen,(char *(*)())func, \
+ b,V_ASN1_UNIVERSAL) == NULL) \
+ goto err; \
+ c.slen-=(c.p-c.q); \
+ }
+
+/* New macros */
+#define M_ASN1_New_Malloc(ret,type) \
+ if ((ret=(type *)Malloc(sizeof(type))) == NULL) goto err2;
+
+#define M_ASN1_New(arg,func) \
+ if (((arg)=func()) == NULL) return(NULL)
+
+#define M_ASN1_New_Error(a) \
+/* err: ASN1err((a),ASN1_R_ERROR_STACK); \
+ return(NULL);*/ \
+ err2: ASN1err((a),ERR_R_MALLOC_FAILURE); \
+ return(NULL)
+
+
+#define M_ASN1_next (*c.p)
+#define M_ASN1_next_prev (*c.q)
+
+/*************************************************/
+
+#define M_ASN1_I2D_vars(a) int r=0,ret=0; \
+ unsigned char *p; \
+ if (a == NULL) return(0)
+
+/* Length Macros */
+#define M_ASN1_I2D_len(a,f) ret+=f(a,NULL)
+#define M_ASN1_I2D_len_IMP_opt(a,f) if (a != NULL) M_ASN1_I2D_len(a,f)
+
+#define M_ASN1_I2D_len_SET(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SET,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_I2D_len_SEQ(a,f) \
+ ret+=i2d_ASN1_SET(a,NULL,f,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+#define M_ASN1_I2D_len_SEQ_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_len_SEQ(a,f);
+
+#define M_ASN1_I2D_len_IMP_set(a,f,x) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_I2D_len_IMP_set_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ ret+=i2d_ASN1_SET(a,NULL,f,x,V_ASN1_CONTEXT_SPECIFIC);
+
+#define M_ASN1_I2D_len_EXP_opt(a,f,mtag,v) \
+ if (a != NULL)\
+ { \
+ v=f(a,NULL); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+#define M_ASN1_I2D_len_EXP_set_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0))\
+ { \
+ v=i2d_ASN1_SET(a,NULL,f,tag,V_ASN1_UNIVERSAL); \
+ ret+=ASN1_object_size(1,v,mtag); \
+ }
+
+/* Put Macros */
+#define M_ASN1_I2D_put(a,f) f(a,&p)
+
+#define M_ASN1_I2D_put_IMP_opt(a,f,t) \
+ if (a != NULL) \
+ { \
+ unsigned char *q=p; \
+ f(a,&p); \
+ *q=(V_ASN1_CONTEXT_SPECIFIC|t); \
+ }
+
+#define M_ASN1_I2D_put_SET(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SET,\
+ V_ASN1_UNIVERSAL)
+#define M_ASN1_I2D_put_IMP_set(a,f,x) i2d_ASN1_SET(a,&p,f,x,\
+ V_ASN1_CONTEXT_SPECIFIC)
+
+#define M_ASN1_I2D_put_SEQ(a,f) i2d_ASN1_SET(a,&p,f,V_ASN1_SEQUENCE,\
+ V_ASN1_UNIVERSAL)
+
+#define M_ASN1_I2D_put_SEQ_opt(a,f) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ M_ASN1_I2D_put_SEQ(a,f);
+
+#define M_ASN1_I2D_put_IMP_set_opt(a,f,x) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { i2d_ASN1_SET(a,&p,f,x,V_ASN1_CONTEXT_SPECIFIC); }
+
+#define M_ASN1_I2D_put_EXP_opt(a,f,tag,v) \
+ if (a != NULL) \
+ { \
+ ASN1_put_object(&p,1,v,tag,V_ASN1_CONTEXT_SPECIFIC); \
+ f(a,&p); \
+ }
+
+#define M_ASN1_I2D_put_EXP_set_opt(a,f,mtag,tag,v) \
+ if ((a != NULL) && (sk_num(a) != 0)) \
+ { \
+ ASN1_put_object(&p,1,v,mtag,V_ASN1_CONTEXT_SPECIFIC); \
+ i2d_ASN1_SET(a,&p,f,tag,V_ASN1_UNIVERSAL); \
+ }
+
+#define M_ASN1_I2D_seq_total() \
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE); \
+ if (pp == NULL) return(r); \
+ p= *pp; \
+ ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL)
+
+#define M_ASN1_I2D_INF_seq_start(tag,ctx) \
+ *(p++)=(V_ASN1_CONSTRUCTED|(tag)|(ctx)); \
+ *(p++)=0x80
+
+#define M_ASN1_I2D_INF_seq_end() *(p++)=0x00; *(p++)=0x00
+
+#define M_ASN1_I2D_finish() *pp=p; \
+ return(r);
+
+#ifndef NOPROTO
+int asn1_GetSequence(ASN1_CTX *c, long *length);
+#else
+int asn1_GetSequence();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/asn1/asn1_par.c b/crypto/asn1/asn1_par.c
new file mode 100644
index 0000000..c6cbe1d
--- /dev/null
+++ b/crypto/asn1/asn1_par.c
@@ -0,0 +1,387 @@
+/* crypto/asn1/asn1_par.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifndef NOPROTO
+static int asn1_print_info(BIO *bp, int tag, int xclass,int constructed,
+ int indent);
+static int asn1_parse2(BIO *bp, unsigned char **pp, long length,
+ int offset, int depth, int indent);
+#else
+static int asn1_print_info();
+static int asn1_parse2();
+#endif
+
+static int asn1_print_info(bp, tag, xclass, constructed,indent)
+BIO *bp;
+int tag;
+int xclass;
+int constructed;
+int indent;
+ {
+ static char *fmt="%-18s";
+ static char *fmt2="%2d %-15s";
+ char *p,str[128],*p2=NULL;
+
+ if (constructed & V_ASN1_CONSTRUCTED)
+ p="cons: ";
+ else
+ p="prim: ";
+ if (BIO_write(bp,p,6) < 6) goto err;
+ if (indent)
+ {
+ if (indent > 128) indent=128;
+ memset(str,' ',indent);
+ if (BIO_write(bp,str,indent) < indent) goto err;
+ }
+
+ p=str;
+ if ((xclass & V_ASN1_PRIVATE) == V_ASN1_PRIVATE)
+ sprintf(str,"priv [ %d ] ",tag);
+ else if ((xclass & V_ASN1_CONTEXT_SPECIFIC) == V_ASN1_CONTEXT_SPECIFIC)
+ sprintf(str,"cont [ %d ]",tag);
+ else if ((xclass & V_ASN1_APPLICATION) == V_ASN1_APPLICATION)
+ sprintf(str,"appl [ %d ]",tag);
+ else if ((tag == V_ASN1_EOC) /* && (xclass == V_ASN1_UNIVERSAL) */)
+ p="EOC";
+ else if (tag == V_ASN1_BOOLEAN)
+ p="BOOLEAN";
+ else if (tag == V_ASN1_INTEGER)
+ p="INTEGER";
+ else if (tag == V_ASN1_BIT_STRING)
+ p="BIT STRING";
+ else if (tag == V_ASN1_OCTET_STRING)
+ p="OCTET STRING";
+ else if (tag == V_ASN1_NULL)
+ p="NULL";
+ else if (tag == V_ASN1_OBJECT)
+ p="OBJECT";
+ else if (tag == V_ASN1_SEQUENCE)
+ p="SEQUENCE";
+ else if (tag == V_ASN1_SET)
+ p="SET";
+ else if (tag == V_ASN1_PRINTABLESTRING)
+ p="PRINTABLESTRING";
+ else if (tag == V_ASN1_T61STRING)
+ p="T61STRING";
+ else if (tag == V_ASN1_IA5STRING)
+ p="IA5STRING";
+ else if (tag == V_ASN1_UTCTIME)
+ p="UTCTIME";
+
+ /* extras */
+ else if (tag == V_ASN1_NUMERICSTRING)
+ p="NUMERICSTRING";
+ else if (tag == V_ASN1_VIDEOTEXSTRING)
+ p="VIDEOTEXSTRING";
+ else if (tag == V_ASN1_GENERALIZEDTIME)
+ p="GENERALIZEDTIME";
+ else if (tag == V_ASN1_GRAPHICSTRING)
+ p="GRAPHICSTRING";
+ else if (tag == V_ASN1_ISO64STRING)
+ p="ISO64STRING";
+ else if (tag == V_ASN1_GENERALSTRING)
+ p="GENERALSTRING";
+ else if (tag == V_ASN1_UNIVERSALSTRING)
+ p="UNIVERSALSTRING";
+
+ else
+ p2="(unknown)";
+
+ if (p2 != NULL)
+ {
+ if (BIO_printf(bp,fmt2,tag,p2) <= 0) goto err;
+ }
+ else
+ {
+ if (BIO_printf(bp,fmt,p) <= 0) goto err;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int ASN1_parse(bp, pp, len, indent)
+BIO *bp;
+unsigned char *pp;
+long len;
+int indent;
+ {
+ return(asn1_parse2(bp,&pp,len,0,0,indent));
+ }
+
+static int asn1_parse2(bp, pp, length, offset, depth, indent)
+BIO *bp;
+unsigned char **pp;
+long length;
+int offset;
+int depth;
+int indent;
+ {
+ unsigned char *p,*ep,*tot,*op,*opp;
+ long len;
+ int tag,xclass,ret=0;
+ int nl,hl,j,r;
+ ASN1_OBJECT *o=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+
+ p= *pp;
+ tot=p+length;
+ op=p-1;
+ while ((p < tot) && (op < p))
+ {
+ op=p;
+ j=ASN1_get_object(&p,&len,&tag,&xclass,length);
+#ifdef LINT
+ j=j;
+#endif
+ if (j & 0x80)
+ {
+ if (BIO_write(bp,"Error in encoding\n",18) <= 0)
+ goto end;
+ ret=0;
+ goto end;
+ }
+ hl=(p-op);
+ length-=hl;
+ /* if j == 0x21 it is a constructed indefinite length object */
+ if (BIO_printf(bp,"%5ld:",(long)offset+(long)(op- *pp))
+ <= 0) goto end;
+
+ if (j != (V_ASN1_CONSTRUCTED | 1))
+ {
+ if (BIO_printf(bp,"d=%-2d hl=%ld l=%4ld ",
+ depth,(long)hl,len) <= 0)
+ goto end;
+ }
+ else
+ {
+ if (BIO_printf(bp,"d=%-2d hl=%ld l=inf ",
+ depth,(long)hl) <= 0)
+ goto end;
+ }
+ if (!asn1_print_info(bp,tag,xclass,j,(indent)?depth:0))
+ goto end;
+ if (j & V_ASN1_CONSTRUCTED)
+ {
+ ep=p+len;
+ if (BIO_write(bp,"\n",1) <= 0) goto end;
+ if (len > length)
+ {
+ BIO_printf(bp,
+ "length is greater than %ld\n",length);
+ ret=0;
+ goto end;
+ }
+ if ((j == 0x21) && (len == 0))
+ {
+ for (;;)
+ {
+ r=asn1_parse2(bp,&p,(long)(tot-p),
+ offset+(p - *pp),depth+1,
+ indent);
+ if (r == 0) { ret=0; goto end; }
+ if ((r == 2) || (p >= tot)) break;
+ }
+ }
+ else
+ while (p < ep)
+ {
+ r=asn1_parse2(bp,&p,(long)len,
+ offset+(p - *pp),depth+1,
+ indent);
+ if (r == 0) { ret=0; goto end; }
+ }
+ }
+ else if (xclass != 0)
+ {
+ p+=len;
+ if (BIO_write(bp,"\n",1) <= 0) goto end;
+ }
+ else
+ {
+ nl=0;
+ if ( (tag == V_ASN1_PRINTABLESTRING) ||
+ (tag == V_ASN1_T61STRING) ||
+ (tag == V_ASN1_IA5STRING) ||
+ (tag == V_ASN1_UTCTIME))
+ {
+ if (BIO_write(bp,":",1) <= 0) goto end;
+ if ((len > 0) &&
+ BIO_write(bp,(char *)p,(int)len)
+ != (int)len)
+ goto end;
+ }
+ else if (tag == V_ASN1_OBJECT)
+ {
+ opp=op;
+ if (d2i_ASN1_OBJECT(&o,&opp,len+hl) != NULL)
+ {
+ if (BIO_write(bp,":",1) <= 0) goto end;
+ i2a_ASN1_OBJECT(bp,o);
+ }
+ else
+ {
+ if (BIO_write(bp,":BAD OBJECT",11) <= 0)
+ goto end;
+ }
+ }
+ else if (tag == V_ASN1_BOOLEAN)
+ {
+ int ii;
+
+ opp=op;
+ ii=d2i_ASN1_BOOLEAN(NULL,&opp,len+hl);
+ if (ii < 0)
+ {
+ if (BIO_write(bp,"Bad boolean\n",12))
+ goto end;
+ }
+ BIO_printf(bp,":%d",ii);
+ }
+ else if (tag == V_ASN1_OCTET_STRING)
+ {
+ int i,printable=1;
+
+ opp=op;
+ os=d2i_ASN1_OCTET_STRING(NULL,&opp,len+hl);
+ if (os != NULL)
+ {
+ opp=os->data;
+ for (i=0; i<os->length; i++)
+ {
+ if (( (opp[i] < ' ') &&
+ (opp[i] != '\n') &&
+ (opp[i] != '\r') &&
+ (opp[i] != '\t')) ||
+ (opp[i] > '~'))
+ {
+ printable=0;
+ break;
+ }
+ }
+ if (printable && (os->length > 0))
+ {
+ if (BIO_write(bp,":",1) <= 0)
+ goto end;
+ if (BIO_write(bp,(char *)opp,
+ os->length) <= 0)
+ goto end;
+ }
+ ASN1_OCTET_STRING_free(os);
+ os=NULL;
+ }
+ }
+ else if (tag == V_ASN1_INTEGER)
+ {
+ ASN1_INTEGER *bs;
+ int i;
+
+ opp=op;
+ bs=d2i_ASN1_INTEGER(NULL,&opp,len+hl);
+ if (bs != NULL)
+ {
+ if (BIO_write(bp,":",1) <= 0) goto end;
+ if (bs->type == V_ASN1_NEG_INTEGER)
+ if (BIO_write(bp,"-",1) <= 0)
+ goto end;
+ for (i=0; i<bs->length; i++)
+ {
+ if (BIO_printf(bp,"%02X",
+ bs->data[i]) <= 0)
+ goto end;
+ }
+ if (bs->length == 0)
+ {
+ if (BIO_write(bp,"00",2) <= 0)
+ goto end;
+ }
+ }
+ else
+ {
+ if (BIO_write(bp,"BAD INTEGER",11) <= 0)
+ goto end;
+ }
+ ASN1_INTEGER_free(bs);
+ }
+
+ if (!nl)
+ {
+ if (BIO_write(bp,"\n",1) <= 0) goto end;
+ }
+ p+=len;
+ if ((tag == V_ASN1_EOC) && (xclass == 0))
+ {
+ ret=2; /* End of sequence */
+ goto end;
+ }
+ }
+ length-=len;
+ }
+ ret=1;
+end:
+ if (o != NULL) ASN1_OBJECT_free(o);
+ if (os != NULL) ASN1_OCTET_STRING_free(os);
+ *pp=p;
+ return(ret);
+ }
diff --git a/crypto/asn1/d2i_dhp.c b/crypto/asn1/d2i_dhp.c
new file mode 100644
index 0000000..6ae3e0e
--- /dev/null
+++ b/crypto/asn1/d2i_dhp.c
@@ -0,0 +1,108 @@
+/* crypto/asn1/d2i_dhp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DHPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+DH *d2i_DHparams(a,pp,length)
+DH **a;
+unsigned char **pp;
+long length;
+ {
+ int i=ASN1_R_ERROR_STACK;
+ ASN1_INTEGER *bs=NULL;
+ long v=0;
+ M_ASN1_D2I_vars(a,DH *,DH_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
+
+ if (!M_ASN1_D2I_end_sequence())
+ {
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ for (i=0; i<bs->length; i++)
+ v=(v<<8)|(bs->data[i]);
+ ret->length=(int)v;
+ }
+
+ ASN1_BIT_STRING_free(bs);
+
+ M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+ i=ERR_R_BN_LIB;
+err:
+ ASN1err(ASN1_F_D2I_DHPARAMS,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) DH_free(ret);
+ if (bs != NULL) ASN1_BIT_STRING_free(bs);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_dsap.c b/crypto/asn1/d2i_dsap.c
new file mode 100644
index 0000000..d0732af
--- /dev/null
+++ b/crypto/asn1/d2i_dsap.c
@@ -0,0 +1,101 @@
+/* crypto/asn1/d2i_dsap.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DSAPARAMS,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+DSA *d2i_DSAparams(a,pp,length)
+DSA **a;
+unsigned char **pp;
+long length;
+ {
+ int i=ASN1_R_ERROR_STACK;
+ ASN1_INTEGER *bs=NULL;
+ M_ASN1_D2I_vars(a,DSA *,DSA_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
+
+ ASN1_BIT_STRING_free(bs);
+
+ M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+ i=ERR_R_BN_LIB;
+err:
+ ASN1err(ASN1_F_D2I_DSAPARAMS,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
+ if (bs != NULL) ASN1_BIT_STRING_free(bs);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_pr.c b/crypto/asn1/d2i_pr.c
new file mode 100644
index 0000000..0b60aee
--- /dev/null
+++ b/crypto/asn1/d2i_pr.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/d2i_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+EVP_PKEY *d2i_PrivateKey(type,a,pp,length)
+int type;
+EVP_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ EVP_PKEY *ret;
+
+ if ((a == NULL) || (*a == NULL))
+ {
+ if ((ret=EVP_PKEY_new()) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_EVP_LIB);
+ return(NULL);
+ }
+ }
+ else ret= *a;
+
+ ret->save_type=type;
+ ret->type=EVP_PKEY_type(type);
+ switch (ret->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ if ((ret->pkey.rsa=d2i_RSAPrivateKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ if ((ret->pkey.dsa=d2i_DSAPrivateKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+ default:
+ ASN1err(ASN1_F_D2I_PRIVATEKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ goto err;
+ break;
+ }
+ if (a != NULL) (*a)=ret;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_pu.c b/crypto/asn1/d2i_pu.c
new file mode 100644
index 0000000..142742e
--- /dev/null
+++ b/crypto/asn1/d2i_pu.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/d2i_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+EVP_PKEY *d2i_PublicKey(type,a,pp,length)
+int type;
+EVP_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ EVP_PKEY *ret;
+
+ if ((a == NULL) || (*a == NULL))
+ {
+ if ((ret=EVP_PKEY_new()) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_EVP_LIB);
+ return(NULL);
+ }
+ }
+ else ret= *a;
+
+ ret->save_type=type;
+ ret->type=EVP_PKEY_type(type);
+ switch (ret->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ if ((ret->pkey.rsa=d2i_RSAPublicKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ if ((ret->pkey.dsa=d2i_DSAPublicKey(NULL,pp,length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ break;
+#endif
+ default:
+ ASN1err(ASN1_F_D2I_PUBLICKEY,ASN1_R_UNKNOWN_PUBLIC_KEY_TYPE);
+ goto err;
+ break;
+ }
+ if (a != NULL) (*a)=ret;
+ return(ret);
+err:
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) EVP_PKEY_free(ret);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_r_pr.c b/crypto/asn1/d2i_r_pr.c
new file mode 100644
index 0000000..af95f30
--- /dev/null
+++ b/crypto/asn1/d2i_r_pr.c
@@ -0,0 +1,129 @@
+/* crypto/asn1/d2i_r_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_PARSING);
+ */
+
+static ASN1_METHOD method={
+ (int (*)()) i2d_RSAPrivateKey,
+ (char *(*)())d2i_RSAPrivateKey,
+ (char *(*)())RSA_new,
+ (void (*)()) RSA_free};
+
+ASN1_METHOD *RSAPrivateKey_asn1_meth()
+ {
+ return(&method);
+ }
+
+RSA *d2i_RSAPrivateKey(a,pp,length)
+RSA **a;
+unsigned char **pp;
+long length;
+ {
+ int i=ASN1_R_PARSING;
+ ASN1_INTEGER *bs=NULL;
+ M_ASN1_D2I_vars(a,RSA *,RSA_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if (bs->length == 0)
+ ret->version=0;
+ else ret->version=bs->data[0];
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->d=BN_bin2bn(bs->data,bs->length,ret->d)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->dmp1=BN_bin2bn(bs->data,bs->length,ret->dmp1)) == NULL)
+ goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->dmq1=BN_bin2bn(bs->data,bs->length,ret->dmq1)) == NULL)
+ goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->iqmp=BN_bin2bn(bs->data,bs->length,ret->iqmp)) == NULL)
+ goto err_bn;
+
+ ASN1_INTEGER_free(bs);
+
+ M_ASN1_D2I_Finish_2(a);
+err_bn:
+ i=ERR_R_BN_LIB;
+err:
+ ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
+ if (bs != NULL) ASN1_INTEGER_free(bs);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_r_pu.c b/crypto/asn1/d2i_r_pu.c
new file mode 100644
index 0000000..0febef6
--- /dev/null
+++ b/crypto/asn1/d2i_r_pu.c
@@ -0,0 +1,100 @@
+/* crypto/asn1/d2i_r_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+RSA *d2i_RSAPublicKey(a,pp,length)
+RSA **a;
+unsigned char **pp;
+long length;
+ {
+ int i=ASN1_R_PARSING;
+ ASN1_INTEGER *bs=NULL;
+ M_ASN1_D2I_vars(a,RSA *,RSA_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->n=BN_bin2bn(bs->data,bs->length,ret->n)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->e=BN_bin2bn(bs->data,bs->length,ret->e)) == NULL) goto err_bn;
+
+ ASN1_INTEGER_free(bs);
+ bs=NULL;
+
+ M_ASN1_D2I_Finish_2(a);
+
+err_bn:
+ i=ERR_R_BN_LIB;
+err:
+ ASN1err(ASN1_F_D2I_RSAPUBLICKEY,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) RSA_free(ret);
+ if (bs != NULL) ASN1_INTEGER_free(bs);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_s_pr.c b/crypto/asn1/d2i_s_pr.c
new file mode 100644
index 0000000..987db4e
--- /dev/null
+++ b/crypto/asn1/d2i_s_pr.c
@@ -0,0 +1,113 @@
+/* crypto/asn1/d2i_s_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_PARSING);
+ */
+
+DSA *d2i_DSAPrivateKey(a,pp,length)
+DSA **a;
+unsigned char **pp;
+long length;
+ {
+ int i=ASN1_R_PARSING;
+ ASN1_INTEGER *bs=NULL;
+ M_ASN1_D2I_vars(a,DSA *,DSA_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if (bs->length == 0)
+ ret->version=0;
+ else ret->version=bs->data[0];
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
+ == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->priv_key=BN_bin2bn(bs->data,bs->length,ret->priv_key))
+ == NULL) goto err_bn;
+
+ ASN1_INTEGER_free(bs);
+
+ M_ASN1_D2I_Finish_2(a);
+err_bn:
+ i=ERR_R_BN_LIB;
+err:
+ ASN1err(ASN1_F_D2I_DSAPRIVATEKEY,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
+ if (bs != NULL) ASN1_INTEGER_free(bs);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/d2i_s_pu.c b/crypto/asn1/d2i_s_pu.c
new file mode 100644
index 0000000..dfffa82
--- /dev/null
+++ b/crypto/asn1/d2i_s_pu.c
@@ -0,0 +1,124 @@
+/* crypto/asn1/d2i_s_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+DSA *d2i_DSAPublicKey(a,pp,length)
+DSA **a;
+unsigned char **pp;
+long length;
+ {
+ int i=ASN1_R_PARSING;
+ ASN1_INTEGER *bs=NULL;
+ M_ASN1_D2I_vars(a,DSA *,DSA_new);
+
+ M_ASN1_D2I_Init();
+ if ((length != 0) && ((M_ASN1_next & (~V_ASN1_CONSTRUCTED))
+ == (V_ASN1_UNIVERSAL|(V_ASN1_INTEGER))))
+ {
+ c.slen=length;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
+ == NULL)
+ goto err_bn;
+ ret->write_params=0;
+ }
+ else
+ {
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->pub_key=BN_bin2bn(bs->data,bs->length,ret->pub_key))
+ == NULL)
+ goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->p=BN_bin2bn(bs->data,bs->length,ret->p)) == NULL)
+ goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->q=BN_bin2bn(bs->data,bs->length,ret->q)) == NULL)
+ goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((ret->g=BN_bin2bn(bs->data,bs->length,ret->g)) == NULL)
+ goto err_bn;
+
+ ret->write_params=1;
+ }
+
+ ASN1_INTEGER_free(bs);
+ bs=NULL;
+ M_ASN1_D2I_Finish_2(a);
+err_bn:
+ i=ERR_R_BN_LIB;
+err:
+ ASN1err(ASN1_F_D2I_DSAPUBLICKEY,i);
+ if ((ret != NULL) && ((a == NULL) || (*a != ret))) DSA_free(ret);
+ if (bs != NULL) ASN1_INTEGER_free(bs);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/f_int.c b/crypto/asn1/f_int.c
new file mode 100644
index 0000000..f786b12
--- /dev/null
+++ b/crypto/asn1/f_int.c
@@ -0,0 +1,211 @@
+/* crypto/asn1/f_int.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+int i2a_ASN1_INTEGER(bp, a)
+BIO *bp;
+ASN1_INTEGER *a;
+ {
+ int i,n=0;
+ static char *h="0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL) return(0);
+
+ if (a->length == 0)
+ {
+ if (BIO_write(bp,"00",2) != 2) goto err;
+ n=2;
+ }
+ else
+ {
+ for (i=0; i<a->length; i++)
+ {
+ if ((i != 0) && (i%35 == 0))
+ {
+ if (BIO_write(bp,"\\\n",2) != 2) goto err;
+ n+=2;
+ }
+ buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
+ buf[1]=h[((unsigned char)a->data[i] )&0x0f];
+ if (BIO_write(bp,buf,2) != 2) goto err;
+ n+=2;
+ }
+ }
+ return(n);
+err:
+ return(-1);
+ }
+
+int a2i_ASN1_INTEGER(bp,bs,buf,size)
+BIO *bp;
+ASN1_INTEGER *bs;
+char *buf;
+int size;
+ {
+ int ret=0;
+ int i,j,k,m,n,again,bufsize;
+ unsigned char *s=NULL,*sp;
+ unsigned char *bufp;
+ int num=0,slen=0,first=1;
+
+ bs->type=V_ASN1_INTEGER;
+
+ bufsize=BIO_gets(bp,buf,size);
+ for (;;)
+ {
+ if (bufsize < 1) goto err_sl;
+ i=bufsize;
+ if (buf[i-1] == '\n') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ if (buf[i-1] == '\r') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ again=(buf[i-1] == '\\');
+
+ for (j=0; j<i; j++)
+ {
+ if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+ {
+ i=j;
+ break;
+ }
+ }
+ buf[i]='\0';
+ /* We have now cleared all the crap off the end of the
+ * line */
+ if (i < 2) goto err_sl;
+
+ bufp=(unsigned char *)buf;
+ if (first)
+ {
+ first=0;
+ if ((bufp[0] == '0') && (buf[1] == '0'))
+ {
+ bufp+=2;
+ i-=2;
+ }
+ }
+ k=0;
+ i-=again;
+ if (i%2 != 0)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i/=2;
+ if (num+i > slen)
+ {
+ if (s == NULL)
+ sp=(unsigned char *)Malloc(
+ (unsigned int)num+i*2);
+ else
+ sp=(unsigned char *)Realloc(s,
+ (unsigned int)num+i*2);
+ if (sp == NULL)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ERR_R_MALLOC_FAILURE);
+ if (s != NULL) Free((char *)s);
+ goto err;
+ }
+ s=sp;
+ slen=num+i*2;
+ }
+ for (j=0; j<i; j++,k+=2)
+ {
+ for (n=0; n<2; n++)
+ {
+ m=bufp[k+n];
+ if ((m >= '0') && (m <= '9'))
+ m-='0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m=m-'a'+10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m=m-'A'+10;
+ else
+ {
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num+j]<<=4;
+ s[num+j]|=m;
+ }
+ }
+ num+=i;
+ if (again)
+ bufsize=BIO_gets(bp,buf,size);
+ else
+ break;
+ }
+ bs->length=num;
+ bs->data=s;
+ ret=1;
+err:
+ if (0)
+ {
+err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_INTEGER,ASN1_R_SHORT_LINE);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/asn1/f_string.c b/crypto/asn1/f_string.c
new file mode 100644
index 0000000..68001c3
--- /dev/null
+++ b/crypto/asn1/f_string.c
@@ -0,0 +1,210 @@
+/* crypto/asn1/f_string.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "x509.h"
+
+int i2a_ASN1_STRING(bp, a, type)
+BIO *bp;
+ASN1_STRING *a;
+int type;
+ {
+ int i,n=0;
+ static char *h="0123456789ABCDEF";
+ char buf[2];
+
+ if (a == NULL) return(0);
+
+ if (a->length == 0)
+ {
+ if (BIO_write(bp,"0",1) != 1) goto err;
+ n=1;
+ }
+ else
+ {
+ for (i=0; i<a->length; i++)
+ {
+ if ((i != 0) && (i%35 == 0))
+ {
+ if (BIO_write(bp,"\\\n",2) != 2) goto err;
+ n+=2;
+ }
+ buf[0]=h[((unsigned char)a->data[i]>>4)&0x0f];
+ buf[1]=h[((unsigned char)a->data[i] )&0x0f];
+ if (BIO_write(bp,buf,2) != 2) goto err;
+ n+=2;
+ }
+ }
+ return(n);
+err:
+ return(-1);
+ }
+
+int a2i_ASN1_STRING(bp,bs,buf,size)
+BIO *bp;
+ASN1_STRING *bs;
+char *buf;
+int size;
+ {
+ int ret=0;
+ int i,j,k,m,n,again,bufsize;
+ unsigned char *s=NULL,*sp;
+ unsigned char *bufp;
+ int num=0,slen=0,first=1;
+
+ bufsize=BIO_gets(bp,buf,size);
+ for (;;)
+ {
+ if (bufsize < 1)
+ {
+ if (first)
+ break;
+ else
+ goto err_sl;
+ }
+ first=0;
+
+ i=bufsize;
+ if (buf[i-1] == '\n') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ if (buf[i-1] == '\r') buf[--i]='\0';
+ if (i == 0) goto err_sl;
+ again=(buf[i-1] == '\\');
+
+ for (j=i-1; j>0; j--)
+ {
+ if (!( ((buf[j] >= '0') && (buf[j] <= '9')) ||
+ ((buf[j] >= 'a') && (buf[j] <= 'f')) ||
+ ((buf[j] >= 'A') && (buf[j] <= 'F'))))
+ {
+ i=j;
+ break;
+ }
+ }
+ buf[i]='\0';
+ /* We have now cleared all the crap off the end of the
+ * line */
+ if (i < 2) goto err_sl;
+
+ bufp=(unsigned char *)buf;
+
+ k=0;
+ i-=again;
+ if (i%2 != 0)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_ODD_NUMBER_OF_CHARS);
+ goto err;
+ }
+ i/=2;
+ if (num+i > slen)
+ {
+ if (s == NULL)
+ sp=(unsigned char *)Malloc(
+ (unsigned int)num+i*2);
+ else
+ sp=(unsigned char *)Realloc(s,
+ (unsigned int)num+i*2);
+ if (sp == NULL)
+ {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ERR_R_MALLOC_FAILURE);
+ if (s != NULL) Free((char *)s);
+ goto err;
+ }
+ s=sp;
+ slen=num+i*2;
+ }
+ for (j=0; j<i; j++,k+=2)
+ {
+ for (n=0; n<2; n++)
+ {
+ m=bufp[k+n];
+ if ((m >= '0') && (m <= '9'))
+ m-='0';
+ else if ((m >= 'a') && (m <= 'f'))
+ m=m-'a'+10;
+ else if ((m >= 'A') && (m <= 'F'))
+ m=m-'A'+10;
+ else
+ {
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_NON_HEX_CHARACTERS);
+ goto err;
+ }
+ s[num+j]<<=4;
+ s[num+j]|=m;
+ }
+ }
+ num+=i;
+ if (again)
+ bufsize=BIO_gets(bp,buf,size);
+ else
+ break;
+ }
+ bs->length=num;
+ bs->data=s;
+ ret=1;
+err:
+ if (0)
+ {
+err_sl:
+ ASN1err(ASN1_F_A2I_ASN1_STRING,ASN1_R_SHORT_LINE);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/asn1/i2d_dhp.c b/crypto/asn1/i2d_dhp.c
new file mode 100644
index 0000000..087b6b8
--- /dev/null
+++ b/crypto/asn1/i2d_dhp.c
@@ -0,0 +1,128 @@
+/* crypto/asn1/i2d_dhp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "asn1_mac.h"
+#include "dh.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DHPARAMS,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_DHPARAMS_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_DHparams(a,pp)
+DH *a;
+unsigned char **pp;
+ {
+ BIGNUM *num[3];
+ ASN1_INTEGER bs;
+ unsigned int j,i,tot=0,len,max=0;
+ int t,ret= -1;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+ num[0]=a->p;
+ num[1]=a->g;
+ if (a->length != 0)
+ {
+ if ((num[2]=BN_new()) == NULL) goto err;
+ if (!BN_set_word(num[2],a->length)) goto err;
+ }
+ else
+ num[2]=NULL;
+
+ for (i=0; i<3; i++)
+ {
+ if (num[i] == NULL) continue;
+ j=BN_num_bits(num[i]);
+ len=((j == 0)?0:((j/8)+1));
+ if (len > max) max=len;
+ len=ASN1_object_size(0,len,
+ (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+ tot+=len;
+ }
+
+ t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(t);
+
+ p= *pp;
+ ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ bs.type=V_ASN1_INTEGER;
+ bs.data=(unsigned char *)Malloc(max+4);
+ if (bs.data == NULL)
+ {
+ ASN1err(ASN1_F_I2D_DHPARAMS,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ for (i=0; i<3; i++)
+ {
+ if (num[i] == NULL) continue;
+ bs.length=BN_bn2bin(num[i],bs.data);
+ i2d_ASN1_INTEGER(&bs,&p);
+ }
+ Free((char *)bs.data);
+ ret=t;
+err:
+ if (num[2] != NULL) BN_free(num[2]);
+ *pp=p;
+ return(ret);
+ }
diff --git a/crypto/asn1/i2d_dsap.c b/crypto/asn1/i2d_dsap.c
new file mode 100644
index 0000000..e051c99
--- /dev/null
+++ b/crypto/asn1/i2d_dsap.c
@@ -0,0 +1,121 @@
+/* crypto/asn1/i2d_dsap.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "asn1_mac.h"
+#include "dsa.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_DSAPARAMS,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_DSAparams(a,pp)
+DSA *a;
+unsigned char **pp;
+ {
+ BIGNUM *num[3];
+ ASN1_INTEGER bs;
+ unsigned int j,i,tot=0,len,max=0;
+ int t,ret= -1;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+ num[0]=a->p;
+ num[1]=a->q;
+ num[2]=a->g;
+
+ for (i=0; i<3; i++)
+ {
+ if (num[i] == NULL) continue;
+ j=BN_num_bits(num[i]);
+ len=((j == 0)?0:((j/8)+1));
+ if (len > max) max=len;
+ len=ASN1_object_size(0,len,
+ (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+ tot+=len;
+ }
+
+ t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(t);
+
+ p= *pp;
+ ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ bs.type=V_ASN1_INTEGER;
+ bs.data=(unsigned char *)Malloc(max+4);
+ if (bs.data == NULL)
+ {
+ ASN1err(ASN1_F_I2D_DSAPARAMS,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ for (i=0; i<3; i++)
+ {
+ if (num[i] == NULL) continue;
+ bs.length=BN_bn2bin(num[i],bs.data);
+ i2d_ASN1_INTEGER(&bs,&p);
+ }
+ Free((char *)bs.data);
+ ret=t;
+err:
+ *pp=p;
+ return(ret);
+ }
+
diff --git a/crypto/asn1/i2d_pr.c b/crypto/asn1/i2d_pr.c
new file mode 100644
index 0000000..361beb9
--- /dev/null
+++ b/crypto/asn1/i2d_pr.c
@@ -0,0 +1,86 @@
+/* crypto/asn1/i2d_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+
+int i2d_PrivateKey(a,pp)
+EVP_PKEY *a;
+unsigned char **pp;
+ {
+#ifndef NO_RSA
+ if (a->type == EVP_PKEY_RSA)
+ {
+ return(i2d_RSAPrivateKey(a->pkey.rsa,pp));
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (a->type == EVP_PKEY_DSA)
+ {
+ return(i2d_DSAPrivateKey(a->pkey.dsa,pp));
+ }
+#endif
+
+ ASN1err(ASN1_F_I2D_PRIVATEKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return(-1);
+ }
+
diff --git a/crypto/asn1/i2d_pu.c b/crypto/asn1/i2d_pu.c
new file mode 100644
index 0000000..2694cd4
--- /dev/null
+++ b/crypto/asn1/i2d_pu.c
@@ -0,0 +1,84 @@
+/* crypto/asn1/i2d_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "objects.h"
+
+int i2d_PublicKey(a,pp)
+EVP_PKEY *a;
+unsigned char **pp;
+ {
+ switch (a->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ return(i2d_RSAPublicKey(a->pkey.rsa,pp));
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ return(i2d_DSAPublicKey(a->pkey.dsa,pp));
+#endif
+ default:
+ ASN1err(ASN1_F_I2D_PUBLICKEY,ASN1_R_UNSUPPORTED_PUBLIC_KEY_TYPE);
+ return(-1);
+ }
+ }
+
diff --git a/crypto/asn1/i2d_r_pr.c b/crypto/asn1/i2d_r_pr.c
new file mode 100644
index 0000000..fa93897
--- /dev/null
+++ b/crypto/asn1/i2d_r_pr.c
@@ -0,0 +1,132 @@
+/* crypto/asn1/i2d_r_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPRIVATEKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_RSAPrivateKey(a,pp)
+RSA *a;
+unsigned char **pp;
+ {
+ BIGNUM *num[9];
+ unsigned char data[1];
+ ASN1_INTEGER bs;
+ unsigned int j,i,tot,t,len,max=0;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+
+ num[1]=a->n;
+ num[2]=a->e;
+ num[3]=a->d;
+ num[4]=a->p;
+ num[5]=a->q;
+ num[6]=a->dmp1;
+ num[7]=a->dmq1;
+ num[8]=a->iqmp;
+
+ bs.length=1;
+ bs.data=data;
+ bs.type=V_ASN1_INTEGER;
+ data[0]=a->version&0x7f;
+
+ tot=i2d_ASN1_INTEGER(&(bs),NULL);
+ for (i=1; i<9; i++)
+ {
+ j=BN_num_bits(num[i]);
+ len=((j == 0)?0:((j/8)+1));
+ if (len > max) max=len;
+ len=ASN1_object_size(0,len,
+ (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+ tot+=len;
+ }
+
+ t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(t);
+
+ p= *pp;
+ ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ i2d_ASN1_INTEGER(&bs,&p);
+
+ bs.data=(unsigned char *)Malloc(max+4);
+ if (bs.data == NULL)
+ {
+ ASN1err(ASN1_F_I2D_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+
+ for (i=1; i<9; i++)
+ {
+ bs.length=BN_bn2bin(num[i],bs.data);
+ i2d_ASN1_INTEGER(&bs,&p);
+ }
+ Free((char *)bs.data);
+ *pp=p;
+ return(t);
+ }
+
diff --git a/crypto/asn1/i2d_r_pu.c b/crypto/asn1/i2d_r_pu.c
new file mode 100644
index 0000000..31dc836
--- /dev/null
+++ b/crypto/asn1/i2d_r_pu.c
@@ -0,0 +1,118 @@
+/* crypto/asn1/i2d_r_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_RSAPUBLICKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_RSAPublicKey(a,pp)
+RSA *a;
+unsigned char **pp;
+ {
+ BIGNUM *num[2];
+ ASN1_INTEGER bs;
+ unsigned int j,i,tot=0,len,max=0,t;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+
+ num[0]=a->n;
+ num[1]=a->e;
+
+ for (i=0; i<2; i++)
+ {
+ j=BN_num_bits(num[i]);
+ len=((j == 0)?0:((j/8)+1));
+ if (len > max) max=len;
+ len=ASN1_object_size(0,len,
+ (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+ tot+=len;
+ }
+
+ t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(t);
+
+ p= *pp;
+ ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ bs.type=V_ASN1_INTEGER;
+ bs.data=(unsigned char *)Malloc(max+4);
+ if (bs.data == NULL)
+ {
+ ASN1err(ASN1_F_I2D_RSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+
+ for (i=0; i<2; i++)
+ {
+ bs.length=BN_bn2bin(num[i],bs.data);
+ i2d_ASN1_INTEGER(&bs,&p);
+ }
+ Free((char *)bs.data);
+ *pp=p;
+ return(t);
+ }
+
diff --git a/crypto/asn1/i2d_s_pr.c b/crypto/asn1/i2d_s_pr.c
new file mode 100644
index 0000000..0c0a5c6
--- /dev/null
+++ b/crypto/asn1/i2d_s_pr.c
@@ -0,0 +1,128 @@
+/* crypto/asn1/i2d_s_pr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_DSAPrivateKey(a,pp)
+DSA *a;
+unsigned char **pp;
+ {
+ BIGNUM *num[6];
+ unsigned char data[1];
+ ASN1_INTEGER bs;
+ unsigned int j,i,tot,t,len,max=0;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+
+ num[1]=a->p;
+ num[2]=a->q;
+ num[3]=a->g;
+ num[4]=a->pub_key;
+ num[5]=a->priv_key;
+
+ bs.length=1;
+ bs.data=data;
+ bs.type=V_ASN1_INTEGER;
+ data[0]=a->version&0x7f;
+
+ tot=i2d_ASN1_INTEGER(&(bs),NULL);
+ for (i=1; i<6; i++)
+ {
+ j=BN_num_bits(num[i]);
+ len=((j == 0)?0:((j/8)+1));
+ if (len > max) max=len;
+ len=ASN1_object_size(0,len,
+ (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+ tot+=len;
+ }
+
+ t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(t);
+
+ p= *pp;
+ ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ i2d_ASN1_INTEGER(&bs,&p);
+
+ bs.data=(unsigned char *)Malloc(max+4);
+ if (bs.data == NULL)
+ {
+ ASN1err(ASN1_F_I2D_DSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+
+ for (i=1; i<6; i++)
+ {
+ bs.length=BN_bn2bin(num[i],bs.data);
+ i2d_ASN1_INTEGER(&bs,&p);
+ }
+ Free((char *)bs.data);
+ *pp=p;
+ return(t);
+ }
+
diff --git a/crypto/asn1/i2d_s_pu.c b/crypto/asn1/i2d_s_pu.c
new file mode 100644
index 0000000..cfb7c11
--- /dev/null
+++ b/crypto/asn1/i2d_s_pu.c
@@ -0,0 +1,133 @@
+/* crypto/asn1/i2d_s_pu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+int i2d_DSAPublicKey(a,pp)
+DSA *a;
+unsigned char **pp;
+ {
+ BIGNUM *num[4];
+ ASN1_INTEGER bs;
+ unsigned int j,i,tot=0,len,max=0,t=0,all,n=1;
+ unsigned char *p;
+
+ if (a == NULL) return(0);
+
+ all=a->write_params;
+
+ num[0]=a->pub_key;
+ if (all)
+ {
+ num[1]=a->p;
+ num[2]=a->q;
+ num[3]=a->g;
+ n=4;
+ }
+
+ for (i=0; i<n; i++)
+ {
+ j=BN_num_bits(num[i]);
+ len=((j == 0)?0:((j/8)+1));
+ if (len > max) max=len;
+ len=ASN1_object_size(0,len,
+ (num[i]->neg)?V_ASN1_NEG_INTEGER:V_ASN1_INTEGER);
+ tot+=len;
+ }
+
+ if (all)
+ {
+ t=ASN1_object_size(1,tot,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(t);
+ }
+ else
+ {
+ if (pp == NULL) return(tot);
+ }
+
+ p= *pp;
+ if (all)
+ ASN1_put_object(&p,1,tot,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ bs.type=V_ASN1_INTEGER;
+ bs.data=(unsigned char *)Malloc(max+4);
+ if (bs.data == NULL)
+ {
+ ASN1err(ASN1_F_I2D_DSAPUBLICKEY,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+
+ for (i=0; i<n; i++)
+ {
+ bs.length=BN_bn2bin(num[i],bs.data);
+ i2d_ASN1_INTEGER(&bs,&p);
+ }
+ Free((char *)bs.data);
+ *pp=p;
+ return(t);
+ }
+
diff --git a/crypto/asn1/n_pkey.c b/crypto/asn1/n_pkey.c
new file mode 100644
index 0000000..6353d18
--- /dev/null
+++ b/crypto/asn1/n_pkey.c
@@ -0,0 +1,364 @@
+/* crypto/asn1/n_pkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rsa.h"
+#include "objects.h"
+#include "asn1_mac.h"
+#include "evp.h"
+#include "x509.h"
+
+
+#ifndef NO_RC4
+
+typedef struct netscape_pkey_st
+ {
+ ASN1_INTEGER *version;
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *private_key;
+ } NETSCAPE_PKEY;
+
+/*
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_DECODING_ERROR);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_PKEY,ASN1_R_DECODING_ERROR);
+ * ASN1err(ASN1_F_NETSCAPE_PKEY_NEW,ASN1_R_DECODING_ERROR);
+ */
+#ifndef NOPROTO
+static RSA *d2i_Netscape_RSA_2(RSA **a, unsigned char **pp, long length,
+ int (*cb)());
+static int i2d_NETSCAPE_PKEY(NETSCAPE_PKEY *a, unsigned char **pp);
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(NETSCAPE_PKEY **a,unsigned char **pp, long length);
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new(void);
+static void NETSCAPE_PKEY_free(NETSCAPE_PKEY *);
+#else
+static RSA *d2i_Netscape_RSA_2();
+static int i2d_NETSCAPE_PKEY();
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY();
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new();
+static void NETSCAPE_PKEY_free();
+#endif
+
+int i2d_Netscape_RSA(a,pp,cb)
+RSA *a;
+unsigned char **pp;
+int (*cb)();
+ {
+ int i,j,l[6];
+ NETSCAPE_PKEY *pkey;
+ unsigned char buf[256],*zz;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ EVP_CIPHER_CTX ctx;
+ X509_ALGOR *alg=NULL;
+ ASN1_OCTET_STRING os,os2;
+ M_ASN1_I2D_vars(a);
+
+ if (a == NULL) return(0);
+
+#ifdef WIN32
+ r=r; /* shut the damn compiler up :-) */
+#endif
+
+ os.data=os2.data=NULL;
+ if ((pkey=NETSCAPE_PKEY_new()) == NULL) goto err;
+ if (!ASN1_INTEGER_set(pkey->version,0)) goto err;
+
+ if (pkey->algor->algorithm != NULL)
+ ASN1_OBJECT_free(pkey->algor->algorithm);
+ pkey->algor->algorithm=OBJ_nid2obj(NID_rsaEncryption);
+ if ((pkey->algor->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ pkey->algor->parameter->type=V_ASN1_NULL;
+
+ l[0]=i2d_RSAPrivateKey(a,NULL);
+ pkey->private_key->length=l[0];
+
+ os2.length=i2d_NETSCAPE_PKEY(pkey,NULL);
+ l[1]=i2d_ASN1_OCTET_STRING(&os2,NULL);
+
+ if ((alg=X509_ALGOR_new()) == NULL) goto err;
+ if (alg->algorithm != NULL)
+ ASN1_OBJECT_free(alg->algorithm);
+ alg->algorithm=OBJ_nid2obj(NID_rc4);
+ if ((alg->parameter=ASN1_TYPE_new()) == NULL) goto err;
+ alg->parameter->type=V_ASN1_NULL;
+
+ l[2]=i2d_X509_ALGOR(alg,NULL);
+ l[3]=ASN1_object_size(1,l[2]+l[1],V_ASN1_SEQUENCE);
+
+ os.data=(unsigned char *)"private-key";
+ os.length=11;
+ l[4]=i2d_ASN1_OCTET_STRING(&os,NULL);
+
+ l[5]=ASN1_object_size(1,l[4]+l[3],V_ASN1_SEQUENCE);
+
+ if (pp == NULL)
+ {
+ if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+ if (alg != NULL) X509_ALGOR_free(alg);
+ return(l[5]);
+ }
+
+ if (pkey->private_key->data != NULL)
+ Free((char *)pkey->private_key->data);
+ if ((pkey->private_key->data=(unsigned char *)Malloc(l[0])) == NULL)
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ zz=pkey->private_key->data;
+ i2d_RSAPrivateKey(a,&zz);
+
+ if ((os2.data=(unsigned char *)Malloc(os2.length)) == NULL)
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ zz=os2.data;
+ i2d_NETSCAPE_PKEY(pkey,&zz);
+
+ if (cb == NULL)
+ cb=EVP_read_pw_string;
+ i=cb(buf,256,"Enter Private Key password:",1);
+ if (i != 0)
+ {
+ ASN1err(ASN1_F_I2D_NETSCAPE_RSA,ASN1_R_BAD_PASSWORD_READ);
+ goto err;
+ }
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
+ strlen((char *)buf),1,key,NULL);
+ memset(buf,0,256);
+ EVP_EncryptInit(&ctx,EVP_rc4(),key,NULL);
+ EVP_EncryptUpdate(&ctx,os2.data,&i,os2.data,os2.length);
+ EVP_EncryptFinal(&ctx,&(os2.data[i]),&j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
+ p= *pp;
+ ASN1_put_object(&p,1,l[4]+l[3],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_ASN1_OCTET_STRING(&os,&p);
+ ASN1_put_object(&p,1,l[2]+l[1],V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_X509_ALGOR(alg,&p);
+ i2d_ASN1_OCTET_STRING(&os2,&p);
+ ret=l[5];
+err:
+ if (os2.data != NULL) Free((char *)os2.data);
+ if (alg != NULL) X509_ALGOR_free(alg);
+ if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+ r=r;
+ return(ret);
+ }
+
+RSA *d2i_Netscape_RSA(a,pp,length,cb)
+RSA **a;
+unsigned char **pp;
+long length;
+int (*cb)();
+ {
+ RSA *ret=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+ ASN1_CTX c;
+
+ c.pp=pp;
+ c.error=ASN1_R_DECODING_ERROR;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
+ if ((os->length != 11) || (strncmp("private-key",
+ (char *)os->data,os->length) != 0))
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA,ASN1_R_PRIVATE_KEY_HEADER_MISSING);
+ ASN1_BIT_STRING_free(os);
+ goto err;
+ }
+ ASN1_BIT_STRING_free(os);
+ c.q=c.p;
+ if ((ret=d2i_Netscape_RSA_2(a,&c.p,c.slen,cb)) == NULL) goto err;
+ c.slen-=(c.p-c.q);
+
+ M_ASN1_D2I_Finish(a,RSA_free,ASN1_F_D2I_NETSCAPE_RSA);
+ }
+
+static RSA *d2i_Netscape_RSA_2(a,pp,length,cb)
+RSA **a;
+unsigned char **pp;
+long length;
+int (*cb)();
+ {
+ NETSCAPE_PKEY *pkey=NULL;
+ RSA *ret=NULL;
+ int i,j;
+ unsigned char buf[256],*zz;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ EVP_CIPHER_CTX ctx;
+ X509_ALGOR *alg=NULL;
+ ASN1_OCTET_STRING *os=NULL;
+ ASN1_CTX c;
+
+ c.error=ASN1_R_ERROR_STACK;
+ c.pp=pp;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(alg,d2i_X509_ALGOR);
+ if (OBJ_obj2nid(alg->algorithm) != NID_rc4)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNSUPPORTED_ENCRYPTION_ALGORITHM);
+ goto err;
+ }
+ M_ASN1_D2I_get(os,d2i_ASN1_OCTET_STRING);
+ if (cb == NULL)
+ cb=EVP_read_pw_string;
+ i=cb(buf,256,"Enter Private Key password:",0);
+ if (i != 0)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_BAD_PASSWORD_READ);
+ goto err;
+ }
+
+ EVP_BytesToKey(EVP_rc4(),EVP_md5(),NULL,buf,
+ strlen((char *)buf),1,key,NULL);
+ memset(buf,0,256);
+ EVP_DecryptInit(&ctx,EVP_rc4(),key,NULL);
+ EVP_DecryptUpdate(&ctx,os->data,&i,os->data,os->length);
+ EVP_DecryptFinal(&ctx,&(os->data[i]),&j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ os->length=i+j;
+
+ zz=os->data;
+
+ if ((pkey=d2i_NETSCAPE_PKEY(NULL,&zz,os->length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_PRIVATE_KEY);
+ goto err;
+ }
+
+ zz=pkey->private_key->data;
+ if ((ret=d2i_RSAPrivateKey(a,&zz,pkey->private_key->length)) == NULL)
+ {
+ ASN1err(ASN1_F_D2I_NETSCAPE_RSA_2,ASN1_R_UNABLE_TO_DECODE_RSA_KEY);
+ goto err;
+ }
+ if (!asn1_Finish(&c)) goto err;
+ *pp=c.p;
+err:
+ if (pkey != NULL) NETSCAPE_PKEY_free(pkey);
+ if (os != NULL) ASN1_BIT_STRING_free(os);
+ if (alg != NULL) X509_ALGOR_free(alg);
+ return(ret);
+ }
+
+static int i2d_NETSCAPE_PKEY(a,pp)
+NETSCAPE_PKEY *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+
+ M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->private_key, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->private_key, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+static NETSCAPE_PKEY *d2i_NETSCAPE_PKEY(a,pp,length)
+NETSCAPE_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,NETSCAPE_PKEY *,NETSCAPE_PKEY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->private_key,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_Finish(a,NETSCAPE_PKEY_free,ASN1_F_D2I_NETSCAPE_PKEY);
+ }
+
+static NETSCAPE_PKEY *NETSCAPE_PKEY_new()
+ {
+ NETSCAPE_PKEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,NETSCAPE_PKEY);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->algor,X509_ALGOR_new);
+ M_ASN1_New(ret->private_key,ASN1_OCTET_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_NETSCAPE_PKEY_NEW);
+ }
+
+static void NETSCAPE_PKEY_free(a)
+NETSCAPE_PKEY *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_ALGOR_free(a->algor);
+ ASN1_OCTET_STRING_free(a->private_key);
+ Free((char *)a);
+ }
+
+#endif /* NO_RC4 */
+
diff --git a/crypto/asn1/p7_dgst.c b/crypto/asn1/p7_dgst.c
new file mode 100644
index 0000000..206c2a6
--- /dev/null
+++ b/crypto/asn1/p7_dgst.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/p7_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_DIGEST_NEW,ASN1_R_MISSING_EOS);
+ * ASN1err(ASN1_F_D2I_PKCS7_DIGEST,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_DIGEST(a,pp)
+PKCS7_DIGEST *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->md,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->contents,i2d_PKCS7);
+ M_ASN1_I2D_len(a->digest,i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->md,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->contents,i2d_PKCS7);
+ M_ASN1_I2D_put(a->digest,i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_DIGEST *d2i_PKCS7_DIGEST(a,pp,length)
+PKCS7_DIGEST **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_DIGEST *,PKCS7_DIGEST_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->md,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
+ M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
+
+ M_ASN1_D2I_Finish(a,PKCS7_DIGEST_free,ASN1_F_D2I_PKCS7_DIGEST);
+ }
+
+PKCS7_DIGEST *PKCS7_DIGEST_new()
+ {
+ PKCS7_DIGEST *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_DIGEST);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->md,X509_ALGOR_new);
+ M_ASN1_New(ret->contents,PKCS7_new);
+ M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_DIGEST_NEW);
+ }
+
+void PKCS7_DIGEST_free(a)
+PKCS7_DIGEST *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_ALGOR_free(a->md);
+ PKCS7_free(a->contents);
+ ASN1_OCTET_STRING_free(a->digest);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_enc.c b/crypto/asn1/p7_enc.c
new file mode 100644
index 0000000..ce4bedb
--- /dev/null
+++ b/crypto/asn1/p7_enc.c
@@ -0,0 +1,120 @@
+/* crypto/asn1/p7_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ENCRYPT_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ENCRYPT,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ENCRYPT(a,pp)
+PKCS7_ENCRYPT *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(a,pp,length)
+PKCS7_ENCRYPT **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_ENCRYPT *,PKCS7_ENCRYPT_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
+
+ M_ASN1_D2I_Finish(a,PKCS7_ENCRYPT_free,ASN1_F_D2I_PKCS7_ENCRYPT);
+ }
+
+PKCS7_ENCRYPT *PKCS7_ENCRYPT_new()
+ {
+ PKCS7_ENCRYPT *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_ENCRYPT);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_ENCRYPT_NEW);
+ }
+
+void PKCS7_ENCRYPT_free(a)
+PKCS7_ENCRYPT *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ PKCS7_ENC_CONTENT_free(a->enc_data);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_enc_c.c b/crypto/asn1/p7_enc_c.c
new file mode 100644
index 0000000..b27d443
--- /dev/null
+++ b/crypto/asn1/p7_enc_c.c
@@ -0,0 +1,127 @@
+/* crypto/asn1/p7_enc_c.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ENC_CONTENT_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ENC_CONTENT,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ENC_CONTENT(a,pp)
+PKCS7_ENC_CONTENT *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->content_type,i2d_ASN1_OBJECT);
+ M_ASN1_I2D_len(a->algorithm,i2d_X509_ALGOR);
+ M_ASN1_I2D_len_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->content_type,i2d_ASN1_OBJECT);
+ M_ASN1_I2D_put(a->algorithm,i2d_X509_ALGOR);
+ M_ASN1_I2D_put_IMP_opt(a->enc_data,i2d_ASN1_OCTET_STRING,0);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(a,pp,length)
+PKCS7_ENC_CONTENT **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_ENC_CONTENT *,PKCS7_ENC_CONTENT_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->content_type,d2i_ASN1_OBJECT);
+ M_ASN1_D2I_get(ret->algorithm,d2i_X509_ALGOR);
+ M_ASN1_D2I_get_IMP_opt(ret->enc_data,d2i_ASN1_OCTET_STRING,0,
+ V_ASN1_OCTET_STRING);
+
+ M_ASN1_D2I_Finish(a,PKCS7_ENC_CONTENT_free,
+ ASN1_F_D2I_PKCS7_ENC_CONTENT);
+ }
+
+PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new()
+ {
+ PKCS7_ENC_CONTENT *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_ENC_CONTENT);
+ M_ASN1_New(ret->content_type,ASN1_OBJECT_new);
+ M_ASN1_New(ret->algorithm,X509_ALGOR_new);
+ ret->enc_data=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_ENC_CONTENT_NEW);
+ }
+
+void PKCS7_ENC_CONTENT_free(a)
+PKCS7_ENC_CONTENT *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->content_type);
+ X509_ALGOR_free(a->algorithm);
+ ASN1_OCTET_STRING_free(a->enc_data);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_evp.c b/crypto/asn1/p7_evp.c
new file mode 100644
index 0000000..a41d09d
--- /dev/null
+++ b/crypto/asn1/p7_evp.c
@@ -0,0 +1,125 @@
+/* crypto/asn1/p7_evp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ENVELOPE_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ENVELOPE,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ENVELOPE(a,pp)
+PKCS7_ENVELOPE *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+ M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+ M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(a,pp,length)
+PKCS7_ENVELOPE **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_ENVELOPE *,PKCS7_ENVELOPE_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO);
+ M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
+
+ M_ASN1_D2I_Finish(a,PKCS7_ENVELOPE_free,ASN1_F_D2I_PKCS7_ENVELOPE);
+ }
+
+PKCS7_ENVELOPE *PKCS7_ENVELOPE_new()
+ {
+ PKCS7_ENVELOPE *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_ENVELOPE);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->recipientinfo,sk_new_null);
+ M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_ENVELOPE_NEW);
+ }
+
+void PKCS7_ENVELOPE_free(a)
+PKCS7_ENVELOPE *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ sk_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
+ PKCS7_ENC_CONTENT_free(a->enc_data);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_i_s.c b/crypto/asn1/p7_i_s.c
new file mode 100644
index 0000000..413c7e1
--- /dev/null
+++ b/crypto/asn1/p7_i_s.c
@@ -0,0 +1,120 @@
+/* crypto/asn1/p7_i_s.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_ISSUER_AND_SERIAL(a,pp)
+PKCS7_ISSUER_AND_SERIAL *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
+ M_ASN1_I2D_len(a->serial,i2d_ASN1_INTEGER);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
+ M_ASN1_I2D_put(a->serial,i2d_ASN1_INTEGER);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(a,pp,length)
+PKCS7_ISSUER_AND_SERIAL **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_ISSUER_AND_SERIAL *,PKCS7_ISSUER_AND_SERIAL_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->serial,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_Finish(a,PKCS7_ISSUER_AND_SERIAL_free,
+ ASN1_F_D2I_PKCS7_ISSUER_AND_SERIAL);
+ }
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new()
+ {
+ PKCS7_ISSUER_AND_SERIAL *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_New(ret->issuer,X509_NAME_new);
+ M_ASN1_New(ret->serial,ASN1_INTEGER_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_ISSUER_AND_SERIAL_NEW);
+ }
+
+void PKCS7_ISSUER_AND_SERIAL_free(a)
+PKCS7_ISSUER_AND_SERIAL *a;
+ {
+ if (a == NULL) return;
+ X509_NAME_free(a->issuer);
+ ASN1_INTEGER_free(a->serial);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_lib.c b/crypto/asn1/p7_lib.c
new file mode 100644
index 0000000..b745df0
--- /dev/null
+++ b/crypto/asn1/p7_lib.c
@@ -0,0 +1,299 @@
+/* crypto/asn1/p7_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "objects.h"
+
+/* ASN1err(ASN1_F_D2I_PKCS7,ASN1_R_BAD_PKCS7_CONTENT);
+ * ASN1err(ASN1_F_I2D_PKCS7,ASN1_R_BAD_PKCS7_TYPE);
+ * ASN1err(ASN1_F_PKCS7_NEW,ASN1_R_BAD_PKCS7_TYPE);
+ */
+
+int i2d_PKCS7(a,pp)
+PKCS7 *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ if (a->asn1 != NULL)
+ {
+ if (pp == NULL)
+ return((int)a->length);
+ memcpy(*pp,a->asn1,(int)a->length);
+ *pp+=a->length;
+ return((int)a->length);
+ }
+
+ ret+=4; /* sequence, BER header plus '0 0' end padding */
+ M_ASN1_I2D_len(a->type,i2d_ASN1_OBJECT);
+ if (a->d.ptr != NULL)
+ {
+ ret+=4; /* explicit tag [ 0 ] BER plus '0 0' */
+ switch (OBJ_obj2nid(a->type))
+ {
+ case NID_pkcs7_data:
+ M_ASN1_I2D_len(a->d.data,i2d_ASN1_OCTET_STRING);
+ break;
+ case NID_pkcs7_signed:
+ M_ASN1_I2D_len(a->d.sign,i2d_PKCS7_SIGNED);
+ break;
+ case NID_pkcs7_enveloped:
+ M_ASN1_I2D_len(a->d.enveloped,i2d_PKCS7_ENVELOPE);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ M_ASN1_I2D_len(a->d.signed_and_enveloped,
+ i2d_PKCS7_SIGN_ENVELOPE);
+ break;
+ case NID_pkcs7_digest:
+ M_ASN1_I2D_len(a->d.digest,i2d_PKCS7_DIGEST);
+ break;
+ case NID_pkcs7_encrypted:
+ M_ASN1_I2D_len(a->d.encrypted,i2d_PKCS7_ENCRYPT);
+ break;
+ default:
+ break;
+ }
+ }
+ r=ret;
+ if (pp == NULL) return(r);
+ p= *pp;
+ M_ASN1_I2D_INF_seq_start(V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ M_ASN1_I2D_put(a->type,i2d_ASN1_OBJECT);
+
+ if (a->d.ptr != NULL)
+ {
+ M_ASN1_I2D_INF_seq_start(0,V_ASN1_CONTEXT_SPECIFIC);
+ switch (OBJ_obj2nid(a->type))
+ {
+ case NID_pkcs7_data:
+ M_ASN1_I2D_put(a->d.data,i2d_ASN1_OCTET_STRING);
+ break;
+ case NID_pkcs7_signed:
+ M_ASN1_I2D_put(a->d.sign,i2d_PKCS7_SIGNED);
+ break;
+ case NID_pkcs7_enveloped:
+ M_ASN1_I2D_put(a->d.enveloped,i2d_PKCS7_ENVELOPE);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ M_ASN1_I2D_put(a->d.signed_and_enveloped,
+ i2d_PKCS7_SIGN_ENVELOPE);
+ break;
+ case NID_pkcs7_digest:
+ M_ASN1_I2D_put(a->d.digest,i2d_PKCS7_DIGEST);
+ break;
+ case NID_pkcs7_encrypted:
+ M_ASN1_I2D_put(a->d.encrypted,i2d_PKCS7_ENCRYPT);
+ break;
+ default:
+ break;
+ }
+ M_ASN1_I2D_INF_seq_end();
+ }
+ M_ASN1_I2D_INF_seq_end();
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7 *d2i_PKCS7(a,pp,length)
+PKCS7 **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7 *,PKCS7_new);
+
+ if ((a != NULL) && ((*a) != NULL))
+ {
+ if ((*a)->asn1 != NULL)
+ {
+ Free((char *)(*a)->asn1);
+ (*a)->asn1=NULL;
+ }
+ (*a)->length=0;
+ }
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->type,d2i_ASN1_OBJECT);
+ if (!M_ASN1_D2I_end_sequence())
+ {
+ int Tinf,Ttag,Tclass;
+ long Tlen;
+
+ if (M_ASN1_next != (V_ASN1_CONSTRUCTED|
+ V_ASN1_CONTEXT_SPECIFIC|0))
+ {
+ c.error=ASN1_R_BAD_PKCS7_CONTENT;
+ goto err;
+ }
+
+ ret->detached=0;
+
+ c.q=c.p;
+ Tinf=ASN1_get_object(&c.p,&Tlen,&Ttag,&Tclass,
+ (c.inf & 1)?(length+ *pp-c.q):c.slen);
+ if (Tinf & 0x80) goto err;
+ c.slen-=(c.p-c.q);
+
+ switch (OBJ_obj2nid(ret->type))
+ {
+ case NID_pkcs7_data:
+ M_ASN1_D2I_get(ret->d.data,d2i_ASN1_OCTET_STRING);
+ break;
+ case NID_pkcs7_signed:
+ M_ASN1_D2I_get(ret->d.sign,d2i_PKCS7_SIGNED);
+ if (ret->d.sign->contents->d.ptr == NULL)
+ ret->detached=1;
+ break;
+ case NID_pkcs7_enveloped:
+ M_ASN1_D2I_get(ret->d.enveloped,d2i_PKCS7_ENVELOPE);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ M_ASN1_D2I_get(ret->d.signed_and_enveloped,
+ d2i_PKCS7_SIGN_ENVELOPE);
+ break;
+ case NID_pkcs7_digest:
+ M_ASN1_D2I_get(ret->d.digest,d2i_PKCS7_DIGEST);
+ break;
+ case NID_pkcs7_encrypted:
+ M_ASN1_D2I_get(ret->d.encrypted,d2i_PKCS7_ENCRYPT);
+ break;
+ default:
+ c.error=ASN1_R_BAD_PKCS7_TYPE;
+ goto err;
+ break;
+ }
+ if (Tinf == (1|V_ASN1_CONSTRUCTED))
+ {
+ if (!ASN1_check_infinite_end(&c.p,c.slen))
+ {
+ c.error=ASN1_R_MISSING_EOS;
+ goto err;
+ }
+ }
+ }
+ else
+ ret->detached=1;
+
+ M_ASN1_D2I_Finish(a,PKCS7_free,ASN1_F_D2I_PKCS7);
+ }
+
+PKCS7 *PKCS7_new()
+ {
+ PKCS7 *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7);
+ ret->type=ASN1_OBJECT_new();
+ ret->asn1=NULL;
+ ret->length=0;
+ ret->detached=0;
+ ret->d.ptr=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_NEW);
+ }
+
+void PKCS7_free(a)
+PKCS7 *a;
+ {
+ if (a == NULL) return;
+
+ PKCS7_content_free(a);
+ if (a->type != NULL)
+ {
+ ASN1_OBJECT_free(a->type);
+ }
+ Free((char *)(char *)a);
+ }
+
+void PKCS7_content_free(a)
+PKCS7 *a;
+ {
+ if (a->asn1 != NULL) Free((char *)a->asn1);
+
+ if (a->d.ptr != NULL)
+ {
+ if (a->type == NULL) return;
+
+ switch (OBJ_obj2nid(a->type))
+ {
+ case NID_pkcs7_data:
+ ASN1_OCTET_STRING_free(a->d.data);
+ break;
+ case NID_pkcs7_signed:
+ PKCS7_SIGNED_free(a->d.sign);
+ break;
+ case NID_pkcs7_enveloped:
+ PKCS7_ENVELOPE_free(a->d.enveloped);
+ break;
+ case NID_pkcs7_signedAndEnveloped:
+ PKCS7_SIGN_ENVELOPE_free(a->d.signed_and_enveloped);
+ break;
+ case NID_pkcs7_digest:
+ PKCS7_DIGEST_free(a->d.digest);
+ break;
+ case NID_pkcs7_encrypted:
+ PKCS7_ENCRYPT_free(a->d.encrypted);
+ break;
+ default:
+ /* MEMORY LEAK */
+ break;
+ }
+ }
+ a->d.ptr=NULL;
+ }
+
diff --git a/crypto/asn1/p7_recip.c b/crypto/asn1/p7_recip.c
new file mode 100644
index 0000000..e4ebda0
--- /dev/null
+++ b/crypto/asn1/p7_recip.c
@@ -0,0 +1,130 @@
+/* crypto/asn1/p7_recip.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_RECIP_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_RECIP_INFO,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_RECIP_INFO(a,pp)
+PKCS7_RECIP_INFO *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_I2D_len(a->key_enc_algor,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->enc_key,i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_I2D_put(a->key_enc_algor,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->enc_key,i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(a,pp,length)
+PKCS7_RECIP_INFO **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_RECIP_INFO *,PKCS7_RECIP_INFO_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_D2I_get(ret->key_enc_algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->enc_key,d2i_ASN1_OCTET_STRING);
+
+ M_ASN1_D2I_Finish(a,PKCS7_RECIP_INFO_free,ASN1_F_D2I_PKCS7_RECIP_INFO);
+ }
+
+PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new()
+ {
+ PKCS7_RECIP_INFO *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_RECIP_INFO);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
+ M_ASN1_New(ret->key_enc_algor,X509_ALGOR_new);
+ M_ASN1_New(ret->enc_key,ASN1_OCTET_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_RECIP_INFO_NEW);
+ }
+
+void PKCS7_RECIP_INFO_free(a)
+PKCS7_RECIP_INFO *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
+ X509_ALGOR_free(a->key_enc_algor);
+ ASN1_OCTET_STRING_free(a->enc_key);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_s_e.c b/crypto/asn1/p7_s_e.c
new file mode 100644
index 0000000..df5fa3f
--- /dev/null
+++ b/crypto/asn1/p7_s_e.c
@@ -0,0 +1,146 @@
+/* crypto/asn1/p7_s_e.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_SIGN_ENVELOPE,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_SIGN_ENVELOPE(a,pp)
+PKCS7_SIGN_ENVELOPE *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+ M_ASN1_I2D_len_SET(a->md_algs,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+ M_ASN1_I2D_len_IMP_set_opt(a->cert,i2d_X509,0);
+ M_ASN1_I2D_len_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+ M_ASN1_I2D_len_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put_SET(a->recipientinfo,i2d_PKCS7_RECIP_INFO);
+ M_ASN1_I2D_put_SET(a->md_algs,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->enc_data,i2d_PKCS7_ENC_CONTENT);
+ M_ASN1_I2D_put_IMP_set_opt(a->cert,i2d_X509,0);
+ M_ASN1_I2D_put_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+ M_ASN1_I2D_put_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(a,pp,length)
+PKCS7_SIGN_ENVELOPE **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_SIGN_ENVELOPE *,PKCS7_SIGN_ENVELOPE_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get_set(ret->recipientinfo,d2i_PKCS7_RECIP_INFO);
+ M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->enc_data,d2i_PKCS7_ENC_CONTENT);
+ M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,0);
+ M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,1);
+ M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO);
+
+ M_ASN1_D2I_Finish(a,PKCS7_SIGN_ENVELOPE_free,
+ ASN1_F_D2I_PKCS7_SIGN_ENVELOPE);
+ }
+
+PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new()
+ {
+ PKCS7_SIGN_ENVELOPE *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_SIGN_ENVELOPE);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->recipientinfo,sk_new_null);
+ M_ASN1_New(ret->md_algs,sk_new_null);
+ M_ASN1_New(ret->enc_data,PKCS7_ENC_CONTENT_new);
+ ret->cert=NULL;
+ ret->crl=NULL;
+ M_ASN1_New(ret->signer_info,sk_new_null);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_SIGN_ENVELOPE_NEW);
+ }
+
+void PKCS7_SIGN_ENVELOPE_free(a)
+PKCS7_SIGN_ENVELOPE *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ sk_pop_free(a->recipientinfo,PKCS7_RECIP_INFO_free);
+ sk_pop_free(a->md_algs,X509_ALGOR_free);
+ PKCS7_ENC_CONTENT_free(a->enc_data);
+ sk_pop_free(a->cert,X509_free);
+ sk_pop_free(a->crl,X509_CRL_free);
+ sk_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_signd.c b/crypto/asn1/p7_signd.c
new file mode 100644
index 0000000..23dc7ce
--- /dev/null
+++ b/crypto/asn1/p7_signd.c
@@ -0,0 +1,140 @@
+/* crypto/asn1/p7_signd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_SIGNED_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_SIGNED,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_SIGNED(a,pp)
+PKCS7_SIGNED *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len_SET(a->md_algs,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->contents,i2d_PKCS7);
+ M_ASN1_I2D_len_IMP_set_opt(a->cert,i2d_X509,0);
+ M_ASN1_I2D_len_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+ M_ASN1_I2D_len_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put_SET(a->md_algs,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->contents,i2d_PKCS7);
+ M_ASN1_I2D_put_IMP_set_opt(a->cert,i2d_X509,0);
+ M_ASN1_I2D_put_IMP_set_opt(a->crl,i2d_X509_CRL,1);
+ M_ASN1_I2D_put_SET(a->signer_info,i2d_PKCS7_SIGNER_INFO);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_SIGNED *d2i_PKCS7_SIGNED(a,pp,length)
+PKCS7_SIGNED **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_SIGNED *,PKCS7_SIGNED_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get_set(ret->md_algs,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->contents,d2i_PKCS7);
+ M_ASN1_D2I_get_IMP_set_opt(ret->cert,d2i_X509,0);
+ M_ASN1_D2I_get_IMP_set_opt(ret->crl,d2i_X509_CRL,1);
+ M_ASN1_D2I_get_set(ret->signer_info,d2i_PKCS7_SIGNER_INFO);
+
+ M_ASN1_D2I_Finish(a,PKCS7_SIGNED_free,ASN1_F_D2I_PKCS7_SIGNED);
+ }
+
+PKCS7_SIGNED *PKCS7_SIGNED_new()
+ {
+ PKCS7_SIGNED *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_SIGNED);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->md_algs,sk_new_null);
+ M_ASN1_New(ret->contents,PKCS7_new);
+ ret->cert=NULL;
+ ret->crl=NULL;
+ M_ASN1_New(ret->signer_info,sk_new_null);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_SIGNED_NEW);
+ }
+
+void PKCS7_SIGNED_free(a)
+PKCS7_SIGNED *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ sk_pop_free(a->md_algs,X509_ALGOR_free);
+ PKCS7_free(a->contents);
+ sk_pop_free(a->cert,X509_free);
+ sk_pop_free(a->crl,X509_CRL_free);
+ sk_pop_free(a->signer_info,PKCS7_SIGNER_INFO_free);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/p7_signi.c b/crypto/asn1/p7_signi.c
new file mode 100644
index 0000000..d6682e0
--- /dev/null
+++ b/crypto/asn1/p7_signi.c
@@ -0,0 +1,149 @@
+/* crypto/asn1/p7_signi.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_PKCS7_SIGNER_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_PKCS7_SIGNER_INFO,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_PKCS7_SIGNER_INFO(a,pp)
+PKCS7_SIGNER_INFO *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_I2D_len(a->digest_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_len_IMP_set_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
+ M_ASN1_I2D_len(a->digest_enc_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->enc_digest,i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len_IMP_set_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->issuer_and_serial,i2d_PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_I2D_put(a->digest_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_put_IMP_set_opt(a->auth_attr,i2d_X509_ATTRIBUTE,0);
+ M_ASN1_I2D_put(a->digest_enc_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->enc_digest,i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put_IMP_set_opt(a->unauth_attr,i2d_X509_ATTRIBUTE,1);
+
+ M_ASN1_I2D_finish();
+ }
+
+PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(a,pp,length)
+PKCS7_SIGNER_INFO **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,PKCS7_SIGNER_INFO *,PKCS7_SIGNER_INFO_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->issuer_and_serial,d2i_PKCS7_ISSUER_AND_SERIAL);
+ M_ASN1_D2I_get(ret->digest_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get_IMP_set_opt(ret->auth_attr,d2i_X509_ATTRIBUTE,0);
+ M_ASN1_D2I_get(ret->digest_enc_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->enc_digest,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_get_IMP_set_opt(ret->unauth_attr,d2i_X509_ATTRIBUTE,1);
+
+ M_ASN1_D2I_Finish(a,PKCS7_SIGNER_INFO_free,
+ ASN1_F_D2I_PKCS7_SIGNER_INFO);
+ }
+
+PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new()
+ {
+ PKCS7_SIGNER_INFO *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,PKCS7_SIGNER_INFO);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->issuer_and_serial,PKCS7_ISSUER_AND_SERIAL_new);
+ M_ASN1_New(ret->digest_alg,X509_ALGOR_new);
+ ret->auth_attr=NULL;
+ M_ASN1_New(ret->digest_enc_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->enc_digest,ASN1_OCTET_STRING_new);
+ ret->unauth_attr=NULL;
+ ret->pkey=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_PKCS7_SIGNER_INFO_NEW);
+ }
+
+void PKCS7_SIGNER_INFO_free(a)
+PKCS7_SIGNER_INFO *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ PKCS7_ISSUER_AND_SERIAL_free(a->issuer_and_serial);
+ X509_ALGOR_free(a->digest_alg);
+ sk_pop_free(a->auth_attr,X509_ATTRIBUTE_free);
+ X509_ALGOR_free(a->digest_enc_alg);
+ ASN1_OCTET_STRING_free(a->enc_digest);
+ sk_pop_free(a->unauth_attr,X509_ATTRIBUTE_free);
+ if (a->pkey != NULL)
+ EVP_PKEY_free(a->pkey);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/pk.c b/crypto/asn1/pk.c
new file mode 100644
index 0000000..b96f22d
--- /dev/null
+++ b/crypto/asn1/pk.c
@@ -0,0 +1,117 @@
+/* crypto/asn1/pk.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "../error/err.h"
+#include "./asn1.h"
+#include "rsa.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+main()
+ {
+ PKCS7 *x;
+ FILE *in;
+ unsigned char buf[10240],buf2[10240],*p;
+ int num,i;
+
+ PKCS7 *nx=NULL,*mx=NULL;
+
+ in=fopen("pkcs7.der","r");
+ if (in == NULL)
+ {
+ perror("pkcs7.der");
+ exit(1);
+ }
+ num=fread(buf,1,10240,in);
+ fclose(in);
+
+
+ p=buf;
+ if (d2i_PKCS7(&nx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf);
+
+exit(0);
+ p=buf2;
+ num=i2d_PKCS7(nx,&p);
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+ if (memcmp(buf,buf2,num) != 0)
+ {
+ fprintf(stderr,"data difference\n");
+ for (i=0; i<num; i++)
+ fprintf(stderr,"%c%03d <%02X-%02X>\n",
+ (buf[i] == buf2[i])?' ':'*',i,
+ buf[i],buf2[i]);
+ fprintf(stderr,"\n");
+ exit(1);
+ }
+
+ p=buf2;
+ if (d2i_PKCS7(&mx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+/* X509_print(stdout,mx);*/
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(stderr);
+ exit(1);
+ }
+
diff --git a/crypto/asn1/pkcs8.c b/crypto/asn1/pkcs8.c
new file mode 100644
index 0000000..bd0d191
--- /dev/null
+++ b/crypto/asn1/pkcs8.c
@@ -0,0 +1,139 @@
+/* crypto/asn1/pkcs8.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "objects.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_KEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_KEY_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+int i2d_X509_KEY(a,pp)
+X509 *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
+ M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF);
+ M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509 *d2i_X509_KEY(a,pp,length)
+X509 **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509 *,X509_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+ M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
+ }
+
+X509 *X509_KEY_new()
+ {
+ X509_KEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_KEY);
+ ret->references=1;
+ ret->type=NID
+ M_ASN1_New(ret->cert_info,X509_CINF_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NEW);
+ }
+
+void X509_KEY_free(a)
+X509 *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add_lock(&a->references,-1,CRYPTO_LOCK_X509_KEY);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_KEY_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_CINF_free(a->cert_info);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/t_pkey.c b/crypto/asn1/t_pkey.c
new file mode 100644
index 0000000..09a5abe
--- /dev/null
+++ b/crypto/asn1/t_pkey.c
@@ -0,0 +1,389 @@
+/* crypto/asn1/t_pkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifndef NO_DH
+#include "dh.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+
+/* DHerr(DH_F_DHPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
+ * DSAerr(DSA_F_DSAPARAMS_PRINT,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int print(BIO *fp,char *str,BIGNUM *num,
+ unsigned char *buf,int off);
+#else
+static int print();
+#endif
+
+#ifndef NO_RSA
+#ifndef WIN16
+int RSA_print_fp(fp,x,off)
+FILE *fp;
+RSA *x;
+int off;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ RSAerr(RSA_F_RSA_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=RSA_print(b,x,off);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int RSA_print(bp,x,off)
+BIO *bp;
+RSA *x;
+int off;
+ {
+ char str[128],*s;
+ unsigned char *m=NULL;
+ int i,ret=0;
+
+ i=RSA_size(x);
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ RSAerr(RSA_F_RSA_PRINT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (off)
+ {
+ if (off > 128) off=128;
+ memset(str,' ',off);
+ }
+ if (x->d != NULL)
+ {
+ if (off && (BIO_write(bp,str,off) <= 0)) goto err;
+ if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->n))
+ <= 0) goto err;
+ }
+
+ if (x->d == NULL)
+ sprintf(str,"Modulus (%d bit):",BN_num_bits(x->n));
+ else
+ strcpy(str,"modulus:");
+ if (!print(bp,str,x->n,m,off)) goto err;
+ s=(x->d == NULL)?"Exponent:":"publicExponent:";
+ if (!print(bp,s,x->e,m,off)) goto err;
+ if (!print(bp,"privateExponent:",x->d,m,off)) goto err;
+ if (!print(bp,"prime1:",x->p,m,off)) goto err;
+ if (!print(bp,"prime2:",x->q,m,off)) goto err;
+ if (!print(bp,"exponent1:",x->dmp1,m,off)) goto err;
+ if (!print(bp,"exponent2:",x->dmq1,m,off)) goto err;
+ if (!print(bp,"coefficient:",x->iqmp,m,off)) goto err;
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+#endif /* NO_RSA */
+
+#ifndef NO_DSA
+#ifndef WIN16
+int DSA_print_fp(fp,x,off)
+FILE *fp;
+DSA *x;
+int off;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ DSAerr(DSA_F_DSA_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=DSA_print(b,x,off);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int DSA_print(bp,x,off)
+BIO *bp;
+DSA *x;
+int off;
+ {
+ char str[128];
+ unsigned char *m=NULL;
+ int i,ret=0;
+ BIGNUM *bn=NULL;
+
+ if (x->p != NULL)
+ bn=x->p;
+ else if (x->priv_key != NULL)
+ bn=x->priv_key;
+ else if (x->pub_key != NULL)
+ bn=x->pub_key;
+
+ /* larger than needed but what the hell :-) */
+ if (bn != NULL)
+ i=BN_num_bytes(bn)*2;
+ else
+ i=256;
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ DSAerr(DSA_F_DSA_PRINT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (off)
+ {
+ if (off > 128) off=128;
+ memset(str,' ',off);
+ }
+ if (x->priv_key != NULL)
+ {
+ if (off && (BIO_write(bp,str,off) <= 0)) goto err;
+ if (BIO_printf(bp,"Private-Key: (%d bit)\n",BN_num_bits(x->p))
+ <= 0) goto err;
+ }
+
+ if ((x->priv_key != NULL) && !print(bp,"priv:",x->priv_key,m,off))
+ goto err;
+ if ((x->pub_key != NULL) && !print(bp,"pub: ",x->pub_key,m,off))
+ goto err;
+ if ((x->p != NULL) && !print(bp,"P: ",x->p,m,off)) goto err;
+ if ((x->q != NULL) && !print(bp,"Q: ",x->q,m,off)) goto err;
+ if ((x->g != NULL) && !print(bp,"G: ",x->g,m,off)) goto err;
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+#endif /* !NO_DSA */
+
+static int print(bp,number,num,buf,off)
+BIO *bp;
+char *number;
+BIGNUM *num;
+unsigned char *buf;
+int off;
+ {
+ int n,i;
+ char str[128],*neg;
+
+ if (num == NULL) return(1);
+ neg=(num->neg)?"-":"";
+ if (off)
+ {
+ if (off > 128) off=128;
+ memset(str,' ',off);
+ if (BIO_write(bp,str,off) <= 0) return(0);
+ }
+
+ if (BN_num_bytes(num) <= BN_BYTES)
+ {
+ if (BIO_printf(bp,"%s %s%lu (%s0x%lx)\n",number,neg,
+ (unsigned long)num->d[0],neg,(unsigned long)num->d[0])
+ <= 0) return(0);
+ }
+ else
+ {
+ buf[0]=0;
+ if (BIO_printf(bp,"%s%s",number,
+ (neg[0] == '-')?" (Negative)":"") <= 0)
+ return(0);
+ n=BN_bn2bin(num,&buf[1]);
+
+ if (buf[1] & 0x80)
+ n++;
+ else buf++;
+
+ for (i=0; i<n; i++)
+ {
+ if ((i%15) == 0)
+ {
+ str[0]='\n';
+ memset(&(str[1]),' ',off+4);
+ if (BIO_write(bp,str,off+1+4) <= 0) return(0);
+ }
+ if (BIO_printf(bp,"%02x%s",buf[i],((i+1) == n)?"":":")
+ <= 0) return(0);
+ }
+ if (BIO_write(bp,"\n",1) <= 0) return(0);
+ }
+ return(1);
+ }
+
+#ifndef NO_DH
+#ifndef WIN16
+int DHparams_print_fp(fp,x)
+FILE *fp;
+DH *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ DHerr(DH_F_DHPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=DHparams_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int DHparams_print(bp,x)
+BIO *bp;
+DH *x;
+ {
+ unsigned char *m=NULL;
+ int reason=ERR_R_BUF_LIB,i,ret=0;
+
+ i=BN_num_bytes(x->p);
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ reason=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (BIO_printf(bp,"Diffie-Hellman-Parameters: (%d bit)\n",
+ BN_num_bits(x->p)) <= 0)
+ goto err;
+ if (!print(bp,"prime:",x->p,m,4)) goto err;
+ if (!print(bp,"generator:",x->g,m,4)) goto err;
+ if (x->length != 0)
+ {
+ if (BIO_printf(bp," recomented-private-length: %d bits\n",
+ (int)x->length) <= 0) goto err;
+ }
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ DHerr(DH_F_DHPARAMS_PRINT,reason);
+ return(ret);
+ }
+#endif
+
+#ifndef NO_DSA
+#ifndef WIN16
+int DSAparams_print_fp(fp,x)
+FILE *fp;
+DSA *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ DSAerr(DSA_F_DSAPARAMS_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=DSAparams_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int DSAparams_print(bp,x)
+BIO *bp;
+DSA *x;
+ {
+ unsigned char *m=NULL;
+ int reason=ERR_R_BUF_LIB,i,ret=0;
+
+ i=BN_num_bytes(x->p);
+ m=(unsigned char *)Malloc((unsigned int)i+10);
+ if (m == NULL)
+ {
+ reason=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ if (BIO_printf(bp,"DSA-Parameters: (%d bit)\n",
+ BN_num_bits(x->p)) <= 0)
+ goto err;
+ if (!print(bp,"p:",x->p,m,4)) goto err;
+ if (!print(bp,"q:",x->q,m,4)) goto err;
+ if (!print(bp,"g:",x->g,m,4)) goto err;
+ ret=1;
+err:
+ if (m != NULL) Free((char *)m);
+ DSAerr(DSA_F_DSAPARAMS_PRINT,reason);
+ return(ret);
+ }
+
+#endif /* !NO_DSA */
+
diff --git a/crypto/asn1/t_req.c b/crypto/asn1/t_req.c
new file mode 100644
index 0000000..922f6b3
--- /dev/null
+++ b/crypto/asn1/t_req.c
@@ -0,0 +1,226 @@
+/* crypto/asn1/t_req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifndef WIN16
+int X509_REQ_print_fp(fp,x)
+FILE *fp;
+X509_REQ *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ X509err(X509_F_X509_REQ_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=X509_REQ_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int X509_REQ_print(bp,x)
+BIO *bp;
+X509_REQ *x;
+ {
+ unsigned long l;
+ int i,n;
+ char *s,*neg;
+ X509_REQ_INFO *ri;
+ EVP_PKEY *pkey;
+ STACK *sk;
+ char str[128];
+
+ ri=x->req_info;
+ sprintf(str,"Certificate Request:\n");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ sprintf(str,"%4sData:\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ neg=(ri->version->type == V_ASN1_NEG_INTEGER)?"-":"";
+ l=0;
+ for (i=0; i<ri->version->length; i++)
+ { l<<=8; l+=ri->version->data[i]; }
+ sprintf(str,"%8sVersion: %s%lu (%s0x%lx)\n","",neg,l,neg,l);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ sprintf(str,"%8sSubject: ","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ X509_NAME_print(bp,ri->subject,16);
+ sprintf(str,"\n%8sSubject Public Key Info:\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ i=OBJ_obj2nid(ri->pubkey->algor->algorithm);
+ sprintf(str,"%12sPublic Key Algorithm: %s\n","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ pkey=X509_REQ_get_pubkey(x);
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+ BN_num_bits(pkey->pkey.rsa->n));
+ RSA_print(bp,pkey->pkey.rsa,16);
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ BIO_printf(bp,"%12sDSA Public Key:\n","");
+ DSA_print(bp,pkey->pkey.dsa,16);
+ }
+ else
+#endif
+ BIO_printf(bp,"%12sUnknown Public Key:\n","");
+
+ /* may not be */
+ sprintf(str,"%8sAttributes:\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ sk=x->req_info->attributes;
+ if ((sk == NULL) || (sk_num(sk) == 0))
+ {
+ if (!x->req_info->req_kludge)
+ {
+ sprintf(str,"%12sa0:00\n","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ }
+ else
+ {
+ for (i=0; i<sk_num(sk); i++)
+ {
+ ASN1_TYPE *at;
+ X509_ATTRIBUTE *a;
+ ASN1_BIT_STRING *bs=NULL;
+ ASN1_TYPE *t;
+ int j,type=0,count=1,ii=0;
+
+ a=(X509_ATTRIBUTE *)sk_value(sk,i);
+ sprintf(str,"%12s","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ if ((j=i2a_ASN1_OBJECT(bp,a->object)) > 0)
+
+ if (a->set)
+ {
+ ii=0;
+ count=sk_num(a->value.set);
+get_next:
+ at=(ASN1_TYPE *)sk_value(a->value.set,ii);
+ type=at->type;
+ bs=at->value.asn1_string;
+ }
+ else
+ {
+ t=a->value.single;
+ type=t->type;
+ bs=t->value.bit_string;
+ }
+ for (j=25-j; j>0; j--)
+ if (BIO_write(bp," ",1) != 1) goto err;
+ if (BIO_puts(bp,":") <= 0) goto err;
+ if ( (type == V_ASN1_PRINTABLESTRING) ||
+ (type == V_ASN1_T61STRING) ||
+ (type == V_ASN1_IA5STRING))
+ {
+ if (BIO_write(bp,(char *)bs->data,bs->length)
+ != bs->length)
+ goto err;
+ BIO_puts(bp,"\n");
+ }
+ else
+ {
+ BIO_puts(bp,"unable to print attribute\n");
+ }
+ if (++ii < count) goto get_next;
+ }
+ }
+
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ sprintf(str,"%4sSignature Algorithm: %s","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i));
+ if (BIO_puts(bp,str) <= 0) goto err;
+
+ n=x->signature->length;
+ s=(char *)x->signature->data;
+ for (i=0; i<n; i++)
+ {
+ if ((i%18) == 0)
+ {
+ sprintf(str,"\n%8s","");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ sprintf(str,"%02x%s",(unsigned char)s[i],((i+1) == n)?"":":");
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n") <= 0) goto err;
+ return(1);
+err:
+ X509err(X509_F_X509_REQ_PRINT,ERR_R_BUF_LIB);
+ return(0);
+ }
diff --git a/crypto/asn1/t_x509.c b/crypto/asn1/t_x509.c
new file mode 100644
index 0000000..8ff0a85
--- /dev/null
+++ b/crypto/asn1/t_x509.c
@@ -0,0 +1,386 @@
+/* crypto/asn1/t_x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+#include "objects.h"
+#include "x509.h"
+
+#ifndef WIN16
+int X509_print_fp(fp,x)
+FILE *fp;
+X509 *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ X509err(X509_F_X509_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=X509_print(b, x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int X509_print(bp,x)
+BIO *bp;
+X509 *x;
+ {
+ long l;
+ int ret=0,i,j,n;
+ char *m=NULL,*s;
+ X509_CINF *ci;
+ ASN1_INTEGER *bs;
+ EVP_PKEY *pkey=NULL;
+ char *neg;
+ X509_EXTENSION *ex;
+ ASN1_STRING *str=NULL;
+
+ ci=x->cert_info;
+ if (BIO_write(bp,"Certificate:\n",13) <= 0) goto err;
+ if (BIO_write(bp," Data:\n",10) <= 0) goto err;
+ l=X509_get_version(x);
+ if (BIO_printf(bp,"%8sVersion: %lu (0x%lx)\n","",l+1,l) <= 0) goto err;
+ if (BIO_write(bp," Serial Number:",22) <= 0) goto err;
+
+ bs=X509_get_serialNumber(x);
+ if (bs->length <= 4)
+ {
+ l=ASN1_INTEGER_get(bs);
+ if (l < 0)
+ {
+ l= -l;
+ neg="-";
+ }
+ else
+ neg="";
+ if (BIO_printf(bp," %s%lu (%s0x%lx)\n",neg,l,neg,l) <= 0)
+ goto err;
+ }
+ else
+ {
+ neg=(bs->type == V_ASN1_NEG_INTEGER)?" (Negative)":"";
+ if (BIO_printf(bp,"\n%12s%s","",neg) <= 0) goto err;
+
+ for (i=0; i<bs->length; i++)
+ {
+ if (BIO_printf(bp,"%02x%c",bs->data[i],
+ ((i+1 == bs->length)?'\n':':')) <= 0)
+ goto err;
+ }
+ }
+
+ i=OBJ_obj2nid(ci->signature->algorithm);
+ if (BIO_printf(bp,"%8sSignature Algorithm: %s\n","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0)
+ goto err;
+
+ if (BIO_write(bp," Issuer: ",16) <= 0) goto err;
+ if (!X509_NAME_print(bp,X509_get_issuer_name(x),16)) goto err;
+ if (BIO_write(bp,"\n Validity\n",18) <= 0) goto err;
+ if (BIO_write(bp," Not Before: ",24) <= 0) goto err;
+ if (!ASN1_UTCTIME_print(bp,X509_get_notBefore(x))) goto err;
+ if (BIO_write(bp,"\n Not After : ",25) <= 0) goto err;
+ if (!ASN1_UTCTIME_print(bp,X509_get_notAfter(x))) goto err;
+ if (BIO_write(bp,"\n Subject: ",18) <= 0) goto err;
+ if (!X509_NAME_print(bp,X509_get_subject_name(x),16)) goto err;
+ if (BIO_write(bp,"\n Subject Public Key Info:\n",34) <= 0)
+ goto err;
+ i=OBJ_obj2nid(ci->key->algor->algorithm);
+ if (BIO_printf(bp,"%12sPublic Key Algorithm: %s\n","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+
+ pkey=X509_get_pubkey(x);
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ BIO_printf(bp,"%12sRSA Public Key: (%d bit)\n","",
+ BN_num_bits(pkey->pkey.rsa->n));
+ RSA_print(bp,pkey->pkey.rsa,16);
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ BIO_printf(bp,"%12sDSA Public Key:\n","");
+ DSA_print(bp,pkey->pkey.dsa,16);
+ }
+ else
+#endif
+ BIO_printf(bp,"%12sDSA Public Key:\n","");
+
+ n=X509_get_ext_count(x);
+ if (n > 0)
+ {
+ BIO_printf(bp,"%8sX509v3 extensions:\n","");
+ for (i=0; i<n; i++)
+ {
+ int data_type,pack_type;
+ ASN1_OBJECT *obj;
+
+ ex=X509_get_ext(x,i);
+ if (BIO_printf(bp,"%12s","") <= 0) goto err;
+ obj=X509_EXTENSION_get_object(ex);
+ i2a_ASN1_OBJECT(bp,obj);
+ j=X509_EXTENSION_get_critical(ex);
+ if (BIO_printf(bp,": %s\n%16s",j?"critical":"","") <= 0)
+ goto err;
+
+ pack_type=X509v3_pack_type_by_OBJ(obj);
+ data_type=X509v3_data_type_by_OBJ(obj);
+
+ if (pack_type == X509_EXT_PACK_STRING)
+ {
+ if (X509v3_unpack_string(
+ &str,data_type,
+ X509_EXTENSION_get_data(ex)) == NULL)
+ {
+ /* hmm... */
+ goto err;
+ }
+ if ( (data_type == V_ASN1_IA5STRING) ||
+ (data_type == V_ASN1_PRINTABLESTRING) ||
+ (data_type == V_ASN1_T61STRING))
+ {
+ if (BIO_write(bp,(char *)str->data,
+ str->length) <= 0)
+ goto err;
+ }
+ else if (data_type == V_ASN1_BIT_STRING)
+ {
+ BIO_printf(bp,"0x");
+ for (j=0; j<str->length; j++)
+ {
+ BIO_printf(bp,"%02X",
+ str->data[j]);
+ }
+ }
+ }
+ else
+ {
+ ASN1_OCTET_STRING_print(bp,ex->value);
+ }
+ if (BIO_write(bp,"\n",1) <= 0) goto err;
+ }
+ }
+
+ i=OBJ_obj2nid(x->sig_alg->algorithm);
+ if (BIO_printf(bp,"%4sSignature Algorithm: %s","",
+ (i == NID_undef)?"UNKNOWN":OBJ_nid2ln(i)) <= 0) goto err;
+
+ n=x->signature->length;
+ s=(char *)x->signature->data;
+ for (i=0; i<n; i++)
+ {
+ if ((i%18) == 0)
+ if (BIO_write(bp,"\n ",9) <= 0) goto err;
+ if (BIO_printf(bp,"%02x%s",(unsigned char)s[i],
+ ((i+1) == n)?"":":") <= 0) goto err;
+ }
+ if (BIO_write(bp,"\n",1) != 1) goto err;
+ ret=1;
+err:
+ if (str != NULL) ASN1_STRING_free(str);
+ if (m != NULL) Free((char *)m);
+ return(ret);
+ }
+
+int ASN1_STRING_print(bp,v)
+BIO *bp;
+ASN1_STRING *v;
+ {
+ int i,n;
+ char buf[80],*p;;
+
+ if (v == NULL) return(0);
+ n=0;
+ p=(char *)v->data;
+ for (i=0; i<v->length; i++)
+ {
+ if ((p[i] > '~') || ((p[i] < ' ') &&
+ (p[i] != '\n') && (p[i] != '\r')))
+ buf[n]='.';
+ else
+ buf[n]=p[i];
+ n++;
+ if (n >= 80)
+ {
+ if (BIO_write(bp,buf,n) <= 0)
+ return(0);
+ n=0;
+ }
+ }
+ if (n > 0)
+ if (BIO_write(bp,buf,n) <= 0)
+ return(0);
+ return(1);
+ }
+
+int ASN1_UTCTIME_print(bp,tm)
+BIO *bp;
+ASN1_UTCTIME *tm;
+ {
+ char *v;
+ int gmt=0;
+ static char *mon[12]={
+ "Jan","Feb","Mar","Apr","May","Jun",
+ "Jul","Aug","Sep","Oct","Nov","Dec"};
+ int i;
+ int y=0,M=0,d=0,h=0,m=0,s=0;
+
+ i=tm->length;
+ v=(char *)tm->data;
+
+ if (i < 10) goto err;
+ if (v[i-1] == 'Z') gmt=1;
+ for (i=0; i<10; i++)
+ if ((v[i] > '9') || (v[i] < '0')) goto err;
+ y= (v[0]-'0')*10+(v[1]-'0');
+ if (y < 70) y+=100;
+ M= (v[2]-'0')*10+(v[3]-'0');
+ if ((M > 12) || (M < 1)) goto err;
+ d= (v[4]-'0')*10+(v[5]-'0');
+ h= (v[6]-'0')*10+(v[7]-'0');
+ m= (v[8]-'0')*10+(v[9]-'0');
+ if ( (v[10] >= '0') && (v[10] <= '9') &&
+ (v[11] >= '0') && (v[11] <= '9'))
+ s= (v[10]-'0')*10+(v[11]-'0');
+
+ if (BIO_printf(bp,"%s %2d %02d:%02d:%02d %d%s",
+ mon[M-1],d,h,m,s,y+1900,(gmt)?" GMT":"") <= 0)
+ return(0);
+ else
+ return(1);
+err:
+ BIO_write(bp,"Bad time value",14);
+ return(0);
+ }
+
+int X509_NAME_print(bp,name,obase)
+BIO *bp;
+X509_NAME *name;
+int obase;
+ {
+ char *s,*c;
+ int ret=0,l,ll,i,first=1;
+ char buf[256];
+
+ ll=80-2-obase;
+
+ s=X509_NAME_oneline(name,buf,256);
+ s++; /* skip the first slash */
+
+ l=ll;
+ c=s;
+ for (;;)
+ {
+ if ( ((*s == '/') &&
+ ((s[1] >= 'A') && (s[1] <= 'Z') && (
+ (s[2] == '=') ||
+ ((s[2] >= 'A') && (s[2] <= 'Z') &&
+ (s[3] == '='))
+ ))) ||
+ (*s == '\0'))
+ {
+ if ((l <= 0) && !first)
+ {
+ first=0;
+ if (BIO_write(bp,"\n",1) != 1) goto err;
+ for (i=0; i<obase; i++)
+ {
+ if (BIO_write(bp," ",1) != 1) goto err;
+ }
+ l=ll;
+ }
+ i=s-c;
+ if (BIO_write(bp,c,i) != i) goto err;
+ c+=i;
+ c++;
+ if (*s != '\0')
+ {
+ if (BIO_write(bp,", ",2) != 2) goto err;
+ }
+ l--;
+ }
+ if (*s == '\0') break;
+ s++;
+ l--;
+ }
+
+ ret=1;
+ if (0)
+ {
+err:
+ X509err(X509_F_X509_NAME_PRINT,ERR_R_BUF_LIB);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/asn1/test.c b/crypto/asn1/test.c
new file mode 100644
index 0000000..fe46cd0
--- /dev/null
+++ b/crypto/asn1/test.c
@@ -0,0 +1,253 @@
+/* crypto/asn1/test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "../error/err.h"
+#include "./asn1.h"
+#include "rsa.h"
+#include "../x509/x509.h"
+#include "x509.h"
+
+main()
+ {
+ main1();
+ main2();
+ main3();
+ main4();
+ }
+
+main1()
+ {
+ FILE *in;
+ unsigned char buf[10240],buf2[10240],*p;
+ int num,i;
+
+ X509 *nx=NULL,*mx=NULL;
+
+ in=fopen("x.der","r");
+ if (in == NULL)
+ {
+ perror("x.der");
+ exit(1);
+ }
+ num=fread(buf,1,10240,in);
+ fclose(in);
+
+
+ p=buf;
+ if (d2i_X509(&nx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf);
+
+ p=buf2;
+ num=i2d_X509(nx,&p);
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+ if (memcmp(buf,buf2,num) != 0)
+ {
+ fprintf(stderr,"data difference\n");
+ for (i=0; i<num; i++)
+ fprintf(stderr,"%c%03d <%02X-%02X>\n",
+ (buf[i] == buf2[i])?' ':'*',i,
+ buf[i],buf2[i]);
+ fprintf(stderr,"\n");
+ exit(1);
+ }
+
+ p=buf2;
+ if (d2i_X509(&mx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+ return(1);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(stderr);
+ return(0);
+ }
+
+main2()
+ {
+ FILE *in;
+ unsigned char buf[10240],buf2[10240],*p;
+ int num,i;
+
+ X509_CRL *nx=NULL,*mx=NULL;
+
+ in=fopen("crl.der","r");
+ if (in == NULL)
+ {
+ perror("crl.der");
+ exit(1);
+ }
+ num=fread(buf,1,10240,in);
+ fclose(in);
+
+
+ p=buf;
+ if (d2i_X509_CRL(&nx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf);
+
+ p=buf2;
+ num=i2d_X509_CRL(nx,&p);
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+ if (memcmp(buf,buf2,num) != 0)
+ {
+ fprintf(stderr,"data difference\n");
+ for (i=0; i<num; i++)
+ fprintf(stderr,"%c%03d <%02X-%02X>\n",
+ (buf[i] == buf2[i])?' ':'*',i,
+ buf[i],buf2[i]);
+ fprintf(stderr,"\n");
+ exit(1);
+ }
+
+ return(1);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(stderr);
+ return(0);
+ }
+
+main3()
+ {
+ FILE *in;
+ unsigned char buf[10240],buf2[10240],*p;
+ int num,i;
+
+ X509_REQ *nx=NULL,*mx=NULL;
+
+ in=fopen("req.der","r");
+ if (in == NULL)
+ {
+ perror("req.der");
+ exit(1);
+ }
+ num=fread(buf,1,10240,in);
+ fclose(in);
+
+
+ p=buf;
+ if (d2i_X509_REQ(&nx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf);
+
+ p=buf2;
+ num=i2d_X509_REQ(nx,&p);
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+ if (memcmp(buf,buf2,num) != 0)
+ {
+ fprintf(stderr,"data difference\n");
+ for (i=0; i<num; i++)
+ fprintf(stderr,"%c%03d <%02X-%02X>\n",
+ (buf[i] == buf2[i])?' ':'*',i,
+ buf[i],buf2[i]);
+ fprintf(stderr,"\n");
+ exit(1);
+ }
+
+ return(1);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(stderr);
+ return(0);
+ }
+
+main4()
+ {
+ FILE *in;
+ unsigned char buf[10240],buf2[10240],*p;
+ int num,i;
+
+ RSA *nx=NULL,*mx=NULL;
+
+ in=fopen("rsa.der","r");
+ if (in == NULL)
+ {
+ perror("rsa.der");
+ exit(1);
+ }
+ num=fread(buf,1,10240,in);
+ fclose(in);
+
+
+ p=buf;
+ if (d2i_RSAPrivateKey(&nx,&p,num) == NULL) goto err;
+ printf("num=%d p-buf=%d\n",num,p-buf);
+
+ p=buf2;
+ num=i2d_RSAPrivateKey(nx,&p);
+ printf("num=%d p-buf=%d\n",num,p-buf2);
+
+ if (memcmp(buf,buf2,num) != 0)
+ {
+ fprintf(stderr,"data difference\n");
+ for (i=0; i<num; i++)
+ fprintf(stderr,"%c%03d <%02X-%02X>\n",
+ (buf[i] == buf2[i])?' ':'*',i,
+ buf[i],buf2[i]);
+ fprintf(stderr,"\n");
+ exit(1);
+ }
+
+ return(1);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(stderr);
+ return(0);
+ }
+
diff --git a/crypto/asn1/x_algor.c b/crypto/asn1/x_algor.c
new file mode 100644
index 0000000..1a23812
--- /dev/null
+++ b/crypto/asn1/x_algor.c
@@ -0,0 +1,126 @@
+/* crypto/asn1/x_algor.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_ALGOR_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_D2I_X509_ALGOR,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_ALGOR(a,pp)
+X509_ALGOR *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->algorithm,i2d_ASN1_OBJECT);
+ if (a->parameter != NULL)
+ { M_ASN1_I2D_len(a->parameter,i2d_ASN1_TYPE); }
+
+ M_ASN1_I2D_seq_total();
+ M_ASN1_I2D_put(a->algorithm,i2d_ASN1_OBJECT);
+ if (a->parameter != NULL)
+ { M_ASN1_I2D_put(a->parameter,i2d_ASN1_TYPE); }
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_ALGOR *d2i_X509_ALGOR(a,pp,length)
+X509_ALGOR **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_ALGOR *,X509_ALGOR_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->algorithm,d2i_ASN1_OBJECT);
+ if (!M_ASN1_D2I_end_sequence())
+ { M_ASN1_D2I_get(ret->parameter,d2i_ASN1_TYPE); }
+ else
+ {
+ ASN1_TYPE_free(ret->parameter);
+ ret->parameter=NULL;
+ }
+ M_ASN1_D2I_Finish(a,X509_ALGOR_free,ASN1_F_D2I_X509_ALGOR);
+ }
+
+X509_ALGOR *X509_ALGOR_new()
+ {
+ X509_ALGOR *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_ALGOR);
+ M_ASN1_New(ret->algorithm,ASN1_OBJECT_new);
+ ret->parameter=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_ALGOR_NEW);
+ }
+
+void X509_ALGOR_free(a)
+X509_ALGOR *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->algorithm);
+ ASN1_TYPE_free(a->parameter);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/x_attrib.c b/crypto/asn1/x_attrib.c
new file mode 100644
index 0000000..bce6f3a
--- /dev/null
+++ b/crypto/asn1/x_attrib.c
@@ -0,0 +1,152 @@
+/* crypto/asn1/x_attrib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_ATTRIBUTE,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_ATTRIBUTE_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_I2D_X509_ATTRIBUTE,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+/* sequence */
+int i2d_X509_ATTRIBUTE(a,pp)
+X509_ATTRIBUTE *a;
+unsigned char **pp;
+ {
+ int k=0;
+ int r=0,ret=0;
+ unsigned char **p=NULL;
+
+ if (a == NULL) return(0);
+
+ p=NULL;
+ for (;;)
+ {
+ if (k)
+ {
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(r);
+ p=pp;
+ ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL);
+ }
+
+ ret+=i2d_ASN1_OBJECT(a->object,p);
+ if (a->set)
+ ret+=i2d_ASN1_SET(a->value.set,p,i2d_ASN1_TYPE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ else
+ ret+=i2d_ASN1_TYPE(a->value.single,p);
+ if (k++) return(r);
+ }
+ }
+
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(a,pp,length)
+X509_ATTRIBUTE **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_ATTRIBUTE *,X509_ATTRIBUTE_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+
+ if ((c.slen != 0) &&
+ (M_ASN1_next == (V_ASN1_CONSTRUCTED|V_ASN1_UNIVERSAL|V_ASN1_SET)))
+ {
+ ret->set=1;
+ M_ASN1_D2I_get_set(ret->value.set,d2i_ASN1_TYPE);
+ }
+ else
+ {
+ ret->set=0;
+ M_ASN1_D2I_get(ret->value.single,d2i_ASN1_TYPE);
+ }
+
+ M_ASN1_D2I_Finish(a,X509_ATTRIBUTE_free,ASN1_F_D2I_X509_ATTRIBUTE);
+ }
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new()
+ {
+ X509_ATTRIBUTE *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_ATTRIBUTE);
+ M_ASN1_New(ret->object,ASN1_OBJECT_new);
+ ret->set=0;
+ ret->value.ptr=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_ATTRIBUTE_NEW);
+ }
+
+void X509_ATTRIBUTE_free(a)
+X509_ATTRIBUTE *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->object);
+ if (a->set)
+ sk_pop_free(a->value.set,ASN1_TYPE_free);
+ else
+ ASN1_TYPE_free(a->value.single);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/x_cinf.c b/crypto/asn1/x_cinf.c
new file mode 100644
index 0000000..e5cc2af
--- /dev/null
+++ b/crypto/asn1/x_cinf.c
@@ -0,0 +1,197 @@
+/* crypto/asn1/x_cinf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_CINF,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CINF_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_CINF(a,pp)
+X509_CINF *a;
+unsigned char **pp;
+ {
+ int v1=0,v2=0;
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
+ M_ASN1_I2D_len(a->serialNumber, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->signature, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->issuer, i2d_X509_NAME);
+ M_ASN1_I2D_len(a->validity, i2d_X509_VAL);
+ M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
+ M_ASN1_I2D_len(a->key, i2d_X509_PUBKEY);
+ M_ASN1_I2D_len_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING);
+ M_ASN1_I2D_len_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING);
+ M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put_EXP_opt(a->version,i2d_ASN1_INTEGER,0,v1);
+ M_ASN1_I2D_put(a->serialNumber, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->signature, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->issuer, i2d_X509_NAME);
+ M_ASN1_I2D_put(a->validity, i2d_X509_VAL);
+ M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
+ M_ASN1_I2D_put(a->key, i2d_X509_PUBKEY);
+ M_ASN1_I2D_put_IMP_opt(a->issuerUID, i2d_ASN1_BIT_STRING,1);
+ M_ASN1_I2D_put_IMP_opt(a->subjectUID, i2d_ASN1_BIT_STRING,2);
+ M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,3,V_ASN1_SEQUENCE,v2);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_CINF *d2i_X509_CINF(a,pp,length)
+X509_CINF **a;
+unsigned char **pp;
+long length;
+ {
+ int ver=0;
+ M_ASN1_D2I_vars(a,X509_CINF *,X509_CINF_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ /* we have the optional version field */
+ if (M_ASN1_next == (V_ASN1_CONTEXT_SPECIFIC | V_ASN1_CONSTRUCTED | 0))
+ {
+ M_ASN1_D2I_get_EXP_opt(ret->version,d2i_ASN1_INTEGER,0);
+ if (ret->version->data != NULL)
+ ver=ret->version->data[0];
+ }
+ else
+ {
+ if (ret->version != NULL)
+ {
+ ASN1_INTEGER_free(ret->version);
+ ret->version=NULL;
+ }
+ }
+ M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->signature,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->validity,d2i_X509_VAL);
+ M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->key,d2i_X509_PUBKEY);
+ if (ver >= 1) /* version 2 extensions */
+ {
+ if (ret->issuerUID != NULL)
+ {
+ ASN1_BIT_STRING_free(ret->issuerUID);
+ ret->issuerUID=NULL;
+ }
+ if (ret->subjectUID != NULL)
+ {
+ ASN1_BIT_STRING_free(ret->subjectUID);
+ ret->issuerUID=NULL;
+ }
+ M_ASN1_D2I_get_IMP_opt(ret->issuerUID,d2i_ASN1_BIT_STRING, 1,
+ V_ASN1_BIT_STRING);
+ M_ASN1_D2I_get_IMP_opt(ret->subjectUID,d2i_ASN1_BIT_STRING, 2,
+ V_ASN1_BIT_STRING);
+ }
+ if (ver >= 2) /* version 3 extensions */
+ {
+ if (ret->extensions != NULL)
+ while (sk_num(ret->extensions))
+ X509_EXTENSION_free((X509_EXTENSION *)
+ sk_pop(ret->extensions));
+ M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,3,
+ V_ASN1_SEQUENCE);
+ }
+ M_ASN1_D2I_Finish(a,X509_CINF_free,ASN1_F_D2I_X509_CINF);
+ }
+
+X509_CINF *X509_CINF_new()
+ {
+ X509_CINF *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_CINF);
+ ret->version=NULL;
+ M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
+ M_ASN1_New(ret->signature,X509_ALGOR_new);
+ M_ASN1_New(ret->issuer,X509_NAME_new);
+ M_ASN1_New(ret->validity,X509_VAL_new);
+ M_ASN1_New(ret->subject,X509_NAME_new);
+ M_ASN1_New(ret->key,X509_PUBKEY_new);
+ ret->issuerUID=NULL;
+ ret->subjectUID=NULL;
+ ret->extensions=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_CINF_NEW);
+ }
+
+void X509_CINF_free(a)
+X509_CINF *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ ASN1_INTEGER_free(a->serialNumber);
+ X509_ALGOR_free(a->signature);
+ X509_NAME_free(a->issuer);
+ X509_VAL_free(a->validity);
+ X509_NAME_free(a->subject);
+ X509_PUBKEY_free(a->key);
+ ASN1_BIT_STRING_free(a->issuerUID);
+ ASN1_BIT_STRING_free(a->subjectUID);
+ sk_pop_free(a->extensions,X509_EXTENSION_free);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/x_crl.c b/crypto/asn1/x_crl.c
new file mode 100644
index 0000000..22cb99f
--- /dev/null
+++ b/crypto/asn1/x_crl.c
@@ -0,0 +1,347 @@
+/* crypto/asn1/x_crl.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_CRL,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_X509_CRL_INFO,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_D2I_X509_REVOKED,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CRL_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_CRL_INFO_NEW,ASN1_R_EXPECTING_A_SEQUENCE);
+ * ASN1err(ASN1_F_X509_REVOKED_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+#ifndef NOPROTO
+static int X509_REVOKED_cmp(X509_REVOKED **a,X509_REVOKED **b);
+static int X509_REVOKED_seq_cmp(X509_REVOKED **a,X509_REVOKED **b);
+#else
+static int X509_REVOKED_cmp();
+static int X509_REVOKED_seq_cmp();
+#endif
+
+int i2d_X509_REVOKED(a,pp)
+X509_REVOKED *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->serialNumber,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->revocationDate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_len_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->serialNumber,i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->revocationDate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_put_SEQ_opt(a->extensions,i2d_X509_EXTENSION);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_REVOKED *d2i_X509_REVOKED(a,pp,length)
+X509_REVOKED **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_REVOKED *,X509_REVOKED_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->serialNumber,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->revocationDate,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_get_seq_opt(ret->extensions,d2i_X509_EXTENSION);
+ M_ASN1_D2I_Finish(a,X509_REVOKED_free,ASN1_F_D2I_X509_REVOKED);
+ }
+
+int i2d_X509_CRL_INFO(a,pp)
+X509_CRL_INFO *a;
+unsigned char **pp;
+ {
+ int v1=0;
+ long l=0;
+ M_ASN1_I2D_vars(a);
+
+ if (sk_num(a->revoked) != 0)
+ qsort((char *)a->revoked->data,sk_num(a->revoked),
+ sizeof(X509_REVOKED *),(int (*)(P_CC_CC))X509_REVOKED_seq_cmp);
+ if ((a->version != NULL) && ((l=ASN1_INTEGER_get(a->version)) != 0))
+ {
+ M_ASN1_I2D_len(a->version,i2d_ASN1_INTEGER);
+ }
+ M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->issuer,i2d_X509_NAME);
+ M_ASN1_I2D_len(a->lastUpdate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_len(a->nextUpdate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_len_SEQ_opt(a->revoked,i2d_X509_REVOKED);
+ M_ASN1_I2D_len_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
+ V_ASN1_SEQUENCE,v1);
+
+ M_ASN1_I2D_seq_total();
+
+ if ((a->version != NULL) && (l != 0))
+ {
+ M_ASN1_I2D_put(a->version,i2d_ASN1_INTEGER);
+ }
+ M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->issuer,i2d_X509_NAME);
+ M_ASN1_I2D_put(a->lastUpdate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_put(a->nextUpdate,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_put_SEQ_opt(a->revoked,i2d_X509_REVOKED);
+ M_ASN1_I2D_put_EXP_set_opt(a->extensions,i2d_X509_EXTENSION,0,
+ V_ASN1_SEQUENCE,v1);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_CRL_INFO *d2i_X509_CRL_INFO(a,pp,length)
+X509_CRL_INFO **a;
+unsigned char **pp;
+long length;
+ {
+ int i,ver=0;
+ M_ASN1_D2I_vars(a,X509_CRL_INFO *,X509_CRL_INFO_new);
+
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get_opt(ret->version,d2i_ASN1_INTEGER,V_ASN1_INTEGER);
+ if (ret->version != NULL)
+ ver=ret->version->data[0];
+
+ if ((ver == 0) && (ret->version != NULL))
+ {
+ ASN1_INTEGER_free(ret->version);
+ ret->version=NULL;
+ }
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->issuer,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->lastUpdate,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_get(ret->nextUpdate,d2i_ASN1_UTCTIME);
+ if (ret->revoked != NULL)
+ {
+ while (sk_num(ret->revoked))
+ X509_REVOKED_free((X509_REVOKED *)sk_pop(ret->revoked));
+ }
+ M_ASN1_D2I_get_seq_opt(ret->revoked,d2i_X509_REVOKED);
+
+ if (ret->revoked != NULL)
+ {
+ for (i=0; i<sk_num(ret->revoked); i++)
+ {
+ ((X509_REVOKED *)sk_value(ret->revoked,i))->sequence=i;
+ }
+ }
+
+ if (ver >= 1)
+ {
+ if (ret->extensions != NULL)
+ {
+ while (sk_num(ret->extensions))
+ X509_EXTENSION_free((X509_EXTENSION *)
+ sk_pop(ret->extensions));
+ }
+
+ M_ASN1_D2I_get_EXP_set_opt(ret->extensions,d2i_X509_EXTENSION,
+ 0,V_ASN1_SEQUENCE);
+ }
+
+ M_ASN1_D2I_Finish(a,X509_CRL_INFO_free,ASN1_F_D2I_X509_CRL_INFO);
+ }
+
+int i2d_X509_CRL(a,pp)
+X509_CRL *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->crl,i2d_X509_CRL_INFO);
+ M_ASN1_I2D_len(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature,i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->crl,i2d_X509_CRL_INFO);
+ M_ASN1_I2D_put(a->sig_alg,i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature,i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_CRL *d2i_X509_CRL(a,pp,length)
+X509_CRL **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_CRL *,X509_CRL_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->crl,d2i_X509_CRL_INFO);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+
+ M_ASN1_D2I_Finish(a,X509_CRL_free,ASN1_F_D2I_X509_CRL);
+ }
+
+
+X509_REVOKED *X509_REVOKED_new()
+ {
+ X509_REVOKED *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_REVOKED);
+ M_ASN1_New(ret->serialNumber,ASN1_INTEGER_new);
+ M_ASN1_New(ret->revocationDate,ASN1_UTCTIME_new);
+ ret->extensions=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_REVOKED_NEW);
+ }
+
+X509_CRL_INFO *X509_CRL_INFO_new()
+ {
+ X509_CRL_INFO *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_CRL_INFO);
+ ret->version=NULL;
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->issuer,X509_NAME_new);
+ M_ASN1_New(ret->lastUpdate,ASN1_UTCTIME_new);
+ M_ASN1_New(ret->nextUpdate,ASN1_UTCTIME_new);
+ M_ASN1_New(ret->revoked,sk_new_null);
+ M_ASN1_New(ret->extensions,sk_new_null);
+ ret->revoked->comp=(int (*)())X509_REVOKED_cmp;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_CRL_INFO_NEW);
+ }
+
+X509_CRL *X509_CRL_new()
+ {
+ X509_CRL *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_CRL);
+ ret->references=1;
+ M_ASN1_New(ret->crl,X509_CRL_INFO_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_CRL_NEW);
+ }
+
+void X509_REVOKED_free(a)
+X509_REVOKED *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->serialNumber);
+ ASN1_UTCTIME_free(a->revocationDate);
+ sk_pop_free(a->extensions,X509_EXTENSION_free);
+ Free((char *)a);
+ }
+
+void X509_CRL_INFO_free(a)
+X509_CRL_INFO *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_ALGOR_free(a->sig_alg);
+ X509_NAME_free(a->issuer);
+ ASN1_UTCTIME_free(a->lastUpdate);
+ ASN1_UTCTIME_free(a->nextUpdate);
+ sk_pop_free(a->revoked,X509_REVOKED_free);
+ sk_pop_free(a->extensions,X509_EXTENSION_free);
+ Free((char *)a);
+ }
+
+void X509_CRL_free(a)
+X509_CRL *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_CRL);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_CRL_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_CRL_INFO_free(a->crl);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
+static int X509_REVOKED_cmp(a,b)
+X509_REVOKED **a,**b;
+ {
+ return(ASN1_STRING_cmp(
+ (ASN1_STRING *)(*a)->serialNumber,
+ (ASN1_STRING *)(*b)->serialNumber));
+ }
+
+static int X509_REVOKED_seq_cmp(a,b)
+X509_REVOKED **a,**b;
+ {
+ return((*a)->sequence-(*b)->sequence);
+ }
diff --git a/crypto/asn1/x_exten.c b/crypto/asn1/x_exten.c
new file mode 100644
index 0000000..89daf3f
--- /dev/null
+++ b/crypto/asn1/x_exten.c
@@ -0,0 +1,147 @@
+/* crypto/asn1/x_exten.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_EXTENSION,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_EXTENSION_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_EXTENSION(a,pp)
+X509_EXTENSION *a;
+unsigned char **pp;
+ {
+ int k=0;
+ int r=0,ret=0;
+ unsigned char **p=NULL;
+
+ if (a == NULL) return(0);
+
+ p=NULL;
+ for (;;)
+ {
+ if (k)
+ {
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+ if (pp == NULL) return(r);
+ p=pp;
+ ASN1_put_object(p,1,ret,V_ASN1_SEQUENCE,
+ V_ASN1_UNIVERSAL);
+ }
+
+ ret+=i2d_ASN1_OBJECT(a->object,p);
+ if ((a->critical) || a->netscape_hack)
+ ret+=i2d_ASN1_BOOLEAN(a->critical,p);
+ ret+=i2d_ASN1_OCTET_STRING(a->value,p);
+ if (k++) return(r);
+ }
+ }
+
+X509_EXTENSION *d2i_X509_EXTENSION(a,pp,length)
+X509_EXTENSION **a;
+unsigned char **pp;
+long length;
+ {
+ int i;
+ M_ASN1_D2I_vars(a,X509_EXTENSION *,X509_EXTENSION_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+
+ ret->netscape_hack=0;
+ if ((c.slen != 0) &&
+ (M_ASN1_next == (V_ASN1_UNIVERSAL|V_ASN1_BOOLEAN)))
+ {
+ c.q=c.p;
+ if (d2i_ASN1_BOOLEAN(&i,&c.p,c.slen) < 0) goto err;
+ ret->critical=i;
+ c.slen-=(c.p-c.q);
+ if (ret->critical == 0) ret->netscape_hack=1;
+ }
+ M_ASN1_D2I_get(ret->value,d2i_ASN1_OCTET_STRING);
+
+ M_ASN1_D2I_Finish(a,X509_EXTENSION_free,ASN1_F_D2I_X509_EXTENSION);
+ }
+
+X509_EXTENSION *X509_EXTENSION_new()
+ {
+ X509_EXTENSION *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_EXTENSION);
+ M_ASN1_New(ret->object,ASN1_OBJECT_new);
+ M_ASN1_New(ret->value,ASN1_OCTET_STRING_new);
+ ret->critical=0;
+ ret->netscape_hack=0;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_EXTENSION_NEW);
+ }
+
+void X509_EXTENSION_free(a)
+X509_EXTENSION *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->object);
+ ASN1_OCTET_STRING_free(a->value);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/x_info.c b/crypto/asn1/x_info.c
new file mode 100644
index 0000000..e46c672
--- /dev/null
+++ b/crypto/asn1/x_info.c
@@ -0,0 +1,108 @@
+/* crypto/asn1/x_info.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+X509_INFO *X509_INFO_new()
+ {
+ X509_INFO *ret=NULL;
+
+ ret=(X509_INFO *)Malloc(sizeof(X509_INFO));
+ if (ret == NULL)
+ {
+ ASN1err(ASN1_F_X509_INFO_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ ret->enc_cipher.cipher=NULL;
+ ret->enc_len=0;
+ ret->enc_data=NULL;
+
+ ret->references=1;
+ ret->x509=NULL;
+ ret->crl=NULL;
+ ret->x_pkey=NULL;
+ return(ret);
+ }
+
+void X509_INFO_free(x)
+X509_INFO *x;
+ {
+ int i;
+
+ if (x == NULL) return;
+
+ i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_INFO);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_INFO_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (x->x509 != NULL) X509_free(x->x509);
+ if (x->crl != NULL) X509_CRL_free(x->crl);
+ if (x->x_pkey != NULL) X509_PKEY_free(x->x_pkey);
+ Free((char *)x);
+ }
diff --git a/crypto/asn1/x_name.c b/crypto/asn1/x_name.c
new file mode 100644
index 0000000..c03f916
--- /dev/null
+++ b/crypto/asn1/x_name.c
@@ -0,0 +1,295 @@
+/* crypto/asn1/x_name.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_NAME,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NAME_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ * ASN1err(ASN1_F_D2I_X509_NAME_ENTRY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NAME_ENTRY_NEW,ASN1_R_UNKNOWN_ATTRIBUTE_TYPE);
+ */
+
+#ifndef NOPROTO
+static int i2d_X509_NAME_entries(X509_NAME *a);
+#else
+static int i2d_X509_NAME_entries();
+#endif
+
+int i2d_X509_NAME_ENTRY(a,pp)
+X509_NAME_ENTRY *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->object,i2d_ASN1_OBJECT);
+ M_ASN1_I2D_len(a->value,i2d_ASN1_PRINTABLE);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->object,i2d_ASN1_OBJECT);
+ M_ASN1_I2D_put(a->value,i2d_ASN1_PRINTABLE);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(a,pp,length)
+X509_NAME_ENTRY **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_NAME_ENTRY *,X509_NAME_ENTRY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->object,d2i_ASN1_OBJECT);
+ M_ASN1_D2I_get(ret->value,d2i_ASN1_PRINTABLE);
+ ret->set=0;
+ M_ASN1_D2I_Finish(a,X509_NAME_ENTRY_free,ASN1_F_D2I_X509_NAME_ENTRY);
+ }
+
+int i2d_X509_NAME(a,pp)
+X509_NAME *a;
+unsigned char **pp;
+ {
+ int ret;
+
+ if (a == NULL) return(0);
+ if (a->modified)
+ {
+ ret=i2d_X509_NAME_entries(a);
+ if (ret < 0) return(ret);
+ }
+
+ ret=a->bytes->length;
+ if (pp != NULL)
+ {
+ memcpy(*pp,a->bytes->data,ret);
+ *pp+=ret;
+ }
+ return(ret);
+ }
+
+static int i2d_X509_NAME_entries(a)
+X509_NAME *a;
+ {
+ X509_NAME_ENTRY *ne,*fe=NULL;
+ STACK *sk;
+ BUF_MEM *buf=NULL;
+ int set=0,r,ret=0;
+ int i;
+ unsigned char *p;
+ int size=0;
+
+ sk=a->entries;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(sk,i);
+ if (fe == NULL)
+ {
+ fe=ne;
+ size=0;
+ }
+
+ if (ne->set != set)
+ {
+ ret+=ASN1_object_size(1,size,V_ASN1_SET);
+ fe->size=size;
+ fe=ne;
+ size=0;
+ set=ne->set;
+ }
+ size+=i2d_X509_NAME_ENTRY(ne,NULL);
+ }
+
+ ret+=ASN1_object_size(1,size,V_ASN1_SET);
+ if (fe != NULL)
+ fe->size=size;
+
+ r=ASN1_object_size(1,ret,V_ASN1_SEQUENCE);
+
+ buf=a->bytes;
+ if (!BUF_MEM_grow(buf,r)) goto err;
+ p=(unsigned char *)buf->data;
+
+ ASN1_put_object(&p,1,ret,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+
+ set= -1;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(sk,i);
+ if (set != ne->set)
+ {
+ set=ne->set;
+ ASN1_put_object(&p,1,ne->size,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ }
+ i2d_X509_NAME_ENTRY(ne,&p);
+ }
+ a->modified=0;
+ return(r);
+err:
+ return(-1);
+ }
+
+X509_NAME *d2i_X509_NAME(a,pp,length)
+X509_NAME **a;
+unsigned char **pp;
+long length;
+ {
+ int set=0,i;
+ int idx=0;
+ unsigned char *orig;
+ M_ASN1_D2I_vars(a,X509_NAME *,X509_NAME_new);
+
+ orig= *pp;
+ if (sk_num(ret->entries) > 0)
+ {
+ while (sk_num(ret->entries) > 0)
+ X509_NAME_ENTRY_free((X509_NAME_ENTRY *)
+ sk_pop(ret->entries));
+ }
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ for (;;)
+ {
+ if (M_ASN1_D2I_end_sequence()) break;
+ M_ASN1_D2I_get_set(ret->entries,d2i_X509_NAME_ENTRY);
+ for (; idx < sk_num(ret->entries); idx++)
+ {
+ ((X509_NAME_ENTRY *)sk_value(ret->entries,idx))->set=
+ set;
+ }
+ set++;
+ }
+
+ i=(int)(c.p-orig);
+ if (!BUF_MEM_grow(ret->bytes,i)) goto err;
+ memcpy(ret->bytes->data,orig,i);
+ ret->bytes->length=i;
+ ret->modified=0;
+
+ M_ASN1_D2I_Finish(a,X509_NAME_free,ASN1_F_D2I_X509_NAME);
+ }
+
+X509_NAME *X509_NAME_new()
+ {
+ X509_NAME *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_NAME);
+ if ((ret->entries=sk_new(NULL)) == NULL) goto err2;
+ M_ASN1_New(ret->bytes,BUF_MEM_new);
+ ret->modified=1;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NAME_NEW);
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new()
+ {
+ X509_NAME_ENTRY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_NAME_ENTRY);
+/* M_ASN1_New(ret->object,ASN1_OBJECT_new);*/
+ ret->object=NULL;
+ ret->set=0;
+ M_ASN1_New(ret->value,ASN1_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NAME_ENTRY_NEW);
+ }
+
+void X509_NAME_free(a)
+X509_NAME *a;
+ {
+ BUF_MEM_free(a->bytes);
+ sk_pop_free(a->entries,X509_NAME_ENTRY_free);
+ Free((char *)a);
+ }
+
+void X509_NAME_ENTRY_free(a)
+X509_NAME_ENTRY *a;
+ {
+ if (a == NULL) return;
+ ASN1_OBJECT_free(a->object);
+ ASN1_BIT_STRING_free(a->value);
+ Free((char *)a);
+ }
+
+int X509_NAME_set(xn,name)
+X509_NAME **xn;
+X509_NAME *name;
+ {
+ X509_NAME *in;
+
+ if (*xn == NULL) return(0);
+
+ if (*xn != name)
+ {
+ in=X509_NAME_dup(name);
+ if (in != NULL)
+ {
+ X509_NAME_free(*xn);
+ *xn=in;
+ }
+ }
+ return(*xn != NULL);
+ }
+
diff --git a/crypto/asn1/x_pkey.c b/crypto/asn1/x_pkey.c
new file mode 100644
index 0000000..ced975b
--- /dev/null
+++ b/crypto/asn1/x_pkey.c
@@ -0,0 +1,153 @@
+/* crypto/asn1/x_pkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_D2I_X509_PKEY,ASN1_R_UNSUPPORTED_CIPHER); */
+/* ASN1err(ASN1_F_X509_PKEY_NEW,ASN1_R_IV_TOO_LARGE); */
+
+/* need to implement */
+int i2d_X509_PKEY(a,pp)
+X509_PKEY *a;
+unsigned char **pp;
+ {
+ return(0);
+ }
+
+X509_PKEY *d2i_X509_PKEY(a,pp,length)
+X509_PKEY **a;
+unsigned char **pp;
+long length;
+ {
+ int i;
+ M_ASN1_D2I_vars(a,X509_PKEY *,X509_PKEY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->enc_algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->enc_pkey,d2i_ASN1_OCTET_STRING);
+
+ ret->cipher.cipher=EVP_get_cipherbyname(
+ OBJ_nid2ln(OBJ_obj2nid(ret->enc_algor->algorithm)));
+ if (ret->cipher.cipher == NULL)
+ {
+ c.error=ASN1_R_UNSUPPORTED_CIPHER;
+ goto err;
+ }
+ if (ret->enc_algor->parameter->type == V_ASN1_OCTET_STRING)
+ {
+ i=ret->enc_algor->parameter->value.octet_string->length;
+ if (i > EVP_MAX_IV_LENGTH)
+ {
+ c.error=ASN1_R_IV_TOO_LARGE;
+ goto err;
+ }
+ memcpy(ret->cipher.iv,
+ ret->enc_algor->parameter->value.octet_string->data,i);
+ }
+ else
+ memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
+ M_ASN1_D2I_Finish(a,X509_PKEY_free,ASN1_F_D2I_X509_PKEY);
+ }
+
+X509_PKEY *X509_PKEY_new()
+ {
+ X509_PKEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_PKEY);
+ ret->version=0;
+ M_ASN1_New(ret->enc_algor,X509_ALGOR_new);
+ M_ASN1_New(ret->enc_pkey,ASN1_OCTET_STRING_new);
+ ret->dec_pkey=NULL;
+ ret->key_length=0;
+ ret->key_data=NULL;
+ ret->key_free=0;
+ ret->cipher.cipher=NULL;
+ memset(ret->cipher.iv,0,EVP_MAX_IV_LENGTH);
+ ret->references=1;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_PKEY_NEW);
+ }
+
+void X509_PKEY_free(x)
+X509_PKEY *x;
+ {
+ int i;
+
+ if (x == NULL) return;
+
+ i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_X509_PKEY);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_PKEY_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (x->enc_algor != NULL) X509_ALGOR_free(x->enc_algor);
+ if (x->enc_pkey != NULL) ASN1_OCTET_STRING_free(x->enc_pkey);
+ if (x->dec_pkey != NULL)EVP_PKEY_free(x->dec_pkey);
+ if ((x->key_data != NULL) && (x->key_free)) Free((char *)x->key_data);
+ Free((char *)(char *)x);
+ }
diff --git a/crypto/asn1/x_pubkey.c b/crypto/asn1/x_pubkey.c
new file mode 100644
index 0000000..b1a2499
--- /dev/null
+++ b/crypto/asn1/x_pubkey.c
@@ -0,0 +1,252 @@
+/* crypto/asn1/x_pubkey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_PUBKEY,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_PUBKEY_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_PUBKEY(a,pp)
+X509_PUBKEY *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->public_key, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->public_key, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_PUBKEY *d2i_X509_PUBKEY(a,pp,length)
+X509_PUBKEY **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_PUBKEY *,X509_PUBKEY_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->public_key,d2i_ASN1_BIT_STRING);
+ if (ret->pkey != NULL)
+ {
+ EVP_PKEY_free(ret->pkey);
+ ret->pkey=NULL;
+ }
+ M_ASN1_D2I_Finish(a,X509_PUBKEY_free,ASN1_F_D2I_X509_PUBKEY);
+ }
+
+X509_PUBKEY *X509_PUBKEY_new()
+ {
+ X509_PUBKEY *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_PUBKEY);
+ M_ASN1_New(ret->algor,X509_ALGOR_new);
+ M_ASN1_New(ret->public_key,ASN1_BIT_STRING_new);
+ ret->pkey=NULL;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_PUBKEY_NEW);
+ }
+
+void X509_PUBKEY_free(a)
+X509_PUBKEY *a;
+ {
+ if (a == NULL) return;
+ X509_ALGOR_free(a->algor);
+ ASN1_BIT_STRING_free(a->public_key);
+ if (a->pkey != NULL) EVP_PKEY_free(a->pkey);
+ Free((char *)a);
+ }
+
+int X509_PUBKEY_set(x,pkey)
+X509_PUBKEY **x;
+EVP_PKEY *pkey;
+ {
+ int ok=0;
+ X509_PUBKEY *pk;
+ X509_ALGOR *a;
+ ASN1_OBJECT *o;
+ unsigned char *s,*p;
+ int i;
+
+ if (x == NULL) return(0);
+
+ if ((pk=X509_PUBKEY_new()) == NULL) goto err;
+ a=pk->algor;
+
+ /* set the algorithm id */
+ if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
+ ASN1_OBJECT_free(a->algorithm);
+ a->algorithm=o;
+
+ /* Set the parameter list */
+ if (!pkey->save_parameters || (pkey->type == EVP_PKEY_RSA))
+ {
+ if ((a->parameter == NULL) ||
+ (a->parameter->type != V_ASN1_NULL))
+ {
+ ASN1_TYPE_free(a->parameter);
+ a->parameter=ASN1_TYPE_new();
+ a->parameter->type=V_ASN1_NULL;
+ }
+ }
+ else
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ unsigned char *pp;
+ DSA *dsa;
+
+ dsa=pkey->pkey.dsa;
+ dsa->write_params=0;
+ ASN1_TYPE_free(a->parameter);
+ i=i2d_DSAparams(dsa,NULL);
+ p=(unsigned char *)Malloc(i);
+ pp=p;
+ i2d_DSAparams(dsa,&pp);
+ a->parameter=ASN1_TYPE_new();
+ a->parameter->type=V_ASN1_SEQUENCE;
+ a->parameter->value.sequence=ASN1_STRING_new();
+ ASN1_STRING_set(a->parameter->value.sequence,p,i);
+ Free(p);
+ }
+ else
+#endif
+ {
+ X509err(X509_F_X509_PUBKEY_SET,X509_R_UNSUPPORTED_ALGORITHM);
+ goto err;
+ }
+
+ i=i2d_PublicKey(pkey,NULL);
+ if ((s=(unsigned char *)Malloc(i+1)) == NULL) goto err;
+ p=s;
+ i2d_PublicKey(pkey,&p);
+ if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+ Free(s);
+
+ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+ pk->pkey=pkey;
+
+ if (*x != NULL)
+ X509_PUBKEY_free(*x);
+
+ *x=pk;
+ pk=NULL;
+
+ ok=1;
+err:
+ if (pk != NULL) X509_PUBKEY_free(pk);
+ return(ok);
+ }
+
+EVP_PKEY *X509_PUBKEY_get(key)
+X509_PUBKEY *key;
+ {
+ EVP_PKEY *ret=NULL;
+ long j;
+ int type;
+ unsigned char *p;
+ X509_ALGOR *a;
+
+ if (key->pkey != NULL)
+ {
+ return(key->pkey);
+ }
+ type=OBJ_obj2nid(key->algor->algorithm);
+ p=key->public_key->data;
+ j=key->public_key->length;
+ if ((ret=d2i_PublicKey(type,NULL,&p,(long)j)) == NULL)
+ {
+ X509err(X509_F_X509_PUBKEY_GET,X509_R_ERR_ASN1_LIB);
+ goto err;
+ }
+ ret->save_parameters=0;
+
+#ifndef NO_DSA
+ a=key->algor;
+ if (ret->type == EVP_PKEY_DSA)
+ {
+ if (a->parameter->type == V_ASN1_SEQUENCE)
+ {
+ ret->pkey.dsa->write_params=0;
+ p=a->parameter->value.sequence->data;
+ j=a->parameter->value.sequence->length;
+ if (!d2i_DSAparams(&ret->pkey.dsa,&p,(long)j))
+ goto err;
+ }
+ ret->save_parameters=1;
+ }
+#endif
+ key->pkey=ret;
+ return(ret);
+err:
+ if (ret != NULL)
+ EVP_PKEY_free(ret);
+ return(NULL);
+ }
+
diff --git a/crypto/asn1/x_req.c b/crypto/asn1/x_req.c
new file mode 100644
index 0000000..02b31ad
--- /dev/null
+++ b/crypto/asn1/x_req.c
@@ -0,0 +1,244 @@
+/* crypto/asn1/x_req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_REQ,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_X509_REQ_INFO,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_REQ_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_REQ_INFO_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_REQ_INFO(a,pp)
+X509_REQ_INFO *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(a->subject, i2d_X509_NAME);
+ M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
+
+ /* this is a *nasty* hack reported to be required to
+ * allow some CA Software to accept the cert request.
+ * It is not following the PKCS standards ...
+ * PKCS#10 pg 5
+ * attributes [0] IMPLICIT Attibutes
+ * NOTE: no OPTIONAL ... so it *must* be there
+ */
+ if (a->req_kludge)
+ {
+ M_ASN1_I2D_len_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
+ }
+ else
+ {
+ M_ASN1_I2D_len_IMP_set(a->attributes, i2d_X509_ATTRIBUTE,0);
+ }
+
+ M_ASN1_I2D_seq_total();
+ M_ASN1_I2D_put(a->version, i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(a->subject, i2d_X509_NAME);
+ M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
+
+ /* this is a *nasty* hack reported to be required by some CA's.
+ * It is not following the PKCS standards ...
+ * PKCS#10 pg 5
+ * attributes [0] IMPLICIT Attibutes
+ * NOTE: no OPTIONAL ... so it *must* be there
+ */
+ if (a->req_kludge)
+ {
+ M_ASN1_I2D_put_IMP_set_opt(a->attributes,i2d_X509_ATTRIBUTE,0);
+ }
+ else
+ {
+ M_ASN1_I2D_put_IMP_set(a->attributes,i2d_X509_ATTRIBUTE,0);
+ }
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_REQ_INFO *d2i_X509_REQ_INFO(a,pp,length)
+X509_REQ_INFO **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_REQ_INFO *,X509_REQ_INFO_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->version,d2i_ASN1_INTEGER);
+ M_ASN1_D2I_get(ret->subject,d2i_X509_NAME);
+ M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
+
+ /* this is a *nasty* hack to allow for some CA's that
+ * have been reported as requiring it.
+ * It is not following the PKCS standards ...
+ * PKCS#10 pg 5
+ * attributes [0] IMPLICIT Attibutes
+ * NOTE: no OPTIONAL ... so it *must* be there
+ */
+ if (asn1_Finish(&c))
+ ret->req_kludge=1;
+ else
+ {
+ M_ASN1_D2I_get_IMP_set(ret->attributes,d2i_X509_ATTRIBUTE,0);
+ }
+
+ M_ASN1_D2I_Finish(a,X509_REQ_INFO_free,ASN1_F_D2I_X509_REQ_INFO);
+ }
+
+X509_REQ_INFO *X509_REQ_INFO_new()
+ {
+ X509_REQ_INFO *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_REQ_INFO);
+ M_ASN1_New(ret->version,ASN1_INTEGER_new);
+ M_ASN1_New(ret->subject,X509_NAME_new);
+ M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
+ M_ASN1_New(ret->attributes,sk_new_null);
+ ret->req_kludge=0;
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_REQ_INFO_NEW);
+ }
+
+void X509_REQ_INFO_free(a)
+X509_REQ_INFO *a;
+ {
+ if (a == NULL) return;
+ ASN1_INTEGER_free(a->version);
+ X509_NAME_free(a->subject);
+ X509_PUBKEY_free(a->pubkey);
+ sk_pop_free(a->attributes,X509_ATTRIBUTE_free);
+ Free((char *)a);
+ }
+
+int i2d_X509_REQ(a,pp)
+X509_REQ *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+ M_ASN1_I2D_len(a->req_info, i2d_X509_REQ_INFO);
+ M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->req_info, i2d_X509_REQ_INFO);
+ M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_REQ *d2i_X509_REQ(a,pp,length)
+X509_REQ **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_REQ *,X509_REQ_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->req_info,d2i_X509_REQ_INFO);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+ M_ASN1_D2I_Finish(a,X509_REQ_free,ASN1_F_D2I_X509_REQ);
+ }
+
+X509_REQ *X509_REQ_new()
+ {
+ X509_REQ *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_REQ);
+ ret->references=1;
+ M_ASN1_New(ret->req_info,X509_REQ_INFO_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_REQ_NEW);
+ }
+
+void X509_REQ_free(a)
+X509_REQ *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509_REQ);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_REQ_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_REQ_INFO_free(a->req_info);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
+
diff --git a/crypto/asn1/x_sig.c b/crypto/asn1/x_sig.c
new file mode 100644
index 0000000..186c404
--- /dev/null
+++ b/crypto/asn1/x_sig.c
@@ -0,0 +1,119 @@
+/* crypto/asn1/x_sig.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509_SIG,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_SIG_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_X509_SIG(a,pp)
+X509_SIG *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->digest, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->digest, i2d_ASN1_OCTET_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_SIG *d2i_X509_SIG(a,pp,length)
+X509_SIG **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_SIG *,X509_SIG_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->digest,d2i_ASN1_OCTET_STRING);
+ M_ASN1_D2I_Finish(a,X509_SIG_free,ASN1_F_D2I_X509_SIG);
+ }
+
+X509_SIG *X509_SIG_new()
+ {
+ X509_SIG *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_SIG);
+ M_ASN1_New(ret->algor,X509_ALGOR_new);
+ M_ASN1_New(ret->digest,ASN1_OCTET_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_SIG_NEW);
+ }
+
+void X509_SIG_free(a)
+X509_SIG *a;
+ {
+ if (a == NULL) return;
+ X509_ALGOR_free(a->algor);
+ ASN1_OCTET_STRING_free(a->digest);
+ Free((char *)a);
+ }
+
+
diff --git a/crypto/asn1/x_spki.c b/crypto/asn1/x_spki.c
new file mode 100644
index 0000000..bfeb065
--- /dev/null
+++ b/crypto/asn1/x_spki.c
@@ -0,0 +1,181 @@
+/* crypto/asn1/x_spki.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+ /* This module was send to me my Pat Richards <patr@x509.com> who
+ * wrote it. It is under my Copyright with his permision
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "x509.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_NETSCAPE_SPKAC,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_NETSCAPE_SPKAC_NEW,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_D2I_NETSCAPE_SPKI,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_NETSCAPE_SPKI_NEW,ASN1_R_LENGTH_MISMATCH);
+ */
+
+int i2d_NETSCAPE_SPKAC(a,pp)
+NETSCAPE_SPKAC *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->pubkey, i2d_X509_PUBKEY);
+ M_ASN1_I2D_len(a->challenge, i2d_ASN1_IA5STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->pubkey, i2d_X509_PUBKEY);
+ M_ASN1_I2D_put(a->challenge, i2d_ASN1_IA5STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(a,pp,length)
+NETSCAPE_SPKAC **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,NETSCAPE_SPKAC *,NETSCAPE_SPKAC_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->pubkey,d2i_X509_PUBKEY);
+ M_ASN1_D2I_get(ret->challenge,d2i_ASN1_IA5STRING);
+ M_ASN1_D2I_Finish(a,NETSCAPE_SPKAC_free,ASN1_F_D2I_NETSCAPE_SPKAC);
+ }
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new()
+ {
+ NETSCAPE_SPKAC *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,NETSCAPE_SPKAC);
+ M_ASN1_New(ret->pubkey,X509_PUBKEY_new);
+ M_ASN1_New(ret->challenge,ASN1_IA5STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKAC_NEW);
+ }
+
+void NETSCAPE_SPKAC_free(a)
+NETSCAPE_SPKAC *a;
+ {
+ if (a == NULL) return;
+ X509_PUBKEY_free(a->pubkey);
+ ASN1_IA5STRING_free(a->challenge);
+ Free((char *)a);
+ }
+
+int i2d_NETSCAPE_SPKI(a,pp)
+NETSCAPE_SPKI *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->spkac, i2d_NETSCAPE_SPKAC);
+ M_ASN1_I2D_len(a->sig_algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->spkac, i2d_NETSCAPE_SPKAC);
+ M_ASN1_I2D_put(a->sig_algor, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+NETSCAPE_SPKI *d2i_NETSCAPE_SPKI(a,pp,length)
+NETSCAPE_SPKI **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,NETSCAPE_SPKI *,NETSCAPE_SPKI_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->spkac,d2i_NETSCAPE_SPKAC);
+ M_ASN1_D2I_get(ret->sig_algor,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+ M_ASN1_D2I_Finish(a,NETSCAPE_SPKI_free,ASN1_F_D2I_NETSCAPE_SPKI);
+ }
+
+NETSCAPE_SPKI *NETSCAPE_SPKI_new()
+ {
+ NETSCAPE_SPKI *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,NETSCAPE_SPKI);
+ M_ASN1_New(ret->spkac,NETSCAPE_SPKAC_new);
+ M_ASN1_New(ret->sig_algor,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_NETSCAPE_SPKI_NEW);
+ }
+
+void NETSCAPE_SPKI_free(a)
+NETSCAPE_SPKI *a;
+ {
+ if (a == NULL) return;
+ NETSCAPE_SPKAC_free(a->spkac);
+ X509_ALGOR_free(a->sig_algor);
+ ASN1_BIT_STRING_free(a->signature);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/x_val.c b/crypto/asn1/x_val.c
new file mode 100644
index 0000000..e2e4d00
--- /dev/null
+++ b/crypto/asn1/x_val.c
@@ -0,0 +1,118 @@
+/* crypto/asn1/x_val.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1_mac.h"
+
+/* ASN1err(ASN1_F_X509_VAL_NEW,ERR_R_MALLOC_FAILURE);
+ * ASN1err(ASN1_F_X509_VAL_FREE,ERR_R_MALLOC_FAILURE);
+ * ASN1err(ASN1_F_D2I_X509_VAL,ERR_R_MALLOC_FAILURE);
+ */
+
+int i2d_X509_VAL(a,pp)
+X509_VAL *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->notBefore,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_len(a->notAfter,i2d_ASN1_UTCTIME);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->notBefore,i2d_ASN1_UTCTIME);
+ M_ASN1_I2D_put(a->notAfter,i2d_ASN1_UTCTIME);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509_VAL *d2i_X509_VAL(a,pp,length)
+X509_VAL **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509_VAL *,X509_VAL_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->notBefore,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_get(ret->notAfter,d2i_ASN1_UTCTIME);
+ M_ASN1_D2I_Finish(a,X509_VAL_free,ASN1_F_D2I_X509_VAL);
+ }
+
+X509_VAL *X509_VAL_new()
+ {
+ X509_VAL *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509_VAL);
+ M_ASN1_New(ret->notBefore,ASN1_UTCTIME_new);
+ M_ASN1_New(ret->notAfter,ASN1_UTCTIME_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_VAL_NEW);
+ }
+
+void X509_VAL_free(a)
+X509_VAL *a;
+ {
+ if (a == NULL) return;
+ ASN1_UTCTIME_free(a->notBefore);
+ ASN1_UTCTIME_free(a->notAfter);
+ Free((char *)a);
+ }
+
diff --git a/crypto/asn1/x_x509.c b/crypto/asn1/x_x509.c
new file mode 100644
index 0000000..d80a5cb
--- /dev/null
+++ b/crypto/asn1/x_x509.c
@@ -0,0 +1,155 @@
+/* crypto/asn1/x_x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "asn1_mac.h"
+
+/*
+ * ASN1err(ASN1_F_D2I_X509,ASN1_R_LENGTH_MISMATCH);
+ * ASN1err(ASN1_F_X509_NEW,ASN1_R_BAD_GET_OBJECT);
+ */
+
+static ASN1_METHOD meth={
+ (int (*)()) i2d_X509,
+ (char *(*)())d2i_X509,
+ (char *(*)())X509_new,
+ (void (*)()) X509_free};
+
+ASN1_METHOD *X509_asn1_meth()
+ {
+ return(&meth);
+ }
+
+int i2d_X509(a,pp)
+X509 *a;
+unsigned char **pp;
+ {
+ M_ASN1_I2D_vars(a);
+
+ M_ASN1_I2D_len(a->cert_info, i2d_X509_CINF);
+ M_ASN1_I2D_len(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_len(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(a->cert_info, i2d_X509_CINF);
+ M_ASN1_I2D_put(a->sig_alg, i2d_X509_ALGOR);
+ M_ASN1_I2D_put(a->signature, i2d_ASN1_BIT_STRING);
+
+ M_ASN1_I2D_finish();
+ }
+
+X509 *d2i_X509(a,pp,length)
+X509 **a;
+unsigned char **pp;
+long length;
+ {
+ M_ASN1_D2I_vars(a,X509 *,X509_new);
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(ret->cert_info,d2i_X509_CINF);
+ M_ASN1_D2I_get(ret->sig_alg,d2i_X509_ALGOR);
+ M_ASN1_D2I_get(ret->signature,d2i_ASN1_BIT_STRING);
+if (ret->name != NULL) Free(ret->name);
+ret->name=X509_NAME_oneline(ret->cert_info->subject,NULL,0);
+
+ M_ASN1_D2I_Finish(a,X509_free,ASN1_F_D2I_X509);
+ }
+
+X509 *X509_new()
+ {
+ X509 *ret=NULL;
+
+ M_ASN1_New_Malloc(ret,X509);
+ ret->references=1;
+ ret->valid=0;
+ ret->name=NULL;
+ M_ASN1_New(ret->cert_info,X509_CINF_new);
+ M_ASN1_New(ret->sig_alg,X509_ALGOR_new);
+ M_ASN1_New(ret->signature,ASN1_BIT_STRING_new);
+ return(ret);
+ M_ASN1_New_Error(ASN1_F_X509_NEW);
+ }
+
+void X509_free(a)
+X509 *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_X509);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"X509_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ X509_CINF_free(a->cert_info);
+ X509_ALGOR_free(a->sig_alg);
+ ASN1_BIT_STRING_free(a->signature);
+ if (a->name != NULL) Free(a->name);
+ Free((char *)a);
+ }
+
diff --git a/crypto/bf/COPYRIGHT b/crypto/bf/COPYRIGHT
new file mode 100644
index 0000000..6857223
--- /dev/null
+++ b/crypto/bf/COPYRIGHT
@@ -0,0 +1,46 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an Blowfish implementation written
+by Eric Young (eay@cryptsoft.com).
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to. The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/crypto/bf/INSTALL b/crypto/bf/INSTALL
new file mode 100644
index 0000000..3b25923
--- /dev/null
+++ b/crypto/bf/INSTALL
@@ -0,0 +1,14 @@
+This Eric Young's blowfish implementation, taken from his SSLeay library
+and made available as a separate library.
+
+The version number (0.7.2m) is the SSLeay version that this library was
+taken from.
+
+To build, just unpack and type make.
+If you are not using gcc, edit the Makefile.
+If you are compiling for an x86 box, try the assembler (it needs improving).
+There are also some compile time options that can improve performance,
+these are documented in the Makefile.
+
+eric 15-Apr-1997
+
diff --git a/crypto/bf/Makefile.ssl b/crypto/bf/Makefile.ssl
new file mode 100644
index 0000000..1a44992
--- /dev/null
+++ b/crypto/bf/Makefile.ssl
@@ -0,0 +1,108 @@
+#
+# SSLeay/crypto/blowfish/Makefile
+#
+
+DIR= bf
+TOP= ../..
+CC= cc
+CPP= $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+BF_ENC= bf_enc.o
+# or use
+#DES_ENC= bx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=bftest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cbc.o bf_cfb64.o bf_ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= blowfish.h
+HEADER= bf_pi.h bf_locl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+# elf
+asm/bx86-elf.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CPP) -DELF asm/bx86unix.cpp | as -o asm/bx86-elf.o
+
+# solaris
+asm/bx86-sol.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
+ as -o asm/bx86-sol.o asm/bx86-sol.s
+ rm -f asm/bx86-sol.s
+
+# a.out
+asm/bx86-out.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CPP) -DOUT asm/bx86unix.cpp | as -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CPP) -DBSDI asm/bx86unix.cpp | as -o asm/bx86bsdi.o
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/point.sh ../../doc/blowfish.doc blowfish.doc ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+ /bin/rm -f asm/x86ms.pl asm/x86unix.pl
+ $(TOP)/util/point.sh ../../perlasm/x86ms.pl asm/x86ms.pl
+ $(TOP)/util/point.sh ../../perlasm/x86unix.pl asm/x86unix.pl
+
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bf/Makefile.uni b/crypto/bf/Makefile.uni
new file mode 100644
index 0000000..8517295
--- /dev/null
+++ b/crypto/bf/Makefile.uni
@@ -0,0 +1,160 @@
+# Targets
+# make - twidle the options yourself :-)
+# make cc - standard cc options
+# make gcc - standard gcc options
+# make x86-elf - linux-elf etc
+# make x86-out - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# use BF_PTR2 for intel boxes,
+# BF_PTR for sparc and MIPS/SGI
+# use nothing for Alpha and HP.
+
+# There are 3 possible performance options, experiment :-)
+#OPTS= -DBF_PTR # usr for sparc and MIPS/SGI
+#OPTS= -DBF_PTR2 # use for pentium
+OPTS= # use for pentium pro, Alpha and HP
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of bf_encrypt().
+BF_ENC=bf_enc.o # normal C version
+#BF_ENC=asm/bx86-elf.o # elf format x86
+#BF_ENC=asm/bx86-out.o # a.out format x86
+#BF_ENC=asm/bx86-sol.o # solaris format x86
+#BF_ENC=asm/bx86bsdi.o # bsdi format x86
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+LIBOBJ=bf_skey.o bf_ecb.o $(BF_ENC) bf_cbc.o bf_cfb64.o bf_ofb64.o
+LIBSRC=bf_skey.c bf_ecb.c bf_enc.c bf_cbc.c bf_cfb64.c bf_ofb64.c
+
+GENERAL=Makefile Makefile.ssl Makefile.uni asm bf_locl.org README \
+ COPYRIGHT blowfish.doc INSTALL
+
+TESTING= bftest bfspeed
+TESTING_SRC=bftest.c bfspeed.c
+HEADERS=bf_locl.h blowfish.h bf_pi.h
+
+ALL= $(GENERAL) $(TESTING_SRC) $(LIBSRC) $(HEADERS)
+
+BLIB= libblowfish.a
+
+all: $(BLIB) $(TESTING)
+
+cc:
+ $(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+ $(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+ $(MAKE) BF_ENC='asm/bx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+ $(MAKE) BF_ENC='asm/bx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+ $(MAKE) BF_ENC='asm/bx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+ $(MAKE) BF_ENC='asm/bx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/bx86-elf.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CPP) -DELF asm/bx86unix.cpp | $(AS) -o asm/bx86-elf.o
+
+# solaris
+asm/bx86-sol.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CC) -E -DSOL asm/bx86unix.cpp | sed 's/^#.*//' > asm/bx86-sol.s
+ as -o asm/bx86-sol.o asm/bx86-sol.s
+ rm -f asm/bx86-sol.s
+
+# a.out
+asm/bx86-out.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CPP) -DOUT asm/bx86unix.cpp | $(AS) -o asm/bx86-out.o
+
+# bsdi
+asm/bx86bsdi.o: asm/bx86-cpp.s asm/bx86unix.cpp
+ $(CPP) -DBSDI asm/bx86unix.cpp | $(AS) -o asm/bx86bsdi.o
+
+test: all
+ ./bftest
+
+$(BLIB): $(LIBOBJ)
+ /bin/rm -f $(BLIB)
+ ar cr $(BLIB) $(LIBOBJ)
+ -if test -s /bin/ranlib; then /bin/ranlib $(BLIB); \
+ else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(BLIB); \
+ else exit 0; fi; fi
+
+bftest: bftest.o $(BLIB)
+ $(CC) $(CFLAGS) -o bftest bftest.o $(BLIB)
+
+bfspeed: bfspeed.o $(BLIB)
+ $(CC) $(CFLAGS) -o bfspeed bfspeed.o $(BLIB)
+
+tags:
+ ctags $(TESTING_SRC) $(LIBBF)
+
+tar:
+ tar chf libbf.tar $(ALL)
+
+shar:
+ shar $(ALL) >libbf.shar
+
+depend:
+ makedepend $(LIBBF) $(TESTING_SRC)
+
+clean:
+ /bin/rm -f *.o tags core $(TESTING) $(BLIB) .nfs* *.old *.bak asm/*.o
+
+dclean:
+ sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+ mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(BLIB)
+ if test $(INSTALLTOP); then \
+ echo SSL style install; \
+ cp $(BLIB) $(INSTALLTOP)/lib; \
+ if test -s /bin/ranlib; then \
+ /bin/ranlib $(INSTALLTOP)/lib/$(BLIB); \
+ else \
+ if test -s /usr/bin/ranlib; then \
+ /usr/bin/ranlib $(INSTALLTOP)/lib/$(BLIB); \
+ fi; fi; \
+ chmod 644 $(INSTALLTOP)/lib/$(BLIB); \
+ cp blowfish.h $(INSTALLTOP)/include; \
+ chmod 644 $(INSTALLTOP)/include/blowfish.h; \
+ else \
+ echo Standalone install; \
+ cp $(BLIB) $(LIBDIR)/$(BLIB); \
+ if test -s /bin/ranlib; then \
+ /bin/ranlib $(LIBDIR)/$(BLIB); \
+ else \
+ if test -s /usr/bin/ranlib; then \
+ /usr/bin/ranlib $(LIBDIR)/$(BLIB); \
+ fi; \
+ fi; \
+ chmod 644 $(LIBDIR)/$(BLIB); \
+ cp blowfish.h $(INCDIR)/blowfish.h; \
+ chmod 644 $(INCDIR)/blowfish.h; \
+ fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bf/README b/crypto/bf/README
new file mode 100644
index 0000000..f2712fd
--- /dev/null
+++ b/crypto/bf/README
@@ -0,0 +1,8 @@
+This is a quick packaging up of my blowfish code into a library.
+It has been lifted from SSLeay.
+The copyright notices seem a little harsh because I have not spent the
+time to rewrite the conditions from the normal SSLeay ones.
+
+Basically if you just want to play with the library, not a problem.
+
+eric 15-Apr-1997
diff --git a/crypto/bf/VERSION b/crypto/bf/VERSION
new file mode 100644
index 0000000..be99585
--- /dev/null
+++ b/crypto/bf/VERSION
@@ -0,0 +1,6 @@
+The version numbers will follow my SSL implementation
+
+0.7.2r - Some reasonable default compiler options from
+ Peter Gutman <pgut001@cs.auckland.ac.nz>
+
+0.7.2m - the first release
diff --git a/crypto/bf/asm/b-win32.asm b/crypto/bf/asm/b-win32.asm
new file mode 100644
index 0000000..bef272e
--- /dev/null
+++ b/crypto/bf/asm/b-win32.asm
@@ -0,0 +1,662 @@
+ ; Don't even think of reading this code
+ ; It was automatically generated by bf586.pl
+ ; Which is a perl program used to generate the x86 assember for
+ ; any of elf, a.out, Win32, or Solaris
+ ; It can be found in SSLeay 0.7.0+
+ ; eric <eay@cryptsoft.com>
+ ;
+ TITLE bfx86xxxx.asm
+ .386
+.model FLAT
+_TEXT SEGMENT
+PUBLIC _BF_encrypt
+_BF_encrypt PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the 2 words
+ mov eax, DWORD PTR 20[esp]
+ mov ecx, DWORD PTR [eax]
+ mov edx, DWORD PTR 4[eax]
+ ;
+ ; P pointer, s and enc flag
+ mov edi, DWORD PTR 24[esp]
+ xor eax, eax
+ xor ebx, ebx
+ mov ebp, DWORD PTR 28[esp]
+ cmp ebp, 0
+ je $L000start_decrypt
+ xor ecx, DWORD PTR [edi]
+ ;
+ ; Round 0
+ ror ecx, 16
+ mov esi, DWORD PTR 4[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 1
+ ror edx, 16
+ mov esi, DWORD PTR 8[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 2
+ ror ecx, 16
+ mov esi, DWORD PTR 12[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 3
+ ror edx, 16
+ mov esi, DWORD PTR 16[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 4
+ ror ecx, 16
+ mov esi, DWORD PTR 20[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 5
+ ror edx, 16
+ mov esi, DWORD PTR 24[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 6
+ ror ecx, 16
+ mov esi, DWORD PTR 28[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 7
+ ror edx, 16
+ mov esi, DWORD PTR 32[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 8
+ ror ecx, 16
+ mov esi, DWORD PTR 36[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 9
+ ror edx, 16
+ mov esi, DWORD PTR 40[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 10
+ ror ecx, 16
+ mov esi, DWORD PTR 44[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 11
+ ror edx, 16
+ mov esi, DWORD PTR 48[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 12
+ ror ecx, 16
+ mov esi, DWORD PTR 52[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 13
+ ror edx, 16
+ mov esi, DWORD PTR 56[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 14
+ ror ecx, 16
+ mov esi, DWORD PTR 60[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 15
+ ror edx, 16
+ mov esi, DWORD PTR 64[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ xor edx, DWORD PTR 68[edi]
+ mov eax, DWORD PTR 20[esp]
+ mov DWORD PTR [eax],edx
+ mov DWORD PTR 4[eax],ecx
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+$L000start_decrypt:
+ xor ecx, DWORD PTR 68[edi]
+ ;
+ ; Round 16
+ ror ecx, 16
+ mov esi, DWORD PTR 64[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 15
+ ror edx, 16
+ mov esi, DWORD PTR 60[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 14
+ ror ecx, 16
+ mov esi, DWORD PTR 56[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 13
+ ror edx, 16
+ mov esi, DWORD PTR 52[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 12
+ ror ecx, 16
+ mov esi, DWORD PTR 48[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 11
+ ror edx, 16
+ mov esi, DWORD PTR 44[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 10
+ ror ecx, 16
+ mov esi, DWORD PTR 40[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 9
+ ror edx, 16
+ mov esi, DWORD PTR 36[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 8
+ ror ecx, 16
+ mov esi, DWORD PTR 32[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 7
+ ror edx, 16
+ mov esi, DWORD PTR 28[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 6
+ ror ecx, 16
+ mov esi, DWORD PTR 24[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 5
+ ror edx, 16
+ mov esi, DWORD PTR 20[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 4
+ ror ecx, 16
+ mov esi, DWORD PTR 16[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 3
+ ror edx, 16
+ mov esi, DWORD PTR 12[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 2
+ ror ecx, 16
+ mov esi, DWORD PTR 8[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 1
+ ror edx, 16
+ mov esi, DWORD PTR 4[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ xor edx, DWORD PTR [edi]
+ mov eax, DWORD PTR 20[esp]
+ mov DWORD PTR [eax],edx
+ mov DWORD PTR 4[eax],ecx
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_BF_encrypt ENDP
+_TEXT ENDS
+END
diff --git a/crypto/bf/asm/bf586.pl b/crypto/bf/asm/bf586.pl
new file mode 100644
index 0000000..bcb53cf
--- /dev/null
+++ b/crypto/bf/asm/bf586.pl
@@ -0,0 +1,159 @@
+#!/usr/local/bin/perl
+#!/usr/local/bin/perl
+
+$prog="bf586.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.7.0+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("bfx86xxxx");
+
+$BF_ROUNDS=16;
+$BF_OFF=($BF_ROUNDS+2)*4;
+$L="ecx";
+$R="edx";
+$P="edi";
+$tot="esi";
+$tmp1="eax";
+$tmp2="ebx";
+$tmp3="ebp";
+
+&des_encrypt("BF_encrypt");
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name)=@_;
+
+ &function_begin($name,3,"");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($L,&DWP(0,"eax","",0));
+ &mov($R,&DWP(4,"eax","",0));
+
+ &comment("");
+ &comment("P pointer, s and enc flag");
+ &mov($P,&wparam(1));
+
+ &xor( $tmp1, $tmp1);
+ &xor( $tmp2, $tmp2);
+
+ # encrypting part
+
+ &mov("ebp",&wparam(2)); # get encrypt flag
+ &cmp("ebp","0");
+ &je(&label("start_decrypt"));
+
+ &xor($L,&DWP(0,$P,"",0));
+ for ($i=0; $i<$BF_ROUNDS; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i+1,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &BF_ENCRYPT($i+2,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+ }
+ &xor($R,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$R);
+ &mov(&DWP(4,"eax","",0),$L);
+ &function_end_A($name);
+
+ &set_label("start_decrypt");
+
+ &xor($L,&DWP(($BF_ROUNDS+1)*4,$P,"",0));
+ for ($i=$BF_ROUNDS; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &BF_ENCRYPT($i,$R,$L,$P,$tot,$tmp1,$tmp2,$tmp3);
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &BF_ENCRYPT($i-1,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3);
+ }
+ &xor($R,&DWP(0,$P,"",0));
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$R);
+ &mov(&DWP(4,"eax","",0),$L);
+ &function_end_A($name);
+
+ &function_end_B($name);
+ }
+
+sub BF_ENCRYPT
+ {
+ local($i,$L,$R,$P,$tot,$tmp1,$tmp2,$tmp3)=@_;
+
+ &rotr( $R, 16);
+ &mov( $tot, &DWP(&n2a($i*4),$P,"",0));
+
+ &movb( &LB($tmp1), &HB($R));
+ &movb( &LB($tmp2), &LB($R));
+
+ &rotr( $R, 16);
+ &xor( $L, $tot);
+
+ &mov( $tot, &DWP(&n2a($BF_OFF+0x0000),$P,$tmp1,4));
+ &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0400),$P,$tmp2,4));
+
+ &movb( &LB($tmp1), &HB($R));
+ &movb( &LB($tmp2), &LB($R));
+
+ &add( $tot, $tmp3);
+ &mov( $tmp1, &DWP(&n2a($BF_OFF+0x0800),$P,$tmp1,4)); # delay
+
+ &xor( $tot, $tmp1);
+ &mov( $tmp3, &DWP(&n2a($BF_OFF+0x0C00),$P,$tmp2,4));
+
+ &add( $tot, $tmp3);
+ &xor( $tmp1, $tmp1);
+
+ &xor( $L, $tot);
+ # delay
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
diff --git a/crypto/bf/asm/bx86-cpp.s b/crypto/bf/asm/bx86-cpp.s
new file mode 100644
index 0000000..0925137
--- /dev/null
+++ b/crypto/bf/asm/bx86-cpp.s
@@ -0,0 +1,666 @@
+ /* Don't even think of reading this code */
+ /* It was automatically generated by bf586.pl */
+ /* Which is a perl program used to generate the x86 assember for */
+ /* any of elf, a.out, Win32, or Solaris */
+ /* It can be found in SSLeay 0.7.0+ */
+ /* eric <eay@cryptsoft.com> */
+
+ .file "bfx86xxxx.s"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align ALIGN
+.globl BF_encrypt
+ TYPE(BF_encrypt,@function)
+BF_encrypt:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+
+ /* Load the 2 words */
+ movl 20(%esp), %eax
+ movl (%eax), %ecx
+ movl 4(%eax), %edx
+
+ /* P pointer, s and enc flag */
+ movl 24(%esp), %edi
+ xorl %eax, %eax
+ xorl %ebx, %ebx
+ movl 28(%esp), %ebp
+ cmpl $0, %ebp
+ je .L000start_decrypt
+ xorl (%edi), %ecx
+
+ /* Round 0 */
+ rorl $16, %ecx
+ movl 4(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 1 */
+ rorl $16, %edx
+ movl 8(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 2 */
+ rorl $16, %ecx
+ movl 12(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 3 */
+ rorl $16, %edx
+ movl 16(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 4 */
+ rorl $16, %ecx
+ movl 20(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 5 */
+ rorl $16, %edx
+ movl 24(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 6 */
+ rorl $16, %ecx
+ movl 28(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 7 */
+ rorl $16, %edx
+ movl 32(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 8 */
+ rorl $16, %ecx
+ movl 36(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 9 */
+ rorl $16, %edx
+ movl 40(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 10 */
+ rorl $16, %ecx
+ movl 44(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 11 */
+ rorl $16, %edx
+ movl 48(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 12 */
+ rorl $16, %ecx
+ movl 52(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 13 */
+ rorl $16, %edx
+ movl 56(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 14 */
+ rorl $16, %ecx
+ movl 60(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 15 */
+ rorl $16, %edx
+ movl 64(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+ xorl 68(%edi), %edx
+ movl 20(%esp), %eax
+ movl %edx, (%eax)
+ movl %ecx, 4(%eax)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.align ALIGN
+.L000start_decrypt:
+ xorl 68(%edi), %ecx
+
+ /* Round 16 */
+ rorl $16, %ecx
+ movl 64(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 15 */
+ rorl $16, %edx
+ movl 60(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 14 */
+ rorl $16, %ecx
+ movl 56(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 13 */
+ rorl $16, %edx
+ movl 52(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 12 */
+ rorl $16, %ecx
+ movl 48(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 11 */
+ rorl $16, %edx
+ movl 44(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 10 */
+ rorl $16, %ecx
+ movl 40(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 9 */
+ rorl $16, %edx
+ movl 36(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 8 */
+ rorl $16, %ecx
+ movl 32(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 7 */
+ rorl $16, %edx
+ movl 28(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 6 */
+ rorl $16, %ecx
+ movl 24(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 5 */
+ rorl $16, %edx
+ movl 20(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 4 */
+ rorl $16, %ecx
+ movl 16(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 3 */
+ rorl $16, %edx
+ movl 12(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+
+ /* Round 2 */
+ rorl $16, %ecx
+ movl 8(%edi), %esi
+ movb %ch, %al
+ movb %cl, %bl
+ rorl $16, %ecx
+ xorl %esi, %edx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %ch, %al
+ movb %cl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %edx
+
+ /* Round 1 */
+ rorl $16, %edx
+ movl 4(%edi), %esi
+ movb %dh, %al
+ movb %dl, %bl
+ rorl $16, %edx
+ xorl %esi, %ecx
+ movl 72(%edi,%eax,4),%esi
+ movl 1096(%edi,%ebx,4),%ebp
+ movb %dh, %al
+ movb %dl, %bl
+ addl %ebp, %esi
+ movl 2120(%edi,%eax,4),%eax
+ xorl %eax, %esi
+ movl 3144(%edi,%ebx,4),%ebp
+ addl %ebp, %esi
+ xorl %eax, %eax
+ xorl %esi, %ecx
+ xorl (%edi), %edx
+ movl 20(%esp), %eax
+ movl %edx, (%eax)
+ movl %ecx, 4(%eax)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.BF_encrypt_end:
+ SIZE(BF_encrypt,.BF_encrypt_end-BF_encrypt)
+.ident "desasm.pl"
diff --git a/crypto/bf/asm/bx86unix.cpp b/crypto/bf/asm/bx86unix.cpp
new file mode 100644
index 0000000..dcb10d2
--- /dev/null
+++ b/crypto/bf/asm/bx86unix.cpp
@@ -0,0 +1,33 @@
+
+#define TYPE(a,b) .type a,b
+#define SIZE(a,b) .size a,b
+
+#ifdef OUT
+#define OK 1
+#define BF_encrypt _BF_encrypt
+#define ALIGN 4
+#endif
+
+#ifdef BSDI
+#define OK 1
+#define BF_encrypt _BF_encrypt
+#define ALIGN 4
+#undef SIZE
+#undef TYPE
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK 1
+#define ALIGN 16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+#include "bx86-cpp.s"
+
diff --git a/crypto/bf/asm/readme b/crypto/bf/asm/readme
new file mode 100644
index 0000000..71e4bb2
--- /dev/null
+++ b/crypto/bf/asm/readme
@@ -0,0 +1,3 @@
+If you want more of an idea of how this all works,
+have a read of the readme file in SSLeay/crypto/des/asm.
+SSLeay can be found at ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL.
diff --git a/crypto/bf/asm/win32.asm b/crypto/bf/asm/win32.asm
new file mode 100644
index 0000000..6d2333f
--- /dev/null
+++ b/crypto/bf/asm/win32.asm
@@ -0,0 +1,663 @@
+ ; Don't even think of reading this code
+ ; It was automatically generated by bf586.pl
+ ; Which is a perl program used to generate the x86 assember for
+ ; any of elf, a.out, Win32, or Solaris
+ ; It can be found in SSLeay 0.7.0+
+ ; eric <eay@cryptsoft.com>
+ ;
+ TITLE bfx86xxxx.asm
+ .386
+.model FLAT
+_TEXT SEGMENT
+PUBLIC _BF_encrypt
+EXTRN _des_SPtrans:DWORD
+_BF_encrypt PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the 2 words
+ mov eax, DWORD PTR 20[esp]
+ mov ecx, DWORD PTR [eax]
+ mov edx, DWORD PTR 4[eax]
+ ;
+ ; P pointer, s and enc flag
+ mov edi, DWORD PTR 24[esp]
+ xor eax, eax
+ xor ebx, ebx
+ mov ebp, DWORD PTR 28[esp]
+ cmp ebp, 0
+ je $L000start_decrypt
+ xor ecx, DWORD PTR [edi]
+ ;
+ ; Round 0
+ ror ecx, 16
+ mov esi, DWORD PTR 4[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 1
+ ror edx, 16
+ mov esi, DWORD PTR 8[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 2
+ ror ecx, 16
+ mov esi, DWORD PTR 12[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 3
+ ror edx, 16
+ mov esi, DWORD PTR 16[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 4
+ ror ecx, 16
+ mov esi, DWORD PTR 20[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 5
+ ror edx, 16
+ mov esi, DWORD PTR 24[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 6
+ ror ecx, 16
+ mov esi, DWORD PTR 28[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 7
+ ror edx, 16
+ mov esi, DWORD PTR 32[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 8
+ ror ecx, 16
+ mov esi, DWORD PTR 36[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 9
+ ror edx, 16
+ mov esi, DWORD PTR 40[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 10
+ ror ecx, 16
+ mov esi, DWORD PTR 44[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 11
+ ror edx, 16
+ mov esi, DWORD PTR 48[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 12
+ ror ecx, 16
+ mov esi, DWORD PTR 52[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 13
+ ror edx, 16
+ mov esi, DWORD PTR 56[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 14
+ ror ecx, 16
+ mov esi, DWORD PTR 60[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 15
+ ror edx, 16
+ mov esi, DWORD PTR 64[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ xor edx, DWORD PTR 68[edi]
+ mov eax, DWORD PTR 20[esp]
+ mov DWORD PTR [eax],edx
+ mov DWORD PTR 4[eax],ecx
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+$L000start_decrypt:
+ xor ecx, DWORD PTR 68[edi]
+ ;
+ ; Round 16
+ ror ecx, 16
+ mov esi, DWORD PTR 64[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 15
+ ror edx, 16
+ mov esi, DWORD PTR 60[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 14
+ ror ecx, 16
+ mov esi, DWORD PTR 56[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 13
+ ror edx, 16
+ mov esi, DWORD PTR 52[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 12
+ ror ecx, 16
+ mov esi, DWORD PTR 48[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 11
+ ror edx, 16
+ mov esi, DWORD PTR 44[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 10
+ ror ecx, 16
+ mov esi, DWORD PTR 40[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 9
+ ror edx, 16
+ mov esi, DWORD PTR 36[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 8
+ ror ecx, 16
+ mov esi, DWORD PTR 32[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 7
+ ror edx, 16
+ mov esi, DWORD PTR 28[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 6
+ ror ecx, 16
+ mov esi, DWORD PTR 24[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 5
+ ror edx, 16
+ mov esi, DWORD PTR 20[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 4
+ ror ecx, 16
+ mov esi, DWORD PTR 16[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 3
+ ror edx, 16
+ mov esi, DWORD PTR 12[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ ;
+ ; Round 2
+ ror ecx, 16
+ mov esi, DWORD PTR 8[edi]
+ mov al, ch
+ mov bl, cl
+ ror ecx, 16
+ xor edx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, ch
+ mov bl, cl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor edx, esi
+ ;
+ ; Round 1
+ ror edx, 16
+ mov esi, DWORD PTR 4[edi]
+ mov al, dh
+ mov bl, dl
+ ror edx, 16
+ xor ecx, esi
+ mov esi, DWORD PTR 72[eax*4+edi]
+ mov ebp, DWORD PTR 1096[ebx*4+edi]
+ mov al, dh
+ mov bl, dl
+ add esi, ebp
+ mov eax, DWORD PTR 2120[eax*4+edi]
+ xor esi, eax
+ mov ebp, DWORD PTR 3144[ebx*4+edi]
+ add esi, ebp
+ xor eax, eax
+ xor ecx, esi
+ xor edx, DWORD PTR [edi]
+ mov eax, DWORD PTR 20[esp]
+ mov DWORD PTR [eax],edx
+ mov DWORD PTR 4[eax],ecx
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_BF_encrypt ENDP
+_TEXT ENDS
+END
diff --git a/crypto/bf/bf_cbc.c b/crypto/bf/bf_cbc.c
new file mode 100644
index 0000000..3d05d27
--- /dev/null
+++ b/crypto/bf/bf_cbc.c
@@ -0,0 +1,148 @@
+/* crypto/bf/bf_cbc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+void BF_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register BF_LONG tin0,tin1;
+ register BF_LONG tout0,tout1,xor0,xor1;
+ register long l=length;
+ BF_LONG tin[2];
+
+ if (encrypt)
+ {
+ n2l(iv,tout0);
+ n2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks,BF_ENCRYPT);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ if (l != -8)
+ {
+ n2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks,BF_ENCRYPT);
+ tout0=tin[0];
+ tout1=tin[1];
+ l2n(tout0,out);
+ l2n(tout1,out);
+ }
+ l2n(tout0,iv);
+ l2n(tout1,iv);
+ }
+ else
+ {
+ n2l(iv,xor0);
+ n2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks,BF_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2n(tout0,out);
+ l2n(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin[0]=tin0;
+ tin[1]=tin1;
+ BF_encrypt(tin,ks,BF_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2nn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2n(xor0,iv);
+ l2n(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/crypto/bf/bf_cfb64.c b/crypto/bf/bf_cfb64.c
new file mode 100644
index 0000000..92fc682
--- /dev/null
+++ b/crypto/bf/bf_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/bf/bf_cfb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void BF_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+ {
+ register BF_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ BF_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (encrypt)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=t=c=cc=0;
+ *num=n;
+ }
+
diff --git a/crypto/bf/bf_ecb.c b/crypto/bf/bf_ecb.c
new file mode 100644
index 0000000..7840352
--- /dev/null
+++ b/crypto/bf/bf_ecb.c
@@ -0,0 +1,95 @@
+/* crypto/bf/bf_ecb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+char *BF_version="BlowFish part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *BF_options()
+ {
+#ifdef BF_PTR
+ return("blowfish(ptr)");
+#elif defined(BF_PTR2)
+ return("blowfish(ptr2)");
+#else
+ return("blowfish(idx)");
+#endif
+ }
+
+void BF_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+BF_KEY *ks;
+int encrypt;
+ {
+ BF_LONG l,d[2];
+
+ n2l(in,l); d[0]=l;
+ n2l(in,l); d[1]=l;
+ BF_encrypt(d,ks,encrypt);
+ l=d[0]; l2n(l,out);
+ l=d[1]; l2n(l,out);
+ l=d[0]=d[1]=0;
+ }
+
diff --git a/crypto/bf/bf_enc.c b/crypto/bf/bf_enc.c
new file mode 100644
index 0000000..9bcc216
--- /dev/null
+++ b/crypto/bf/bf_enc.c
@@ -0,0 +1,140 @@
+/* crypto/bf/bf_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* Blowfish as implemented from 'Blowfish: Springer-Verlag paper'
+ * (From LECTURE NOTES IN COIMPUTER SCIENCE 809, FAST SOFTWARE ENCRYPTION,
+ * CAMBRIDGE SECURITY WORKSHOP, CAMBRIDGE, U.K., DECEMBER 9-11, 1993)
+ */
+
+#if (BF_ROUNDS != 16) && (BF_ROUNDS != 20)
+If you set BF_ROUNDS to some value other than 16 or 20, you will have
+to modify the code.
+#endif
+
+void BF_encrypt(data,key,encrypt)
+BF_LONG *data;
+BF_KEY *key;
+int encrypt;
+ {
+ register BF_LONG l,r,*p,*s;
+
+ p=key->P;
+ s= &(key->S[0]);
+ l=data[0];
+ r=data[1];
+
+ if (encrypt)
+ {
+ l^=p[0];
+ BF_ENC(r,l,s,p[ 1]);
+ BF_ENC(l,r,s,p[ 2]);
+ BF_ENC(r,l,s,p[ 3]);
+ BF_ENC(l,r,s,p[ 4]);
+ BF_ENC(r,l,s,p[ 5]);
+ BF_ENC(l,r,s,p[ 6]);
+ BF_ENC(r,l,s,p[ 7]);
+ BF_ENC(l,r,s,p[ 8]);
+ BF_ENC(r,l,s,p[ 9]);
+ BF_ENC(l,r,s,p[10]);
+ BF_ENC(r,l,s,p[11]);
+ BF_ENC(l,r,s,p[12]);
+ BF_ENC(r,l,s,p[13]);
+ BF_ENC(l,r,s,p[14]);
+ BF_ENC(r,l,s,p[15]);
+ BF_ENC(l,r,s,p[16]);
+#if BF_ROUNDS == 20
+ BF_ENC(r,l,s,p[17]);
+ BF_ENC(l,r,s,p[18]);
+ BF_ENC(r,l,s,p[19]);
+ BF_ENC(l,r,s,p[20]);
+#endif
+ r^=p[BF_ROUNDS+1];
+ }
+ else
+ {
+ l^=p[BF_ROUNDS+1];
+#if BF_ROUNDS == 20
+ BF_ENC(r,l,s,p[20]);
+ BF_ENC(l,r,s,p[19]);
+ BF_ENC(r,l,s,p[18]);
+ BF_ENC(l,r,s,p[17]);
+#endif
+ BF_ENC(r,l,s,p[16]);
+ BF_ENC(l,r,s,p[15]);
+ BF_ENC(r,l,s,p[14]);
+ BF_ENC(l,r,s,p[13]);
+ BF_ENC(r,l,s,p[12]);
+ BF_ENC(l,r,s,p[11]);
+ BF_ENC(r,l,s,p[10]);
+ BF_ENC(l,r,s,p[ 9]);
+ BF_ENC(r,l,s,p[ 8]);
+ BF_ENC(l,r,s,p[ 7]);
+ BF_ENC(r,l,s,p[ 6]);
+ BF_ENC(l,r,s,p[ 5]);
+ BF_ENC(r,l,s,p[ 4]);
+ BF_ENC(l,r,s,p[ 3]);
+ BF_ENC(r,l,s,p[ 2]);
+ BF_ENC(l,r,s,p[ 1]);
+ r^=p[0];
+ }
+ data[1]=l&0xffffffffL;
+ data[0]=r&0xffffffffL;
+ }
diff --git a/crypto/bf/bf_locl b/crypto/bf/bf_locl
new file mode 100644
index 0000000..abc23d7
--- /dev/null
+++ b/crypto/bf/bf_locl
@@ -0,0 +1,243 @@
+/* crypto/bf/bf_local.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@mincom.oz.au)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@mincom.oz.au).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@mincom.oz.au)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun ) /* Newer Sparc's */
+# define BF_PTR
+#elif defined( __ultrix ) /* Older MIPS */
+# define BF_PTR
+#elif defined( __osf1__ ) /* Alpha */
+ /* None */
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* None */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+ /* Unknown */
+#elif defined( __sgi ) /* Newer MIPS */
+# define BF_PTR
+#elif defined( i386 ) /* x86 boxes, should be gcc */
+# define BF_PTR2
+#elif defined( _MSC_VER ) /* x86 boxes, Visual C */
+# define BF_PTR2
+#endif /* Systems-specific speed defines */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* This is actually a big endian algorithm, the most significate byte
+ * is used to lookup array 0 */
+
+/* use BF_PTR2 for intel boxes,
+ * BF_PTR for sparc and MIPS/SGI
+ * use nothing for Alpha and HP.
+ */
+#if !defined(BF_PTR) && !defined(BF_PTR2)
+#undef BF_PTR
+#endif
+
+#define BF_M 0x3fc
+#define BF_0 22L
+#define BF_1 14L
+#define BF_2 6L
+#define BF_3 2L /* left shift */
+
+#if defined(BF_PTR2)
+
+/* This is basically a special pentium verson */
+#define BF_ENC(LL,R,S,P) \
+ { \
+ BF_LONG t,u,v; \
+ u=R>>BF_0; \
+ v=R>>BF_1; \
+ u&=BF_M; \
+ v&=BF_M; \
+ t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \
+ u=R>>BF_2; \
+ t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
+ v=R<<BF_3; \
+ u&=BF_M; \
+ v&=BF_M; \
+ t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
+ LL^=P; \
+ t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
+ LL^=t; \
+ }
+
+#elif defined(BF_PTR)
+
+/* This is normally very good */
+
+#define BF_ENC(LL,R,S,P) \
+ LL^=P; \
+ LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
+ *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+ *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+ *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
+#else
+
+/* This will always work, even on 64 bit machines and strangly enough,
+ * on the Alpha it is faster than the pointer versions (both 32 and 64
+ * versions of BF_LONG) */
+
+#define BF_ENC(LL,R,S,P) \
+ LL^=P; \
+ LL^=((( S[ (int)(R>>24L) ] + \
+ S[0x0100+((int)(R>>16L)&0xff)])^ \
+ S[0x0200+((int)(R>> 8L)&0xff)])+ \
+ S[0x0300+((int)(R )&0xff)])&0xffffffffL;
+#endif
diff --git a/crypto/bf/bf_locl.h b/crypto/bf/bf_locl.h
new file mode 100644
index 0000000..592ece9
--- /dev/null
+++ b/crypto/bf/bf_locl.h
@@ -0,0 +1,244 @@
+/* crypto/bf/bf_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun ) /* Newer Sparc's */
+# define BF_PTR
+#elif defined( __ultrix ) /* Older MIPS */
+# define BF_PTR
+#elif defined( __osf1__ ) /* Alpha */
+ /* None */
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* None */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+ /* Unknown */
+#elif defined( __sgi ) /* Newer MIPS */
+# define BF_PTR
+#elif defined( i386 ) /* x86 boxes, should be gcc */
+# define BF_PTR2
+#elif defined( _MSC_VER ) /* x86 boxes, Visual C */
+# define BF_PTR2
+#endif /* Systems-specific speed defines */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* This is actually a big endian algorithm, the most significate byte
+ * is used to lookup array 0 */
+
+/* use BF_PTR2 for intel boxes,
+ * BF_PTR for sparc and MIPS/SGI
+ * use nothing for Alpha and HP.
+ */
+#if !defined(BF_PTR) && !defined(BF_PTR2)
+#undef BF_PTR
+#endif
+
+#define BF_M 0x3fc
+#define BF_0 22L
+#define BF_1 14L
+#define BF_2 6L
+#define BF_3 2L /* left shift */
+
+#if defined(BF_PTR2)
+
+/* This is basically a special pentium verson */
+#define BF_ENC(LL,R,S,P) \
+ { \
+ BF_LONG t,u,v; \
+ u=R>>BF_0; \
+ v=R>>BF_1; \
+ u&=BF_M; \
+ v&=BF_M; \
+ t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \
+ u=R>>BF_2; \
+ t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
+ v=R<<BF_3; \
+ u&=BF_M; \
+ v&=BF_M; \
+ t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
+ LL^=P; \
+ t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
+ LL^=t; \
+ }
+
+#elif defined(BF_PTR)
+
+/* This is normally very good */
+
+#define BF_ENC(LL,R,S,P) \
+ LL^=P; \
+ LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
+ *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+ *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+ *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
+#else
+
+/* This will always work, even on 64 bit machines and strangly enough,
+ * on the Alpha it is faster than the pointer versions (both 32 and 64
+ * versions of BF_LONG) */
+
+#define BF_ENC(LL,R,S,P) \
+ LL^=P; \
+ LL^=((( S[ (int)(R>>24L) ] + \
+ S[0x0100+((int)(R>>16L)&0xff)])^ \
+ S[0x0200+((int)(R>> 8L)&0xff)])+ \
+ S[0x0300+((int)(R )&0xff)])&0xffffffffL;
+#endif
diff --git a/crypto/bf/bf_locl.org b/crypto/bf/bf_locl.org
new file mode 100644
index 0000000..592ece9
--- /dev/null
+++ b/crypto/bf/bf_locl.org
@@ -0,0 +1,244 @@
+/* crypto/bf/bf_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bf_locl.org since bf_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun ) /* Newer Sparc's */
+# define BF_PTR
+#elif defined( __ultrix ) /* Older MIPS */
+# define BF_PTR
+#elif defined( __osf1__ ) /* Alpha */
+ /* None */
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* None */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+ /* Unknown */
+#elif defined( __sgi ) /* Newer MIPS */
+# define BF_PTR
+#elif defined( i386 ) /* x86 boxes, should be gcc */
+# define BF_PTR2
+#elif defined( _MSC_VER ) /* x86 boxes, Visual C */
+# define BF_PTR2
+#endif /* Systems-specific speed defines */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* This is actually a big endian algorithm, the most significate byte
+ * is used to lookup array 0 */
+
+/* use BF_PTR2 for intel boxes,
+ * BF_PTR for sparc and MIPS/SGI
+ * use nothing for Alpha and HP.
+ */
+#if !defined(BF_PTR) && !defined(BF_PTR2)
+#undef BF_PTR
+#endif
+
+#define BF_M 0x3fc
+#define BF_0 22L
+#define BF_1 14L
+#define BF_2 6L
+#define BF_3 2L /* left shift */
+
+#if defined(BF_PTR2)
+
+/* This is basically a special pentium verson */
+#define BF_ENC(LL,R,S,P) \
+ { \
+ BF_LONG t,u,v; \
+ u=R>>BF_0; \
+ v=R>>BF_1; \
+ u&=BF_M; \
+ v&=BF_M; \
+ t= *(BF_LONG *)((unsigned char *)&(S[ 0])+u); \
+ u=R>>BF_2; \
+ t+= *(BF_LONG *)((unsigned char *)&(S[256])+v); \
+ v=R<<BF_3; \
+ u&=BF_M; \
+ v&=BF_M; \
+ t^= *(BF_LONG *)((unsigned char *)&(S[512])+u); \
+ LL^=P; \
+ t+= *(BF_LONG *)((unsigned char *)&(S[768])+v); \
+ LL^=t; \
+ }
+
+#elif defined(BF_PTR)
+
+/* This is normally very good */
+
+#define BF_ENC(LL,R,S,P) \
+ LL^=P; \
+ LL^= (((*(BF_LONG *)((unsigned char *)&(S[ 0])+((R>>BF_0)&BF_M))+ \
+ *(BF_LONG *)((unsigned char *)&(S[256])+((R>>BF_1)&BF_M)))^ \
+ *(BF_LONG *)((unsigned char *)&(S[512])+((R>>BF_2)&BF_M)))+ \
+ *(BF_LONG *)((unsigned char *)&(S[768])+((R<<BF_3)&BF_M)));
+#else
+
+/* This will always work, even on 64 bit machines and strangly enough,
+ * on the Alpha it is faster than the pointer versions (both 32 and 64
+ * versions of BF_LONG) */
+
+#define BF_ENC(LL,R,S,P) \
+ LL^=P; \
+ LL^=((( S[ (int)(R>>24L) ] + \
+ S[0x0100+((int)(R>>16L)&0xff)])^ \
+ S[0x0200+((int)(R>> 8L)&0xff)])+ \
+ S[0x0300+((int)(R )&0xff)])&0xffffffffL;
+#endif
diff --git a/crypto/bf/bf_ofb64.c b/crypto/bf/bf_ofb64.c
new file mode 100644
index 0000000..e95aca5
--- /dev/null
+++ b/crypto/bf/bf_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/bf/bf_ofb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "blowfish.h"
+#include "bf_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void BF_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+BF_KEY *schedule;
+unsigned char *ivec;
+int *num;
+ {
+ register BF_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned char d[8];
+ register char *dp;
+ BF_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ n2l(iv,v0);
+ n2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2n(v0,dp);
+ l2n(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ BF_encrypt((BF_LONG *)ti,schedule,BF_ENCRYPT);
+ dp=(char *)d;
+ t=ti[0]; l2n(t,dp);
+ t=ti[1]; l2n(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2n(v0,iv);
+ l2n(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/crypto/bf/bf_pi.h b/crypto/bf/bf_pi.h
new file mode 100644
index 0000000..f5918b3
--- /dev/null
+++ b/crypto/bf/bf_pi.h
@@ -0,0 +1,325 @@
+/* crypto/bf/bf_pi.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static BF_KEY bf_init= {
+ {
+ 0x243f6a88L, 0x85a308d3L, 0x13198a2eL, 0x03707344L,
+ 0xa4093822L, 0x299f31d0L, 0x082efa98L, 0xec4e6c89L,
+ 0x452821e6L, 0x38d01377L, 0xbe5466cfL, 0x34e90c6cL,
+ 0xc0ac29b7L, 0xc97c50ddL, 0x3f84d5b5L, 0xb5470917L,
+ 0x9216d5d9L, 0x8979fb1b
+ },{
+ 0xd1310ba6L, 0x98dfb5acL, 0x2ffd72dbL, 0xd01adfb7L,
+ 0xb8e1afedL, 0x6a267e96L, 0xba7c9045L, 0xf12c7f99L,
+ 0x24a19947L, 0xb3916cf7L, 0x0801f2e2L, 0x858efc16L,
+ 0x636920d8L, 0x71574e69L, 0xa458fea3L, 0xf4933d7eL,
+ 0x0d95748fL, 0x728eb658L, 0x718bcd58L, 0x82154aeeL,
+ 0x7b54a41dL, 0xc25a59b5L, 0x9c30d539L, 0x2af26013L,
+ 0xc5d1b023L, 0x286085f0L, 0xca417918L, 0xb8db38efL,
+ 0x8e79dcb0L, 0x603a180eL, 0x6c9e0e8bL, 0xb01e8a3eL,
+ 0xd71577c1L, 0xbd314b27L, 0x78af2fdaL, 0x55605c60L,
+ 0xe65525f3L, 0xaa55ab94L, 0x57489862L, 0x63e81440L,
+ 0x55ca396aL, 0x2aab10b6L, 0xb4cc5c34L, 0x1141e8ceL,
+ 0xa15486afL, 0x7c72e993L, 0xb3ee1411L, 0x636fbc2aL,
+ 0x2ba9c55dL, 0x741831f6L, 0xce5c3e16L, 0x9b87931eL,
+ 0xafd6ba33L, 0x6c24cf5cL, 0x7a325381L, 0x28958677L,
+ 0x3b8f4898L, 0x6b4bb9afL, 0xc4bfe81bL, 0x66282193L,
+ 0x61d809ccL, 0xfb21a991L, 0x487cac60L, 0x5dec8032L,
+ 0xef845d5dL, 0xe98575b1L, 0xdc262302L, 0xeb651b88L,
+ 0x23893e81L, 0xd396acc5L, 0x0f6d6ff3L, 0x83f44239L,
+ 0x2e0b4482L, 0xa4842004L, 0x69c8f04aL, 0x9e1f9b5eL,
+ 0x21c66842L, 0xf6e96c9aL, 0x670c9c61L, 0xabd388f0L,
+ 0x6a51a0d2L, 0xd8542f68L, 0x960fa728L, 0xab5133a3L,
+ 0x6eef0b6cL, 0x137a3be4L, 0xba3bf050L, 0x7efb2a98L,
+ 0xa1f1651dL, 0x39af0176L, 0x66ca593eL, 0x82430e88L,
+ 0x8cee8619L, 0x456f9fb4L, 0x7d84a5c3L, 0x3b8b5ebeL,
+ 0xe06f75d8L, 0x85c12073L, 0x401a449fL, 0x56c16aa6L,
+ 0x4ed3aa62L, 0x363f7706L, 0x1bfedf72L, 0x429b023dL,
+ 0x37d0d724L, 0xd00a1248L, 0xdb0fead3L, 0x49f1c09bL,
+ 0x075372c9L, 0x80991b7bL, 0x25d479d8L, 0xf6e8def7L,
+ 0xe3fe501aL, 0xb6794c3bL, 0x976ce0bdL, 0x04c006baL,
+ 0xc1a94fb6L, 0x409f60c4L, 0x5e5c9ec2L, 0x196a2463L,
+ 0x68fb6fafL, 0x3e6c53b5L, 0x1339b2ebL, 0x3b52ec6fL,
+ 0x6dfc511fL, 0x9b30952cL, 0xcc814544L, 0xaf5ebd09L,
+ 0xbee3d004L, 0xde334afdL, 0x660f2807L, 0x192e4bb3L,
+ 0xc0cba857L, 0x45c8740fL, 0xd20b5f39L, 0xb9d3fbdbL,
+ 0x5579c0bdL, 0x1a60320aL, 0xd6a100c6L, 0x402c7279L,
+ 0x679f25feL, 0xfb1fa3ccL, 0x8ea5e9f8L, 0xdb3222f8L,
+ 0x3c7516dfL, 0xfd616b15L, 0x2f501ec8L, 0xad0552abL,
+ 0x323db5faL, 0xfd238760L, 0x53317b48L, 0x3e00df82L,
+ 0x9e5c57bbL, 0xca6f8ca0L, 0x1a87562eL, 0xdf1769dbL,
+ 0xd542a8f6L, 0x287effc3L, 0xac6732c6L, 0x8c4f5573L,
+ 0x695b27b0L, 0xbbca58c8L, 0xe1ffa35dL, 0xb8f011a0L,
+ 0x10fa3d98L, 0xfd2183b8L, 0x4afcb56cL, 0x2dd1d35bL,
+ 0x9a53e479L, 0xb6f84565L, 0xd28e49bcL, 0x4bfb9790L,
+ 0xe1ddf2daL, 0xa4cb7e33L, 0x62fb1341L, 0xcee4c6e8L,
+ 0xef20cadaL, 0x36774c01L, 0xd07e9efeL, 0x2bf11fb4L,
+ 0x95dbda4dL, 0xae909198L, 0xeaad8e71L, 0x6b93d5a0L,
+ 0xd08ed1d0L, 0xafc725e0L, 0x8e3c5b2fL, 0x8e7594b7L,
+ 0x8ff6e2fbL, 0xf2122b64L, 0x8888b812L, 0x900df01cL,
+ 0x4fad5ea0L, 0x688fc31cL, 0xd1cff191L, 0xb3a8c1adL,
+ 0x2f2f2218L, 0xbe0e1777L, 0xea752dfeL, 0x8b021fa1L,
+ 0xe5a0cc0fL, 0xb56f74e8L, 0x18acf3d6L, 0xce89e299L,
+ 0xb4a84fe0L, 0xfd13e0b7L, 0x7cc43b81L, 0xd2ada8d9L,
+ 0x165fa266L, 0x80957705L, 0x93cc7314L, 0x211a1477L,
+ 0xe6ad2065L, 0x77b5fa86L, 0xc75442f5L, 0xfb9d35cfL,
+ 0xebcdaf0cL, 0x7b3e89a0L, 0xd6411bd3L, 0xae1e7e49L,
+ 0x00250e2dL, 0x2071b35eL, 0x226800bbL, 0x57b8e0afL,
+ 0x2464369bL, 0xf009b91eL, 0x5563911dL, 0x59dfa6aaL,
+ 0x78c14389L, 0xd95a537fL, 0x207d5ba2L, 0x02e5b9c5L,
+ 0x83260376L, 0x6295cfa9L, 0x11c81968L, 0x4e734a41L,
+ 0xb3472dcaL, 0x7b14a94aL, 0x1b510052L, 0x9a532915L,
+ 0xd60f573fL, 0xbc9bc6e4L, 0x2b60a476L, 0x81e67400L,
+ 0x08ba6fb5L, 0x571be91fL, 0xf296ec6bL, 0x2a0dd915L,
+ 0xb6636521L, 0xe7b9f9b6L, 0xff34052eL, 0xc5855664L,
+ 0x53b02d5dL, 0xa99f8fa1L, 0x08ba4799L, 0x6e85076aL,
+ 0x4b7a70e9L, 0xb5b32944L, 0xdb75092eL, 0xc4192623L,
+ 0xad6ea6b0L, 0x49a7df7dL, 0x9cee60b8L, 0x8fedb266L,
+ 0xecaa8c71L, 0x699a17ffL, 0x5664526cL, 0xc2b19ee1L,
+ 0x193602a5L, 0x75094c29L, 0xa0591340L, 0xe4183a3eL,
+ 0x3f54989aL, 0x5b429d65L, 0x6b8fe4d6L, 0x99f73fd6L,
+ 0xa1d29c07L, 0xefe830f5L, 0x4d2d38e6L, 0xf0255dc1L,
+ 0x4cdd2086L, 0x8470eb26L, 0x6382e9c6L, 0x021ecc5eL,
+ 0x09686b3fL, 0x3ebaefc9L, 0x3c971814L, 0x6b6a70a1L,
+ 0x687f3584L, 0x52a0e286L, 0xb79c5305L, 0xaa500737L,
+ 0x3e07841cL, 0x7fdeae5cL, 0x8e7d44ecL, 0x5716f2b8L,
+ 0xb03ada37L, 0xf0500c0dL, 0xf01c1f04L, 0x0200b3ffL,
+ 0xae0cf51aL, 0x3cb574b2L, 0x25837a58L, 0xdc0921bdL,
+ 0xd19113f9L, 0x7ca92ff6L, 0x94324773L, 0x22f54701L,
+ 0x3ae5e581L, 0x37c2dadcL, 0xc8b57634L, 0x9af3dda7L,
+ 0xa9446146L, 0x0fd0030eL, 0xecc8c73eL, 0xa4751e41L,
+ 0xe238cd99L, 0x3bea0e2fL, 0x3280bba1L, 0x183eb331L,
+ 0x4e548b38L, 0x4f6db908L, 0x6f420d03L, 0xf60a04bfL,
+ 0x2cb81290L, 0x24977c79L, 0x5679b072L, 0xbcaf89afL,
+ 0xde9a771fL, 0xd9930810L, 0xb38bae12L, 0xdccf3f2eL,
+ 0x5512721fL, 0x2e6b7124L, 0x501adde6L, 0x9f84cd87L,
+ 0x7a584718L, 0x7408da17L, 0xbc9f9abcL, 0xe94b7d8cL,
+ 0xec7aec3aL, 0xdb851dfaL, 0x63094366L, 0xc464c3d2L,
+ 0xef1c1847L, 0x3215d908L, 0xdd433b37L, 0x24c2ba16L,
+ 0x12a14d43L, 0x2a65c451L, 0x50940002L, 0x133ae4ddL,
+ 0x71dff89eL, 0x10314e55L, 0x81ac77d6L, 0x5f11199bL,
+ 0x043556f1L, 0xd7a3c76bL, 0x3c11183bL, 0x5924a509L,
+ 0xf28fe6edL, 0x97f1fbfaL, 0x9ebabf2cL, 0x1e153c6eL,
+ 0x86e34570L, 0xeae96fb1L, 0x860e5e0aL, 0x5a3e2ab3L,
+ 0x771fe71cL, 0x4e3d06faL, 0x2965dcb9L, 0x99e71d0fL,
+ 0x803e89d6L, 0x5266c825L, 0x2e4cc978L, 0x9c10b36aL,
+ 0xc6150ebaL, 0x94e2ea78L, 0xa5fc3c53L, 0x1e0a2df4L,
+ 0xf2f74ea7L, 0x361d2b3dL, 0x1939260fL, 0x19c27960L,
+ 0x5223a708L, 0xf71312b6L, 0xebadfe6eL, 0xeac31f66L,
+ 0xe3bc4595L, 0xa67bc883L, 0xb17f37d1L, 0x018cff28L,
+ 0xc332ddefL, 0xbe6c5aa5L, 0x65582185L, 0x68ab9802L,
+ 0xeecea50fL, 0xdb2f953bL, 0x2aef7dadL, 0x5b6e2f84L,
+ 0x1521b628L, 0x29076170L, 0xecdd4775L, 0x619f1510L,
+ 0x13cca830L, 0xeb61bd96L, 0x0334fe1eL, 0xaa0363cfL,
+ 0xb5735c90L, 0x4c70a239L, 0xd59e9e0bL, 0xcbaade14L,
+ 0xeecc86bcL, 0x60622ca7L, 0x9cab5cabL, 0xb2f3846eL,
+ 0x648b1eafL, 0x19bdf0caL, 0xa02369b9L, 0x655abb50L,
+ 0x40685a32L, 0x3c2ab4b3L, 0x319ee9d5L, 0xc021b8f7L,
+ 0x9b540b19L, 0x875fa099L, 0x95f7997eL, 0x623d7da8L,
+ 0xf837889aL, 0x97e32d77L, 0x11ed935fL, 0x16681281L,
+ 0x0e358829L, 0xc7e61fd6L, 0x96dedfa1L, 0x7858ba99L,
+ 0x57f584a5L, 0x1b227263L, 0x9b83c3ffL, 0x1ac24696L,
+ 0xcdb30aebL, 0x532e3054L, 0x8fd948e4L, 0x6dbc3128L,
+ 0x58ebf2efL, 0x34c6ffeaL, 0xfe28ed61L, 0xee7c3c73L,
+ 0x5d4a14d9L, 0xe864b7e3L, 0x42105d14L, 0x203e13e0L,
+ 0x45eee2b6L, 0xa3aaabeaL, 0xdb6c4f15L, 0xfacb4fd0L,
+ 0xc742f442L, 0xef6abbb5L, 0x654f3b1dL, 0x41cd2105L,
+ 0xd81e799eL, 0x86854dc7L, 0xe44b476aL, 0x3d816250L,
+ 0xcf62a1f2L, 0x5b8d2646L, 0xfc8883a0L, 0xc1c7b6a3L,
+ 0x7f1524c3L, 0x69cb7492L, 0x47848a0bL, 0x5692b285L,
+ 0x095bbf00L, 0xad19489dL, 0x1462b174L, 0x23820e00L,
+ 0x58428d2aL, 0x0c55f5eaL, 0x1dadf43eL, 0x233f7061L,
+ 0x3372f092L, 0x8d937e41L, 0xd65fecf1L, 0x6c223bdbL,
+ 0x7cde3759L, 0xcbee7460L, 0x4085f2a7L, 0xce77326eL,
+ 0xa6078084L, 0x19f8509eL, 0xe8efd855L, 0x61d99735L,
+ 0xa969a7aaL, 0xc50c06c2L, 0x5a04abfcL, 0x800bcadcL,
+ 0x9e447a2eL, 0xc3453484L, 0xfdd56705L, 0x0e1e9ec9L,
+ 0xdb73dbd3L, 0x105588cdL, 0x675fda79L, 0xe3674340L,
+ 0xc5c43465L, 0x713e38d8L, 0x3d28f89eL, 0xf16dff20L,
+ 0x153e21e7L, 0x8fb03d4aL, 0xe6e39f2bL, 0xdb83adf7L,
+ 0xe93d5a68L, 0x948140f7L, 0xf64c261cL, 0x94692934L,
+ 0x411520f7L, 0x7602d4f7L, 0xbcf46b2eL, 0xd4a20068L,
+ 0xd4082471L, 0x3320f46aL, 0x43b7d4b7L, 0x500061afL,
+ 0x1e39f62eL, 0x97244546L, 0x14214f74L, 0xbf8b8840L,
+ 0x4d95fc1dL, 0x96b591afL, 0x70f4ddd3L, 0x66a02f45L,
+ 0xbfbc09ecL, 0x03bd9785L, 0x7fac6dd0L, 0x31cb8504L,
+ 0x96eb27b3L, 0x55fd3941L, 0xda2547e6L, 0xabca0a9aL,
+ 0x28507825L, 0x530429f4L, 0x0a2c86daL, 0xe9b66dfbL,
+ 0x68dc1462L, 0xd7486900L, 0x680ec0a4L, 0x27a18deeL,
+ 0x4f3ffea2L, 0xe887ad8cL, 0xb58ce006L, 0x7af4d6b6L,
+ 0xaace1e7cL, 0xd3375fecL, 0xce78a399L, 0x406b2a42L,
+ 0x20fe9e35L, 0xd9f385b9L, 0xee39d7abL, 0x3b124e8bL,
+ 0x1dc9faf7L, 0x4b6d1856L, 0x26a36631L, 0xeae397b2L,
+ 0x3a6efa74L, 0xdd5b4332L, 0x6841e7f7L, 0xca7820fbL,
+ 0xfb0af54eL, 0xd8feb397L, 0x454056acL, 0xba489527L,
+ 0x55533a3aL, 0x20838d87L, 0xfe6ba9b7L, 0xd096954bL,
+ 0x55a867bcL, 0xa1159a58L, 0xcca92963L, 0x99e1db33L,
+ 0xa62a4a56L, 0x3f3125f9L, 0x5ef47e1cL, 0x9029317cL,
+ 0xfdf8e802L, 0x04272f70L, 0x80bb155cL, 0x05282ce3L,
+ 0x95c11548L, 0xe4c66d22L, 0x48c1133fL, 0xc70f86dcL,
+ 0x07f9c9eeL, 0x41041f0fL, 0x404779a4L, 0x5d886e17L,
+ 0x325f51ebL, 0xd59bc0d1L, 0xf2bcc18fL, 0x41113564L,
+ 0x257b7834L, 0x602a9c60L, 0xdff8e8a3L, 0x1f636c1bL,
+ 0x0e12b4c2L, 0x02e1329eL, 0xaf664fd1L, 0xcad18115L,
+ 0x6b2395e0L, 0x333e92e1L, 0x3b240b62L, 0xeebeb922L,
+ 0x85b2a20eL, 0xe6ba0d99L, 0xde720c8cL, 0x2da2f728L,
+ 0xd0127845L, 0x95b794fdL, 0x647d0862L, 0xe7ccf5f0L,
+ 0x5449a36fL, 0x877d48faL, 0xc39dfd27L, 0xf33e8d1eL,
+ 0x0a476341L, 0x992eff74L, 0x3a6f6eabL, 0xf4f8fd37L,
+ 0xa812dc60L, 0xa1ebddf8L, 0x991be14cL, 0xdb6e6b0dL,
+ 0xc67b5510L, 0x6d672c37L, 0x2765d43bL, 0xdcd0e804L,
+ 0xf1290dc7L, 0xcc00ffa3L, 0xb5390f92L, 0x690fed0bL,
+ 0x667b9ffbL, 0xcedb7d9cL, 0xa091cf0bL, 0xd9155ea3L,
+ 0xbb132f88L, 0x515bad24L, 0x7b9479bfL, 0x763bd6ebL,
+ 0x37392eb3L, 0xcc115979L, 0x8026e297L, 0xf42e312dL,
+ 0x6842ada7L, 0xc66a2b3bL, 0x12754cccL, 0x782ef11cL,
+ 0x6a124237L, 0xb79251e7L, 0x06a1bbe6L, 0x4bfb6350L,
+ 0x1a6b1018L, 0x11caedfaL, 0x3d25bdd8L, 0xe2e1c3c9L,
+ 0x44421659L, 0x0a121386L, 0xd90cec6eL, 0xd5abea2aL,
+ 0x64af674eL, 0xda86a85fL, 0xbebfe988L, 0x64e4c3feL,
+ 0x9dbc8057L, 0xf0f7c086L, 0x60787bf8L, 0x6003604dL,
+ 0xd1fd8346L, 0xf6381fb0L, 0x7745ae04L, 0xd736fcccL,
+ 0x83426b33L, 0xf01eab71L, 0xb0804187L, 0x3c005e5fL,
+ 0x77a057beL, 0xbde8ae24L, 0x55464299L, 0xbf582e61L,
+ 0x4e58f48fL, 0xf2ddfda2L, 0xf474ef38L, 0x8789bdc2L,
+ 0x5366f9c3L, 0xc8b38e74L, 0xb475f255L, 0x46fcd9b9L,
+ 0x7aeb2661L, 0x8b1ddf84L, 0x846a0e79L, 0x915f95e2L,
+ 0x466e598eL, 0x20b45770L, 0x8cd55591L, 0xc902de4cL,
+ 0xb90bace1L, 0xbb8205d0L, 0x11a86248L, 0x7574a99eL,
+ 0xb77f19b6L, 0xe0a9dc09L, 0x662d09a1L, 0xc4324633L,
+ 0xe85a1f02L, 0x09f0be8cL, 0x4a99a025L, 0x1d6efe10L,
+ 0x1ab93d1dL, 0x0ba5a4dfL, 0xa186f20fL, 0x2868f169L,
+ 0xdcb7da83L, 0x573906feL, 0xa1e2ce9bL, 0x4fcd7f52L,
+ 0x50115e01L, 0xa70683faL, 0xa002b5c4L, 0x0de6d027L,
+ 0x9af88c27L, 0x773f8641L, 0xc3604c06L, 0x61a806b5L,
+ 0xf0177a28L, 0xc0f586e0L, 0x006058aaL, 0x30dc7d62L,
+ 0x11e69ed7L, 0x2338ea63L, 0x53c2dd94L, 0xc2c21634L,
+ 0xbbcbee56L, 0x90bcb6deL, 0xebfc7da1L, 0xce591d76L,
+ 0x6f05e409L, 0x4b7c0188L, 0x39720a3dL, 0x7c927c24L,
+ 0x86e3725fL, 0x724d9db9L, 0x1ac15bb4L, 0xd39eb8fcL,
+ 0xed545578L, 0x08fca5b5L, 0xd83d7cd3L, 0x4dad0fc4L,
+ 0x1e50ef5eL, 0xb161e6f8L, 0xa28514d9L, 0x6c51133cL,
+ 0x6fd5c7e7L, 0x56e14ec4L, 0x362abfceL, 0xddc6c837L,
+ 0xd79a3234L, 0x92638212L, 0x670efa8eL, 0x406000e0L,
+ 0x3a39ce37L, 0xd3faf5cfL, 0xabc27737L, 0x5ac52d1bL,
+ 0x5cb0679eL, 0x4fa33742L, 0xd3822740L, 0x99bc9bbeL,
+ 0xd5118e9dL, 0xbf0f7315L, 0xd62d1c7eL, 0xc700c47bL,
+ 0xb78c1b6bL, 0x21a19045L, 0xb26eb1beL, 0x6a366eb4L,
+ 0x5748ab2fL, 0xbc946e79L, 0xc6a376d2L, 0x6549c2c8L,
+ 0x530ff8eeL, 0x468dde7dL, 0xd5730a1dL, 0x4cd04dc6L,
+ 0x2939bbdbL, 0xa9ba4650L, 0xac9526e8L, 0xbe5ee304L,
+ 0xa1fad5f0L, 0x6a2d519aL, 0x63ef8ce2L, 0x9a86ee22L,
+ 0xc089c2b8L, 0x43242ef6L, 0xa51e03aaL, 0x9cf2d0a4L,
+ 0x83c061baL, 0x9be96a4dL, 0x8fe51550L, 0xba645bd6L,
+ 0x2826a2f9L, 0xa73a3ae1L, 0x4ba99586L, 0xef5562e9L,
+ 0xc72fefd3L, 0xf752f7daL, 0x3f046f69L, 0x77fa0a59L,
+ 0x80e4a915L, 0x87b08601L, 0x9b09e6adL, 0x3b3ee593L,
+ 0xe990fd5aL, 0x9e34d797L, 0x2cf0b7d9L, 0x022b8b51L,
+ 0x96d5ac3aL, 0x017da67dL, 0xd1cf3ed6L, 0x7c7d2d28L,
+ 0x1f9f25cfL, 0xadf2b89bL, 0x5ad6b472L, 0x5a88f54cL,
+ 0xe029ac71L, 0xe019a5e6L, 0x47b0acfdL, 0xed93fa9bL,
+ 0xe8d3c48dL, 0x283b57ccL, 0xf8d56629L, 0x79132e28L,
+ 0x785f0191L, 0xed756055L, 0xf7960e44L, 0xe3d35e8cL,
+ 0x15056dd4L, 0x88f46dbaL, 0x03a16125L, 0x0564f0bdL,
+ 0xc3eb9e15L, 0x3c9057a2L, 0x97271aecL, 0xa93a072aL,
+ 0x1b3f6d9bL, 0x1e6321f5L, 0xf59c66fbL, 0x26dcf319L,
+ 0x7533d928L, 0xb155fdf5L, 0x03563482L, 0x8aba3cbbL,
+ 0x28517711L, 0xc20ad9f8L, 0xabcc5167L, 0xccad925fL,
+ 0x4de81751L, 0x3830dc8eL, 0x379d5862L, 0x9320f991L,
+ 0xea7a90c2L, 0xfb3e7bceL, 0x5121ce64L, 0x774fbe32L,
+ 0xa8b6e37eL, 0xc3293d46L, 0x48de5369L, 0x6413e680L,
+ 0xa2ae0810L, 0xdd6db224L, 0x69852dfdL, 0x09072166L,
+ 0xb39a460aL, 0x6445c0ddL, 0x586cdecfL, 0x1c20c8aeL,
+ 0x5bbef7ddL, 0x1b588d40L, 0xccd2017fL, 0x6bb4e3bbL,
+ 0xdda26a7eL, 0x3a59ff45L, 0x3e350a44L, 0xbcb4cdd5L,
+ 0x72eacea8L, 0xfa6484bbL, 0x8d6612aeL, 0xbf3c6f47L,
+ 0xd29be463L, 0x542f5d9eL, 0xaec2771bL, 0xf64e6370L,
+ 0x740e0d8dL, 0xe75b1357L, 0xf8721671L, 0xaf537d5dL,
+ 0x4040cb08L, 0x4eb4e2ccL, 0x34d2466aL, 0x0115af84L,
+ 0xe1b00428L, 0x95983a1dL, 0x06b89fb4L, 0xce6ea048L,
+ 0x6f3f3b82L, 0x3520ab82L, 0x011a1d4bL, 0x277227f8L,
+ 0x611560b1L, 0xe7933fdcL, 0xbb3a792bL, 0x344525bdL,
+ 0xa08839e1L, 0x51ce794bL, 0x2f32c9b7L, 0xa01fbac9L,
+ 0xe01cc87eL, 0xbcc7d1f6L, 0xcf0111c3L, 0xa1e8aac7L,
+ 0x1a908749L, 0xd44fbd9aL, 0xd0dadecbL, 0xd50ada38L,
+ 0x0339c32aL, 0xc6913667L, 0x8df9317cL, 0xe0b12b4fL,
+ 0xf79e59b7L, 0x43f5bb3aL, 0xf2d519ffL, 0x27d9459cL,
+ 0xbf97222cL, 0x15e6fc2aL, 0x0f91fc71L, 0x9b941525L,
+ 0xfae59361L, 0xceb69cebL, 0xc2a86459L, 0x12baa8d1L,
+ 0xb6c1075eL, 0xe3056a0cL, 0x10d25065L, 0xcb03a442L,
+ 0xe0ec6e0eL, 0x1698db3bL, 0x4c98a0beL, 0x3278e964L,
+ 0x9f1f9532L, 0xe0d392dfL, 0xd3a0342bL, 0x8971f21eL,
+ 0x1b0a7441L, 0x4ba3348cL, 0xc5be7120L, 0xc37632d8L,
+ 0xdf359f8dL, 0x9b992f2eL, 0xe60b6f47L, 0x0fe3f11dL,
+ 0xe54cda54L, 0x1edad891L, 0xce6279cfL, 0xcd3e7e6fL,
+ 0x1618b166L, 0xfd2c1d05L, 0x848fd2c5L, 0xf6fb2299L,
+ 0xf523f357L, 0xa6327623L, 0x93a83531L, 0x56cccd02L,
+ 0xacf08162L, 0x5a75ebb5L, 0x6e163697L, 0x88d273ccL,
+ 0xde966292L, 0x81b949d0L, 0x4c50901bL, 0x71c65614L,
+ 0xe6c6c7bdL, 0x327a140aL, 0x45e1d006L, 0xc3f27b9aL,
+ 0xc9aa53fdL, 0x62a80f00L, 0xbb25bfe2L, 0x35bdd2f6L,
+ 0x71126905L, 0xb2040222L, 0xb6cbcf7cL, 0xcd769c2bL,
+ 0x53113ec0L, 0x1640e3d3L, 0x38abbd60L, 0x2547adf0L,
+ 0xba38209cL, 0xf746ce76L, 0x77afa1c5L, 0x20756060L,
+ 0x85cbfe4eL, 0x8ae88dd8L, 0x7aaaf9b0L, 0x4cf9aa7eL,
+ 0x1948c25cL, 0x02fb8a8cL, 0x01c36ae4L, 0xd6ebe1f9L,
+ 0x90d4f869L, 0xa65cdea0L, 0x3f09252dL, 0xc208e69fL,
+ 0xb74e6132L, 0xce77e25bL, 0x578fdfe3L, 0x3ac372e6L,
+ }
+ };
+
diff --git a/crypto/bf/bf_skey.c b/crypto/bf/bf_skey.c
new file mode 100644
index 0000000..18ea37f
--- /dev/null
+++ b/crypto/bf/bf_skey.c
@@ -0,0 +1,119 @@
+/* crypto/bf/bf_skey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "blowfish.h"
+#include "bf_locl.h"
+#include "bf_pi.h"
+
+void BF_set_key(key,len,data)
+BF_KEY *key;
+int len;
+unsigned char *data;
+ {
+ int i;
+ BF_LONG *p,ri,in[2];
+ unsigned char *d,*end;
+
+
+ memcpy((char *)key,(char *)&bf_init,sizeof(BF_KEY));
+ p=key->P;
+
+ if (len > ((BF_ROUNDS+2)*4)) len=(BF_ROUNDS+2)*4;
+
+ d=data;
+ end= &(data[len]);
+ for (i=0; i<(BF_ROUNDS+2); i++)
+ {
+ ri= *(d++);
+ if (d >= end) d=data;
+
+ ri<<=8;
+ ri|= *(d++);
+ if (d >= end) d=data;
+
+ ri<<=8;
+ ri|= *(d++);
+ if (d >= end) d=data;
+
+ ri<<=8;
+ ri|= *(d++);
+ if (d >= end) d=data;
+
+ p[i]^=ri;
+ }
+
+ in[0]=0L;
+ in[1]=0L;
+ for (i=0; i<(BF_ROUNDS+2); i+=2)
+ {
+ BF_encrypt(in,key,BF_ENCRYPT);
+ p[i ]=in[0];
+ p[i+1]=in[1];
+ }
+
+ p=key->S;
+ for (i=0; i<4*256; i+=2)
+ {
+ BF_encrypt(in,key,BF_ENCRYPT);
+ p[i ]=in[0];
+ p[i+1]=in[1];
+ }
+ }
+
diff --git a/crypto/bf/bfspeed.c b/crypto/bf/bfspeed.c
new file mode 100644
index 0000000..ee20bd0
--- /dev/null
+++ b/crypto/bf/bfspeed.c
@@ -0,0 +1,285 @@
+/* crypto/bf/bfspeed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "blowfish.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+#ifndef CLK_TCK
+#ifndef VMS
+#define HZ 100.0
+#else /* VMS */
+#define HZ 100.0
+#endif
+#else /* CLK_TCK */
+#define HZ ((double)CLK_TCK)
+#endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static unsigned char key[] ={
+ 0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,
+ 0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+ };
+ BF_KEY sch;
+ double a,b,c,d;
+#ifndef SIGALRM
+ long ca,cb,cc;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ BF_set_key(&sch,16,key);
+ count=10;
+ do {
+ long i;
+ BF_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ BF_encrypt(data,&sch,BF_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count/512;
+ cb=count;
+ cc=count*8/BUFSIZE+1;
+ printf("Doing BF_set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing BF_set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count++)
+ BF_set_key(&sch,16,key);
+ d=Time_F(STOP);
+ printf("%ld blowfish set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing BF_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing BF_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count++)
+ {
+ BF_LONG data[2];
+
+ BF_encrypt(data,&sch,BF_ENCRYPT);
+ }
+ d=Time_F(STOP);
+ printf("%ld BF_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing BF_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing BF_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ BF_cbc_encrypt(buf,buf,BUFSIZE,&sch,
+ &(key[0]),BF_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld BF_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+ printf("blowfish set_key per sec = %12.2f (%7.1fuS)\n",a,1.0e6/a);
+ printf("Blowfish raw ecb bytes per sec = %12.2f (%7.1fuS)\n",b,8.0e6/b);
+ printf("Blowfish cbc bytes per sec = %12.2f (%7.1fuS)\n",c,8.0e6/c);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/crypto/bf/bftest.c b/crypto/bf/bftest.c
new file mode 100644
index 0000000..2c678e4
--- /dev/null
+++ b/crypto/bf/bftest.c
@@ -0,0 +1,521 @@
+/* crypto/bf/bftest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "blowfish.h"
+
+char *bf_key[2]={
+ "abcdefghijklmnopqrstuvwxyz",
+ "Who is John Galt?"
+ };
+
+/* big endian */
+BF_LONG bf_plain[2][2]={
+ {0x424c4f57,0x46495348},
+ {0xfedcba98,0x76543210}
+ };
+
+BF_LONG bf_cipher[2][2]={
+ {0x324ed0fe,0xf413a203},
+ {0xcc91732b,0x8022f684}
+ };
+/************/
+
+/* Lets use the DES test vectors :-) */
+#define NUM_TESTS 34
+static unsigned char ecb_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+ {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+ {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+ {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+ {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+ {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+ {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+ {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+ {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+ {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+ {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+ {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+ {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+ {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+ {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+ {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+ {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+ {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+ {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+ {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+ {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+ {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+ {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+ {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+ {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+ {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+ {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+ {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+ {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+ {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+ {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+ {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+ {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+ {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+ {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+ {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+ {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+ {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+ {0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+ {0x51,0x86,0x6F,0xD5,0xB8,0x5E,0xCB,0x8A},
+ {0x7D,0x85,0x6F,0x9A,0x61,0x30,0x63,0xF2},
+ {0x24,0x66,0xDD,0x87,0x8B,0x96,0x3C,0x9D},
+ {0x61,0xF9,0xC3,0x80,0x22,0x81,0xB0,0x96},
+ {0x7D,0x0C,0xC6,0x30,0xAF,0xDA,0x1E,0xC7},
+ {0x4E,0xF9,0x97,0x45,0x61,0x98,0xDD,0x78},
+ {0x0A,0xCE,0xAB,0x0F,0xC6,0xA0,0xA2,0x8D},
+ {0x59,0xC6,0x82,0x45,0xEB,0x05,0x28,0x2B},
+ {0xB1,0xB8,0xCC,0x0B,0x25,0x0F,0x09,0xA0},
+ {0x17,0x30,0xE5,0x77,0x8B,0xEA,0x1D,0xA4},
+ {0xA2,0x5E,0x78,0x56,0xCF,0x26,0x51,0xEB},
+ {0x35,0x38,0x82,0xB1,0x09,0xCE,0x8F,0x1A},
+ {0x48,0xF4,0xD0,0x88,0x4C,0x37,0x99,0x18},
+ {0x43,0x21,0x93,0xB7,0x89,0x51,0xFC,0x98},
+ {0x13,0xF0,0x41,0x54,0xD6,0x9D,0x1A,0xE5},
+ {0x2E,0xED,0xDA,0x93,0xFF,0xD3,0x9C,0x79},
+ {0xD8,0x87,0xE0,0x39,0x3C,0x2D,0xA6,0xE3},
+ {0x5F,0x99,0xD0,0x4F,0x5B,0x16,0x39,0x69},
+ {0x4A,0x05,0x7A,0x3B,0x24,0xD3,0x97,0x7B},
+ {0x45,0x20,0x31,0xC1,0xE4,0xFA,0xDA,0x8E},
+ {0x75,0x55,0xAE,0x39,0xF5,0x9B,0x87,0xBD},
+ {0x53,0xC5,0x5F,0x9C,0xB4,0x9F,0xC0,0x19},
+ {0x7A,0x8E,0x7B,0xFA,0x93,0x7E,0x89,0xA3},
+ {0xCF,0x9C,0x5D,0x7A,0x49,0x86,0xAD,0xB5},
+ {0xD1,0xAB,0xB2,0x90,0x65,0x8B,0xC7,0x78},
+ {0x55,0xCB,0x37,0x74,0xD1,0x3E,0xF2,0x01},
+ {0xFA,0x34,0xEC,0x48,0x47,0xB2,0x68,0xB2},
+ {0xA7,0x90,0x79,0x51,0x08,0xEA,0x3C,0xAE},
+ {0xC3,0x9E,0x07,0x2D,0x9F,0xAC,0x63,0x1D},
+ {0x01,0x49,0x33,0xE0,0xCD,0xAF,0xF6,0xE4},
+ {0xF2,0x1E,0x9A,0x77,0xB7,0x1C,0x49,0xBC},
+ {0x24,0x59,0x46,0x88,0x57,0x54,0x36,0x9A},
+ {0x6B,0x5C,0x5A,0x9C,0x5D,0x9E,0x0A,0x5A},
+ };
+
+static unsigned char cbc_key [16]={
+ 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static char cbc_data[40]="7654321 Now is the time for ";
+static unsigned char cbc_ok[32]={
+ 0x6B,0x77,0xB4,0xD6,0x30,0x06,0xDE,0xE6,
+ 0x05,0xB1,0x56,0xE2,0x74,0x03,0x97,0x93,
+ 0x58,0xDE,0xB9,0xE7,0x15,0x46,0x16,0xD9,
+ 0x59,0xF1,0x65,0x2B,0xD5,0xFF,0x92,0xCC};
+
+static unsigned char cfb64_ok[]={
+ 0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+ 0xF2,0x6E,0xCF,0x6D,0x2E,0xB9,0xE7,0x6E,
+ 0x3D,0xA3,0xDE,0x04,0xD1,0x51,0x72,0x00,
+ 0x51,0x9D,0x57,0xA6,0xC3};
+
+static unsigned char ofb64_ok[]={
+ 0xE7,0x32,0x14,0xA2,0x82,0x21,0x39,0xCA,
+ 0x62,0xB3,0x43,0xCC,0x5B,0x65,0x58,0x73,
+ 0x10,0xDD,0x90,0x8D,0x0C,0x24,0x1B,0x22,
+ 0x63,0xC2,0xCF,0x80,0xDA};
+
+#define KEY_TEST_NUM 25
+unsigned char key_test[KEY_TEST_NUM]={
+ 0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87,
+ 0x78,0x69,0x5a,0x4b,0x3c,0x2d,0x1e,0x0f,
+ 0x00,0x11,0x22,0x33,0x44,0x55,0x66,0x77,
+ 0x88};
+
+unsigned char key_data[8]=
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10};
+
+unsigned char key_out[KEY_TEST_NUM][8]={
+ {0xF9,0xAD,0x59,0x7C,0x49,0xDB,0x00,0x5E},
+ {0xE9,0x1D,0x21,0xC1,0xD9,0x61,0xA6,0xD6},
+ {0xE9,0xC2,0xB7,0x0A,0x1B,0xC6,0x5C,0xF3},
+ {0xBE,0x1E,0x63,0x94,0x08,0x64,0x0F,0x05},
+ {0xB3,0x9E,0x44,0x48,0x1B,0xDB,0x1E,0x6E},
+ {0x94,0x57,0xAA,0x83,0xB1,0x92,0x8C,0x0D},
+ {0x8B,0xB7,0x70,0x32,0xF9,0x60,0x62,0x9D},
+ {0xE8,0x7A,0x24,0x4E,0x2C,0xC8,0x5E,0x82},
+ {0x15,0x75,0x0E,0x7A,0x4F,0x4E,0xC5,0x77},
+ {0x12,0x2B,0xA7,0x0B,0x3A,0xB6,0x4A,0xE0},
+ {0x3A,0x83,0x3C,0x9A,0xFF,0xC5,0x37,0xF6},
+ {0x94,0x09,0xDA,0x87,0xA9,0x0F,0x6B,0xF2},
+ {0x88,0x4F,0x80,0x62,0x50,0x60,0xB8,0xB4},
+ {0x1F,0x85,0x03,0x1C,0x19,0xE1,0x19,0x68},
+ {0x79,0xD9,0x37,0x3A,0x71,0x4C,0xA3,0x4F},
+ {0x93,0x14,0x28,0x87,0xEE,0x3B,0xE1,0x5C},
+ {0x03,0x42,0x9E,0x83,0x8C,0xE2,0xD1,0x4B},
+ {0xA4,0x29,0x9E,0x27,0x46,0x9F,0xF6,0x7B},
+ {0xAF,0xD5,0xAE,0xD1,0xC1,0xBC,0x96,0xA8},
+ {0x10,0x85,0x1C,0x0E,0x38,0x58,0xDA,0x9F},
+ {0xE6,0xF5,0x1E,0xD7,0x9B,0x9D,0xB2,0x1F},
+ {0x64,0xA6,0xE1,0x4A,0xFD,0x36,0xB4,0x6F},
+ {0x80,0xC7,0xD7,0xD4,0x5A,0x54,0x79,0xAD},
+ {0x05,0x04,0x4B,0x62,0xFA,0x52,0xD0,0x80},
+ };
+
+#ifndef NOPROTO
+static int test(void );
+static int print_test_data(void );
+#else
+static int test();
+static int print_test_data();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int ret;
+
+ if (argc > 1)
+ ret=print_test_data();
+ else
+ ret=test();
+
+ exit(ret);
+ return(0);
+ }
+
+static int print_test_data()
+ {
+ unsigned int i,j;
+
+ printf("ecb test data\n");
+ printf("key bytes\t\tclear bytes\t\tcipher bytes\n");
+ for (i=0; i<NUM_TESTS; i++)
+ {
+ for (j=0; j<8; j++)
+ printf("%02X",ecb_data[i][j]);
+ printf("\t");
+ for (j=0; j<8; j++)
+ printf("%02X",plain_data[i][j]);
+ printf("\t");
+ for (j=0; j<8; j++)
+ printf("%02X",cipher_data[i][j]);
+ printf("\n");
+ }
+
+ printf("set_key test data\n");
+ printf("data[8]= ");
+ for (j=0; j<8; j++)
+ printf("%02X",key_data[j]);
+ printf("\n");
+ for (i=0; i<KEY_TEST_NUM-1; i++)
+ {
+ printf("c=");
+ for (j=0; j<8; j++)
+ printf("%02X",key_out[i][j]);
+ printf(" k[%2d]=",i+1);
+ for (j=0; j<i+1; j++)
+ printf("%02X",key_test[j]);
+ printf("\n");
+ }
+
+ printf("\nchaining mode test data\n");
+ printf("key[16] = ");
+ for (j=0; j<16; j++)
+ printf("%02X",cbc_key[j]);
+ printf("\niv[8] = ");
+ for (j=0; j<8; j++)
+ printf("%02X",cbc_iv[j]);
+ printf("\ndata[%d] = '%s'",strlen(cbc_data)+1,cbc_data);
+ printf("\ndata[%d] = ",strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",cbc_data[j]);
+ printf("\n");
+ printf("cbc cipher text\n");
+ printf("cipher[%d]= ",32);
+ for (j=0; j<32; j++)
+ printf("%02X",cbc_ok[j]);
+ printf("\n");
+
+ printf("cfb64 cipher text\n");
+ printf("cipher[%d]= ",strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",cfb64_ok[j]);
+ printf("\n");
+
+ printf("ofb64 cipher text\n");
+ printf("cipher[%d]= ",strlen(cbc_data)+1);
+ for (j=0; j<strlen(cbc_data)+1; j++)
+ printf("%02X",ofb64_ok[j]);
+ printf("\n");
+ return(0);
+ }
+
+static int test()
+ {
+ unsigned char cbc_in[40],cbc_out[40],iv[8];
+ int i,n,err=0;
+ BF_KEY key;
+ BF_LONG data[2];
+ unsigned char out[8];
+ BF_LONG len;
+
+ printf("testing blowfish in raw ecb mode\n");
+ for (n=0; n<2; n++)
+ {
+ BF_set_key(&key,strlen(bf_key[n]),(unsigned char *)bf_key[n]);
+
+ data[0]=bf_plain[n][0];
+ data[1]=bf_plain[n][1];
+ BF_encrypt(data,&key,BF_ENCRYPT);
+ if (memcmp(&(bf_cipher[n][0]),&(data[0]),8) != 0)
+ {
+ printf("BF_encrypt error encrypting\n");
+ printf("got :");
+ for (i=0; i<2; i++)
+ printf("%08lX ",data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<2; i++)
+ printf("%08lX ",bf_cipher[n][i]);
+ err=1;
+ printf("\n");
+ }
+
+ BF_encrypt(&(data[0]),&key,BF_DECRYPT);
+ if (memcmp(&(bf_plain[n][0]),&(data[0]),8) != 0)
+ {
+ printf("BF_encrypt error decrypting\n");
+ printf("got :");
+ for (i=0; i<2; i++)
+ printf("%08lX ",data[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<2; i++)
+ printf("%08lX ",bf_plain[n][i]);
+ printf("\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish in ecb mode\n");
+
+ for (n=0; n<NUM_TESTS; n++)
+ {
+ BF_set_key(&key,8,ecb_data[n]);
+
+ BF_ecb_encrypt(&(plain_data[n][0]),out,&key,BF_ENCRYPT);
+ if (memcmp(&(cipher_data[n][0]),out,8) != 0)
+ {
+ printf("BF_ecb_encrypt blowfish error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",cipher_data[n][i]);
+ err=1;
+ printf("\n");
+ }
+
+ BF_ecb_encrypt(out,out,&key,BF_DECRYPT);
+ if (memcmp(&(plain_data[n][0]),out,8) != 0)
+ {
+ printf("BF_ecb_encrypt error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",plain_data[n][i]);
+ printf("\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish set_key\n");
+ for (n=1; n<KEY_TEST_NUM; n++)
+ {
+ BF_set_key(&key,n,key_test);
+ BF_ecb_encrypt(key_data,out,&key,BF_ENCRYPT);
+ if (memcmp(out,&(key_out[n-1][0]),8) != 0)
+ {
+ printf("blowfish setkey error\n");
+ err=1;
+ }
+ }
+
+ printf("testing blowfish in cbc mode\n");
+ len=strlen(cbc_data)+1;
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ BF_cbc_encrypt((unsigned char *)cbc_data,cbc_out,len,
+ &key,iv,BF_ENCRYPT);
+ if (memcmp(cbc_out,cbc_ok,32) != 0)
+ {
+ err=1;
+ printf("BF_cbc_encrypt encrypt error\n");
+ for (i=0; i<32; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ memcpy(iv,cbc_iv,8);
+ BF_cbc_encrypt(cbc_out,cbc_in,len,
+ &key,iv,BF_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("BF_cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("testing blowfish in cfb64 mode\n");
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ n=0;
+ BF_cfb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,
+ &key,iv,&n,BF_ENCRYPT);
+ BF_cfb64_encrypt((unsigned char *)&(cbc_data[13]),&(cbc_out[13]),len-13,
+ &key,iv,&n,BF_ENCRYPT);
+ if (memcmp(cbc_out,cfb64_ok,(int)len) != 0)
+ {
+ err=1;
+ printf("BF_cfb64_encrypt encrypt error\n");
+ for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ n=0;
+ memcpy(iv,cbc_iv,8);
+ BF_cfb64_encrypt(cbc_out,cbc_in,17,
+ &key,iv,&n,BF_DECRYPT);
+ BF_cfb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,
+ &key,iv,&n,BF_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+ {
+ printf("BF_cfb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("testing blowfish in ofb64\n");
+
+ BF_set_key(&key,16,cbc_key);
+ memset(cbc_in,0,40);
+ memset(cbc_out,0,40);
+ memcpy(iv,cbc_iv,8);
+ n=0;
+ BF_ofb64_encrypt((unsigned char *)cbc_data,cbc_out,(long)13,&key,iv,&n);
+ BF_ofb64_encrypt((unsigned char *)&(cbc_data[13]),
+ &(cbc_out[13]),len-13,&key,iv,&n);
+ if (memcmp(cbc_out,ofb64_ok,(int)len) != 0)
+ {
+ err=1;
+ printf("BF_ofb64_encrypt encrypt error\n");
+ for (i=0; i<(int)len; i++) printf("0x%02X,",cbc_out[i]);
+ }
+ n=0;
+ memcpy(iv,cbc_iv,8);
+ BF_ofb64_encrypt(cbc_out,cbc_in,17,&key,iv,&n);
+ BF_ofb64_encrypt(&(cbc_out[17]),&(cbc_in[17]),len-17,&key,iv,&n);
+ if (memcmp(cbc_in,cbc_data,(int)len) != 0)
+ {
+ printf("BF_ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ return(err);
+ }
diff --git a/crypto/bf/blowfish.h b/crypto/bf/blowfish.h
new file mode 100644
index 0000000..24ec818
--- /dev/null
+++ b/crypto/bf/blowfish.h
@@ -0,0 +1,114 @@
+/* crypto/bf/blowfish.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BLOWFISH_H
+#define HEADER_BLOWFISH_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define BF_ENCRYPT 1
+#define BF_DECRYPT 0
+
+/* If you make this 'unsigned int' the pointer variants will work on
+ * the Alpha, otherwise they will not. Strangly using the '8 byte'
+ * BF_LONG and the default 'non-pointer' inner loop is the best configuration
+ * for the Alpha */
+#define BF_LONG unsigned long
+
+#define BF_ROUNDS 16
+#define BF_BLOCK 8
+
+typedef struct bf_key_st
+ {
+ BF_LONG P[BF_ROUNDS+2];
+ BF_LONG S[4*256];
+ } BF_KEY;
+
+#ifndef NOPROTO
+
+void BF_set_key(BF_KEY *key, int len, unsigned char *data);
+void BF_ecb_encrypt(unsigned char *in,unsigned char *out,BF_KEY *key,
+ int enc);
+void BF_encrypt(BF_LONG *data,BF_KEY *key,int enc);
+void BF_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *ks, unsigned char *iv, int enc);
+void BF_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void BF_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ BF_KEY *schedule, unsigned char *ivec, int *num);
+char *BF_options(void);
+
+#else
+
+void BF_set_key();
+void BF_ecb_encrypt();
+void BF_encrypt();
+void BF_cbc_encrypt();
+void BF_cfb64_encrypt();
+void BF_ofb64_encrypt();
+char *BF_options();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/bio/Makefile.ssl b/crypto/bio/Makefile.ssl
new file mode 100644
index 0000000..9d21a35
--- /dev/null
+++ b/crypto/bio/Makefile.ssl
@@ -0,0 +1,92 @@
+#
+# SSLeay/crypto/bio/Makefile
+#
+
+DIR= bio
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=bio
+ERRC=bio_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bio_lib.c bio_cb.c $(ERRC).c \
+ bss_mem.c bss_null.c bss_fd.c \
+ bss_file.c bss_sock.c bss_conn.c \
+ bf_null.c bf_buff.c b_print.c b_dump.c \
+ b_sock.c bss_acpt.c bf_nbio.c
+LIBOBJ= bio_lib.o bio_cb.o $(ERRC).o \
+ bss_mem.o bss_null.o bss_fd.o \
+ bss_file.o bss_sock.o bss_conn.o \
+ bf_null.o bf_buff.o b_print.o b_dump.o \
+ b_sock.o bss_acpt.o bf_nbio.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= bio.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bio/b_dump.c b/crypto/bio/b_dump.c
new file mode 100644
index 0000000..287aff2
--- /dev/null
+++ b/crypto/bio/b_dump.c
@@ -0,0 +1,125 @@
+/* crypto/bio/b_dump.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#define TRUNCATE
+#define DUMP_WIDTH 16
+
+int BIO_dump(bio,s,len)
+BIO *bio;
+char *s;
+int len;
+{
+ int ret=0;
+ char buf[160+1],tmp[20];
+ int i,j,rows,trunc;
+ unsigned char ch;
+
+ trunc=0;
+
+#ifdef TRUNCATE
+ for(; (len > 0) && ((s[len-1] == ' ') || (s[len-1] == '\0')); len--)
+ trunc++;
+#endif
+
+ rows=(len/DUMP_WIDTH);
+ if ((rows*DUMP_WIDTH)<len)
+ rows++;
+ for(i=0;i<rows;i++) {
+ buf[0]='\0'; /* start with empty string */
+ sprintf(tmp,"%04x - ",i*DUMP_WIDTH);
+ strcpy(buf,tmp);
+ for(j=0;j<DUMP_WIDTH;j++) {
+ if (((i*DUMP_WIDTH)+j)>=len) {
+ strcat(buf," ");
+ } else {
+ ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff;
+ sprintf(tmp,"%02x%c",ch,j==7?'-':' ');
+ strcat(buf,tmp);
+ }
+ }
+ strcat(buf," ");
+ for(j=0;j<DUMP_WIDTH;j++) {
+ if (((i*DUMP_WIDTH)+j)>=len)
+ break;
+ ch=((unsigned char)*((char *)(s)+i*DUMP_WIDTH+j)) & 0xff;
+ sprintf(tmp,"%c",((ch>=' ')&&(ch<='~'))?ch:'.');
+ strcat(buf,tmp);
+ }
+ strcat(buf,"\n");
+ /* if this is the last call then update the ddt_dump thing so that
+ * we will move the selection point in the debug window
+ */
+ ret+=BIO_write(bio,(char *)buf,strlen(buf));
+ }
+#ifdef TRUNCATE
+ if (trunc > 0) {
+ sprintf(buf,"%04x - <SPACES/NULS>\n",len+trunc);
+ ret+=BIO_write(bio,(char *)buf,strlen(buf));
+ }
+#endif
+ return(ret);
+}
+
diff --git a/crypto/bio/b_print.c b/crypto/bio/b_print.c
new file mode 100644
index 0000000..0296296
--- /dev/null
+++ b/crypto/bio/b_print.c
@@ -0,0 +1,92 @@
+/* crypto/bio/b_print.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Stolen from tjh's ssl/ssl_trc.c stuff.
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+int BIO_printf ( VAR_PLIST( BIO *, bio ) )
+VAR_ALIST
+ {
+ VAR_BDEFN(args, BIO *, bio);
+ char *format;
+ int ret;
+ MS_STATIC char hugebuf[1024*2]; /* 10k in one chunk is the limit */
+
+ VAR_INIT(args, BIO *, bio);
+ VAR_ARG(args, char *, format);
+
+ hugebuf[0]='\0';
+
+/* no-one uses _doprnt anymore and it appears to be broken under SunOS 4.1.4 */
+#if 0 && defined(sun) && !defined(VAR_ANSI) /**/
+ _doprnt(hugebuf,format,args);
+#else /* !sun */
+ vsprintf(hugebuf,format,args);
+#endif /* sun */
+
+ ret=BIO_write(bio,hugebuf,strlen(hugebuf));
+
+ VAR_END( args );
+ return(ret);
+ }
+
diff --git a/crypto/bio/b_sock.c b/crypto/bio/b_sock.c
new file mode 100644
index 0000000..adab621
--- /dev/null
+++ b/crypto/bio/b_sock.c
@@ -0,0 +1,512 @@
+/* crypto/bio/b_sock.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+#ifdef WINDOWS
+static int wsa_init_done=0;
+#endif
+
+unsigned long BIO_ghbn_hits=0L;
+unsigned long BIO_ghbn_miss=0L;
+
+#ifndef NOPROTO
+static int get_ip(char *str,unsigned char *ip);
+#else
+static int get_ip();
+#endif
+
+int BIO_get_host_ip(str,ip)
+char *str;
+unsigned char *ip;
+ {
+ int i;
+ struct hostent *he;
+
+ i=get_ip(str,ip);
+ if (i > 0) return(1);
+ if (i < 0)
+ {
+ BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_INVALID_IP_ADDRESS);
+ return(0);
+ }
+ else
+ { /* do a gethostbyname */
+ if (!BIO_sock_init()) return(0);
+
+ he=BIO_gethostbyname(str);
+ if (he == NULL)
+ {
+ BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_BAD_HOSTNAME_LOOKUP);
+ return(0);
+ }
+
+ /* cast to short because of win16 winsock definition */
+ if ((short)he->h_addrtype != AF_INET)
+ {
+ BIOerr(BIO_F_BIO_GET_HOST_IP,BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET);
+ return(0);
+ }
+ for (i=0; i<4; i++)
+ ip[i]=he->h_addr_list[0][i];
+ }
+ return(1);
+ }
+
+int BIO_get_port(str,port_ptr)
+char *str;
+short *port_ptr;
+ {
+ int i;
+ struct servent *s;
+
+ if (str == NULL)
+ {
+ BIOerr(BIO_F_BIO_GET_PORT,BIO_R_NO_PORT_DEFINED);
+ return(0);
+ }
+ i=atoi(str);
+ if (i != 0)
+ *port_ptr=(unsigned short)i;
+ else
+ {
+ s=getservbyname(str,"tcp");
+ if (s == NULL)
+ {
+ if (strcmp(str,"http") == 0)
+ *port_ptr=80;
+ else if (strcmp(str,"telnet") == 0)
+ *port_ptr=23;
+ else if (strcmp(str,"socks") == 0)
+ *port_ptr=1080;
+ else if (strcmp(str,"https") == 0)
+ *port_ptr=443;
+ else if (strcmp(str,"ssl") == 0)
+ *port_ptr=443;
+ else if (strcmp(str,"ftp") == 0)
+ *port_ptr=21;
+ else if (strcmp(str,"gopher") == 0)
+ *port_ptr=70;
+#if 0
+ else if (strcmp(str,"wais") == 0)
+ *port_ptr=21;
+#endif
+ else
+ {
+ SYSerr(SYS_F_GETSERVBYNAME,errno);
+ return(0);
+ }
+ return(1);
+ }
+ *port_ptr=htons((unsigned short)s->s_port);
+ }
+ return(1);
+ }
+
+int BIO_sock_error(sock)
+int sock;
+ {
+ int j,i,size;
+
+ size=sizeof(int);
+
+ i=getsockopt(sock,SOL_SOCKET,SO_ERROR,(char *)&j,&size);
+ if (i < 0)
+ return(1);
+ else
+ return(j);
+ }
+
+#define GHBN_NUM 4
+static struct ghbn_cache_st
+ {
+ char name[128];
+ struct hostent ent;
+ unsigned long order;
+ } ghbn_cache[GHBN_NUM];
+
+struct hostent *BIO_gethostbyname(name)
+char *name;
+ {
+ struct hostent *ret;
+ int i,lowi=0;
+ unsigned long low= (unsigned long)-1;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
+ if (strlen(name) < 128)
+ {
+ for (i=0; i<GHBN_NUM; i++)
+ {
+ if (low > ghbn_cache[i].order)
+ {
+ low=ghbn_cache[i].order;
+ lowi=i;
+ }
+ if (ghbn_cache[i].order > 0)
+ {
+ if (strncmp(name,ghbn_cache[i].name,128) == 0)
+ break;
+ }
+ }
+ }
+ else
+ i=GHBN_NUM;
+
+ if (i == GHBN_NUM) /* no hit*/
+ {
+ BIO_ghbn_miss++;
+ ret=gethostbyname(name);
+ if (ret == NULL) return(NULL);
+ /* else add to cache */
+ strncpy(ghbn_cache[lowi].name,name,128);
+ memcpy((char *)&(ghbn_cache[lowi].ent),ret,sizeof(struct hostent));
+ ghbn_cache[lowi].order=BIO_ghbn_miss+BIO_ghbn_hits;
+ }
+ else
+ {
+ BIO_ghbn_hits++;
+ ret= &(ghbn_cache[i].ent);
+ ghbn_cache[i].order=BIO_ghbn_miss+BIO_ghbn_hits;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_BIO_GETHOSTBYNAME);
+ return(ret);
+ }
+
+int BIO_sock_init()
+ {
+#ifdef WINDOWS
+ static struct WSAData wsa_state;
+
+ if (!wsa_init_done)
+ {
+ int err;
+
+#ifdef SIGINT
+ signal(SIGINT,(void (*)(int))BIO_sock_cleanup);
+#endif
+ wsa_init_done=1;
+ memset(&wsa_state,0,sizeof(wsa_state));
+ if (WSAStartup(0x0101,&wsa_state)!=0)
+ {
+ err=WSAGetLastError();
+ SYSerr(SYS_F_WSASTARTUP,err);
+ BIOerr(BIO_F_BIO_SOCK_INIT,BIO_R_WSASTARTUP);
+ return(-1);
+ }
+ }
+#endif /* WINDOWS */
+ return(1);
+ }
+
+void BIO_sock_cleanup()
+ {
+#ifdef WINDOWS
+ if (wsa_init_done)
+ {
+ wsa_init_done=0;
+ WSACancelBlockingCall();
+ WSACleanup();
+ }
+#endif
+ }
+
+int BIO_socket_ioctl(fd,type,arg)
+int fd;
+long type;
+unsigned long *arg;
+ {
+ int i,err;
+
+#ifdef WINDOWS
+ i=ioctlsocket(fd,type,arg);
+#else
+ i=ioctl(fd,type,arg);
+#endif
+ if (i < 0)
+ {
+#ifdef WINDOWS
+ err=WSAGetLastError();
+#else
+ err=errno;
+#endif
+ SYSerr(SYS_F_IOCTLSOCKET,err);
+ }
+ return(i);
+ }
+
+/* The reason I have implemented this instead of using sscanf is because
+ * Visual C 1.52c gives an unresolved external when linking a DLL :-( */
+static int get_ip(str,ip)
+char *str;
+unsigned char ip[4];
+ {
+ unsigned int tmp[4];
+ int num=0,c,ok=0;
+
+ tmp[0]=tmp[1]=tmp[2]=tmp[3]=0;
+
+ for (;;)
+ {
+ c= *(str++);
+ if ((c >= '0') && (c <= '9'))
+ {
+ ok=1;
+ tmp[num]=tmp[num]*10+c-'0';
+ if (tmp[num] > 255) return(-1);
+ }
+ else if (c == '.')
+ {
+ if (!ok) return(-1);
+ if (num == 3) break;
+ num++;
+ ok=0;
+ }
+ else if ((num == 3) && ok)
+ break;
+ else
+ return(0);
+ }
+ ip[0]=tmp[0];
+ ip[1]=tmp[1];
+ ip[2]=tmp[2];
+ ip[3]=tmp[3];
+ return(1);
+ }
+
+int BIO_get_accept_socket(host)
+char *host;
+ {
+ int ret=0;
+ struct sockaddr_in server;
+ int s= -1;
+ unsigned char ip[4];
+ short port;
+ char *str,*h,*p,*e;
+ unsigned long l;
+
+ if (!BIO_sock_init()) return(INVALID_SOCKET);
+
+ if ((str=BUF_strdup(host)) == NULL) return(INVALID_SOCKET);
+
+ h=p=NULL;
+ h=str;
+ for (e=str; *e; e++)
+ {
+ if (*e == ':')
+ {
+ p= &(e[1]);
+ *e='\0';
+ }
+ else if (*e == '/')
+ {
+ *e='\0';
+ break;
+ }
+ }
+
+ if (p == NULL)
+ {
+ p=h;
+ h="*";
+ }
+
+ if (!BIO_get_port(p,&port)) return(INVALID_SOCKET);
+
+ memset((char *)&server,0,sizeof(server));
+ server.sin_family=AF_INET;
+ server.sin_port=htons((unsigned short)port);
+
+ if (strcmp(h,"*") == 0)
+ server.sin_addr.s_addr=INADDR_ANY;
+ else
+ {
+ if (!BIO_get_host_ip(h,&(ip[0]))) return(INVALID_SOCKET);
+ l=(unsigned long)
+ ((unsigned long)ip[0]<<24L)|
+ ((unsigned long)ip[0]<<16L)|
+ ((unsigned long)ip[0]<< 8L)|
+ ((unsigned long)ip[0]);
+ server.sin_addr.s_addr=htonl(l);
+ }
+
+ s=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (s == INVALID_SOCKET)
+ {
+#ifdef WINDOWS
+ errno=WSAGetLastError();
+#endif
+ SYSerr(SYS_F_SOCKET,errno);
+ BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
+ goto err;
+ }
+ if (bind(s,(struct sockaddr *)&server,sizeof(server)) == -1)
+ {
+#ifdef WINDOWS
+ errno=WSAGetLastError();
+#endif
+ SYSerr(SYS_F_BIND,errno);
+ BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_BIND_SOCKET);
+ goto err;
+ }
+ if (listen(s,5) == -1)
+ {
+#ifdef WINDOWS
+ errno=WSAGetLastError();
+#endif
+ SYSerr(SYS_F_LISTEN,errno);
+ BIOerr(BIO_F_BIO_GET_ACCEPT_SOCKET,BIO_R_UNABLE_TO_LISTEN_SOCKET);
+ goto err;
+ }
+ ret=1;
+err:
+ if (str != NULL) Free(str);
+ if ((ret == 0) && (s != INVALID_SOCKET))
+ {
+#ifdef WINDOWS
+ closesocket(s);
+#else
+ close(s);
+#endif
+ s= INVALID_SOCKET;
+ }
+ return(s);
+ }
+
+int BIO_accept(sock,addr)
+int sock;
+char **addr;
+ {
+ int ret=INVALID_SOCKET;
+ static struct sockaddr_in from;
+ unsigned long l;
+ short port;
+ int len;
+ char *p;
+
+ memset((char *)&from,0,sizeof(from));
+ len=sizeof(from);
+ ret=accept(sock,(struct sockaddr *)&from,&len);
+ if (ret == INVALID_SOCKET)
+ {
+#ifdef WINDOWS
+ errno=WSAGetLastError();
+#endif
+ SYSerr(SYS_F_ACCEPT,errno);
+ BIOerr(BIO_F_BIO_ACCEPT,BIO_R_ACCEPT_ERROR);
+ goto end;
+ }
+
+ if (addr == NULL) goto end;
+
+ l=ntohl(from.sin_addr.s_addr);
+ port=ntohs(from.sin_port);
+ if (*addr == NULL)
+ {
+ if ((p=Malloc(24)) == NULL)
+ {
+ BIOerr(BIO_F_BIO_ACCEPT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ *addr=p;
+ }
+ sprintf(*addr,"%d.%d.%d.%d:%d",
+ (unsigned char)(l>>24L)&0xff,
+ (unsigned char)(l>>16L)&0xff,
+ (unsigned char)(l>> 8L)&0xff,
+ (unsigned char)(l )&0xff,
+ port);
+end:
+ return(ret);
+ }
+
+int BIO_set_tcp_ndelay(s,on)
+int s;
+int on;
+ {
+ int ret=0;
+#if defined(TCP_NODELAY) && (defined(IPPROTO_TCP) || defined(SOL_TCP))
+ int opt;
+
+#ifdef SOL_TCP
+ opt=SOL_TCP;
+#else
+#ifdef IPPROTO_TCP
+ opt=IPPROTO_TCP;
+#endif
+#endif
+
+ ret=setsockopt(s,opt,TCP_NODELAY,(char *)&on,sizeof(on));
+#endif
+ return(ret == 0);
+ }
+#endif
+
diff --git a/crypto/bio/bf_buff.c b/crypto/bio/bf_buff.c
new file mode 100644
index 0000000..ac3ba14
--- /dev/null
+++ b/crypto/bio/bf_buff.c
@@ -0,0 +1,489 @@
+/* crypto/bio/bf_buff.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int buffer_write(BIO *h,char *buf,int num);
+static int buffer_read(BIO *h,char *buf,int size);
+static int buffer_puts(BIO *h,char *str);
+static int buffer_gets(BIO *h,char *str,int size);
+static long buffer_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int buffer_new(BIO *h);
+static int buffer_free(BIO *data);
+#else
+static int buffer_write();
+static int buffer_read();
+static int buffer_puts();
+static int buffer_gets();
+static long buffer_ctrl();
+static int buffer_new();
+static int buffer_free();
+#endif
+
+#define DEFAULT_BUFFER_SIZE 1024
+
+static BIO_METHOD methods_buffer=
+ {
+ BIO_TYPE_BUFFER,"buffer",
+ buffer_write,
+ buffer_read,
+ buffer_puts,
+ buffer_gets,
+ buffer_ctrl,
+ buffer_new,
+ buffer_free,
+ };
+
+BIO_METHOD *BIO_f_buffer()
+ {
+ return(&methods_buffer);
+ }
+
+static int buffer_new(bi)
+BIO *bi;
+ {
+ BIO_F_BUFFER_CTX *ctx;
+
+ ctx=(BIO_F_BUFFER_CTX *)Malloc(sizeof(BIO_F_BUFFER_CTX));
+ if (ctx == NULL) return(0);
+ ctx->ibuf=(char *)Malloc(DEFAULT_BUFFER_SIZE);
+ if (ctx->ibuf == NULL) { Free(ctx); return(0); }
+ ctx->obuf=(char *)Malloc(DEFAULT_BUFFER_SIZE);
+ if (ctx->obuf == NULL) { Free(ctx->ibuf); Free(ctx); return(0); }
+ ctx->ibuf_size=DEFAULT_BUFFER_SIZE;
+ ctx->obuf_size=DEFAULT_BUFFER_SIZE;
+ ctx->ibuf_len=0;
+ ctx->ibuf_off=0;
+ ctx->obuf_len=0;
+ ctx->obuf_off=0;
+
+ bi->init=1;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int buffer_free(a)
+BIO *a;
+ {
+ BIO_F_BUFFER_CTX *b;
+
+ if (a == NULL) return(0);
+ b=(BIO_F_BUFFER_CTX *)a->ptr;
+ if (b->ibuf != NULL) Free(b->ibuf);
+ if (b->obuf != NULL) Free(b->obuf);
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int buffer_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int i,num=0;
+ BIO_F_BUFFER_CTX *ctx;
+
+ if (out == NULL) return(0);
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+ num=0;
+ BIO_clear_retry_flags(b);
+
+start:
+ i=ctx->ibuf_len;
+ /* If there is stuff left over, grab it */
+ if (i != 0)
+ {
+ if (i > outl) i=outl;
+ memcpy(out,&(ctx->ibuf[ctx->ibuf_off]),i);
+ ctx->ibuf_off+=i;
+ ctx->ibuf_len-=i;
+ num+=i;
+ if (outl == i) return(num);
+ outl-=i;
+ out+=i;
+ }
+
+ /* We may have done a partial read. try to do more.
+ * We have nothing in the buffer.
+ * If we get an error and have read some data, just return it
+ * and let them retry to get the error again.
+ * copy direct to parent address space */
+ if (outl > ctx->ibuf_size)
+ {
+ for (;;)
+ {
+ i=BIO_read(b->next_bio,out,outl);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ num+=i;
+ if (outl == i) return(num);
+ out+=i;
+ outl-=i;
+ }
+ }
+ /* else */
+
+ /* we are going to be doing some buffering */
+ i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=i;
+
+ /* Lets re-read using ourselves :-) */
+ goto start;
+ }
+
+static int buffer_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int i,num=0;
+ BIO_F_BUFFER_CTX *ctx;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ BIO_clear_retry_flags(b);
+start:
+ i=ctx->obuf_size-(ctx->obuf_len+ctx->obuf_off);
+ /* add to buffer and return */
+ if (i >= inl)
+ {
+ memcpy(&(ctx->obuf[ctx->obuf_len]),in,inl);
+ ctx->obuf_len+=inl;
+ return(num+inl);
+ }
+ /* else */
+ /* stuff already in buffer, so add to it first, then flush */
+ if (ctx->obuf_len != 0)
+ {
+ if (i > 0) /* lets fill it up if we can */
+ {
+ memcpy(&(ctx->obuf[ctx->obuf_len]),in,i);
+ in+=i;
+ inl-=i;
+ num+=i;
+ ctx->obuf_len+=i;
+ }
+ /* we now have a full buffer needing flushing */
+ for (;;)
+ {
+ i=BIO_write(b->next_bio,&(ctx->obuf[ctx->obuf_off]),
+ ctx->obuf_len);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ ctx->obuf_off+=i;
+ ctx->obuf_len-=i;
+ if (ctx->obuf_len == 0) break;
+ }
+ }
+ /* we only get here if the buffer has been flushed and we
+ * still have stuff to write */
+ ctx->obuf_off=0;
+
+ /* we now have inl bytes to write */
+ while (inl >= ctx->obuf_size)
+ {
+ i=BIO_write(b->next_bio,in,inl);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ num+=i;
+ in+=i;
+ inl-=i;
+ if (inl == 0) return(num);
+ }
+
+ /* copy the rest into the buffer since we have only a small
+ * amount left */
+ goto start;
+ }
+
+static long buffer_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ BIO_F_BUFFER_CTX *ctx;
+ long ret=1;
+ char *p1,*p2;
+ int r,i,*ip;
+ int ibs,obs;
+
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=0;
+ ctx->obuf_off=0;
+ ctx->obuf_len=0;
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_INFO:
+ ret=(long)ctx->obuf_len;
+ break;
+ case BIO_C_GET_BUFF_NUM_LINES:
+ ret=0;
+ p1=ctx->ibuf;
+ for (i=ctx->ibuf_off; i<ctx->ibuf_len; i++)
+ {
+ if (p1[i] == '\n') ret++;
+ }
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=(long)ctx->obuf_len;
+ if (ret == 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING:
+ ret=(long)ctx->ibuf_len;
+ if (ret == 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_C_SET_BUFF_SIZE:
+ if (ptr != NULL)
+ {
+ ip=(int *)ptr;
+ if (*ip == 0)
+ {
+ ibs=(int)num;
+ obs=ctx->obuf_size;
+ }
+ else /* if (*ip == 1) */
+ {
+ ibs=ctx->ibuf_size;
+ obs=(int)num;
+ }
+ }
+ else
+ {
+ ibs=(int)num;
+ obs=(int)num;
+ }
+ p1=ctx->ibuf;
+ p2=ctx->obuf;
+ if ((ibs > DEFAULT_BUFFER_SIZE) && (ibs != ctx->ibuf_size))
+ {
+ p1=(char *)Malloc((int)num);
+ if (p1 == NULL) { ret=0; break; }
+ }
+ if ((obs > DEFAULT_BUFFER_SIZE) && (obs != ctx->obuf_size))
+ {
+ p2=(char *)Malloc((int)num);
+ if (p2 == NULL)
+ {
+ ret=0;
+ if (p1 != ctx->ibuf) Free(p1);
+ break;
+ }
+ }
+ if (ctx->ibuf != p1)
+ {
+ Free(ctx->ibuf);
+ ctx->ibuf=p1;
+ ctx->ibuf_off=0;
+ ctx->ibuf_len=0;
+ ctx->ibuf_size=ibs;
+ }
+ if (ctx->obuf != p2)
+ {
+ Free(ctx->obuf);
+ ctx->obuf=p2;
+ ctx->obuf_off=0;
+ ctx->obuf_len=0;
+ ctx->obuf_size=obs;
+ }
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_CTRL_FLUSH:
+ if (ctx->obuf_len <= 0)
+ break;
+
+ for (;;)
+ {
+ BIO_clear_retry_flags(b);
+ if (ctx->obuf_len > ctx->obuf_off)
+ {
+ r=BIO_write(b->next_bio,
+ &(ctx->obuf[ctx->obuf_off]),
+ ctx->obuf_len-ctx->obuf_off);
+#if 0
+fprintf(stderr,"FLUSH [%3d] %3d -> %3d\n",ctx->obuf_off,ctx->obuf_len-ctx->obuf_off,r);
+#endif
+ BIO_copy_next_retry(b);
+ if (r <= 0) return((long)r);
+ ctx->obuf_off+=r;
+ }
+ else
+ {
+ ctx->obuf_len=0;
+ ctx->obuf_off=0;
+ ret=1;
+ break;
+ }
+ }
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if ( !BIO_set_read_buffer_size(dbio,ctx->ibuf_size) ||
+ !BIO_set_write_buffer_size(dbio,ctx->obuf_size))
+ ret=0;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+static int buffer_gets(b,buf,size)
+BIO *b;
+char *buf;
+int size;
+ {
+ BIO_F_BUFFER_CTX *ctx;
+ int num=0,i;
+ char *p;
+
+ ctx=(BIO_F_BUFFER_CTX *)b->ptr;
+ size--;
+ BIO_clear_retry_flags(b);
+
+ for (;;)
+ {
+ if (ctx->ibuf_len != 0)
+ {
+ p= &(ctx->ibuf[ctx->ibuf_off]);
+ for (i=0; (i<ctx->ibuf_len) && (i<(size-1)); i++)
+ {
+ *(buf++)=p[i];
+ if (p[i] == '\n') break;
+ }
+ num+=i;
+ size-=i;
+ ctx->ibuf_len-=i;
+ ctx->ibuf_off+=i;
+ if (p[i] == '\n')
+ {
+ buf[i+1]='\0';
+ ctx->ibuf_len--;
+ ctx->ibuf_off++;
+ return(num);
+ }
+ }
+ else /* read another chunk */
+ {
+ i=BIO_read(b->next_bio,ctx->ibuf,ctx->ibuf_size);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ if (i < 0) return((num > 0)?num:i);
+ if (i == 0) return(num);
+ }
+ ctx->ibuf_len=i;
+ ctx->ibuf_off=0;
+ }
+ }
+ }
+
+static int buffer_puts(b,str)
+BIO *b;
+char *str;
+ {
+ return(BIO_write(b,str,strlen(str)));
+ }
+
diff --git a/crypto/bio/bf_nbio.c b/crypto/bio/bf_nbio.c
new file mode 100644
index 0000000..b493100
--- /dev/null
+++ b/crypto/bio/bf_nbio.c
@@ -0,0 +1,266 @@
+/* crypto/bio/bf_nbio.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "bio.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int nbiof_write(BIO *h,char *buf,int num);
+static int nbiof_read(BIO *h,char *buf,int size);
+static int nbiof_puts(BIO *h,char *str);
+static int nbiof_gets(BIO *h,char *str,int size);
+static long nbiof_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int nbiof_new(BIO *h);
+static int nbiof_free(BIO *data);
+#else
+static int nbiof_write();
+static int nbiof_read();
+static int nbiof_puts();
+static int nbiof_gets();
+static long nbiof_ctrl();
+static int nbiof_new();
+static int nbiof_free();
+#endif
+
+typedef struct nbio_test_st
+ {
+ /* only set if we sent a 'should retry' error */
+ int lrn;
+ int lwn;
+ } NBIO_TEST;
+
+static BIO_METHOD methods_nbiof=
+ {
+ BIO_TYPE_NBIO_TEST,"non-blocking IO test filter",
+ nbiof_write,
+ nbiof_read,
+ nbiof_puts,
+ nbiof_gets,
+ nbiof_ctrl,
+ nbiof_new,
+ nbiof_free,
+ };
+
+BIO_METHOD *BIO_f_nbio_test()
+ {
+ return(&methods_nbiof);
+ }
+
+static int nbiof_new(bi)
+BIO *bi;
+ {
+ NBIO_TEST *nt;
+
+ nt=(NBIO_TEST *)Malloc(sizeof(NBIO_TEST));
+ nt->lrn= -1;
+ nt->lwn= -1;
+ bi->ptr=(char *)nt;
+ bi->init=1;
+ bi->flags=0;
+ return(1);
+ }
+
+static int nbiof_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->ptr != NULL)
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int nbiof_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ NBIO_TEST *nt;
+ int ret=0;
+#if 0
+ int num;
+ unsigned char n;
+#endif
+
+ if (out == NULL) return(0);
+ if (b->next_bio == NULL) return(0);
+ nt=(NBIO_TEST *)b->ptr;
+
+ BIO_clear_retry_flags(b);
+#if 0
+ RAND_bytes(&n,1);
+ num=(n&0x07);
+
+ if (outl > num) outl=num;
+
+ if (num == 0)
+ {
+ ret= -1;
+ BIO_set_retry_read(b);
+ }
+ else
+#endif
+ {
+ ret=BIO_read(b->next_bio,out,outl);
+ if (ret < 0)
+ BIO_copy_next_retry(b);
+ }
+ return(ret);
+ }
+
+static int nbiof_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ NBIO_TEST *nt;
+ int ret=0;
+ int num;
+ unsigned char n;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ if (b->next_bio == NULL) return(0);
+ nt=(NBIO_TEST *)b->ptr;
+
+ BIO_clear_retry_flags(b);
+
+#if 1
+ if (nt->lwn > 0)
+ {
+ num=nt->lwn;
+ nt->lwn=0;
+ }
+ else
+ {
+ RAND_bytes(&n,1);
+ num=(n&7);
+ }
+
+ if (inl > num) inl=num;
+
+ if (num == 0)
+ {
+ ret= -1;
+ BIO_set_retry_write(b);
+ }
+ else
+#endif
+ {
+ ret=BIO_write(b->next_bio,in,inl);
+ if (ret < 0)
+ {
+ BIO_copy_next_retry(b);
+ nt->lwn=inl;
+ }
+ }
+ return(ret);
+ }
+
+static long nbiof_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret;
+
+ if (b->next_bio == NULL) return(0);
+ switch (cmd)
+ {
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_DUP:
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+static int nbiof_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_gets(bp->next_bio,buf,size));
+ }
+
+
+static int nbiof_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_puts(bp->next_bio,str));
+ }
+
+
diff --git a/crypto/bio/bf_null.c b/crypto/bio/bf_null.c
new file mode 100644
index 0000000..9864f4a
--- /dev/null
+++ b/crypto/bio/bf_null.c
@@ -0,0 +1,194 @@
+/* crypto/bio/bf_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int nullf_write(BIO *h,char *buf,int num);
+static int nullf_read(BIO *h,char *buf,int size);
+static int nullf_puts(BIO *h,char *str);
+static int nullf_gets(BIO *h,char *str,int size);
+static long nullf_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int nullf_new(BIO *h);
+static int nullf_free(BIO *data);
+#else
+static int nullf_write();
+static int nullf_read();
+static int nullf_puts();
+static int nullf_gets();
+static long nullf_ctrl();
+static int nullf_new();
+static int nullf_free();
+#endif
+
+static BIO_METHOD methods_nullf=
+ {
+ BIO_TYPE_NULL_FILTER,"NULL filter",
+ nullf_write,
+ nullf_read,
+ nullf_puts,
+ nullf_gets,
+ nullf_ctrl,
+ nullf_new,
+ nullf_free,
+ };
+
+BIO_METHOD *BIO_f_null()
+ {
+ return(&methods_nullf);
+ }
+
+static int nullf_new(bi)
+BIO *bi;
+ {
+ bi->init=1;
+ bi->ptr=NULL;
+ bi->flags=0;
+ return(1);
+ }
+
+static int nullf_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+/* a->ptr=NULL;
+ a->init=0;
+ a->flags=0;*/
+ return(1);
+ }
+
+static int nullf_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (out == NULL) return(0);
+ if (b->next_bio == NULL) return(0);
+ ret=BIO_read(b->next_bio,out,outl);
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static int nullf_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ if (b->next_bio == NULL) return(0);
+ ret=BIO_write(b->next_bio,in,inl);
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long nullf_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret;
+
+ if (b->next_bio == NULL) return(0);
+ switch(cmd)
+ {
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_DUP:
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ }
+ return(ret);
+ }
+
+static int nullf_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_gets(bp->next_bio,buf,size));
+ }
+
+
+static int nullf_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ if (bp->next_bio == NULL) return(0);
+ return(BIO_puts(bp->next_bio,str));
+ }
+
+
diff --git a/crypto/bio/bio.err b/crypto/bio/bio.err
new file mode 100644
index 0000000..3363971
--- /dev/null
+++ b/crypto/bio/bio.err
@@ -0,0 +1,43 @@
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+#define BIO_F_ACPT_STATE 100
+#define BIO_F_BIO_ACCEPT 101
+#define BIO_F_BIO_CTRL 102
+#define BIO_F_BIO_GETS 103
+#define BIO_F_BIO_GET_ACCEPT_SOCKET 104
+#define BIO_F_BIO_GET_HOST_IP 105
+#define BIO_F_BIO_GET_PORT 106
+#define BIO_F_BIO_NEW 107
+#define BIO_F_BIO_NEW_FILE 108
+#define BIO_F_BIO_PUTS 109
+#define BIO_F_BIO_READ 110
+#define BIO_F_BIO_SOCK_INIT 111
+#define BIO_F_BIO_WRITE 112
+#define BIO_F_CONN_STATE 113
+#define BIO_F_FILE_CTRL 114
+#define BIO_F_MEM_WRITE 115
+#define BIO_F_WSASTARTUP 116
+
+/* Reason codes. */
+#define BIO_R_ACCEPT_ERROR 100
+#define BIO_R_BAD_FOPEN_MODE 101
+#define BIO_R_BAD_HOSTNAME_LOOKUP 102
+#define BIO_R_CONNECT_ERROR 103
+#define BIO_R_ERROR_SETTING_NBIO 104
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+#define BIO_R_INVALID_IP_ADDRESS 108
+#define BIO_R_NBIO_CONNECT_ERROR 109
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 110
+#define BIO_R_NO_HOSTHNAME_SPECIFIED 111
+#define BIO_R_NO_PORT_DEFINED 112
+#define BIO_R_NO_PORT_SPECIFIED 113
+#define BIO_R_NULL_PARAMETER 114
+#define BIO_R_UNABLE_TO_BIND_SOCKET 115
+#define BIO_R_UNABLE_TO_CREATE_SOCKET 116
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET 117
+#define BIO_R_UNINITALISED 118
+#define BIO_R_UNSUPPORTED_METHOD 119
+#define BIO_R_WSASTARTUP 120
diff --git a/crypto/bio/bio.h b/crypto/bio/bio.h
new file mode 100644
index 0000000..0b2c6e7
--- /dev/null
+++ b/crypto/bio/bio.h
@@ -0,0 +1,597 @@
+/* crypto/bio/bio.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BIO_H
+#define HEADER_BIO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* These are the 'types' of BIOs */
+#define BIO_TYPE_NONE 0
+#define BIO_TYPE_MEM (1|0x0400)
+#define BIO_TYPE_FILE (2|0x0400)
+
+#define BIO_TYPE_FD (4|0x0400|0x0100)
+#define BIO_TYPE_SOCKET (5|0x0400|0x0100)
+#define BIO_TYPE_NULL (6|0x0400)
+#define BIO_TYPE_SSL (7|0x0200)
+#define BIO_TYPE_MD (8|0x0200) /* pasive filter */
+#define BIO_TYPE_BUFFER (9|0x0200) /* filter */
+#define BIO_TYPE_CIPHER (10|0x0200) /* filter */
+#define BIO_TYPE_BASE64 (11|0x0200) /* filter */
+#define BIO_TYPE_CONNECT (12|0x0400|0x0100) /* socket - connect */
+#define BIO_TYPE_ACCEPT (13|0x0400|0x0100) /* socket for accept */
+#define BIO_TYPE_PROXY_CLIENT (14|0x0400) /* client proxy BIO */
+#define BIO_TYPE_PROXY_SERVER (15|0x0200) /* server proxy BIO */
+#define BIO_TYPE_NBIO_TEST (16|0x0200) /* server proxy BIO */
+#define BIO_TYPE_NULL_FILTER (17|0x0200)
+
+#define BIO_TYPE_DESCRIPTOR 0x0100 /* socket, fd, connect or accept */
+#define BIO_TYPE_FILTER 0x0200
+#define BIO_TYPE_SOURCE_SINK 0x0400
+
+/* BIO_FILENAME_READ|BIO_CLOSE to open or close on free.
+ * BIO_set_fp(in,stdin,BIO_NOCLOSE); */
+#define BIO_NOCLOSE 0x00
+#define BIO_CLOSE 0x01
+
+/* These are used in the following macros and are passed to
+ * BIO_ctrl() */
+#define BIO_CTRL_RESET 1 /* opt - rewind/zero etc */
+#define BIO_CTRL_EOF 2 /* opt - are we at the eof */
+#define BIO_CTRL_INFO 3 /* opt - extra tit-bits */
+#define BIO_CTRL_SET 4 /* man - set the 'IO' type */
+#define BIO_CTRL_GET 5 /* man - get the 'IO' type */
+#define BIO_CTRL_PUSH 6 /* opt - internal, used to signify change */
+#define BIO_CTRL_POP 7 /* opt - internal, used to signify change */
+#define BIO_CTRL_GET_CLOSE 8 /* man - set the 'close' on free */
+#define BIO_CTRL_SET_CLOSE 9 /* man - set the 'close' on free */
+#define BIO_CTRL_PENDING 10 /* opt - is their more data buffered */
+#define BIO_CTRL_FLUSH 11 /* opt - 'flush' buffered output */
+#define BIO_CTRL_DUP 12 /* man - extra stuff for 'duped' BIO */
+#define BIO_CTRL_WPENDING 13 /* opt - number of bytes still to write */
+
+#define BIO_CTRL_SET_FILENAME 30 /* BIO_s_file special */
+
+/* modifiers */
+#define BIO_FP_READ 0x02
+#define BIO_FP_WRITE 0x04
+#define BIO_FP_APPEND 0x08
+#define BIO_FP_TEXT 0x10
+
+#define BIO_FLAGS_READ 0x01
+#define BIO_FLAGS_WRITE 0x02
+#define BIO_FLAGS_IO_SPECIAL 0x04
+#define BIO_FLAGS_RWS (BIO_FLAGS_READ|BIO_FLAGS_WRITE|BIO_FLAGS_IO_SPECIAL)
+#define BIO_FLAGS_SHOULD_RETRY 0x08
+
+/* Mostly used in the SSL BIO */
+#define BIO_FLAGS_PROTOCOL_DELAYED_READ 0x10
+#define BIO_FLAGS_PROTOCOL_DELAYED_WRITE 0x20
+#define BIO_FLAGS_PROTOCOL_STARTUP 0x40
+
+#define BIO_set_flags(b,f) ((b)->flags|=(f))
+#define BIO_set_retry_special(b) \
+ ((b)->flags|=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_set_retry_read(b) \
+ ((b)->flags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_set_retry_write(b) \
+ ((b)->flags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY))
+
+/* These are normally used internally in BIOs */
+#define BIO_clear_flags(b,f) ((b)->flags&= ~(f))
+#define BIO_clear_retry_flags(b) \
+ ((b)->flags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+#define BIO_get_retry_flags(b) \
+ ((b)->flags&(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY))
+
+/* These shouldbe used by the application to tell why we should retry */
+#define BIO_should_read(a) ((a)->flags & BIO_FLAGS_READ)
+#define BIO_should_write(a) ((a)->flags & BIO_FLAGS_WRITE)
+#define BIO_should_io_special(a) ((a)->flags & BIO_FLAGS_IO_SPECIAL)
+#define BIO_retry_type(a) ((a)->flags & BIO_FLAGS_RWS)
+#define BIO_should_retry(a) ((a)->flags & BIO_FLAGS_SHOULD_RETRY)
+
+/* The next two are used in conjunction with the
+ * BIO_should_io_special() condition. After this returns true,
+ * BIO *BIO_get_retry_BIO(BIO *bio, int *reason); will walk the BIO
+ * stack and return the 'reason' for the special and the offending BIO.
+ * Given a BIO, BIO_get_retry_reason(bio) will return the code. */
+/* Returned from the SSL bio when the certificate retrieval code had an error */
+#define BIO_RR_SSL_X509_LOOKUP 0x01
+/* Returned from the connect BIO when a connect would have blocked */
+#define BIO_RR_CONNECT 0x02
+
+/* These are passed by the BIO callback */
+#define BIO_CB_FREE 0x01
+#define BIO_CB_READ 0x02
+#define BIO_CB_WRITE 0x03
+#define BIO_CB_PUTS 0x04
+#define BIO_CB_GETS 0x05
+#define BIO_CB_CTRL 0x06
+
+/* The callback is called before and after the underling operation,
+ * The BIO_CB_RETURN flag indicates if it is after the call */
+#define BIO_CB_RETURN 0x80
+#define BIO_CB_return(a) ((a)|BIO_CB_RETURN))
+#define BIO_cb_pre(a) (!((a)&BIO_CB_RETURN))
+#define BIO_cb_post(a) ((a)&BIO_CB_RETURN)
+
+#define BIO_set_callback(b,cb) ((b)->callback=(cb))
+#define BIO_set_callback_arg(b,arg) ((b)->cb_arg=(char *)(arg))
+#define BIO_get_callback_arg(b) ((b)->cb_arg)
+#define BIO_get_callback(b) ((b)->callback)
+#define BIO_method_name(b) ((b)->method->name)
+#define BIO_method_type(b) ((b)->method->type)
+
+#ifndef WIN16
+typedef struct bio_method_st
+ {
+ int type;
+ char *name;
+ int (*bwrite)();
+ int (*bread)();
+ int (*bputs)();
+ int (*bgets)();
+ long (*ctrl)();
+ int (*create)();
+ int (*destroy)();
+ } BIO_METHOD;
+#else
+typedef struct bio_method_st
+ {
+ int type;
+ char *name;
+ int (_far *bwrite)();
+ int (_far *bread)();
+ int (_far *bputs)();
+ int (_far *bgets)();
+ long (_far *ctrl)();
+ int (_far *create)();
+ int (_far *destroy)();
+ } BIO_METHOD;
+#endif
+
+typedef struct bio_st
+ {
+ BIO_METHOD *method;
+#ifndef NOPROTO
+ /* bio, mode, argp, argi, argl, ret */
+ long (*callback)(struct bio_st *,int,char *,int, long,long);
+#else
+ long (*callback)();
+#endif
+ char *cb_arg; /* first argument for the callback */
+
+ int init;
+ int shutdown;
+ int flags; /* extra storage */
+ int retry_reason;
+ int num;
+ char *ptr;
+ struct bio_st *next_bio; /* used by filter BIOs */
+ struct bio_st *prev_bio; /* used by filter BIOs */
+ int references;
+ unsigned long num_read;
+ unsigned long num_write;
+
+ char *app_data;
+ } BIO;
+
+typedef struct bio_f_buffer_ctx_struct
+ {
+ /* BIO *bio; */ /* this is now in the BIO struct */
+ int ibuf_size; /* how big is the input buffer */
+ int obuf_size; /* how big is the output buffer */
+
+ char *ibuf; /* the char array */
+ int ibuf_len; /* how many bytes are in it */
+ int ibuf_off; /* write/read offset */
+
+ char *obuf; /* the char array */
+ int obuf_len; /* how many bytes are in it */
+ int obuf_off; /* write/read offset */
+ } BIO_F_BUFFER_CTX;
+
+#define BIO_number_read(b) ((b)->num_read)
+#define BIO_number_written(b) ((b)->num_write)
+
+#define BIO_C_SET_CONNECT 100
+#define BIO_C_DO_STATE_MACHINE 101
+#define BIO_C_SET_NBIO 102
+#define BIO_C_SET_PROXY_PARAM 103
+#define BIO_C_SET_FD 104
+#define BIO_C_GET_FD 105
+#define BIO_C_SET_FILE_PTR 106
+#define BIO_C_GET_FILE_PTR 107
+#define BIO_C_SET_FILENAME 108
+#define BIO_C_SET_SSL 109
+#define BIO_C_GET_SSL 110
+#define BIO_C_SET_MD 111
+#define BIO_C_GET_MD 112
+#define BIO_C_GET_CIPHER_STATUS 113
+#define BIO_C_SET_BUF_MEM 114
+#define BIO_C_GET_BUF_MEM_PTR 115
+#define BIO_C_GET_BUFF_NUM_LINES 116
+#define BIO_C_SET_BUFF_SIZE 117
+#define BIO_C_SET_ACCEPT 118
+#define BIO_C_SSL_MODE 119
+#define BIO_C_GET_MD_CTX 120
+#define BIO_C_GET_PROXY_PARAM 121
+
+#define BIO_set_app_data(s,arg) ((s)->app_data=(char *)arg)
+#define BIO_get_app_data(s) ((s)->app_data)
+
+/* BIO_s_connect_socket() */
+#define BIO_set_hostname(b,name) BIO_ctrl(b,BIO_C_SET_CONNECT,0,(char *)name)
+#define BIO_set_port(b,port) BIO_ctrl(b,BIO_C_SET_CONNECT,1,(char *)port)
+#define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL)
+
+/* BIO_s_accept_socket() */
+#define BIO_set_accept_port(b,name) BIO_ctrl(b,BIO_C_SET_ACCEPT,0,(char *)name)
+/* #define BIO_set_nbio(b,n) BIO_ctrl(b,BIO_C_SET_NBIO,(n),NULL) */
+#define BIO_set_nbio_accpet(b,n) BIO_ctrl(b,BIO_C_SET_ACCEPT,1,(n)?"a":NULL)
+#define BIO_set_accept_bios(b,bio) BIO_ctrl(b,BIO_C_SET_ACCEPT,2,(char *)bio)
+
+#define BIO_do_connect(b) BIO_do_handshake(b)
+#define BIO_do_accept(b) BIO_do_handshake(b)
+#define BIO_do_handshake(b) BIO_ctrl(b,BIO_C_DO_STATE_MACHINE,0,NULL)
+
+/* BIO_s_proxy_client() */
+#define BIO_set_url(b,url) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,0,(char *)(url))
+#define BIO_set_proxies(b,p) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,1,(char *)(p))
+/* BIO_set_nbio(b,n) */
+#define BIO_set_filter_bio(b,s) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,2,(char *)(s))
+/* BIO *BIO_get_filter_bio(BIO *bio); */
+#define BIO_set_proxy_cb(b,cb) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,3,(char *)(cb))
+#define BIO_set_proxy_header(b,sk) BIO_ctrl(b,BIO_C_SET_PROXY_PARAM,4,(char *)sk)
+
+#define BIO_get_proxy_header(b,skp) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,0,(char *)skp)
+#define BIO_get_proxies(b,pxy_p) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,1,(char *)(pxy_p))
+#define BIO_get_url(b,url) BIO_ctrl(b,BIO_C_GET_PROXY_PARAM,2,(char *)(url))
+
+#define BIO_set_fd(b,fd,c) BIO_ctrl_int(b,BIO_C_SET_FD,c,fd)
+#define BIO_get_fd(b,c) BIO_ctrl(b,BIO_C_GET_FD,0,(char *)c)
+
+#define BIO_set_fp(b,fp,c) BIO_ctrl(b,BIO_C_SET_FILE_PTR,c,(char *)fp)
+#define BIO_get_fp(b,fpp) BIO_ctrl(b,BIO_C_GET_FILE_PTR,0,(char *)fpp)
+
+#define BIO_read_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_READ,name)
+#define BIO_write_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_WRITE,name)
+#define BIO_append_filename(b,name) BIO_ctrl(b,BIO_C_SET_FILENAME, \
+ BIO_CLOSE|BIO_FP_APPEND,name)
+
+#define BIO_set_ssl(b,ssl,c) BIO_ctrl(b,BIO_C_SET_SSL,c,(char *)ssl)
+#define BIO_get_ssl(b,sslp) BIO_ctrl(b,BIO_C_GET_SSL,0,(char *)sslp)
+#define BIO_set_ssl_mode(b,client) BIO_ctrl(b,BIO_C_SSL_MODE,client,NULL)
+
+/* defined in evp.h */
+/* #define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,1,(char *)md) */
+
+#define BIO_set_mem_buf(b,bm,c) BIO_ctrl(b,BIO_C_SET_BUF_MEM,c,(char *)bm)
+#define BIO_get_mem_ptr(b,pp) BIO_ctrl(b,BIO_C_GET_BUF_MEM_PTR,0,(char *)pp)
+
+/* For the BIO_f_buffer() type */
+#define BIO_get_buffer_num_lines(b) BIO_ctrl(b,BIO_C_GET_BUFF_NUM_LINES,0,NULL)
+#define BIO_set_buffer_size(b,size) BIO_ctrl(b,BIO_C_SET_BUFF_SIZE,size,NULL)
+#define BIO_set_read_buffer_size(b,size) BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,0)
+#define BIO_set_write_buffer_size(b,size) BIO_ctrl_int(b,BIO_C_SET_BUFF_SIZE,size,1)
+
+/* Don't use the next one unless you know what you are doing :-) */
+#define BIO_dup_state(b,ret) BIO_ctrl(b,BIO_CTRL_DUP,0,(char *)ret)
+
+#define BIO_reset(b) (int)BIO_ctrl(b,BIO_CTRL_RESET,0,NULL)
+#define BIO_eof(b) (int)BIO_ctrl(b,BIO_CTRL_EOF,0,NULL)
+#define BIO_set_close(b,c) (int)BIO_ctrl(b,BIO_CTRL_SET_CLOSE,(c),NULL)
+#define BIO_get_close(b) (int)BIO_ctrl(b,BIO_CTRL_GET_CLOSE,0,NULL)
+#define BIO_pending(b) (int)BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+#define BIO_wpending(b) (int)BIO_ctrl(b,BIO_CTRL_WPENDING,0,NULL)
+#define BIO_flush(b) (int)BIO_ctrl(b,BIO_CTRL_FLUSH,0,NULL)
+
+/* For the BIO_f_buffer() type */
+#define BIO_buffer_get_num_lines(b) BIO_ctrl(b,BIO_CTRL_GET,0,NULL)
+
+#ifndef NOPROTO
+BIO * BIO_new(BIO_METHOD *type);
+int BIO_set(BIO *a,BIO_METHOD *type);
+int BIO_free(BIO *a);
+int BIO_read(BIO *b, char *data, int len);
+int BIO_gets(BIO *bp,char *buf, int size);
+int BIO_write(BIO *b, char *data, int len);
+int BIO_puts(BIO *bp,char *buf);
+long BIO_ctrl(BIO *bp,int cmd,long larg,char *parg);
+long BIO_ctrl_int(BIO *bp,int cmd,long larg,int iarg);
+BIO * BIO_push(BIO *b,BIO *append);
+BIO * BIO_pop(BIO *b);
+void BIO_free_all(BIO *a);
+BIO * BIO_find_type(BIO *b,int bio_type);
+BIO * BIO_get_retry_BIO(BIO *bio, int *reason);
+int BIO_get_retry_reason(BIO *bio);
+BIO * BIO_dup_chain(BIO *in);
+
+#ifndef WIN16
+long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
+ long argl,long ret);
+#else
+long _far _loadds BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,
+ long argl,long ret);
+#endif
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO_METHOD *BIO_s_file(void);
+#else
+BIO_METHOD *BIO_s_file_internal_w16(void);
+#endif
+
+BIO_METHOD *BIO_s_mem(void);
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_connect(void);
+BIO_METHOD *BIO_s_accept(void);
+BIO_METHOD *BIO_s_fd(void);
+BIO_METHOD *BIO_s_null(void);
+BIO_METHOD *BIO_f_null(void);
+BIO_METHOD *BIO_f_nbio_test(void);
+BIO_METHOD *BIO_f_buffer(void);
+
+int BIO_sock_should_retry(int i);
+int BIO_sock_non_fatal_error(int error);
+int BIO_fd_should_retry(int i);
+int BIO_fd_non_fatal_error(int error);
+int BIO_dump(BIO *b,char *bytes,int len);
+
+struct hostent *BIO_gethostbyname(char *name);
+int BIO_sock_error(int sock);
+int BIO_socket_ioctl(int fd, long type, unsigned long *arg);
+int BIO_get_port(char *str, short *port_ptr);
+int BIO_get_host_ip(char *str, unsigned char *ip);
+int BIO_get_accept_socket(char *host_port);
+int BIO_accept(int sock,char **ip_port);
+int BIO_sock_init(void );
+void BIO_sock_cleanup(void);
+int BIO_set_tcp_ndelay(int sock,int turn_on);
+
+void ERR_load_BIO_strings(void );
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO *BIO_new_file(char *filename, char *mode);
+BIO *BIO_new_fp(FILE *stream, int close_flag);
+#endif
+BIO *BIO_new_socket(int sock, int close_flag);
+BIO *BIO_new_fd(int fd, int close_flag);
+BIO *BIO_new_connect(char *host_port);
+BIO *BIO_new_accept(char *host_port);
+
+void BIO_copy_next_retry(BIO *b);
+
+#else
+
+BIO * BIO_new();
+int BIO_set();
+int BIO_free();
+int BIO_read();
+int BIO_gets();
+int BIO_write();
+int BIO_puts();
+long BIO_ctrl();
+long BIO_ctrl_int();
+BIO * BIO_push();
+BIO * BIO_pop();
+void BIO_free_all();
+BIO * BIO_find_type();
+BIO * BIO_get_retry_BIO();
+int BIO_get_retry_reason();
+BIO * BIO_dup_chain();
+
+#ifndef WIN16
+long BIO_debug_callback();
+#else
+long _far _loadds BIO_debug_callback();
+#endif
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO_METHOD *BIO_s_file();
+#else
+BIO_METHOD *BIO_s_file_internal_w16();
+#endif
+
+BIO_METHOD *BIO_s_mem();
+BIO_METHOD *BIO_s_socket();
+BIO_METHOD *BIO_s_connect();
+BIO_METHOD *BIO_s_accept();
+BIO_METHOD *BIO_s_fd();
+BIO_METHOD *BIO_s_null();
+BIO_METHOD *BIO_f_null();
+BIO_METHOD *BIO_f_buffer();
+BIO_METHOD *BIO_f_nbio_test();
+
+int BIO_sock_should_retry();
+int BIO_sock_non_fatal_error();
+int BIO_fd_should_retry();
+int BIO_fd_non_fatal_error();
+int BIO_dump();
+
+struct hostent *BIO_gethostbyname();
+int BIO_sock_error();
+int BIO_socket_ioctl();
+int BIO_get_port();
+int BIO_get_host_ip();
+int BIO_get_accept_socket();
+int BIO_accept();
+int BIO_sock_init();
+void BIO_sock_cleanup();
+int BIO_set_tcp_ndelay();
+
+void ERR_load_BIO_strings();
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO *BIO_new_file();
+BIO *BIO_new_fp();
+#endif
+BIO *BIO_new_socket();
+BIO *BIO_new_fd();
+BIO *BIO_new_connect();
+BIO *BIO_new_accept();
+
+void BIO_copy_next_retry();
+
+#endif
+
+/* Tim Hudson's portable varargs stuff */
+
+#ifndef NOPROTO
+#define VAR_ANSI /* select ANSI version by default */
+#endif
+
+#ifdef VAR_ANSI
+/* ANSI version of a "portable" macro set for variable length args */
+#ifndef __STDARG_H__ /**/
+#include <stdarg.h>
+#endif /**/
+
+#define VAR_PLIST(arg1type,arg1) arg1type arg1, ...
+#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) arg1type arg1,arg2type arg2,...
+#define VAR_ALIST
+#define VAR_BDEFN(args,arg1type,arg1) va_list args
+#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2) va_list args
+#define VAR_INIT(args,arg1type,arg1) va_start(args,arg1);
+#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args,arg2);
+#define VAR_ARG(args,type,arg) arg=va_arg(args,type)
+#define VAR_END(args) va_end(args);
+
+#else
+
+/* K&R version of a "portable" macro set for variable length args */
+#ifndef __VARARGS_H__
+#include <varargs.h>
+#endif
+
+#define VAR_PLIST(arg1type,arg1) va_alist
+#define VAR_PLIST2(arg1type,arg1,arg2type,arg2) va_alist
+#define VAR_ALIST va_dcl
+#define VAR_BDEFN(args,arg1type,arg1) va_list args; arg1type arg1
+#define VAR_BDEFN2(args,arg1type,arg1,arg2type,arg2) va_list args; \
+ arg1type arg1; arg2type arg2
+#define VAR_INIT(args,arg1type,arg1) va_start(args); \
+ arg1=va_arg(args,arg1type);
+#define VAR_INIT2(args,arg1type,arg1,arg2type,arg2) va_start(args); \
+ arg1=va_arg(args,arg1type); arg2=va_arg(args,arg2type);
+#define VAR_ARG(args,type,arg) arg=va_arg(args,type)
+#define VAR_END(args) va_end(args);
+
+#endif
+
+#ifndef NOPROTO
+int BIO_printf( VAR_PLIST( BIO *, bio ) );
+#else
+int BIO_printf();
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BIO functions. */
+
+/* Function codes. */
+#define BIO_F_ACPT_STATE 100
+#define BIO_F_BIO_ACCEPT 101
+#define BIO_F_BIO_CTRL 102
+#define BIO_F_BIO_GETS 103
+#define BIO_F_BIO_GET_ACCEPT_SOCKET 104
+#define BIO_F_BIO_GET_HOST_IP 105
+#define BIO_F_BIO_GET_PORT 106
+#define BIO_F_BIO_NEW 107
+#define BIO_F_BIO_NEW_FILE 108
+#define BIO_F_BIO_PUTS 109
+#define BIO_F_BIO_READ 110
+#define BIO_F_BIO_SOCK_INIT 111
+#define BIO_F_BIO_WRITE 112
+#define BIO_F_CONN_STATE 113
+#define BIO_F_FILE_CTRL 114
+#define BIO_F_MEM_WRITE 115
+#define BIO_F_WSASTARTUP 116
+
+/* Reason codes. */
+#define BIO_R_ACCEPT_ERROR 100
+#define BIO_R_BAD_FOPEN_MODE 101
+#define BIO_R_BAD_HOSTNAME_LOOKUP 102
+#define BIO_R_CONNECT_ERROR 103
+#define BIO_R_ERROR_SETTING_NBIO 104
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET 105
+#define BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET 106
+#define BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET 107
+#define BIO_R_INVALID_IP_ADDRESS 108
+#define BIO_R_NBIO_CONNECT_ERROR 109
+#define BIO_R_NO_ACCEPT_PORT_SPECIFIED 110
+#define BIO_R_NO_HOSTHNAME_SPECIFIED 111
+#define BIO_R_NO_PORT_DEFINED 112
+#define BIO_R_NO_PORT_SPECIFIED 113
+#define BIO_R_NULL_PARAMETER 114
+#define BIO_R_UNABLE_TO_BIND_SOCKET 115
+#define BIO_R_UNABLE_TO_CREATE_SOCKET 116
+#define BIO_R_UNABLE_TO_LISTEN_SOCKET 117
+#define BIO_R_UNINITALISED 118
+#define BIO_R_UNSUPPORTED_METHOD 119
+#define BIO_R_WSASTARTUP 120
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/bio/bio_cb.c b/crypto/bio/bio_cb.c
new file mode 100644
index 0000000..2f98cd1
--- /dev/null
+++ b/crypto/bio/bio_cb.c
@@ -0,0 +1,132 @@
+/* crypto/bio/bio_cb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+long MS_CALLBACK BIO_debug_callback(bio,cmd,argp,argi,argl,ret)
+BIO *bio;
+int cmd;
+char *argp;
+int argi;
+long argl;
+long ret;
+ {
+ BIO *b;
+ MS_STATIC char buf[256];
+ char *p;
+ long r=1;
+
+ if (BIO_CB_RETURN & cmd)
+ r=ret;
+
+ sprintf(buf,"BIO[%08lX]:",(unsigned long)bio);
+ p= &(buf[14]);
+ switch (cmd)
+ {
+ case BIO_CB_FREE:
+ sprintf(p,"Free - %s\n",bio->method->name);
+ break;
+ case BIO_CB_READ:
+ sprintf(p,"read(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+ break;
+ case BIO_CB_WRITE:
+ sprintf(p,"write(%d,%d) - %s\n",bio->num,argi,bio->method->name);
+ break;
+ case BIO_CB_PUTS:
+ sprintf(p,"puts() - %s\n",bio->method->name);
+ break;
+ case BIO_CB_GETS:
+ sprintf(p,"gets(%d) - %s\n",argi,bio->method->name);
+ break;
+ case BIO_CB_CTRL:
+ sprintf(p,"ctrl(%d) - %s\n",argi,bio->method->name);
+ break;
+ case BIO_CB_RETURN|BIO_CB_READ:
+ sprintf(p,"read return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_WRITE:
+ sprintf(p,"write return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_GETS:
+ sprintf(p,"gets return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_PUTS:
+ sprintf(p,"puts return %ld\n",ret);
+ break;
+ case BIO_CB_RETURN|BIO_CB_CTRL:
+ sprintf(p,"ctrl return %ld\n",ret);
+ break;
+ default:
+ sprintf(p,"bio callback - unknown type (%d)\n",cmd);
+ break;
+ }
+
+ b=(BIO *)bio->cb_arg;
+ if (b != NULL)
+ BIO_write(b,buf,strlen(buf));
+#ifndef WIN16
+ else
+ fputs(buf,stderr);
+#endif
+ return(r);
+ }
diff --git a/crypto/bio/bio_err.c b/crypto/bio/bio_err.c
new file mode 100644
index 0000000..b78878f
--- /dev/null
+++ b/crypto/bio/bio_err.c
@@ -0,0 +1,121 @@
+/* lib/bio/bio_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "bio.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA BIO_str_functs[]=
+ {
+{ERR_PACK(0,BIO_F_ACPT_STATE,0), "ACPT_STATE"},
+{ERR_PACK(0,BIO_F_BIO_ACCEPT,0), "BIO_accept"},
+{ERR_PACK(0,BIO_F_BIO_CTRL,0), "BIO_ctrl"},
+{ERR_PACK(0,BIO_F_BIO_GETS,0), "BIO_gets"},
+{ERR_PACK(0,BIO_F_BIO_GET_ACCEPT_SOCKET,0), "BIO_get_accept_socket"},
+{ERR_PACK(0,BIO_F_BIO_GET_HOST_IP,0), "BIO_get_host_ip"},
+{ERR_PACK(0,BIO_F_BIO_GET_PORT,0), "BIO_get_port"},
+{ERR_PACK(0,BIO_F_BIO_NEW,0), "BIO_new"},
+{ERR_PACK(0,BIO_F_BIO_NEW_FILE,0), "BIO_new_file"},
+{ERR_PACK(0,BIO_F_BIO_PUTS,0), "BIO_puts"},
+{ERR_PACK(0,BIO_F_BIO_READ,0), "BIO_read"},
+{ERR_PACK(0,BIO_F_BIO_SOCK_INIT,0), "BIO_sock_init"},
+{ERR_PACK(0,BIO_F_BIO_WRITE,0), "BIO_write"},
+{ERR_PACK(0,BIO_F_CONN_STATE,0), "CONN_STATE"},
+{ERR_PACK(0,BIO_F_FILE_CTRL,0), "FILE_CTRL"},
+{ERR_PACK(0,BIO_F_MEM_WRITE,0), "MEM_WRITE"},
+{ERR_PACK(0,BIO_F_WSASTARTUP,0), "WSASTARTUP"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA BIO_str_reasons[]=
+ {
+{BIO_R_ACCEPT_ERROR ,"accept error"},
+{BIO_R_BAD_FOPEN_MODE ,"bad fopen mode"},
+{BIO_R_BAD_HOSTNAME_LOOKUP ,"bad hostname lookup"},
+{BIO_R_CONNECT_ERROR ,"connect error"},
+{BIO_R_ERROR_SETTING_NBIO ,"error setting nbio"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET,"error setting nbio on accepted socket"},
+{BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET,"error setting nbio on accept socket"},
+{BIO_R_GETHOSTBYNAME_ADDR_IS_NOT_AF_INET ,"gethostbyname addr is not af inet"},
+{BIO_R_INVALID_IP_ADDRESS ,"invalid ip address"},
+{BIO_R_NBIO_CONNECT_ERROR ,"nbio connect error"},
+{BIO_R_NO_ACCEPT_PORT_SPECIFIED ,"no accept port specified"},
+{BIO_R_NO_HOSTHNAME_SPECIFIED ,"no hosthname specified"},
+{BIO_R_NO_PORT_DEFINED ,"no port defined"},
+{BIO_R_NO_PORT_SPECIFIED ,"no port specified"},
+{BIO_R_NULL_PARAMETER ,"null parameter"},
+{BIO_R_UNABLE_TO_BIND_SOCKET ,"unable to bind socket"},
+{BIO_R_UNABLE_TO_CREATE_SOCKET ,"unable to create socket"},
+{BIO_R_UNABLE_TO_LISTEN_SOCKET ,"unable to listen socket"},
+{BIO_R_UNINITALISED ,"uninitalised"},
+{BIO_R_UNSUPPORTED_METHOD ,"unsupported method"},
+{BIO_R_WSASTARTUP ,"wsastartup"},
+{0,NULL},
+ };
+
+void ERR_load_BIO_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_BIO,BIO_str_functs);
+ ERR_load_strings(ERR_LIB_BIO,BIO_str_reasons);
+ }
+ }
diff --git a/crypto/bio/bio_lib.c b/crypto/bio/bio_lib.c
new file mode 100644
index 0000000..78e896f
--- /dev/null
+++ b/crypto/bio/bio_lib.c
@@ -0,0 +1,447 @@
+/* crypto/bio/bio_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+BIO *BIO_new(method)
+BIO_METHOD *method;
+ {
+ BIO *ret=NULL;
+
+ ret=(BIO *)Malloc(sizeof(BIO));
+ if (ret == NULL)
+ {
+ BIOerr(BIO_F_BIO_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ if (!BIO_set(ret,method))
+ {
+ Free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
+
+int BIO_set(bio,method)
+BIO *bio;
+BIO_METHOD *method;
+ {
+ bio->method=method;
+ bio->callback=NULL;
+ bio->cb_arg=NULL;
+ bio->init=0;
+ bio->shutdown=1;
+ bio->num=0;
+ bio->flags=0;
+ bio->retry_reason=0;
+ bio->ptr=NULL;
+ bio->prev_bio=NULL;
+ bio->next_bio=NULL;
+ bio->references=1;
+ bio->num_read=0L;
+ bio->num_write=0L;
+ if (method->create != NULL)
+ if (!method->create(bio))
+ return(0);
+ return(1);
+ }
+
+int BIO_free(a)
+BIO *a;
+ {
+ int ret=0,i;
+
+ if (a == NULL) return(0);
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_BIO);
+
+ if (i > 0) return(1);
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"BIO_free, bad reference count\n");
+ abort();
+ }
+#endif
+ if ((a->callback != NULL) &&
+ ((i=(int)a->callback(a,BIO_CB_FREE,NULL,0,0L,1L)) <= 0))
+ return(i);
+
+ if ((a->method == NULL) || (a->method->destroy == NULL)) return(1);
+ ret=a->method->destroy(a);
+ Free(a);
+ return(1);
+ }
+
+int BIO_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int i;
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bread == NULL))
+ {
+ BIOerr(BIO_F_BIO_READ,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ if ((b->callback != NULL) &&
+ ((i=(int)b->callback(b,BIO_CB_READ,out,outl,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_READ,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bread(b,out,outl);
+ if (i > 0) b->num_read+=(unsigned long)i;
+
+ if (b->callback != NULL)
+ i=(int)b->callback(b,BIO_CB_READ|BIO_CB_RETURN,out,outl,
+ 0L,(long)i);
+ return(i);
+ }
+
+int BIO_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int i;
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bwrite == NULL))
+ {
+ BIOerr(BIO_F_BIO_WRITE,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ if ((b->callback != NULL) &&
+ ((i=(int)b->callback(b,BIO_CB_WRITE,in,inl,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_WRITE,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bwrite(b,in,inl);
+ if (i > 0) b->num_write+=(unsigned long)i;
+
+ if (b->callback != NULL)
+ i=(int)b->callback(b,BIO_CB_WRITE|BIO_CB_RETURN,in,inl,
+ 0L,(long)i);
+ return(i);
+ }
+
+int BIO_puts(b,in)
+BIO *b;
+char *in;
+ {
+ int i;
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bputs == NULL))
+ {
+ BIOerr(BIO_F_BIO_PUTS,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ if ((b->callback != NULL) &&
+ ((i=(int)b->callback(b,BIO_CB_PUTS,in,0,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_PUTS,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bputs(b,in);
+
+ if (b->callback != NULL)
+ i=(int)b->callback(b,BIO_CB_PUTS|BIO_CB_RETURN,in,0,
+ 0L,(long)i);
+ return(i);
+ }
+
+int BIO_gets(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int i;
+
+ if ((b == NULL) || (b->method == NULL) || (b->method->bgets == NULL))
+ {
+ BIOerr(BIO_F_BIO_GETS,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ if ((b->callback != NULL) &&
+ ((i=(int)b->callback(b,BIO_CB_GETS,in,inl,0L,1L)) <= 0))
+ return(i);
+
+ if (!b->init)
+ {
+ BIOerr(BIO_F_BIO_GETS,BIO_R_UNINITALISED);
+ return(-2);
+ }
+
+ i=b->method->bgets(b,in,inl);
+
+ if (b->callback != NULL)
+ i=(int)b->callback(b,BIO_CB_GETS|BIO_CB_RETURN,in,inl,
+ 0L,(long)i);
+ return(i);
+ }
+
+long BIO_ctrl_int(b,cmd,larg,iarg)
+BIO *b;
+int cmd;
+long larg;
+int iarg;
+ {
+ int i;
+
+ i=iarg;
+ return(BIO_ctrl(b,cmd,larg,(char *)&i));
+ }
+
+long BIO_ctrl(b,cmd,larg,parg)
+BIO *b;
+int cmd;
+long larg;
+char *parg;
+ {
+ long ret;
+
+ if (b == NULL) return(0);
+
+ if ((b->method == NULL) || (b->method->ctrl == NULL))
+ {
+ BIOerr(BIO_F_BIO_CTRL,BIO_R_UNSUPPORTED_METHOD);
+ return(-2);
+ }
+
+ if ((b->callback != NULL) &&
+ ((ret=b->callback(b,BIO_CB_CTRL,parg,cmd,larg,1L)) <= 0))
+ return(ret);
+
+ ret=b->method->ctrl(b,cmd,larg,parg);
+
+ if (b->callback != NULL)
+ ret=b->callback(b,BIO_CB_CTRL|BIO_CB_RETURN,parg,cmd,
+ larg,ret);
+ return(ret);
+ }
+
+/* put the 'bio' on the end of b's list of operators */
+BIO *BIO_push(b,bio)
+BIO *b,*bio;
+ {
+ BIO *lb;
+
+ if (b == NULL) return(bio);
+ lb=b;
+ while (lb->next_bio != NULL)
+ lb=lb->next_bio;
+ lb->next_bio=bio;
+ if (bio != NULL)
+ bio->prev_bio=lb;
+ BIO_ctrl(b,BIO_CTRL_PUSH,0,NULL);
+ return(b);
+ }
+
+/* Remove the first and return the rest */
+BIO *BIO_pop(b)
+BIO *b;
+ {
+ BIO *ret;
+
+ if (b == NULL) return(NULL);
+ ret=b->next_bio;
+
+ if (b->prev_bio != NULL)
+ b->prev_bio->next_bio=b->next_bio;
+ if (b->next_bio != NULL)
+ b->next_bio->prev_bio=b->prev_bio;
+
+ b->next_bio=NULL;
+ b->prev_bio=NULL;
+ BIO_ctrl(b,BIO_CTRL_POP,0,NULL);
+ return(ret);
+ }
+
+BIO *BIO_get_retry_BIO(bio,reason)
+BIO *bio;
+int *reason;
+ {
+ BIO *b,*last;
+
+ b=last=bio;
+ for (;;)
+ {
+ if (!BIO_should_retry(b)) break;
+ last=b;
+ b=b->next_bio;
+ if (b == NULL) break;
+ }
+ if (reason != NULL) *reason=last->retry_reason;
+ return(last);
+ }
+
+int BIO_get_retry_reason(bio)
+BIO *bio;
+ {
+ return(bio->retry_reason);
+ }
+
+BIO *BIO_find_type(bio,type)
+BIO *bio;
+int type;
+ {
+ int mt,mask;
+
+ mask=type&0xff;
+ do {
+ if (bio->method != NULL)
+ {
+ mt=bio->method->type;
+
+ if (!mask)
+ {
+ if (mt & type) return(bio);
+ }
+ else if (mt == type)
+ return(bio);
+ }
+ bio=bio->next_bio;
+ } while (bio != NULL);
+ return(NULL);
+ }
+
+void BIO_free_all(bio)
+BIO *bio;
+ {
+ BIO *b;
+ int ref;
+
+ while (bio != NULL)
+ {
+ b=bio;
+ ref=b->references;
+ bio=bio->next_bio;
+ BIO_free(b);
+ /* Since ref count > 1, don't free anyone else. */
+ if (ref > 1) break;
+ }
+ }
+
+BIO *BIO_dup_chain(in)
+BIO *in;
+ {
+ BIO *ret=NULL,*eoc=NULL,*bio,*new;
+
+ for (bio=in; bio != NULL; bio=bio->next_bio)
+ {
+ if ((new=BIO_new(bio->method)) == NULL) goto err;
+ new->callback=bio->callback;
+ new->cb_arg=bio->cb_arg;
+ new->init=bio->init;
+ new->shutdown=bio->shutdown;
+ new->flags=bio->flags;
+
+ /* This will let SSL_s_sock() work with stdin/stdout */
+ new->num=bio->num;
+
+ if (!BIO_dup_state(bio,(char *)new))
+ {
+ BIO_free(new);
+ goto err;
+ }
+ if (ret == NULL)
+ {
+ eoc=new;
+ ret=eoc;
+ }
+ else
+ {
+ BIO_push(eoc,new);
+ eoc=new;
+ }
+ }
+ return(ret);
+err:
+ if (ret != NULL)
+ BIO_free(ret);
+ return(NULL);
+ }
+
+void BIO_copy_next_retry(b)
+BIO *b;
+ {
+ BIO_set_flags(b,BIO_get_retry_flags(b->next_bio));
+ b->retry_reason=b->next_bio->retry_reason;
+ }
+
diff --git a/crypto/bio/bss_acpt.c b/crypto/bio/bss_acpt.c
new file mode 100644
index 0000000..2514741
--- /dev/null
+++ b/crypto/bio/bss_acpt.c
@@ -0,0 +1,484 @@
+/* crypto/bio/bss_acpt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+typedef struct bio_accept_st
+ {
+ int state;
+ char *param_addr;
+
+ int accept_sock;
+ int accept_nbio;
+
+ char *addr;
+ int nbio;
+ BIO *bio_chain;
+ } BIO_ACCEPT;
+
+#ifndef NOPROTO
+static int acpt_write(BIO *h,char *buf,int num);
+static int acpt_read(BIO *h,char *buf,int size);
+static int acpt_puts(BIO *h,char *str);
+static long acpt_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int acpt_new(BIO *h);
+static int acpt_free(BIO *data);
+#else
+static int acpt_write();
+static int acpt_read();
+static int acpt_puts();
+static long acpt_ctrl();
+static int acpt_new();
+static int acpt_free();
+#endif
+
+#ifndef NOPROTO
+static int acpt_state(BIO *b, BIO_ACCEPT *c);
+static void acpt_close_socket(BIO *data);
+BIO_ACCEPT *BIO_ACCEPT_new(void );
+void BIO_ACCEPT_free(BIO_ACCEPT *a);
+
+#else
+
+static int acpt_state();
+static void acpt_close_socket();
+BIO_ACCEPT *BIO_ACCEPT_new();
+void BIO_ACCEPT_free();
+#endif
+
+#define ACPT_S_BEFORE 1
+#define ACPT_S_GET_ACCEPT_SOCKET 2
+#define ACPT_S_OK 3
+
+static BIO_METHOD methods_acceptp=
+ {
+ BIO_TYPE_ACCEPT,"socket accept",
+ acpt_write,
+ acpt_read,
+ acpt_puts,
+ NULL, /* connect_gets, */
+ acpt_ctrl,
+ acpt_new,
+ acpt_free,
+ };
+
+BIO_METHOD *BIO_s_accept()
+ {
+ return(&methods_acceptp);
+ }
+
+static int acpt_new(bi)
+BIO *bi;
+ {
+ BIO_ACCEPT *ba;
+
+ bi->init=0;
+ bi->num=INVALID_SOCKET;
+ bi->flags=0;
+ if ((ba=BIO_ACCEPT_new()) == NULL)
+ return(0);
+ bi->ptr=(char *)ba;
+ ba->state=ACPT_S_BEFORE;
+ bi->shutdown=1;
+ return(1);
+ }
+
+BIO_ACCEPT *BIO_ACCEPT_new()
+ {
+ BIO_ACCEPT *ret;
+
+ if ((ret=(BIO_ACCEPT *)Malloc(sizeof(BIO_ACCEPT))) == NULL)
+ return(NULL);
+
+ memset(ret,0,sizeof(BIO_ACCEPT));
+ ret->accept_sock=INVALID_SOCKET;
+ return(ret);
+ }
+
+void BIO_ACCEPT_free(a)
+BIO_ACCEPT *a;
+ {
+ if (a->param_addr != NULL) Free(a->param_addr);
+ if (a->addr != NULL) Free(a->addr);
+ if (a->bio_chain != NULL) BIO_free(a->bio_chain);
+ Free(a);
+ }
+
+static void acpt_close_socket(bio)
+BIO *bio;
+ {
+ BIO_ACCEPT *c;
+
+ c=(BIO_ACCEPT *)bio->ptr;
+ if (c->accept_sock != INVALID_SOCKET)
+ {
+ shutdown(c->accept_sock,2);
+# ifdef WINDOWS
+ closesocket(c->accept_sock);
+# else
+ close(c->accept_sock);
+# endif
+ c->accept_sock=INVALID_SOCKET;
+ bio->num=INVALID_SOCKET;
+ }
+ }
+
+static int acpt_free(a)
+BIO *a;
+ {
+ BIO_ACCEPT *data;
+
+ if (a == NULL) return(0);
+ data=(BIO_ACCEPT *)a->ptr;
+
+ if (a->shutdown)
+ {
+ acpt_close_socket(a);
+ BIO_ACCEPT_free(data);
+ a->ptr=NULL;
+ a->flags=0;
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int acpt_state(b,c)
+BIO *b;
+BIO_ACCEPT *c;
+ {
+ BIO *bio=NULL,*dbio;
+ unsigned long l=1;
+ int s= -1;
+ int i;
+
+again:
+ switch (c->state)
+ {
+ case ACPT_S_BEFORE:
+ if (c->param_addr == NULL)
+ {
+ BIOerr(BIO_F_ACPT_STATE,BIO_R_NO_ACCEPT_PORT_SPECIFIED);
+ return(-1);
+ }
+ s=BIO_get_accept_socket(c->param_addr);
+ if (s == INVALID_SOCKET)
+ return(-1);
+
+#ifdef FIONBIO
+ if (c->accept_nbio)
+ {
+ i=BIO_socket_ioctl(b->num,FIONBIO,&l);
+ if (i < 0)
+ {
+#ifdef WINDOWS
+ closesocket(s);
+#else
+ close(s);
+# endif
+ BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPT_SOCKET);
+ return(-1);
+ }
+ }
+#endif
+ c->accept_sock=s;
+ b->num=s;
+ c->state=ACPT_S_GET_ACCEPT_SOCKET;
+ return(1);
+ break;
+ case ACPT_S_GET_ACCEPT_SOCKET:
+ if (b->next_bio != NULL)
+ {
+ c->state=ACPT_S_OK;
+ goto again;
+ }
+ i=BIO_accept(c->accept_sock,&(c->addr));
+ if (i < 0) return(i);
+ bio=BIO_new_socket(i,BIO_CLOSE);
+ if (bio == NULL) goto err;
+
+ BIO_set_callback(bio,BIO_get_callback(b));
+ BIO_set_callback_arg(bio,BIO_get_callback_arg(b));
+
+#ifdef FIONBIO
+ if (c->nbio)
+ {
+ i=BIO_socket_ioctl(i,FIONBIO,&l);
+ if (i < 0)
+ {
+ BIOerr(BIO_F_ACPT_STATE,BIO_R_ERROR_SETTING_NBIO_ON_ACCEPTED_SOCKET);
+ goto err;
+ }
+ }
+#endif
+
+ /* If the accept BIO has an bio_chain, we dup it and
+ * put the new socket at the end. */
+ if (c->bio_chain != NULL)
+ {
+ if ((dbio=BIO_dup_chain(c->bio_chain)) == NULL)
+ goto err;
+ if (!BIO_push(dbio,bio)) goto err;
+ bio=dbio;
+ }
+ if (BIO_push(b,bio) == NULL) goto err;
+
+ c->state=ACPT_S_OK;
+ return(1);
+err:
+ if (bio != NULL)
+ BIO_free(bio);
+ else if (s >= 0)
+ {
+#ifdef WINDOWS
+ closesocket(s);
+#else
+ close(s);
+# endif
+ }
+ return(0);
+ break;
+ case ACPT_S_OK:
+ if (b->next_bio == NULL)
+ {
+ c->state=ACPT_S_GET_ACCEPT_SOCKET;
+ goto again;
+ }
+ return(1);
+ break;
+ default:
+ return(0);
+ break;
+ }
+
+ }
+
+static int acpt_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+ BIO_ACCEPT *data;
+
+ BIO_clear_retry_flags(b);
+ data=(BIO_ACCEPT *)b->ptr;
+
+ while (b->next_bio == NULL)
+ {
+ ret=acpt_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ ret=BIO_read(b->next_bio,out,outl);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static int acpt_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret;
+ BIO_ACCEPT *data;
+
+ BIO_clear_retry_flags(b);
+ data=(BIO_ACCEPT *)b->ptr;
+
+ while (b->next_bio == NULL)
+ {
+ ret=acpt_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ ret=BIO_write(b->next_bio,in,inl);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long acpt_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ int *ip;
+ long ret=1;
+ BIO_ACCEPT *data;
+
+ data=(BIO_ACCEPT *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=0;
+ data->state=ACPT_S_BEFORE;
+ acpt_close_socket(b);
+ b->flags=0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ /* use this one to start the connection */
+ ret=(long)acpt_state(b,data);
+ break;
+ case BIO_C_SET_ACCEPT:
+ if (ptr != NULL)
+ {
+ if (num == 0)
+ {
+ b->init=1;
+ if (data->param_addr != NULL)
+ Free(data->param_addr);
+ data->param_addr=BUF_strdup(ptr);
+ }
+ else if (num == 1)
+ {
+ data->accept_nbio=(ptr != NULL);
+ }
+ else if (num == 2)
+ {
+ if (data->bio_chain != NULL)
+ BIO_free(data->bio_chain);
+ data->bio_chain=(BIO *)ptr;
+ }
+ }
+ break;
+ case BIO_C_SET_NBIO:
+ data->nbio=(int)num;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init)
+ {
+ ip=(int *)ptr;
+ if (ip != NULL)
+ *ip=data->accept_sock;
+ ret=b->num;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret=0;
+ break;
+ case BIO_CTRL_FLUSH:
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+/* if (data->param_port) EAY EAY
+ BIO_set_port(dbio,data->param_port);
+ if (data->param_hostname)
+ BIO_set_hostname(dbio,data->param_hostname);
+ BIO_set_nbio(dbio,data->nbio); */
+ break;
+
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int acpt_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=acpt_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_accept(str)
+char *str;
+ {
+ BIO *ret;
+
+ ret=BIO_new(BIO_s_accept());
+ if (ret == NULL) return(NULL);
+ if (BIO_set_accept_port(ret,str))
+ return(ret);
+ else
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ }
+
+#endif
diff --git a/crypto/bio/bss_conn.c b/crypto/bio/bss_conn.c
new file mode 100644
index 0000000..4e31e3c
--- /dev/null
+++ b/crypto/bio/bss_conn.c
@@ -0,0 +1,558 @@
+/* crypto/bio/bss_conn.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_SOCK
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+/* BIOerr(BIO_F_WSASTARTUP,BIO_R_WSASTARTUP ); */
+
+#ifdef WIN16
+#define SOCKET_PROTOCOL 0 /* more microsoft stupidity */
+#else
+#define SOCKET_PROTOCOL IPPROTO_TCP
+#endif
+
+typedef struct bio_connect_st
+ {
+ int state;
+
+ char *param_hostname;
+ char *param_port;
+ int nbio;
+
+ unsigned char ip[4];
+ short port;
+
+ struct sockaddr_in them;
+
+ /* int socket; this will be kept in bio->num so that it is
+ * compatable with the bss_sock bio */
+ int error;
+ } BIO_CONNECT;
+
+#ifndef NOPROTO
+static int conn_write(BIO *h,char *buf,int num);
+static int conn_read(BIO *h,char *buf,int size);
+static int conn_puts(BIO *h,char *str);
+static long conn_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int conn_new(BIO *h);
+static int conn_free(BIO *data);
+#else
+static int conn_write();
+static int conn_read();
+static int conn_puts();
+static long conn_ctrl();
+static int conn_new();
+static int conn_free();
+#endif
+
+#ifndef NOPROTO
+
+static int conn_state(BIO *b, BIO_CONNECT *c);
+static void conn_close_socket(BIO *data);
+BIO_CONNECT *BIO_CONNECT_new(void );
+void BIO_CONNECT_free(BIO_CONNECT *a);
+
+#else
+
+static int conn_state();
+static void conn_close_socket();
+BIO_CONNECT *BIO_CONNECT_new();
+void BIO_CONNECT_free();
+
+#endif
+
+#define CONN_S_BEFORE 1
+#define CONN_S_GET_IP 2
+#define CONN_S_GET_PORT 3
+#define CONN_S_CREATE_SOCKET 4
+#define CONN_S_CONNECT 5
+#define CONN_S_OK 6
+#define CONN_S_BLOCKED_CONNECT 7
+#define CONN_S_NBIO 8
+
+static BIO_METHOD methods_connectp=
+ {
+ BIO_TYPE_CONNECT,"socket connect",
+ conn_write,
+ conn_read,
+ conn_puts,
+ NULL, /* connect_gets, */
+ conn_ctrl,
+ conn_new,
+ conn_free,
+ };
+
+static int conn_state(b,c)
+BIO *b;
+BIO_CONNECT *c;
+ {
+ int ret= -1,i;
+ unsigned long l;
+ char *p,*q;
+
+ switch (c->state)
+ {
+ case CONN_S_BEFORE:
+ p=c->param_hostname;
+ if (p == NULL)
+ {
+ BIOerr(BIO_F_CONN_STATE,BIO_R_NO_HOSTHNAME_SPECIFIED);
+ break;
+ }
+ for ( ; *p != '\0'; p++)
+ {
+ if ((*p == ':') || (*p == '/')) break;
+ }
+
+ i= *p;
+ if ((i == ':') || (i == '/'))
+ {
+
+ *(p++)='\0';
+ if (i == ':')
+ {
+ for (q=p; *q; q++)
+ if (*q == '/')
+ {
+ *q='\0';
+ break;
+ }
+ if (c->param_port != NULL)
+ Free(c->param_port);
+ c->param_port=BUF_strdup(p);
+ }
+ }
+
+ if (p == NULL)
+ {
+ BIOerr(BIO_F_CONN_STATE,BIO_R_NO_PORT_SPECIFIED);
+ break;
+ }
+ c->state=CONN_S_GET_IP;
+
+ case CONN_S_GET_IP:
+ if (BIO_get_host_ip(c->param_hostname,&(c->ip[0])) <= 0)
+ break;
+ c->state=CONN_S_GET_PORT;
+
+ case CONN_S_GET_PORT:
+ if (BIO_get_port(c->param_port,&c->port) <= 0)
+ break;
+ c->state=CONN_S_CREATE_SOCKET;
+
+ case CONN_S_CREATE_SOCKET:
+ /* now setup address */
+ memset((char *)&c->them,0,sizeof(c->them));
+ c->them.sin_family=AF_INET;
+ c->them.sin_port=htons((unsigned short)c->port);
+ l=(unsigned long)
+ ((unsigned long)c->ip[0]<<24L)|
+ ((unsigned long)c->ip[1]<<16L)|
+ ((unsigned long)c->ip[2]<< 8L)|
+ ((unsigned long)c->ip[3]);
+ c->them.sin_addr.s_addr=htonl(l);
+ c->state=CONN_S_CREATE_SOCKET;
+
+ ret=socket(AF_INET,SOCK_STREAM,SOCKET_PROTOCOL);
+ if (ret == INVALID_SOCKET)
+ {
+ SYSerr(SYS_F_SOCKET,errno);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_UNABLE_TO_CREATE_SOCKET);
+ break;
+ }
+ b->num=ret;
+ c->state=CONN_S_NBIO;
+
+ case CONN_S_NBIO:
+#ifdef FIONBIO
+ if (c->nbio)
+ {
+ l=1;
+ ret=BIO_socket_ioctl(b->num,FIONBIO,&l);
+ if (ret < 0)
+ {
+ BIOerr(BIO_F_CONN_STATE,BIO_R_ERROR_SETTING_NBIO);
+ break;
+ }
+ }
+#endif
+ c->state=CONN_S_CONNECT;
+
+ case CONN_S_CONNECT:
+ BIO_clear_retry_flags(b);
+ ret=connect(b->num,
+ (struct sockaddr *)&c->them,
+ sizeof(c->them));
+ b->retry_reason=0;
+ if (ret < 0)
+ {
+ if (BIO_sock_should_retry(ret))
+ {
+ BIO_set_retry_special(b);
+ c->state=CONN_S_BLOCKED_CONNECT;
+ b->retry_reason=BIO_RR_CONNECT;
+ }
+ else
+ {
+ SYSerr(SYS_F_CONNECT,errno);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_CONNECT_ERROR);
+ }
+ }
+ else
+ {
+ ret=1;
+ c->state=CONN_S_OK;
+ }
+ break;
+
+ case CONN_S_BLOCKED_CONNECT:
+ BIO_clear_retry_flags(b);
+ i=BIO_sock_error(b->num);
+ if (i)
+ {
+ SYSerr(SYS_F_CONNECT,i);
+ BIOerr(BIO_F_CONN_STATE,BIO_R_NBIO_CONNECT_ERROR);
+ }
+ else
+ {
+ c->state=CONN_S_OK;
+ ret=1;
+ }
+ break;
+
+ case CONN_S_OK:
+ ret=1;
+ break;
+ default:
+ abort();
+ }
+ return(ret);
+ }
+
+BIO_CONNECT *BIO_CONNECT_new()
+ {
+ BIO_CONNECT *ret;
+
+ if ((ret=(BIO_CONNECT *)Malloc(sizeof(BIO_CONNECT))) == NULL)
+ return(NULL);
+ ret->state=CONN_S_BEFORE;
+ ret->param_hostname=NULL;
+ ret->param_port=NULL;
+ ret->nbio=0;
+ ret->ip[0]=0;
+ ret->ip[1]=0;
+ ret->ip[2]=0;
+ ret->ip[3]=0;
+ ret->port=0;
+ memset((char *)&ret->them,0,sizeof(ret->them));
+ ret->error=0;
+ return(ret);
+ }
+
+void BIO_CONNECT_free(a)
+BIO_CONNECT *a;
+ {
+ if (a->param_hostname != NULL)
+ Free(a->param_hostname);
+ if (a->param_port != NULL)
+ Free(a->param_port);
+ Free(a);
+ }
+
+BIO_METHOD *BIO_s_connect()
+ {
+ return(&methods_connectp);
+ }
+
+static int conn_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=INVALID_SOCKET;
+ bi->flags=0;
+ if ((bi->ptr=(char *)BIO_CONNECT_new()) == NULL)
+ return(0);
+ else
+ return(1);
+ }
+
+static void conn_close_socket(bio)
+BIO *bio;
+ {
+ BIO_CONNECT *c;
+
+ c=(BIO_CONNECT *)bio->ptr;
+ if (bio->num != INVALID_SOCKET)
+ {
+ /* Only do a shutdown if things were established */
+ if (c->state == CONN_S_OK)
+ shutdown(bio->num,2);
+# ifdef WINDOWS
+ closesocket(bio->num);
+# else
+ close(bio->num);
+# endif
+ bio->num=INVALID_SOCKET;
+ }
+ }
+
+static int conn_free(a)
+BIO *a;
+ {
+ BIO_CONNECT *data;
+
+ if (a == NULL) return(0);
+ data=(BIO_CONNECT *)a->ptr;
+
+ if (a->shutdown)
+ {
+ conn_close_socket(a);
+ BIO_CONNECT_free(data);
+ a->ptr=NULL;
+ a->flags=0;
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int conn_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+ BIO_CONNECT *data;
+
+ data=(BIO_CONNECT *)b->ptr;
+ if (data->state != CONN_S_OK)
+ {
+ ret=conn_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ if (out != NULL)
+ {
+ errno=0;
+#if defined(WINDOWS)
+ ret=recv(b->num,out,outl,0);
+#else
+ ret=read(b->num,out,outl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+ if (BIO_sock_should_retry(ret))
+ BIO_set_retry_read(b);
+ }
+ }
+ return(ret);
+ }
+
+static int conn_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret;
+ BIO_CONNECT *data;
+
+ data=(BIO_CONNECT *)b->ptr;
+ if (data->state != CONN_S_OK)
+ {
+ ret=conn_state(b,data);
+ if (ret <= 0) return(ret);
+ }
+
+ errno=0;
+#if defined(WINDOWS)
+ ret=send(b->num,in,inl,0);
+#else
+ ret=write(b->num,in,inl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+ if (BIO_sock_should_retry(ret))
+ BIO_set_retry_write(b);
+ }
+ return(ret);
+ }
+
+static long conn_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ int *ip;
+ long ret=1;
+ BIO_CONNECT *data;
+
+ data=(BIO_CONNECT *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=0;
+ data->state=CONN_S_BEFORE;
+ conn_close_socket(b);
+ b->flags=0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ /* use this one to start the connection */
+ if (!data->state != CONN_S_OK)
+ ret=(long)conn_state(b,data);
+ else
+ ret=1;
+ break;
+ case BIO_C_SET_CONNECT:
+ if (ptr != NULL)
+ {
+ b->init=1;
+ if (num == 0)
+ {
+ if (data->param_hostname != NULL)
+ Free(data->param_hostname);
+ data->param_hostname=BUF_strdup(ptr);
+ }
+ else if (num == 1)
+ {
+ if (data->param_port != NULL)
+ Free(data->param_port);
+ data->param_port=BUF_strdup(ptr);
+ }
+ }
+ break;
+ case BIO_C_SET_NBIO:
+ data->nbio=(int)num;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init)
+ {
+ ip=(int *)ptr;
+ if (ip != NULL)
+ *ip=b->num;
+ ret=b->num;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret=0;
+ break;
+ case BIO_CTRL_FLUSH:
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if (data->param_port)
+ BIO_set_port(dbio,data->param_port);
+ if (data->param_hostname)
+ BIO_set_hostname(dbio,data->param_hostname);
+ BIO_set_nbio(dbio,data->nbio);
+ break;
+
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int conn_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=conn_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_connect(str)
+char *str;
+ {
+ BIO *ret;
+
+ ret=BIO_new(BIO_s_connect());
+ if (ret == NULL) return(NULL);
+ if (BIO_set_hostname(ret,str))
+ return(ret);
+ else
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ }
+
+#endif
+
diff --git a/crypto/bio/bss_fd.c b/crypto/bio/bss_fd.c
new file mode 100644
index 0000000..06ae229
--- /dev/null
+++ b/crypto/bio/bss_fd.c
@@ -0,0 +1,62 @@
+/* crypto/bio/bss_fd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define BIO_FD
+#include "bss_sock.c"
+#undef BIO_FD
+
diff --git a/crypto/bio/bss_file.c b/crypto/bio/bss_file.c
new file mode 100644
index 0000000..33c18e7
--- /dev/null
+++ b/crypto/bio/bss_file.c
@@ -0,0 +1,334 @@
+/* crypto/bio/bss_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+#include "err.h"
+
+#ifndef NOPROTO
+static int MS_CALLBACK file_write(BIO *h,char *buf,int num);
+static int MS_CALLBACK file_read(BIO *h,char *buf,int size);
+static int MS_CALLBACK file_puts(BIO *h,char *str);
+static int MS_CALLBACK file_gets(BIO *h,char *str,int size);
+static long MS_CALLBACK file_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int MS_CALLBACK file_new(BIO *h);
+static int MS_CALLBACK file_free(BIO *data);
+#else
+static int MS_CALLBACK file_write();
+static int MS_CALLBACK file_read();
+static int MS_CALLBACK file_puts();
+static int MS_CALLBACK file_gets();
+static long MS_CALLBACK file_ctrl();
+static int MS_CALLBACK file_new();
+static int MS_CALLBACK file_free();
+#endif
+
+static BIO_METHOD methods_filep=
+ {
+ BIO_TYPE_FILE,"FILE pointer",
+ file_write,
+ file_read,
+ file_puts,
+ file_gets,
+ file_ctrl,
+ file_new,
+ file_free,
+ };
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+BIO *BIO_new_file(filename,mode)
+char *filename;
+char *mode;
+ {
+ BIO *ret;
+ FILE *file;
+
+ if ((file=fopen(filename,mode)) == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ BIOerr(BIO_F_BIO_NEW_FILE,ERR_R_SYS_LIB);
+ return(NULL);
+ }
+
+ if ((ret=BIO_new(BIO_s_file())) == NULL)
+ return(NULL);
+#if 0
+ if ((ret=BIO_new(BIO_s_file_internal_w16())) == NULL)
+ return(NULL);
+#endif
+
+ BIO_set_fp(ret,file,BIO_CLOSE);
+ return(ret);
+ }
+
+BIO *BIO_new_fp(stream,close_flag)
+FILE *stream;
+int close_flag;
+ {
+ BIO *ret;
+
+ if ((ret=BIO_new(BIO_s_file())) == NULL)
+ return(NULL);
+#if 0
+ if ((ret=BIO_new(BIO_s_file_internal_w16())) == NULL)
+#endif
+
+ BIO_set_fp(ret,stream,close_flag);
+ return(ret);
+ }
+#endif /* !APPS_WIN16 */
+
+#if !defined(WIN16) || defined(APPS_WIN16)
+
+BIO_METHOD *BIO_s_file()
+ {
+ return(&methods_filep);
+ }
+
+#else
+
+BIO_METHOD *BIO_s_file_internal_w16()
+ {
+ return(&methods_filep);
+ }
+
+#endif
+
+static int MS_CALLBACK file_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=0;
+ bi->ptr=NULL;
+ return(1);
+ }
+
+static int MS_CALLBACK file_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if ((a->init) && (a->ptr != NULL))
+ {
+ fclose((FILE *)a->ptr);
+ a->ptr=NULL;
+ }
+ a->init=0;
+ }
+ return(1);
+ }
+
+static int MS_CALLBACK file_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (b->init && (out != NULL))
+ {
+ ret=fread(out,1,(int)outl,(FILE *)b->ptr);
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+
+ if (b->init && (in != NULL))
+ {
+ if (fwrite(in,(int)inl,1,(FILE *)b->ptr))
+ ret=inl;
+ /* ret=fwrite(in,1,(int)inl,(FILE *)b->ptr); */
+ /* acording to Tim Hudson <tjh@cryptsoft.com>, the commented
+ * out version above can cause 'inl' write calls under
+ * some stupid stdio implementations (VMS) */
+ }
+ return(ret);
+ }
+
+static long MS_CALLBACK file_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ FILE *fp=(FILE *)b->ptr;
+ FILE **fpp;
+ char p[4];
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ret=(long)fseek(fp,num,0);
+ break;
+ case BIO_CTRL_EOF:
+ ret=(long)feof(fp);
+ break;
+ case BIO_CTRL_INFO:
+ ret=ftell(fp);
+ break;
+ case BIO_C_SET_FILE_PTR:
+ file_free(b);
+ b->shutdown=(int)num;
+ b->ptr=(char *)ptr;
+ b->init=1;
+ break;
+ case BIO_C_SET_FILENAME:
+ file_free(b);
+ b->shutdown=(int)num&BIO_CLOSE;
+ if (num & BIO_FP_APPEND)
+ {
+ if (num & BIO_FP_READ)
+ strcpy(p,"a+");
+ else strcpy(p,"a");
+ }
+ else if ((num & BIO_FP_READ) && (num & BIO_FP_WRITE))
+ strcpy(p,"r+");
+ else if (num & BIO_FP_WRITE)
+ strcpy(p,"w");
+ else if (num & BIO_FP_READ)
+ strcpy(p,"r");
+ else
+ {
+ BIOerr(BIO_F_FILE_CTRL,BIO_R_BAD_FOPEN_MODE);
+ ret=0;
+ break;
+ }
+#if defined(MSDOS) || defined(WINDOWS)
+ if (!(num & BIO_FP_TEXT))
+ strcat(p,"b");
+ else
+ strcat(p,"t");
+#endif
+ fp=fopen(ptr,p);
+ if (fp == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ BIOerr(BIO_F_FILE_CTRL,ERR_R_SYS_LIB);
+ ret=0;
+ break;
+ }
+ b->ptr=(char *)fp;
+ b->init=1;
+ break;
+ case BIO_C_GET_FILE_PTR:
+ /* the ptr parameter is actually a FILE ** in this case. */
+ if (ptr != NULL)
+ {
+ fpp=(FILE **)ptr;
+ *fpp=(FILE *)b->ptr;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=(long)b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_FLUSH:
+ fflush((FILE *)b->ptr);
+ break;
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+
+ case BIO_CTRL_WPENDING:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int MS_CALLBACK file_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ int ret=0;
+
+ buf[0]='\0';
+ fgets(buf,size,(FILE *)bp->ptr);
+ if (buf[0] != '\0')
+ ret=strlen(buf);
+ return(ret);
+ }
+
+static int MS_CALLBACK file_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=file_write(bp,str,n);
+ return(ret);
+ }
+
diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c
new file mode 100644
index 0000000..9b4cf40
--- /dev/null
+++ b/crypto/bio/bss_mem.c
@@ -0,0 +1,296 @@
+/* crypto/bio/bss_mem.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef NOPROTO
+static int mem_write(BIO *h,char *buf,int num);
+static int mem_read(BIO *h,char *buf,int size);
+static int mem_puts(BIO *h,char *str);
+static int mem_gets(BIO *h,char *str,int size);
+static long mem_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int mem_new(BIO *h);
+static int mem_free(BIO *data);
+#else
+static int mem_write();
+static int mem_read();
+static int mem_puts();
+static int mem_gets();
+static long mem_ctrl();
+static int mem_new();
+static int mem_free();
+#endif
+
+static BIO_METHOD mem_method=
+ {
+ BIO_TYPE_MEM,"memory buffer",
+ mem_write,
+ mem_read,
+ mem_puts,
+ mem_gets,
+ mem_ctrl,
+ mem_new,
+ mem_free,
+ };
+
+BIO_METHOD *BIO_s_mem()
+ {
+ return(&mem_method);
+ }
+
+static int mem_new(bi)
+BIO *bi;
+ {
+ BUF_MEM *b;
+
+ if ((b=BUF_MEM_new()) == NULL)
+ return(0);
+ bi->shutdown=1;
+ bi->init=1;
+ bi->num=0;
+ bi->ptr=(char *)b;
+ return(1);
+ }
+
+static int mem_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if ((a->init) && (a->ptr != NULL))
+ {
+ BUF_MEM_free((BUF_MEM *)a->ptr);
+ a->ptr=NULL;
+ }
+ }
+ return(1);
+ }
+
+static int mem_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret= -1;
+ BUF_MEM *bm;
+ int i;
+ char *from,*to;
+
+ bm=(BUF_MEM *)b->ptr;
+ BIO_clear_retry_flags(b);
+ ret=(outl > bm->length)?bm->length:outl;
+ if ((out != NULL) && (ret > 0))
+ {
+ memcpy(out,bm->data,ret);
+ bm->length-=ret;
+ /* memmove(&(bm->data[0]),&(bm->data[ret]), bm->length); */
+ from=(char *)&(bm->data[ret]);
+ to=(char *)&(bm->data[0]);
+ for (i=0; i<bm->length; i++)
+ to[i]=from[i];
+ }
+ else if (bm->length == 0)
+ {
+ BIO_set_retry_read(b);
+ ret= -1;
+ }
+ return(ret);
+ }
+
+static int mem_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret= -1;
+ int blen;
+ BUF_MEM *bm;
+
+ bm=(BUF_MEM *)b->ptr;
+ if (in == NULL)
+ {
+ BIOerr(BIO_F_MEM_WRITE,BIO_R_NULL_PARAMETER);
+ goto end;
+ }
+
+ BIO_clear_retry_flags(b);
+ blen=bm->length;
+ if (BUF_MEM_grow(bm,blen+inl) != (blen+inl))
+ goto end;
+ memcpy(&(bm->data[blen]),in,inl);
+ ret=inl;
+end:
+ return(ret);
+ }
+
+static long mem_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ char **pptr;
+
+ BUF_MEM *bm=(BUF_MEM *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ if (bm->data != NULL)
+ memset(bm->data,0,bm->max);
+ bm->length=0;
+ break;
+ case BIO_CTRL_EOF:
+ ret=(long)(bm->length == 0);
+ break;
+ case BIO_CTRL_INFO:
+ ret=(long)bm->length;
+ if (ptr != NULL)
+ {
+ pptr=(char **)ptr;
+ *pptr=(char *)&(bm->data[0]);
+ }
+ break;
+ case BIO_C_SET_BUF_MEM:
+ mem_free(b);
+ b->shutdown=(int)num;
+ b->ptr=ptr;
+ break;
+ case BIO_C_GET_BUF_MEM_PTR:
+ if (ptr != NULL)
+ {
+ pptr=(char **)ptr;
+ *pptr=(char *)bm;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=(long)b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+
+ case BIO_CTRL_WPENDING:
+ ret=0L;
+ break;
+ case BIO_CTRL_PENDING:
+ ret=(long)bm->length;
+ break;
+ case BIO_CTRL_DUP:
+ case BIO_CTRL_FLUSH:
+ ret=1;
+ break;
+ case BIO_CTRL_PUSH:
+ case BIO_CTRL_POP:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int mem_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ int i,j;
+ int ret= -1;
+ char *p;
+ BUF_MEM *bm=(BUF_MEM *)bp->ptr;
+
+ BIO_clear_retry_flags(bp);
+ j=bm->length;
+ if (j <= 0) return(0);
+ p=bm->data;
+ for (i=0; i<j; i++)
+ {
+ if (p[i] == '\n') break;
+ }
+ if (i == j)
+ {
+ BIO_set_retry_read(bp);
+ /* return(-1); change the semantics 0.6.6a */
+ }
+ else
+ i++;
+ /* i is the max to copy */
+ if ((size-1) < i) i=size-1;
+ i=mem_read(bp,buf,i);
+ if (i > 0) buf[i]='\0';
+ ret=i;
+ return(ret);
+ }
+
+static int mem_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=mem_write(bp,str,n);
+ /* memory semantics is that it will always work */
+ return(ret);
+ }
+
diff --git a/crypto/bio/bss_null.c b/crypto/bio/bss_null.c
new file mode 100644
index 0000000..f93d471
--- /dev/null
+++ b/crypto/bio/bss_null.c
@@ -0,0 +1,176 @@
+/* crypto/bio/bss_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef NOPROTO
+static int null_write(BIO *h,char *buf,int num);
+static int null_read(BIO *h,char *buf,int size);
+static int null_puts(BIO *h,char *str);
+static int null_gets(BIO *h,char *str,int size);
+static long null_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int null_new(BIO *h);
+static int null_free(BIO *data);
+#else
+static int null_write();
+static int null_read();
+static int null_puts();
+static int null_gets();
+static long null_ctrl();
+static int null_new();
+static int null_free();
+#endif
+
+static BIO_METHOD null_method=
+ {
+ BIO_TYPE_NULL,"NULL",
+ null_write,
+ null_read,
+ null_puts,
+ null_gets,
+ null_ctrl,
+ null_new,
+ null_free,
+ };
+
+BIO_METHOD *BIO_s_null()
+ {
+ return(&null_method);
+ }
+
+static int null_new(bi)
+BIO *bi;
+ {
+ bi->init=1;
+ bi->num=0;
+ bi->ptr=(NULL);
+ return(1);
+ }
+
+static int null_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ return(1);
+ }
+
+static int null_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ return(0);
+ }
+
+static int null_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ return(inl);
+ }
+
+static long null_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ case BIO_CTRL_EOF:
+ case BIO_CTRL_SET:
+ case BIO_CTRL_SET_CLOSE:
+ case BIO_CTRL_FLUSH:
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int null_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(0);
+ }
+
+static int null_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ if (str == NULL) return(0);
+ return(strlen(str));
+ }
+
diff --git a/crypto/bio/bss_rtcp.c b/crypto/bio/bss_rtcp.c
new file mode 100644
index 0000000..cd48f7c
--- /dev/null
+++ b/crypto/bio/bss_rtcp.c
@@ -0,0 +1,296 @@
+/* crypto/bio/bss_rtcp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Written by David L. Jones <jonesd@kcgl1.eng.ohio-state.edu>
+ * Date: 22-JUL-1996
+ */
+/* VMS */
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "bio.h"
+
+#include <iodef.h> /* VMS IO$_ definitions */
+extern int SYS$QIOW();
+typedef unsigned short io_channel;
+/*************************************************************************/
+struct io_status { short status, count; long flags; };
+
+struct rpc_msg { /* Should have member alignment inhibited */
+ char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
+ char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ unsigned short int length; /* Amount of data returned or max to return */
+ char data[4092]; /* variable data */
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+struct rpc_ctx {
+ int filled, pos;
+ struct rpc_msg msg;
+};
+
+static int rtcp_write(BIO *h,char *buf,int num);
+static int rtcp_read(BIO *h,char *buf,int size);
+static int rtcp_puts(BIO *h,char *str);
+static int rtcp_gets(BIO *h,char *str,int size);
+static long rtcp_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int rtcp_new(BIO *h);
+static int rtcp_free(BIO *data);
+
+static BIO_METHOD rtcp_method=
+ {
+ BIO_TYPE_FD,"RTCP",
+ rtcp_write,
+ rtcp_read,
+ rtcp_puts,
+ rtcp_gets,
+ rtcp_ctrl,
+ rtcp_new,
+ rtcp_free,
+ };
+
+BIO_METHOD *BIO_s_rtcp()
+ {
+ return(&rtcp_method);
+ }
+/*****************************************************************************/
+/* Decnet I/O routines.
+ */
+static int get ( io_channel chan, char *buffer, int maxlen, int *length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
+ buffer, maxlen, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ if ( (status&1) == 1 ) *length = iosb.count;
+ return status;
+}
+
+static int put ( io_channel chan, char *buffer, int length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+ buffer, length, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ return status;
+}
+/***************************************************************************/
+
+static int rtcp_new(bi)
+BIO *bi;
+{
+ struct rpc_ctx *ctx;
+ bi->init=1;
+ bi->num=0;
+ bi->flags = 0;
+ bi->ptr=Malloc(sizeof(struct rpc_ctx));
+ ctx = (struct rpc_ctx *) bi->ptr;
+ ctx->filled = 0;
+ ctx->pos = 0;
+ return(1);
+}
+
+static int rtcp_free(a)
+BIO *a;
+{
+ if (a == NULL) return(0);
+ if ( a->ptr ) Free ( a->ptr );
+ a->ptr = NULL;
+ return(1);
+}
+
+static int rtcp_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+{
+ int status, length;
+ struct rpc_ctx *ctx;
+ /*
+ * read data, return existing.
+ */
+ ctx = (struct rpc_ctx *) b->ptr;
+ if ( ctx->pos < ctx->filled ) {
+ length = ctx->filled - ctx->pos;
+ if ( length > outl ) length = outl;
+ memmove ( out, &ctx->msg.data[ctx->pos], length );
+ ctx->pos += length;
+ return length;
+ }
+ /*
+ * Requst more data from R channel.
+ */
+ ctx->msg.channel = 'R';
+ ctx->msg.function = 'G';
+ ctx->msg.length = sizeof(ctx->msg.data);
+ status = put ( b->num, (char *) &ctx->msg, RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) {
+ return -1;
+ }
+ /*
+ * Read.
+ */
+ ctx->pos = ctx->filled = 0;
+ status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+ if ( (status&1) == 0 ) length = -1;
+ if ( ctx->msg.channel != 'R' || ctx->msg.function != 'C' ) {
+ length = -1;
+ }
+ ctx->filled = length - RPC_HDR_SIZE;
+
+ if ( ctx->pos < ctx->filled ) {
+ length = ctx->filled - ctx->pos;
+ if ( length > outl ) length = outl;
+ memmove ( out, ctx->msg.data, length );
+ ctx->pos += length;
+ return length;
+ }
+
+ return length;
+}
+
+static int rtcp_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+{
+ int status, i, segment, length;
+ struct rpc_ctx *ctx;
+ /*
+ * Output data, send in chunks no larger that sizeof(ctx->msg.data).
+ */
+ ctx = (struct rpc_ctx *) b->ptr;
+ for ( i = 0; i < inl; i += segment ) {
+ segment = inl - i;
+ if ( segment > sizeof(ctx->msg.data) ) segment = sizeof(ctx->msg.data);
+ ctx->msg.channel = 'R';
+ ctx->msg.function = 'P';
+ ctx->msg.length = segment;
+ memmove ( ctx->msg.data, &in[i], segment );
+ status = put ( b->num, (char *) &ctx->msg, segment + RPC_HDR_SIZE );
+ if ((status&1) == 0 ) { i = -1; break; }
+
+ status = get ( b->num, (char *) &ctx->msg, sizeof(ctx->msg), &length );
+ if ( ((status&1) == 0) || (length < RPC_HDR_SIZE) ) { i = -1; break; }
+ if ( (ctx->msg.channel != 'R') || (ctx->msg.function != 'C') ) {
+ printf("unexpected response when confirming put %c %c\n",
+ ctx->msg.channel, ctx->msg.function );
+
+ }
+ }
+ return(i);
+}
+
+static long rtcp_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ case BIO_CTRL_EOF:
+ ret = 1;
+ break;
+ case BIO_CTRL_SET:
+ b->num = num;
+ ret = 1;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ case BIO_CTRL_FLUSH:
+ case BIO_CTRL_DUP:
+ ret=1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+static int rtcp_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(0);
+ }
+
+static int rtcp_puts(bp,str)
+BIO *bp;
+char *str;
+{
+ int length;
+ if (str == NULL) return(0);
+ length = strlen ( str );
+ if ( length == 0 ) return (0);
+ return rtcp_write ( bp,str, length );
+}
+
diff --git a/crypto/bio/bss_sock.c b/crypto/bio/bss_sock.c
new file mode 100644
index 0000000..ac96027
--- /dev/null
+++ b/crypto/bio/bss_sock.c
@@ -0,0 +1,449 @@
+/* crypto/bio/bss_sock.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if !defined(NO_SOCK) || defined(BIO_FD)
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "cryptlib.h"
+#include "bio.h"
+
+#ifndef BIO_FD
+#ifndef NOPROTO
+static int sock_write(BIO *h,char *buf,int num);
+static int sock_read(BIO *h,char *buf,int size);
+static int sock_puts(BIO *h,char *str);
+static long sock_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int sock_new(BIO *h);
+static int sock_free(BIO *data);
+int BIO_sock_should_retry(int s);
+#else
+static int sock_write();
+static int sock_read();
+static int sock_puts();
+static long sock_ctrl();
+static int sock_new();
+static int sock_free();
+int BIO_sock_should_retry();
+#endif
+
+#else
+
+#ifndef NOPROTO
+static int fd_write(BIO *h,char *buf,int num);
+static int fd_read(BIO *h,char *buf,int size);
+static int fd_puts(BIO *h,char *str);
+static long fd_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int fd_new(BIO *h);
+static int fd_free(BIO *data);
+int BIO_fd_should_retry(int s);
+#else
+static int fd_write();
+static int fd_read();
+static int fd_puts();
+static long fd_ctrl();
+static int fd_new();
+static int fd_free();
+int BIO_fd_should_retry();
+#endif
+#endif
+
+#ifndef BIO_FD
+static BIO_METHOD methods_sockp=
+ {
+ BIO_TYPE_SOCKET,"socket",
+ sock_write,
+ sock_read,
+ sock_puts,
+ NULL, /* sock_gets, */
+ sock_ctrl,
+ sock_new,
+ sock_free,
+ };
+
+BIO_METHOD *BIO_s_socket()
+ {
+ return(&methods_sockp);
+ }
+#else
+static BIO_METHOD methods_fdp=
+ {
+ BIO_TYPE_FD,"file descriptor",
+ fd_write,
+ fd_read,
+ fd_puts,
+ NULL, /* fd_gets, */
+ fd_ctrl,
+ fd_new,
+ fd_free,
+ };
+
+BIO_METHOD *BIO_s_fd()
+ {
+ return(&methods_fdp);
+ }
+#endif
+
+#ifndef BIO_FD
+BIO *BIO_new_socket(fd,close_flag)
+#else
+BIO *BIO_new_fd(fd,close_flag)
+#endif
+int fd;
+int close_flag;
+ {
+ BIO *ret;
+
+#ifndef BIO_FD
+ ret=BIO_new(BIO_s_socket());
+#else
+ ret=BIO_new(BIO_s_fd());
+#endif
+ if (ret == NULL) return(NULL);
+ BIO_set_fd(ret,fd,close_flag);
+ return(ret);
+ }
+
+#ifndef BIO_FD
+static int sock_new(bi)
+#else
+static int fd_new(bi)
+#endif
+BIO *bi;
+ {
+ bi->init=0;
+ bi->num=0;
+ bi->ptr=NULL;
+ bi->flags=0;
+ return(1);
+ }
+
+#ifndef BIO_FD
+static int sock_free(a)
+#else
+static int fd_free(a)
+#endif
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->shutdown)
+ {
+ if (a->init)
+ {
+#ifndef BIO_FD
+ shutdown(a->num,2);
+# ifdef WINDOWS
+ closesocket(a->num);
+# else
+ close(a->num);
+# endif
+#else /* BIO_FD */
+ close(a->num);
+#endif
+
+ }
+ a->init=0;
+ a->flags=0;
+ }
+ return(1);
+ }
+
+#ifndef BIO_FD
+static int sock_read(b,out,outl)
+#else
+static int fd_read(b,out,outl)
+#endif
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+
+ if (out != NULL)
+ {
+ errno=0;
+#if defined(WINDOWS) && !defined(BIO_FD)
+ ret=recv(b->num,out,outl,0);
+#else
+ ret=read(b->num,out,outl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+#ifndef BIO_FD
+ if (BIO_sock_should_retry(ret))
+#else
+ if (BIO_fd_should_retry(ret))
+#endif
+ BIO_set_retry_read(b);
+ }
+ }
+ return(ret);
+ }
+
+#ifndef BIO_FD
+static int sock_write(b,in,inl)
+#else
+static int fd_write(b,in,inl)
+#endif
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret;
+
+ errno=0;
+#if defined(WINDOWS) && !defined(BIO_FD)
+ ret=send(b->num,in,inl,0);
+#else
+ ret=write(b->num,in,inl);
+#endif
+ BIO_clear_retry_flags(b);
+ if (ret <= 0)
+ {
+#ifndef BIO_FD
+ if (BIO_sock_should_retry(ret))
+#else
+ if (BIO_fd_should_retry(ret))
+#endif
+ BIO_set_retry_write(b);
+ }
+ return(ret);
+ }
+
+#ifndef BIO_FD
+static long sock_ctrl(b,cmd,num,ptr)
+#else
+static long fd_ctrl(b,cmd,num,ptr)
+#endif
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ long ret=1;
+ int *ip;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+#ifdef BIO_FD
+ ret=(long)lseek(b->num,0,0);
+#else
+ ret=0;
+#endif
+ break;
+ case BIO_CTRL_INFO:
+ ret=0;
+ break;
+ case BIO_C_SET_FD:
+#ifndef BIO_FD
+ sock_free(b);
+#else
+ fd_free(b);
+#endif
+ b->num= *((int *)ptr);
+ b->shutdown=(int)num;
+ b->init=1;
+ break;
+ case BIO_C_GET_FD:
+ if (b->init)
+ {
+ ip=(int *)ptr;
+ if (ip != NULL) *ip=b->num;
+ ret=b->num;
+ }
+ else
+ ret= -1;
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_PENDING:
+ case BIO_CTRL_WPENDING:
+ ret=0;
+ break;
+ case BIO_CTRL_DUP:
+ case BIO_CTRL_FLUSH:
+ ret=1;
+ break;
+ break;
+ default:
+ ret=0;
+ break;
+ }
+ return(ret);
+ }
+
+#ifdef undef
+static int sock_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ return(-1);
+ }
+#endif
+
+#ifndef BIO_FD
+static int sock_puts(bp,str)
+#else
+static int fd_puts(bp,str)
+#endif
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+#ifndef BIO_FD
+ ret=sock_write(bp,str,n);
+#else
+ ret=fd_write(bp,str,n);
+#endif
+ return(ret);
+ }
+
+#ifndef BIO_FD
+int BIO_sock_should_retry(i)
+#else
+int BIO_fd_should_retry(i)
+#endif
+int i;
+ {
+ if ((i == 0) || (i == -1))
+ {
+#if !defined(BIO_FD) && defined(WINDOWS)
+ errno=WSAGetLastError();
+#endif
+
+#if defined(WINDOWS) /* more microsoft stupidity */
+ if ((i == -1) && (errno == 0))
+ return(1);
+#endif
+#ifndef BIO_FD
+ return(BIO_sock_non_fatal_error(errno));
+#else
+ return(BIO_fd_non_fatal_error(errno));
+#endif
+ }
+ return(0);
+ }
+
+#ifndef BIO_FD
+int BIO_sock_non_fatal_error(err)
+#else
+int BIO_fd_non_fatal_error(err)
+#endif
+int err;
+ {
+ switch (err)
+ {
+#if !defined(BIO_FD) && defined(WINDOWS)
+# if defined(WSAEWOULDBLOCK)
+ case WSAEWOULDBLOCK:
+# endif
+
+# if defined(WSAENOTCONN)
+ case WSAENOTCONN:
+# endif
+#endif
+
+#ifdef EWOULDBLOCK
+# ifdef WSAEWOULDBLOCK
+# if WSAEWOULDBLOCK != EWOULDBLOCK
+ case EWOULDBLOCK:
+# endif
+# else
+ case EWOULDBLOCK:
+# endif
+#endif
+
+#ifdef EINTR
+ case EINTR:
+#endif
+
+#ifdef EAGAIN
+#if EWOULDBLOCK != EAGAIN
+ case EAGAIN:
+# endif
+#endif
+
+#ifdef EPROTO
+ case EPROTO:
+#endif
+
+#ifdef EINPROGRESS
+ case EINPROGRESS:
+#endif
+
+#ifdef EALREADY
+ case EALREADY:
+#endif
+ return(1);
+ break;
+ default:
+ break;
+ }
+ return(0);
+ }
+#endif
diff --git a/crypto/bn/Makefile.ssl b/crypto/bn/Makefile.ssl
new file mode 100644
index 0000000..cbddd4f
--- /dev/null
+++ b/crypto/bn/Makefile.ssl
@@ -0,0 +1,107 @@
+#
+# SSLeay/crypto/bn/Makefile
+#
+
+DIR= bn
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+BN_MULW= bn_mulw.o
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=bn
+ERRC=bn_err
+GENERAL=Makefile
+TEST=bntest.c exptest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= bn_add.c bn_div.c bn_exp.c bn_lib.c bn_mod.c bn_mul.c \
+ bn_print.c bn_rand.c bn_shift.c bn_sub.c bn_word.c \
+ bn_gcd.c bn_prime.c $(ERRC).c bn_sqr.c bn_mulw.c bn_recp.c bn_mont.c
+
+LIBOBJ= bn_add.o bn_div.o bn_exp.o bn_lib.o bn_mod.o bn_mul.o \
+ bn_print.o bn_rand.o bn_shift.o bn_sub.o bn_word.o \
+ bn_gcd.o bn_prime.o $(ERRC).o bn_sqr.o $(BN_MULW) bn_recp.o bn_mont.o
+
+
+SRC= $(LIBSRC)
+
+EXHEADER= bn.h
+HEADER= bn_lcl.h bn_prime.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+knuth: bn_knuth.c
+ cc -pg -I.. -I../../include bn_knuth.c -o knuth $(LIB) #../../../libefence.a
+
+knuth.fast: bn_knuth.c
+ cc -pg -fast -I.. -I../../include bn_knuth.c -o knuth $(LIB) #../../../libefence.a
+
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+exptest:
+ /bin/rm -f exptest
+ gcc -I../../include -g2 -ggdb -o exptest exptest.c ../../libcrypto.a
+
+div:
+ /bin/rm -f a.out
+ gcc -I.. -g div.c ../../libcrypto.a
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff bn_mulw.s
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # special case .org
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/bn/asm/README b/crypto/bn/asm/README
new file mode 100644
index 0000000..d93fbff
--- /dev/null
+++ b/crypto/bn/asm/README
@@ -0,0 +1,30 @@
+All assember in this directory are just version of the file
+crypto/bn/bn_mulw.c.
+
+Quite a few of these files are just the assember output from gcc since on
+quite a few machines they are 2 times faster than the system compiler.
+
+For the x86, I have hand written assember because of the bad job all
+compilers seem to do on it. This normally gives a 2 time speed up in the RSA
+routines.
+
+For the DEC alpha, I also hand wrote the assember (except the division which
+is just the output from the C compiler pasted on the end of the file).
+On the 2 alpha C compilers I had access to, it was not possible to do
+64b x 64b -> 128b calculations (both long and the long long data types
+were 64 bits). So the hand assember gives access to the 128 bit result and
+a 2 times speedup :-).
+
+The x86xxxx.obj files are the assembled version of x86xxxx.asm files.
+I had such a hard time finding a macro assember for Microsoft, I decided to
+include the object file to save others the hassle :-).
+
+I have also included uu encoded versions of the .obj incase they get
+trashed.
+
+There are 2 versions of assember for the HP PA-RISC.
+pa-risc.s is the origional one which works fine.
+pa-risc2.s is a new version that often generates warnings but if the
+tests pass, it gives performance that is over 2 times faster than
+pa-risc.s.
+Both were generated using gcc :-)
diff --git a/crypto/bn/asm/alpha.s b/crypto/bn/asm/alpha.s
new file mode 100644
index 0000000..d56f715
--- /dev/null
+++ b/crypto/bn/asm/alpha.s
@@ -0,0 +1,310 @@
+ # DEC Alpha assember
+ # The bn_div64 is actually gcc output but the other parts are hand done.
+ # Thanks to tzeruch@ceddec.com for sending me the gcc output for
+ # bn_div64.
+ .file 1 "bn_mulw.c"
+ .version "01.01"
+ .set noat
+gcc2_compiled.:
+__gnu_compiled_c:
+ .text
+ .align 3
+ .globl bn_mul_add_word
+ .ent bn_mul_add_word
+bn_mul_add_word:
+bn_mul_add_word..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+ subq $18,2,$25 # num=-2
+ bis $31,$31,$0
+ blt $25,$42
+ .align 5
+$142:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $2,8($17) # a[1]
+
+ mulq $19,$1,$3 # a[0]*w low part r3
+ umulh $19,$1,$1 # a[0]*w high part r1
+ mulq $19,$2,$4 # a[1]*w low part r4
+ umulh $19,$2,$2 # a[1]*w high part r2
+
+ ldq $22,0($16) # r[0] r22
+ ldq $23,8($16) # r[1] r23
+
+ addq $3,$22,$3 # a0 low part + r[0]
+ addq $4,$23,$4 # a1 low part + r[1]
+ cmpult $3,$22,$5 # overflow?
+ cmpult $4,$23,$6 # overflow?
+ addq $5,$1,$1 # high part + overflow
+ addq $6,$2,$2 # high part + overflow
+
+ addq $3,$0,$3 # add c
+ cmpult $3,$0,$5 # overflow?
+ stq $3,0($16)
+ addq $5,$1,$0 # c=high part + overflow
+
+ addq $4,$0,$4 # add c
+ cmpult $4,$0,$5 # overflow?
+ stq $4,8($16)
+ addq $5,$2,$0 # c=high part + overflow
+
+ ble $18,$43
+
+ addq $16,16,$16
+ addq $17,16,$17
+ blt $25,$42
+
+ br $31,$142
+$42:
+ ldq $1,0($17) # a[0]
+ umulh $19,$1,$3 # a[0]*w high part
+ mulq $19,$1,$1 # a[0]*w low part
+ ldq $2,0($16) # r[0]
+ addq $1,$2,$1 # low part + r[0]
+ cmpult $1,$2,$4 # overflow?
+ addq $4,$3,$3 # high part + overflow
+ addq $1,$0,$1 # add c
+ cmpult $1,$0,$4 # overflow?
+ addq $4,$3,$0 # c=high part + overflow
+ stq $1,0($16)
+
+ .align 4
+$43:
+ ret $31,($26),1
+ .end bn_mul_add_word
+ .align 3
+ .globl bn_mul_word
+ .ent bn_mul_word
+bn_mul_word:
+bn_mul_word..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+ subq $18,2,$25 # num=-2
+ bis $31,$31,$0
+ blt $25,$242
+ .align 5
+$342:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $2,8($17) # a[1]
+
+ mulq $19,$1,$3 # a[0]*w low part r3
+ umulh $19,$1,$1 # a[0]*w high part r1
+ mulq $19,$2,$4 # a[1]*w low part r4
+ umulh $19,$2,$2 # a[1]*w high part r2
+
+ addq $3,$0,$3 # add c
+ cmpult $3,$0,$5 # overflow?
+ stq $3,0($16)
+ addq $5,$1,$0 # c=high part + overflow
+
+ addq $4,$0,$4 # add c
+ cmpult $4,$0,$5 # overflow?
+ stq $4,8($16)
+ addq $5,$2,$0 # c=high part + overflow
+
+ ble $18,$243
+
+ addq $16,16,$16
+ addq $17,16,$17
+ blt $25,$242
+
+ br $31,$342
+$242:
+ ldq $1,0($17) # a[0]
+ umulh $19,$1,$3 # a[0]*w high part
+ mulq $19,$1,$1 # a[0]*w low part
+ addq $1,$0,$1 # add c
+ cmpult $1,$0,$4 # overflow?
+ addq $4,$3,$0 # c=high part + overflow
+ stq $1,0($16)
+$243:
+ ret $31,($26),1
+ .end bn_mul_word
+ .align 3
+ .globl bn_sqr_words
+ .ent bn_sqr_words
+bn_sqr_words:
+bn_sqr_words..ng:
+ .frame $30,0,$26,0
+ .prologue 0
+
+ subq $18,2,$25 # num=-2
+ blt $25,$442
+ .align 5
+$542:
+ subq $18,2,$18 # num-=2
+ subq $25,2,$25 # num-=2
+
+ ldq $1,0($17) # a[0]
+ ldq $4,8($17) # a[1]
+
+ mulq $1,$1,$2 # a[0]*w low part r2
+ umulh $1,$1,$3 # a[0]*w high part r3
+ mulq $4,$4,$5 # a[1]*w low part r5
+ umulh $4,$4,$6 # a[1]*w high part r6
+
+ stq $2,0($16) # r[0]
+ stq $3,8($16) # r[1]
+ stq $5,16($16) # r[3]
+ stq $6,24($16) # r[4]
+
+ ble $18,$443
+
+ addq $16,32,$16
+ addq $17,16,$17
+ blt $25,$442
+ br $31,$542
+
+$442:
+ ldq $1,0($17) # a[0]
+ mulq $1,$1,$2 # a[0]*w low part r2
+ umulh $1,$1,$3 # a[0]*w high part r3
+ stq $2,0($16) # r[0]
+ stq $3,8($16) # r[1]
+
+ .align 4
+$443:
+ ret $31,($26),1
+ .end bn_sqr_words
+
+ #
+ # What follows was taken directly from the C compiler with a few
+ # hacks to redo the lables.
+ #
+.text
+ .align 3
+ .globl bn_div64
+ .ent bn_div64
+bn_div64:
+ ldgp $29,0($27)
+bn_div64..ng:
+ lda $30,-48($30)
+ .frame $30,48,$26,0
+ stq $26,0($30)
+ stq $9,8($30)
+ stq $10,16($30)
+ stq $11,24($30)
+ stq $12,32($30)
+ stq $13,40($30)
+ .mask 0x4003e00,-48
+ .prologue 1
+ bis $16,$16,$9
+ bis $17,$17,$10
+ bis $18,$18,$11
+ bis $31,$31,$13
+ bis $31,2,$12
+ bne $11,$119
+ lda $0,-1
+ br $31,$136
+ .align 4
+$119:
+ bis $11,$11,$16
+ jsr $26,BN_num_bits_word
+ ldgp $29,0($26)
+ subq $0,64,$1
+ beq $1,$120
+ bis $31,1,$1
+ sll $1,$0,$1
+ cmpule $9,$1,$1
+ bne $1,$120
+ # lda $16,_IO_stderr_
+ # lda $17,$C32
+ # bis $0,$0,$18
+ # jsr $26,fprintf
+ # ldgp $29,0($26)
+ jsr $26,abort
+ ldgp $29,0($26)
+ .align 4
+$120:
+ bis $31,64,$3
+ cmpult $9,$11,$2
+ subq $3,$0,$1
+ addl $1,$31,$0
+ subq $9,$11,$1
+ cmoveq $2,$1,$9
+ beq $0,$122
+ zapnot $0,15,$2
+ subq $3,$0,$1
+ sll $11,$2,$11
+ sll $9,$2,$3
+ srl $10,$1,$1
+ sll $10,$2,$10
+ bis $3,$1,$9
+$122:
+ srl $11,32,$5
+ zapnot $11,15,$6
+ lda $7,-1
+ .align 5
+$123:
+ srl $9,32,$1
+ subq $1,$5,$1
+ bne $1,$126
+ zapnot $7,15,$27
+ br $31,$127
+ .align 4
+$126:
+ bis $9,$9,$24
+ bis $5,$5,$25
+ divqu $24,$25,$27
+$127:
+ srl $10,32,$4
+ .align 5
+$128:
+ mulq $27,$5,$1
+ subq $9,$1,$3
+ zapnot $3,240,$1
+ bne $1,$129
+ mulq $6,$27,$2
+ sll $3,32,$1
+ addq $1,$4,$1
+ cmpule $2,$1,$2
+ bne $2,$129
+ subq $27,1,$27
+ br $31,$128
+ .align 4
+$129:
+ mulq $27,$6,$1
+ mulq $27,$5,$4
+ srl $1,32,$3
+ sll $1,32,$1
+ addq $4,$3,$4
+ cmpult $10,$1,$2
+ subq $10,$1,$10
+ addq $2,$4,$2
+ cmpult $9,$2,$1
+ bis $2,$2,$4
+ beq $1,$134
+ addq $9,$11,$9
+ subq $27,1,$27
+$134:
+ subl $12,1,$12
+ subq $9,$4,$9
+ beq $12,$124
+ sll $27,32,$13
+ sll $9,32,$2
+ srl $10,32,$1
+ sll $10,32,$10
+ bis $2,$1,$9
+ br $31,$123
+ .align 4
+$124:
+ bis $13,$27,$0
+$136:
+ ldq $26,0($30)
+ ldq $9,8($30)
+ ldq $10,16($30)
+ ldq $11,24($30)
+ ldq $12,32($30)
+ ldq $13,40($30)
+ addq $30,48,$30
+ ret $31,($26),1
+ .end bn_div64
+ .ident "GCC: (GNU) 2.7.2.1"
+
+
diff --git a/crypto/bn/asm/pa-risc.s b/crypto/bn/asm/pa-risc.s
new file mode 100644
index 0000000..c49c433
--- /dev/null
+++ b/crypto/bn/asm/pa-risc.s
@@ -0,0 +1,710 @@
+ .SPACE $PRIVATE$
+ .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+ .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+ .SPACE $TEXT$
+ .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+ .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+ .IMPORT $global$,DATA
+ .IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_mul_add_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_word
+ .PROC
+ .CALLINFO FRAME=0,CALLS,SAVE_RP
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ ldi 0,%r28
+ extru %r23,31,16,%r2
+ stw %r2,-16(0,%r30)
+ extru %r23,15,16,%r23
+ ldil L'65536,%r31
+ fldws -16(0,%r30),%fr11R
+ stw %r23,-16(0,%r30)
+ ldo 12(%r25),%r29
+ ldo 12(%r26),%r23
+ fldws -16(0,%r30),%fr11L
+L$0002
+ ldw 0(0,%r25),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0005
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw 0(0,%r26),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,0(0,%r26)
+ ldw -8(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0010
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw -8(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,-8(0,%r23)
+ ldw -4(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0015
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw -4(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,-4(0,%r23)
+ ldw 0(0,%r29),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0020
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi 1,%r19,%r19
+ ldw 0(0,%r23),%r28
+ addl %r20,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0003
+ stw %r20,0(0,%r23)
+ ldo 16(%r29),%r29
+ ldo 16(%r25),%r25
+ ldo 16(%r23),%r23
+ bl L$0002,0
+ ldo 16(%r26),%r26
+L$0003
+ ldw -20(0,%r30),%r2
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_mul_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_word
+ .PROC
+ .CALLINFO FRAME=0,CALLS,SAVE_RP
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ ldi 0,%r28
+ extru %r23,31,16,%r2
+ stw %r2,-16(0,%r30)
+ extru %r23,15,16,%r23
+ ldil L'65536,%r31
+ fldws -16(0,%r30),%fr11R
+ stw %r23,-16(0,%r30)
+ ldo 12(%r26),%r29
+ ldo 12(%r25),%r23
+ fldws -16(0,%r30),%fr11L
+L$0026
+ ldw 0(0,%r25),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0029
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,0(0,%r26)
+ ldw -8(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0033
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,-8(0,%r29)
+ ldw -4(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0037
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,-4(0,%r29)
+ ldw 0(0,%r23),%r19
+ extru %r19,31,16,%r20
+ stw %r20,-16(0,%r30)
+ extru %r19,15,16,%r19
+ fldws -16(0,%r30),%fr22L
+ stw %r19,-16(0,%r30)
+ xmpyu %fr22L,%fr11R,%fr8
+ fldws -16(0,%r30),%fr22L
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr11R,%fr22L,%fr10
+ ldw -16(0,%r30),%r2
+ stw %r20,-16(0,%r30)
+ xmpyu %fr22L,%fr11L,%fr9
+ fldws -16(0,%r30),%fr22L
+ fstws %fr10R,-16(0,%r30)
+ copy %r2,%r22
+ ldw -16(0,%r30),%r2
+ fstws %fr9R,-16(0,%r30)
+ xmpyu %fr11L,%fr22L,%fr8
+ copy %r2,%r19
+ ldw -16(0,%r30),%r2
+ fstws %fr8R,-16(0,%r30)
+ copy %r2,%r20
+ ldw -16(0,%r30),%r2
+ addl %r2,%r19,%r21
+ comclr,<<= %r19,%r21,0
+ addl %r20,%r31,%r20
+L$0041
+ extru %r21,15,16,%r19
+ addl %r20,%r19,%r20
+ zdep %r21,15,16,%r19
+ addl %r22,%r19,%r22
+ comclr,<<= %r19,%r22,0
+ addi,tr 1,%r20,%r19
+ copy %r20,%r19
+ addl %r22,%r28,%r20
+ comclr,<<= %r28,%r20,0
+ addi,tr 1,%r19,%r28
+ copy %r19,%r28
+ addib,= -1,%r24,L$0027
+ stw %r20,0(0,%r29)
+ ldo 16(%r23),%r23
+ ldo 16(%r25),%r25
+ ldo 16(%r29),%r29
+ bl L$0026,0
+ ldo 16(%r26),%r26
+L$0027
+ ldw -20(0,%r30),%r2
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+ .PROC
+ .CALLINFO FRAME=0,NO_CALLS
+ .ENTRY
+ ldo 28(%r26),%r23
+ ldo 12(%r25),%r28
+L$0046
+ ldw 0(0,%r25),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,0(0,%r26)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-24(0,%r23)
+ ldw -8(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-20(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-16(0,%r23)
+ ldw -4(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-12(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,-8(0,%r23)
+ ldw 0(0,%r28),%r21
+ extru %r21,31,16,%r22
+ stw %r22,-16(0,%r30)
+ extru %r21,15,16,%r21
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ stw %r22,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r21,-16(0,%r30)
+ copy %r29,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10L
+ stw %r21,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,16,17,%r20
+ zdep %r19,14,15,%r19
+ ldw -16(0,%r30),%r29
+ xmpyu %fr10L,%fr10R,%fr9
+ addl %r29,%r19,%r22
+ stw %r22,-4(0,%r23)
+ fstws %fr9R,-16(0,%r30)
+ ldw -16(0,%r30),%r29
+ addl %r29,%r20,%r21
+ comclr,<<= %r19,%r22,0
+ addi 1,%r21,%r21
+ addib,= -1,%r24,L$0057
+ stw %r21,0(0,%r23)
+ ldo 16(%r28),%r28
+ ldo 16(%r25),%r25
+ ldo 32(%r23),%r23
+ bl L$0046,0
+ ldo 32(%r26),%r26
+L$0057
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .IMPORT BN_num_bits_word,CODE
+ .IMPORT fprintf,CODE
+ .IMPORT __iob,DATA
+ .SPACE $TEXT$
+ .SUBSPA $LIT$
+
+ .align 4
+L$C0000
+ .STRING "Division would overflow\x0a\x00"
+ .IMPORT abort,CODE
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+ .PROC
+ .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r8,128(0,%r30)
+ stw %r7,-124(0,%r30)
+ stw %r4,-112(0,%r30)
+ stw %r3,-108(0,%r30)
+ copy %r26,%r3
+ copy %r25,%r4
+ stw %r6,-120(0,%r30)
+ ldi 0,%r7
+ stw %r5,-116(0,%r30)
+ movb,<> %r24,%r5,L$0059
+ ldi 2,%r6
+ bl L$0076,0
+ ldi -1,%r28
+L$0059
+ .CALL ARGW0=GR
+ bl BN_num_bits_word,%r2
+ copy %r5,%r26
+ ldi 32,%r19
+ comb,= %r19,%r28,L$0060
+ subi 31,%r28,%r19
+ mtsar %r19
+ zvdepi 1,32,%r19
+ comb,>>= %r19,%r3,L$0060
+ addil LR'__iob-$global$+32,%r27
+ ldo RR'__iob-$global$+32(%r1),%r26
+ ldil LR'L$C0000,%r25
+ .CALL ARGW0=GR,ARGW1=GR
+ bl fprintf,%r2
+ ldo RR'L$C0000(%r25),%r25
+ .CALL
+ bl abort,%r2
+ nop
+L$0060
+ comb,>> %r5,%r3,L$0061
+ subi 32,%r28,%r28
+ sub %r3,%r5,%r3
+L$0061
+ comib,= 0,%r28,L$0062
+ subi 31,%r28,%r19
+ mtsar %r19
+ zvdep %r5,32,%r5
+ zvdep %r3,32,%r21
+ subi 32,%r28,%r20
+ mtsar %r20
+ vshd 0,%r4,%r20
+ or %r21,%r20,%r3
+ mtsar %r19
+ zvdep %r4,32,%r4
+L$0062
+ extru %r5,15,16,%r23
+ extru %r5,31,16,%r28
+L$0063
+ extru %r3,15,16,%r19
+ comb,<> %r23,%r19,L$0066
+ copy %r3,%r26
+ bl L$0067,0
+ zdepi -1,31,16,%r29
+L$0066
+ .IMPORT $$divU,MILLICODE
+ bl $$divU,%r31
+ copy %r23,%r25
+L$0067
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r23,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr9
+ ldw -16(0,%r30),%r8
+ fstws %fr9R,-16(0,%r30)
+ copy %r8,%r22
+ ldw -16(0,%r30),%r8
+ extru %r4,15,16,%r24
+ copy %r8,%r21
+L$0068
+ sub %r3,%r21,%r20
+ copy %r20,%r19
+ depi 0,31,16,%r19
+ comib,<> 0,%r19,L$0069
+ zdep %r20,15,16,%r19
+ addl %r19,%r24,%r19
+ comb,>>= %r19,%r22,L$0069
+ sub %r22,%r28,%r22
+ sub %r21,%r23,%r21
+ bl L$0068,0
+ ldo -1(%r29),%r29
+L$0069
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r8
+ stw %r23,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ copy %r8,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,15,16,%r20
+ ldw -16(0,%r30),%r8
+ zdep %r19,15,16,%r19
+ addl %r8,%r20,%r20
+ comclr,<<= %r19,%r4,0
+ addi 1,%r20,%r20
+ comb,<<= %r20,%r3,L$0074
+ sub %r4,%r19,%r4
+ addl %r3,%r5,%r3
+ ldo -1(%r29),%r29
+L$0074
+ addib,= -1,%r6,L$0064
+ sub %r3,%r20,%r3
+ zdep %r29,15,16,%r7
+ shd %r3,%r4,16,%r3
+ bl L$0063,0
+ zdep %r4,15,16,%r4
+L$0064
+ or %r7,%r29,%r28
+L$0076
+ ldw -148(0,%r30),%r2
+ ldw -124(0,%r30),%r7
+ ldw -120(0,%r30),%r6
+ ldw -116(0,%r30),%r5
+ ldw -112(0,%r30),%r4
+ ldw -108(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -128(0,%r30),%r8
+ .EXIT
+ .PROCEND
diff --git a/crypto/bn/asm/pa-risc2.s b/crypto/bn/asm/pa-risc2.s
new file mode 100644
index 0000000..5e07b7d
--- /dev/null
+++ b/crypto/bn/asm/pa-risc2.s
@@ -0,0 +1,416 @@
+ .SPACE $PRIVATE$
+ .SUBSPA $DATA$,QUAD=1,ALIGN=8,ACCESS=31
+ .SUBSPA $BSS$,QUAD=1,ALIGN=8,ACCESS=31,ZERO,SORT=82
+ .SPACE $TEXT$
+ .SUBSPA $LIT$,QUAD=0,ALIGN=8,ACCESS=44
+ .SUBSPA $CODE$,QUAD=0,ALIGN=8,ACCESS=44,CODE_ONLY
+ .IMPORT $global$,DATA
+ .IMPORT $$dyncall,MILLICODE
+; gcc_compiled.:
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_mul_add_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_add_word
+ .PROC
+ .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=4
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r4,64(0,%r30)
+ copy %r24,%r31
+ stw %r3,-60(0,%r30)
+ ldi 0,%r20
+ ldo 12(%r26),%r2
+ stw %r23,-16(0,%r30)
+ copy %r25,%r3
+ ldo 12(%r3),%r1
+ fldws -16(0,%r30),%fr8L
+L$0010
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws 0(0,%r3),%fr9L
+ ldw 0(0,%r26),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,0(0,%r26)
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws -8(0,%r1),%fr9L
+ ldw -8(0,%r2),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,-8(0,%r2)
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws -4(0,%r1),%fr9L
+ ldw -4(0,%r2),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,-4(0,%r2)
+ copy %r20,%r25
+ ldi 0,%r24
+ fldws 0(0,%r1),%fr9L
+ ldw 0(0,%r2),%r19
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r19,%r23
+ ldw -16(0,%r30),%r28
+ ldw -12(0,%r30),%r29
+ ldi 0,%r22
+ add %r23,%r29,%r29
+ addc %r22,%r28,%r28
+ add %r25,%r29,%r29
+ addc %r24,%r28,%r28
+ copy %r28,%r21
+ ldi 0,%r20
+ copy %r21,%r20
+ addib,= -1,%r31,L$0011
+ stw %r29,0(0,%r2)
+ ldo 16(%r1),%r1
+ ldo 16(%r3),%r3
+ ldo 16(%r2),%r2
+ bl L$0010,0
+ ldo 16(%r26),%r26
+L$0011
+ copy %r20,%r28
+ ldw -84(0,%r30),%r2
+ ldw -60(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -64(0,%r30),%r4
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_mul_word,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,ARGW3=GR,RTNVAL=GR
+bn_mul_word
+ .PROC
+ .CALLINFO FRAME=64,CALLS,SAVE_RP,ENTRY_GR=3
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ copy %r25,%r2
+ stwm %r4,64(0,%r30)
+ copy %r24,%r19
+ ldi 0,%r28
+ stw %r23,-16(0,%r30)
+ ldo 12(%r26),%r31
+ ldo 12(%r2),%r29
+ fldws -16(0,%r30),%fr8L
+L$0026
+ fldws 0(0,%r2),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,0(0,%r26)
+ fldws -8(0,%r29),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,-8(0,%r31)
+ fldws -4(0,%r29),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,-4(0,%r31)
+ fldws 0(0,%r29),%fr9L
+ xmpyu %fr8L,%fr9L,%fr9
+ fstds %fr9,-16(0,%r30)
+ copy %r28,%r21
+ ldi 0,%r20
+ ldw -16(0,%r30),%r24
+ ldw -12(0,%r30),%r25
+ add %r21,%r25,%r25
+ addc %r20,%r24,%r24
+ copy %r24,%r23
+ ldi 0,%r22
+ copy %r23,%r28
+ addib,= -1,%r19,L$0027
+ stw %r25,0(0,%r31)
+ ldo 16(%r29),%r29
+ ldo 16(%r2),%r2
+ ldo 16(%r31),%r31
+ bl L$0026,0
+ ldo 16(%r26),%r26
+L$0027
+ ldw -84(0,%r30),%r2
+ bv 0(%r2)
+ ldwm -64(0,%r30),%r4
+ .EXIT
+ .PROCEND
+ .align 4
+ .EXPORT bn_sqr_words,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR
+bn_sqr_words
+ .PROC
+ .CALLINFO FRAME=0,NO_CALLS
+ .ENTRY
+ ldo 28(%r26),%r19
+ ldo 12(%r25),%r28
+L$0042
+ fldws 0(0,%r25),%fr8L
+ fldws 0(0,%r25),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,0(0,%r26)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,-24(0,%r19)
+ fldws -8(0,%r28),%fr8L
+ fldws -8(0,%r28),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,-20(0,%r19)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,-16(0,%r19)
+ fldws -4(0,%r28),%fr8L
+ fldws -4(0,%r28),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,-12(0,%r19)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,-8(0,%r19)
+ fldws 0(0,%r28),%fr8L
+ fldws 0(0,%r28),%fr8R
+ xmpyu %fr8L,%fr8R,%fr8
+ fstds %fr8,-16(0,%r30)
+ ldw -16(0,%r30),%r22
+ ldw -12(0,%r30),%r23
+ stw %r23,-4(0,%r19)
+ copy %r22,%r21
+ ldi 0,%r20
+ addib,= -1,%r24,L$0049
+ stw %r21,0(0,%r19)
+ ldo 16(%r28),%r28
+ ldo 16(%r25),%r25
+ ldo 32(%r19),%r19
+ bl L$0042,0
+ ldo 32(%r26),%r26
+L$0049
+ bv,n 0(%r2)
+ .EXIT
+ .PROCEND
+ .IMPORT BN_num_bits_word,CODE
+ .IMPORT fprintf,CODE
+ .IMPORT __iob,DATA
+ .SPACE $TEXT$
+ .SUBSPA $LIT$
+
+ .align 4
+L$C0000
+ .STRING "Division would overflow (%d)\x0a\x00"
+ .IMPORT abort,CODE
+ .SPACE $TEXT$
+ .SUBSPA $CODE$
+
+ .align 4
+ .EXPORT bn_div64,ENTRY,PRIV_LEV=3,ARGW0=GR,ARGW1=GR,ARGW2=GR,RTNVAL=GR
+bn_div64
+ .PROC
+ .CALLINFO FRAME=128,CALLS,SAVE_RP,ENTRY_GR=8
+ .ENTRY
+ stw %r2,-20(0,%r30)
+ stwm %r8,128(0,%r30)
+ stw %r7,-124(0,%r30)
+ stw %r4,-112(0,%r30)
+ stw %r3,-108(0,%r30)
+ copy %r26,%r3
+ copy %r25,%r4
+ stw %r6,-120(0,%r30)
+ ldi 0,%r7
+ stw %r5,-116(0,%r30)
+ movb,<> %r24,%r5,L$0051
+ ldi 2,%r6
+ bl L$0068,0
+ ldi -1,%r28
+L$0051
+ .CALL ARGW0=GR
+ bl BN_num_bits_word,%r2
+ copy %r5,%r26
+ copy %r28,%r24
+ ldi 32,%r19
+ comb,= %r19,%r24,L$0052
+ subi 31,%r24,%r19
+ mtsar %r19
+ zvdepi 1,32,%r19
+ comb,>>= %r19,%r3,L$0052
+ addil LR'__iob-$global$+32,%r27
+ ldo RR'__iob-$global$+32(%r1),%r26
+ ldil LR'L$C0000,%r25
+ .CALL ARGW0=GR,ARGW1=GR,ARGW2=GR
+ bl fprintf,%r2
+ ldo RR'L$C0000(%r25),%r25
+ .CALL
+ bl abort,%r2
+ nop
+L$0052
+ comb,>> %r5,%r3,L$0053
+ subi 32,%r24,%r24
+ sub %r3,%r5,%r3
+L$0053
+ comib,= 0,%r24,L$0054
+ subi 31,%r24,%r19
+ mtsar %r19
+ zvdep %r5,32,%r5
+ zvdep %r3,32,%r21
+ subi 32,%r24,%r20
+ mtsar %r20
+ vshd 0,%r4,%r20
+ or %r21,%r20,%r3
+ mtsar %r19
+ zvdep %r4,32,%r4
+L$0054
+ extru %r5,15,16,%r23
+ extru %r5,31,16,%r28
+L$0055
+ extru %r3,15,16,%r19
+ comb,<> %r23,%r19,L$0058
+ copy %r3,%r26
+ bl L$0059,0
+ zdepi -1,31,16,%r29
+L$0058
+ .IMPORT $$divU,MILLICODE
+ bl $$divU,%r31
+ copy %r23,%r25
+L$0059
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ stw %r23,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr8
+ fldws -16(0,%r30),%fr10R
+ fstws %fr8R,-16(0,%r30)
+ xmpyu %fr10L,%fr10R,%fr9
+ ldw -16(0,%r30),%r8
+ fstws %fr9R,-16(0,%r30)
+ copy %r8,%r22
+ ldw -16(0,%r30),%r8
+ extru %r4,15,16,%r24
+ copy %r8,%r21
+L$0060
+ sub %r3,%r21,%r20
+ copy %r20,%r19
+ depi 0,31,16,%r19
+ comib,<> 0,%r19,L$0061
+ zdep %r20,15,16,%r19
+ addl %r19,%r24,%r19
+ comb,>>= %r19,%r22,L$0061
+ sub %r22,%r28,%r22
+ sub %r21,%r23,%r21
+ bl L$0060,0
+ ldo -1(%r29),%r29
+L$0061
+ stw %r29,-16(0,%r30)
+ fldws -16(0,%r30),%fr10L
+ stw %r28,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ ldw -16(0,%r30),%r8
+ stw %r23,-16(0,%r30)
+ fldws -16(0,%r30),%fr10R
+ copy %r8,%r19
+ xmpyu %fr10L,%fr10R,%fr8
+ fstws %fr8R,-16(0,%r30)
+ extru %r19,15,16,%r20
+ ldw -16(0,%r30),%r8
+ zdep %r19,15,16,%r19
+ addl %r8,%r20,%r20
+ comclr,<<= %r19,%r4,0
+ addi 1,%r20,%r20
+ comb,<<= %r20,%r3,L$0066
+ sub %r4,%r19,%r4
+ addl %r3,%r5,%r3
+ ldo -1(%r29),%r29
+L$0066
+ addib,= -1,%r6,L$0056
+ sub %r3,%r20,%r3
+ zdep %r29,15,16,%r7
+ shd %r3,%r4,16,%r3
+ bl L$0055,0
+ zdep %r4,15,16,%r4
+L$0056
+ or %r7,%r29,%r28
+L$0068
+ ldw -148(0,%r30),%r2
+ ldw -124(0,%r30),%r7
+ ldw -120(0,%r30),%r6
+ ldw -116(0,%r30),%r5
+ ldw -112(0,%r30),%r4
+ ldw -108(0,%r30),%r3
+ bv 0(%r2)
+ ldwm -128(0,%r30),%r8
+ .EXIT
+ .PROCEND
diff --git a/crypto/bn/asm/r3000.s b/crypto/bn/asm/r3000.s
new file mode 100644
index 0000000..5be2a0d
--- /dev/null
+++ b/crypto/bn/asm/r3000.s
@@ -0,0 +1,646 @@
+ .file 1 "../bn_mulw.c"
+ .set nobopt
+ .option pic2
+
+ # GNU C 2.6.3 [AL 1.1, MM 40] SGI running IRIX 5.0 compiled by GNU C
+
+ # Cc1 defaults:
+ # -mabicalls
+
+ # Cc1 arguments (-G value = 0, Cpu = 3000, ISA = 1):
+ # -quiet -dumpbase -O2 -o
+
+gcc2_compiled.:
+__gnu_compiled_c:
+ .rdata
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x39,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x33,0x34,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x35,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x33,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x37,0x38,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x33,0x2e,0x37,0x30,0x20
+ .byte 0x24,0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x32,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x34,0x20,0x24
+ .byte 0x0
+
+ .byte 0x24,0x52,0x65,0x76,0x69,0x73,0x69,0x6f
+ .byte 0x6e,0x3a,0x20,0x31,0x2e,0x38,0x20,0x24
+ .byte 0x0
+ .text
+ .align 2
+ .globl bn_mul_add_word
+ .ent bn_mul_add_word
+bn_mul_add_word:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $12,$4
+ move $14,$5
+ move $9,$6
+ move $13,$7
+ move $8,$0
+ addu $10,$12,12
+ addu $11,$14,12
+$L2:
+ lw $6,0($14)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,0($12)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,0($12)
+ .set macro
+ .set reorder
+
+ lw $6,-8($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,-8($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,-8($10)
+ .set macro
+ .set reorder
+
+ lw $6,-4($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,-4($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,-4($10)
+ .set macro
+ .set reorder
+
+ lw $6,0($11)
+ #nop
+ multu $13,$6
+ mfhi $6
+ mflo $7
+ #nop
+ move $5,$8
+ move $4,$0
+ lw $3,0($10)
+ addu $9,$9,-1
+ move $2,$0
+ addu $7,$7,$3
+ sltu $8,$7,$3
+ addu $6,$6,$2
+ addu $6,$6,$8
+ addu $7,$7,$5
+ sltu $2,$7,$5
+ addu $6,$6,$4
+ addu $6,$6,$2
+ srl $3,$6,0
+ move $2,$0
+ move $8,$3
+ .set noreorder
+ .set nomacro
+ beq $9,$0,$L3
+ sw $7,0($10)
+ .set macro
+ .set reorder
+
+ addu $11,$11,16
+ addu $14,$14,16
+ addu $10,$10,16
+ .set noreorder
+ .set nomacro
+ j $L2
+ addu $12,$12,16
+ .set macro
+ .set reorder
+
+$L3:
+ .set noreorder
+ .set nomacro
+ j $31
+ move $2,$8
+ .set macro
+ .set reorder
+
+ .end bn_mul_add_word
+ .align 2
+ .globl bn_mul_word
+ .ent bn_mul_word
+bn_mul_word:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $11,$4
+ move $12,$5
+ move $8,$6
+ move $6,$0
+ addu $10,$11,12
+ addu $9,$12,12
+$L10:
+ lw $4,0($12)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,0($11)
+ .set macro
+ .set reorder
+
+ lw $4,-8($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,-8($10)
+ .set macro
+ .set reorder
+
+ lw $4,-4($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,-4($10)
+ .set macro
+ .set reorder
+
+ lw $4,0($9)
+ #nop
+ multu $7,$4
+ mfhi $4
+ mflo $5
+ #nop
+ move $3,$6
+ move $2,$0
+ addu $8,$8,-1
+ addu $5,$5,$3
+ sltu $6,$5,$3
+ addu $4,$4,$2
+ addu $4,$4,$6
+ srl $3,$4,0
+ move $2,$0
+ move $6,$3
+ .set noreorder
+ .set nomacro
+ beq $8,$0,$L11
+ sw $5,0($10)
+ .set macro
+ .set reorder
+
+ addu $9,$9,16
+ addu $12,$12,16
+ addu $10,$10,16
+ .set noreorder
+ .set nomacro
+ j $L10
+ addu $11,$11,16
+ .set macro
+ .set reorder
+
+$L11:
+ .set noreorder
+ .set nomacro
+ j $31
+ move $2,$6
+ .set macro
+ .set reorder
+
+ .end bn_mul_word
+ .align 2
+ .globl bn_sqr_words
+ .ent bn_sqr_words
+bn_sqr_words:
+ .frame $sp,0,$31 # vars= 0, regs= 0/0, args= 0, extra= 0
+ .mask 0x00000000,0
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ move $9,$4
+ addu $7,$9,28
+ addu $8,$5,12
+$L18:
+ lw $2,0($5)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,0($9)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-24($7)
+ .set macro
+ .set reorder
+
+ lw $2,-8($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-20($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-16($7)
+ .set macro
+ .set reorder
+
+ lw $2,-4($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-12($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,-8($7)
+ .set macro
+ .set reorder
+
+ lw $2,0($8)
+ #nop
+ multu $2,$2
+ mfhi $2
+ mflo $3
+ #nop
+ addu $6,$6,-1
+ sw $3,-4($7)
+ srl $3,$2,0
+ move $2,$0
+ .set noreorder
+ .set nomacro
+ beq $6,$0,$L19
+ sw $3,0($7)
+ .set macro
+ .set reorder
+
+ addu $8,$8,16
+ addu $5,$5,16
+ addu $7,$7,32
+ .set noreorder
+ .set nomacro
+ j $L18
+ addu $9,$9,32
+ .set macro
+ .set reorder
+
+$L19:
+ j $31
+ .end bn_sqr_words
+ .rdata
+ .align 2
+$LC0:
+
+ .byte 0x44,0x69,0x76,0x69,0x73,0x69,0x6f,0x6e
+ .byte 0x20,0x77,0x6f,0x75,0x6c,0x64,0x20,0x6f
+ .byte 0x76,0x65,0x72,0x66,0x6c,0x6f,0x77,0xa
+ .byte 0x0
+ .text
+ .align 2
+ .globl bn_div64
+ .ent bn_div64
+bn_div64:
+ .frame $sp,56,$31 # vars= 0, regs= 7/0, args= 16, extra= 8
+ .mask 0x901f0000,-8
+ .fmask 0x00000000,0
+ .set noreorder
+ .cpload $25
+ .set reorder
+ subu $sp,$sp,56
+ .cprestore 16
+ sw $16,24($sp)
+ move $16,$4
+ sw $17,28($sp)
+ move $17,$5
+ sw $18,32($sp)
+ move $18,$6
+ sw $20,40($sp)
+ move $20,$0
+ sw $19,36($sp)
+ li $19,0x00000002 # 2
+ sw $31,48($sp)
+ .set noreorder
+ .set nomacro
+ bne $18,$0,$L26
+ sw $28,44($sp)
+ .set macro
+ .set reorder
+
+ .set noreorder
+ .set nomacro
+ j $L43
+ li $2,-1 # 0xffffffff
+ .set macro
+ .set reorder
+
+$L26:
+ move $4,$18
+ jal BN_num_bits_word
+ move $4,$2
+ li $2,0x00000020 # 32
+ .set noreorder
+ .set nomacro
+ beq $4,$2,$L27
+ li $2,0x00000001 # 1
+ .set macro
+ .set reorder
+
+ sll $2,$2,$4
+ sltu $2,$2,$16
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L44
+ li $5,0x00000020 # 32
+ .set macro
+ .set reorder
+
+ la $4,__iob+32
+ la $5,$LC0
+ jal fprintf
+ jal abort
+$L27:
+ li $5,0x00000020 # 32
+$L44:
+ sltu $2,$16,$18
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L28
+ subu $4,$5,$4
+ .set macro
+ .set reorder
+
+ subu $16,$16,$18
+$L28:
+ .set noreorder
+ .set nomacro
+ beq $4,$0,$L29
+ li $10,-65536 # 0xffff0000
+ .set macro
+ .set reorder
+
+ sll $18,$18,$4
+ sll $3,$16,$4
+ subu $2,$5,$4
+ srl $2,$17,$2
+ or $16,$3,$2
+ sll $17,$17,$4
+$L29:
+ srl $7,$18,16
+ andi $9,$18,0xffff
+$L30:
+ srl $2,$16,16
+ .set noreorder
+ .set nomacro
+ beq $2,$7,$L34
+ li $6,0x0000ffff # 65535
+ .set macro
+ .set reorder
+
+ divu $6,$16,$7
+$L34:
+ mult $6,$9
+ mflo $5
+ #nop
+ #nop
+ mult $6,$7
+ and $2,$17,$10
+ srl $8,$2,16
+ mflo $4
+$L35:
+ subu $3,$16,$4
+ and $2,$3,$10
+ .set noreorder
+ .set nomacro
+ bne $2,$0,$L36
+ sll $2,$3,16
+ .set macro
+ .set reorder
+
+ addu $2,$2,$8
+ sltu $2,$2,$5
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L36
+ subu $5,$5,$9
+ .set macro
+ .set reorder
+
+ subu $4,$4,$7
+ .set noreorder
+ .set nomacro
+ j $L35
+ addu $6,$6,-1
+ .set macro
+ .set reorder
+
+$L36:
+ mult $6,$7
+ mflo $5
+ #nop
+ #nop
+ mult $6,$9
+ mflo $4
+ #nop
+ #nop
+ srl $3,$4,16
+ sll $2,$4,16
+ and $4,$2,$10
+ sltu $2,$17,$4
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L40
+ addu $5,$5,$3
+ .set macro
+ .set reorder
+
+ addu $5,$5,1
+$L40:
+ sltu $2,$16,$5
+ .set noreorder
+ .set nomacro
+ beq $2,$0,$L41
+ subu $17,$17,$4
+ .set macro
+ .set reorder
+
+ addu $16,$16,$18
+ addu $6,$6,-1
+$L41:
+ addu $19,$19,-1
+ .set noreorder
+ .set nomacro
+ beq $19,$0,$L31
+ subu $16,$16,$5
+ .set macro
+ .set reorder
+
+ sll $20,$6,16
+ sll $3,$16,16
+ srl $2,$17,16
+ or $16,$3,$2
+ .set noreorder
+ .set nomacro
+ j $L30
+ sll $17,$17,16
+ .set macro
+ .set reorder
+
+$L31:
+ or $2,$20,$6
+$L43:
+ lw $31,48($sp)
+ lw $20,40($sp)
+ lw $19,36($sp)
+ lw $18,32($sp)
+ lw $17,28($sp)
+ lw $16,24($sp)
+ addu $sp,$sp,56
+ j $31
+ .end bn_div64
+
+ .globl abort .text
+ .globl fprintf .text
+ .globl BN_num_bits_word .text
diff --git a/crypto/bn/asm/sparc.s b/crypto/bn/asm/sparc.s
new file mode 100644
index 0000000..37c5fb1
--- /dev/null
+++ b/crypto/bn/asm/sparc.s
@@ -0,0 +1,359 @@
+ .file "bn_mulw.c"
+gcc2_compiled.:
+.section ".text"
+ .align 4
+ .global bn_mul_add_word
+ .type bn_mul_add_word,#function
+ .proc 016
+bn_mul_add_word:
+ !#PROLOGUE# 0
+ save %sp,-112,%sp
+ !#PROLOGUE# 1
+ mov %i0,%o0
+ mov %i1,%o2
+ mov %i2,%g1
+ mov %i3,%o1
+ mov 0,%i4
+ add %o0,12,%g4
+ add %o2,12,%o7
+.LL2:
+ mov %i4,%i3
+ mov 0,%i2
+ ld [%o0],%g2
+ mov %g2,%i1
+ ld [%o2],%g2
+ mov 0,%i0
+ umul %o1,%g2,%g3
+ rd %y,%g2
+ addcc %g3,%i1,%g3
+ addx %g2,%i0,%g2
+ addcc %g3,%i3,%g3
+ addx %g2,%i2,%g2
+ st %g3,[%o0]
+ mov %g2,%i5
+ mov 0,%i4
+ addcc %g1,-1,%g1
+ be .LL3
+ mov %i5,%i4
+ mov %i4,%i3
+ mov 0,%i2
+ ld [%g4-8],%g2
+ mov %g2,%i1
+ ld [%o7-8],%g2
+ mov 0,%i0
+ umul %o1,%g2,%g3
+ rd %y,%g2
+ addcc %g3,%i1,%g3
+ addx %g2,%i0,%g2
+ addcc %g3,%i3,%g3
+ addx %g2,%i2,%g2
+ st %g3,[%g4-8]
+ mov %g2,%i5
+ mov 0,%i4
+ addcc %g1,-1,%g1
+ be .LL3
+ mov %i5,%i4
+ mov %i4,%i3
+ mov 0,%i2
+ ld [%g4-4],%g2
+ mov %g2,%i1
+ ld [%o7-4],%g2
+ mov 0,%i0
+ umul %o1,%g2,%g3
+ rd %y,%g2
+ addcc %g3,%i1,%g3
+ addx %g2,%i0,%g2
+ addcc %g3,%i3,%g3
+ addx %g2,%i2,%g2
+ st %g3,[%g4-4]
+ mov %g2,%i5
+ mov 0,%i4
+ addcc %g1,-1,%g1
+ be .LL3
+ mov %i5,%i4
+ mov %i4,%i3
+ mov 0,%i2
+ ld [%g4],%g2
+ mov %g2,%i1
+ ld [%o7],%g2
+ mov 0,%i0
+ umul %o1,%g2,%g3
+ rd %y,%g2
+ addcc %g3,%i1,%g3
+ addx %g2,%i0,%g2
+ addcc %g3,%i3,%g3
+ addx %g2,%i2,%g2
+ st %g3,[%g4]
+ mov %g2,%i5
+ mov 0,%i4
+ addcc %g1,-1,%g1
+ be .LL3
+ mov %i5,%i4
+ add %o7,16,%o7
+ add %o2,16,%o2
+ add %g4,16,%g4
+ b .LL2
+ add %o0,16,%o0
+.LL3:
+ ret
+ restore %g0,%i4,%o0
+.LLfe1:
+ .size bn_mul_add_word,.LLfe1-bn_mul_add_word
+ .align 4
+ .global bn_mul_word
+ .type bn_mul_word,#function
+ .proc 016
+bn_mul_word:
+ !#PROLOGUE# 0
+ save %sp,-112,%sp
+ !#PROLOGUE# 1
+ mov %i0,%o7
+ mov %i1,%o0
+ mov %i2,%i4
+ mov %i3,%g4
+ mov 0,%i0
+ add %o7,12,%g1
+ add %o0,12,%i5
+.LL18:
+ mov %i0,%g3
+ mov 0,%g2
+ ld [%o0],%i2
+ umul %g4,%i2,%i3
+ rd %y,%i2
+ addcc %i3,%g3,%i3
+ addx %i2,%g2,%i2
+ st %i3,[%o7]
+ mov %i2,%i1
+ mov 0,%i0
+ addcc %i4,-1,%i4
+ be .LL19
+ mov %i1,%i0
+ mov %i0,%g3
+ mov 0,%g2
+ ld [%i5-8],%i2
+ umul %g4,%i2,%i3
+ rd %y,%i2
+ addcc %i3,%g3,%i3
+ addx %i2,%g2,%i2
+ st %i3,[%g1-8]
+ mov %i2,%i1
+ mov 0,%i0
+ addcc %i4,-1,%i4
+ be .LL19
+ mov %i1,%i0
+ mov %i0,%g3
+ mov 0,%g2
+ ld [%i5-4],%i2
+ umul %g4,%i2,%i3
+ rd %y,%i2
+ addcc %i3,%g3,%i3
+ addx %i2,%g2,%i2
+ st %i3,[%g1-4]
+ mov %i2,%i1
+ mov 0,%i0
+ addcc %i4,-1,%i4
+ be .LL19
+ mov %i1,%i0
+ mov %i0,%g3
+ mov 0,%g2
+ ld [%i5],%i2
+ umul %g4,%i2,%i3
+ rd %y,%i2
+ addcc %i3,%g3,%i3
+ addx %i2,%g2,%i2
+ st %i3,[%g1]
+ mov %i2,%i1
+ mov 0,%i0
+ addcc %i4,-1,%i4
+ be .LL19
+ mov %i1,%i0
+ add %i5,16,%i5
+ add %o0,16,%o0
+ add %g1,16,%g1
+ b .LL18
+ add %o7,16,%o7
+.LL19:
+ ret
+ restore
+.LLfe2:
+ .size bn_mul_word,.LLfe2-bn_mul_word
+ .align 4
+ .global bn_sqr_words
+ .type bn_sqr_words,#function
+ .proc 020
+bn_sqr_words:
+ !#PROLOGUE# 0
+ !#PROLOGUE# 1
+ mov %o0,%g4
+ add %g4,28,%o3
+ add %o1,12,%g1
+.LL34:
+ ld [%o1],%o0
+ addcc %o2,-1,%o2
+ umul %o0,%o0,%o5
+ rd %y,%o4
+ st %o5,[%g4]
+ mov %o4,%g3
+ mov 0,%g2
+ be .LL35
+ st %g3,[%o3-24]
+ ld [%g1-8],%o0
+ addcc %o2,-1,%o2
+ umul %o0,%o0,%o5
+ rd %y,%o4
+ st %o5,[%o3-20]
+ mov %o4,%g3
+ mov 0,%g2
+ be .LL35
+ st %g3,[%o3-16]
+ ld [%g1-4],%o0
+ addcc %o2,-1,%o2
+ umul %o0,%o0,%o5
+ rd %y,%o4
+ st %o5,[%o3-12]
+ mov %o4,%g3
+ mov 0,%g2
+ be .LL35
+ st %g3,[%o3-8]
+ ld [%g1],%o0
+ addcc %o2,-1,%o2
+ umul %o0,%o0,%o5
+ rd %y,%o4
+ st %o5,[%o3-4]
+ mov %o4,%g3
+ mov 0,%g2
+ be .LL35
+ st %g3,[%o3]
+ add %g1,16,%g1
+ add %o1,16,%o1
+ add %o3,32,%o3
+ b .LL34
+ add %g4,32,%g4
+.LL35:
+ retl
+ nop
+.LLfe3:
+ .size bn_sqr_words,.LLfe3-bn_sqr_words
+.section ".rodata"
+ .align 8
+.LLC0:
+ .asciz "Division would overflow\n"
+.section ".text"
+ .align 4
+ .global bn_div64
+ .type bn_div64,#function
+ .proc 016
+bn_div64:
+ !#PROLOGUE# 0
+ save %sp,-112,%sp
+ !#PROLOGUE# 1
+ mov 0,%l1
+ cmp %i2,0
+ bne .LL42
+ mov 2,%l0
+ b .LL59
+ mov -1,%i0
+.LL42:
+ call BN_num_bits_word,0
+ mov %i2,%o0
+ mov %o0,%o2
+ cmp %o2,32
+ be .LL43
+ mov 1,%o0
+ sll %o0,%o2,%o0
+ cmp %i0,%o0
+ bleu .LL60
+ mov 32,%o0
+ sethi %hi(__iob+32),%o0
+ or %o0,%lo(__iob+32),%o0
+ sethi %hi(.LLC0),%o1
+ call fprintf,0
+ or %o1,%lo(.LLC0),%o1
+ call abort,0
+ nop
+.LL43:
+ mov 32,%o0
+.LL60:
+ cmp %i0,%i2
+ blu .LL44
+ sub %o0,%o2,%o2
+ sub %i0,%i2,%i0
+.LL44:
+ cmp %o2,0
+ be .LL45
+ sethi %hi(-65536),%o7
+ sll %i2,%o2,%i2
+ sll %i0,%o2,%o1
+ sub %o0,%o2,%o0
+ srl %i1,%o0,%o0
+ or %o1,%o0,%i0
+ sll %i1,%o2,%i1
+.LL45:
+ srl %i2,16,%g2
+ sethi %hi(65535),%o0
+ or %o0,%lo(65535),%o1
+ and %i2,%o1,%g3
+ mov %o0,%g4
+ mov %o1,%g1
+.LL46:
+ srl %i0,16,%o0
+ cmp %o0,%g2
+ be .LL50
+ or %g4,%lo(65535),%o3
+ wr %g0,%g0,%y
+ nop
+ nop
+ nop
+ udiv %i0,%g2,%o3
+.LL50:
+ and %i1,%o7,%o0
+ srl %o0,16,%o5
+ smul %o3,%g3,%o4
+ smul %o3,%g2,%o2
+.LL51:
+ sub %i0,%o2,%o1
+ andcc %o1,%o7,%g0
+ bne .LL52
+ sll %o1,16,%o0
+ add %o0,%o5,%o0
+ cmp %o4,%o0
+ bleu .LL52
+ sub %o4,%g3,%o4
+ sub %o2,%g2,%o2
+ b .LL51
+ add %o3,-1,%o3
+.LL52:
+ smul %o3,%g2,%o2
+ smul %o3,%g3,%o0
+ srl %o0,16,%o1
+ sll %o0,16,%o0
+ and %o0,%o7,%o0
+ cmp %i1,%o0
+ bgeu .LL56
+ add %o2,%o1,%o2
+ add %o2,1,%o2
+.LL56:
+ cmp %i0,%o2
+ bgeu .LL57
+ sub %i1,%o0,%i1
+ add %i0,%i2,%i0
+ add %o3,-1,%o3
+.LL57:
+ addcc %l0,-1,%l0
+ be .LL47
+ sub %i0,%o2,%i0
+ sll %o3,16,%l1
+ sll %i0,16,%o0
+ srl %i1,16,%o1
+ or %o0,%o1,%i0
+ and %i1,%g1,%o0
+ b .LL46
+ sll %o0,16,%i1
+.LL47:
+ or %l1,%o3,%i0
+.LL59:
+ ret
+ restore
+.LLfe4:
+ .size bn_div64,.LLfe4-bn_div64
+ .ident "GCC: (GNU) 2.7.0"
diff --git a/crypto/bn/asm/x86-bsdi.s b/crypto/bn/asm/x86-bsdi.s
new file mode 100644
index 0000000..ca66876
--- /dev/null
+++ b/crypto/bn/asm/x86-bsdi.s
@@ -0,0 +1,272 @@
+ .file "bn_mulw.c"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align 4
+.globl _bn_mul_add_word
+_bn_mul_add_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ # ax L(t)
+ # dx H(t)
+ # bx a
+ # cx w
+ # di r
+ # si c
+ # bp num
+ xorl %esi,%esi # c=0
+ movl 20(%esp),%edi # r => edi
+ movl 24(%esp),%ebx # a => exb
+ movl 32(%esp),%ecx # w => ecx
+ movl 28(%esp),%ebp # num => ebp
+
+ shrl $2,%ebp # num/4
+ je .L910
+
+# .align 4
+.L110:
+ # Round 1
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl (%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+= carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 2
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl 4(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+= carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 3
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl 8(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 4
+ movl %ecx,%eax # w => eax
+ mull 12(%ebx) # w * *a
+ addl 12(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,12(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ addl $16,%ebx # a+=4 (4 words)
+ addl $16,%edi # r+=4 (4 words)
+
+ decl %ebp # --num
+ je .L910
+ jmp .L110
+# .align 4
+.L910:
+ movl 28(%esp),%ebp # num => ebp
+ andl $3,%ebp
+ je .L111
+
+ # Round 1
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl (%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L111
+
+ # Round 2
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl 4(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L111
+
+ # Round 3
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl 8(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+# .align 4
+.L111:
+ movl %esi,%eax # return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe1:
+ .align 4
+.globl _bn_mul_word
+_bn_mul_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ # ax L(t)
+ # dx H(t)
+ # bx a
+ # cx w
+ # di r
+ # num bp
+ # si c
+ xorl %esi,%esi # c=0
+ movl 20(%esp),%edi # r => edi
+ movl 24(%esp),%ebx # a => exb
+ movl 28(%esp),%ebp # num => bp
+ movl 32(%esp),%ecx # w => ecx
+
+# .align 4
+.L210:
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 12(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,12(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ addl $16,%ebx # a+=4 (4 words)
+ addl $16,%edi # r+=4 (4 words)
+
+ jmp .L210
+# .align 4
+.L211:
+ movl %esi,%eax # return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe2:
+ .align 4
+.globl _bn_sqr_words
+_bn_sqr_words:
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+ movl 16(%esp),%esi # r
+ movl 20(%esp),%edi # a
+ movl 24(%esp),%ebx # n
+# .align 4
+ shrl $2,%ebx
+ jz .L99
+.L28:
+ movl (%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,(%esi) # put low into return addr
+ movl %edx,4(%esi) # put high into return addr
+
+ movl 4(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,8(%esi) # put low into return addr
+ movl %edx,12(%esi) # put high into return addr
+
+ movl 8(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,16(%esi) # put low into return addr
+ movl %edx,20(%esi) # put high into return addr
+
+ movl 12(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,24(%esi) # put low into return addr
+ movl %edx,28(%esi) # put high into return addr
+
+ addl $16,%edi
+ addl $32,%esi
+ decl %ebx # n-=4;
+ jz .L99
+ jmp .L28
+# .align 4
+.L99:
+ movl 24(%esp),%ebx # n
+ andl $3,%ebx
+ jz .L29
+ movl (%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,(%esi) # put low into return addr
+ movl %edx,4(%esi) # put high into return addr
+ decl %ebx # n--;
+ jz .L29
+ movl 4(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,8(%esi) # put low into return addr
+ movl %edx,12(%esi) # put high into return addr
+ decl %ebx # n--;
+ jz .L29
+ movl 8(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,16(%esi) # put low into return addr
+ movl %edx,20(%esi) # put high into return addr
+
+.L29:
+ popl %ebx
+ popl %esi
+ popl %edi
+ ret
+.Lfe3:
+ .align 4
+.globl _bn_div64
+_bn_div64:
+ movl 4(%esp),%edx # a
+ movl 8(%esp),%eax # b
+ divl 12(%esp) # ab/c
+ ret
+.Lfe4:
+ .ident "GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86-lnx.s b/crypto/bn/asm/x86-lnx.s
new file mode 100644
index 0000000..5123867
--- /dev/null
+++ b/crypto/bn/asm/x86-lnx.s
@@ -0,0 +1,282 @@
+ .file "bn_mulw.c"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align 16
+.globl bn_mul_add_word
+ .type bn_mul_add_word,@function
+bn_mul_add_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ # ax L(t)
+ # dx H(t)
+ # bx a
+ # cx w
+ # di r
+ # si c
+ # bp num
+ xorl %esi,%esi # c=0
+ movl 20(%esp),%edi # r => edi
+ movl 24(%esp),%ebx # a => exb
+ movl 32(%esp),%ecx # w => ecx
+ movl 28(%esp),%ebp # num => ebp
+
+ shrl $2,%ebp # num/4
+ je .L910
+
+ .align 4
+.L110:
+ # Round 1
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl (%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+= carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 2
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl 4(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+= carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 3
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl 8(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 4
+ movl %ecx,%eax # w => eax
+ mull 12(%ebx) # w * *a
+ addl 12(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,12(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ addl $16,%ebx # a+=4 (4 words)
+ addl $16,%edi # r+=4 (4 words)
+
+ decl %ebp # --num
+ je .L910
+ jmp .L110
+ .align 4
+.L910:
+ movl 28(%esp),%ebp # num => ebp
+ andl $3,%ebp
+ je .L111
+
+ # Round 1
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl (%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L111
+
+ # Round 2
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl 4(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L111
+
+ # Round 3
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl 8(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ .align 4
+.L111:
+ movl %esi,%eax # return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe1:
+ .size bn_mul_add_word,.Lfe1-bn_mul_add_word
+ .align 16
+.globl bn_mul_word
+ .type bn_mul_word,@function
+bn_mul_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ # ax L(t)
+ # dx H(t)
+ # bx a
+ # cx w
+ # di r
+ # num bp
+ # si c
+ xorl %esi,%esi # c=0
+ movl 20(%esp),%edi # r => edi
+ movl 24(%esp),%ebx # a => exb
+ movl 28(%esp),%ebp # num => bp
+ movl 32(%esp),%ecx # w => ecx
+
+ .align 4
+.L210:
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 12(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,12(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ addl $16,%ebx # a+=4 (4 words)
+ addl $16,%edi # r+=4 (4 words)
+
+ jmp .L210
+ .align 16
+.L211:
+ movl %esi,%eax # return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe2:
+ .size bn_mul_word,.Lfe2-bn_mul_word
+
+ .align 16
+.globl bn_sqr_words
+ .type bn_sqr_words,@function
+bn_sqr_words:
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+ movl 16(%esp),%esi # r
+ movl 20(%esp),%edi # a
+ movl 24(%esp),%ebx # n
+ .align 4
+ shrl $2,%ebx
+ jz .L99
+.L28:
+ movl (%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,(%esi) # put low into return addr
+ movl %edx,4(%esi) # put high into return addr
+
+ movl 4(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,8(%esi) # put low into return addr
+ movl %edx,12(%esi) # put high into return addr
+
+ movl 8(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,16(%esi) # put low into return addr
+ movl %edx,20(%esi) # put high into return addr
+
+ movl 12(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,24(%esi) # put low into return addr
+ movl %edx,28(%esi) # put high into return addr
+
+ addl $16,%edi
+ addl $32,%esi
+ decl %ebx # n-=4;
+ jz .L99
+ jmp .L28
+ .align 16
+.L99:
+ movl 24(%esp),%ebx # n
+ andl $3,%ebx
+ jz .L29
+ movl (%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,(%esi) # put low into return addr
+ movl %edx,4(%esi) # put high into return addr
+ decl %ebx # n--;
+ jz .L29
+ movl 4(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,8(%esi) # put low into return addr
+ movl %edx,12(%esi) # put high into return addr
+ decl %ebx # n--;
+ jz .L29
+ movl 8(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,16(%esi) # put low into return addr
+ movl %edx,20(%esi) # put high into return addr
+
+.L29:
+ popl %ebx
+ popl %esi
+ popl %edi
+ ret
+.Lfe3:
+ .size bn_sqr_words,.Lfe3-bn_sqr_words
+
+ .align 16
+.globl bn_div64
+ .type bn_div64,@function
+bn_div64:
+ movl 4(%esp),%edx # a
+ movl 8(%esp),%eax # b
+ divl 12(%esp) # ab/c
+ ret
+.Lfe4:
+ .size bn_div64,.Lfe4-bn_div64
+ .ident "GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86-lnxa.s b/crypto/bn/asm/x86-lnxa.s
new file mode 100644
index 0000000..74855dc
--- /dev/null
+++ b/crypto/bn/asm/x86-lnxa.s
@@ -0,0 +1,282 @@
+ .file "bn_mulw.c"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align 4
+.globl _bn_mul_add_word
+ .type _bn_mul_add_word,@function
+_bn_mul_add_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ # ax L(t)
+ # dx H(t)
+ # bx a
+ # cx w
+ # di r
+ # si c
+ # bp num
+ xorl %esi,%esi # c=0
+ movl 20(%esp),%edi # r => edi
+ movl 24(%esp),%ebx # a => exb
+ movl 32(%esp),%ecx # w => ecx
+ movl 28(%esp),%ebp # num => ebp
+
+ shrl $2,%ebp # num/4
+ je .L910
+
+# .align 4
+.L110:
+ # Round 1
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl (%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+= carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 2
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl 4(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+= carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 3
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl 8(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ # Round 4
+ movl %ecx,%eax # w => eax
+ mull 12(%ebx) # w * *a
+ addl 12(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,12(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+ addl $16,%ebx # a+=4 (4 words)
+ addl $16,%edi # r+=4 (4 words)
+
+ decl %ebp # --num
+ je .L910
+ jmp .L110
+# .align 4
+.L910:
+ movl 28(%esp),%ebp # num => ebp
+ andl $3,%ebp
+ je .L111
+
+ # Round 1
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl (%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L111
+
+ # Round 2
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl 4(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L111
+
+ # Round 3
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl 8(%edi),%eax # *r+=L(t)
+ adcl $0,%edx # H(t)+=carry
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r+=L(t)
+ movl %edx,%esi # c=H(t)
+
+# .align 4
+.L111:
+ movl %esi,%eax # return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe1:
+ .size _bn_mul_add_word,.Lfe1-_bn_mul_add_word
+ .align 4
+.globl _bn_mul_word
+ .type _bn_mul_word,@function
+_bn_mul_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ # ax L(t)
+ # dx H(t)
+ # bx a
+ # cx w
+ # di r
+ # num bp
+ # si c
+ xorl %esi,%esi # c=0
+ movl 20(%esp),%edi # r => edi
+ movl 24(%esp),%ebx # a => exb
+ movl 28(%esp),%ebp # num => bp
+ movl 32(%esp),%ecx # w => ecx
+
+# .align 4
+.L210:
+ movl %ecx,%eax # w => eax
+ mull (%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 4(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,4(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 8(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,8(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ movl %ecx,%eax # w => eax
+ mull 12(%ebx) # w * *a
+ addl %esi,%eax # L(t)+=c
+ adcl $0,%edx # H(t)+=carry
+ movl %eax,12(%edi) # *r=L(t)
+ movl %edx,%esi # c=H(t)
+ decl %ebp # --num
+ je .L211
+
+ addl $16,%ebx # a+=4 (4 words)
+ addl $16,%edi # r+=4 (4 words)
+
+ jmp .L210
+# .align 4
+.L211:
+ movl %esi,%eax # return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe2:
+ .size _bn_mul_word,.Lfe2-_bn_mul_word
+
+ .align 4
+.globl _bn_sqr_words
+ .type _bn_sqr_words,@function
+_bn_sqr_words:
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+ movl 16(%esp),%esi # r
+ movl 20(%esp),%edi # a
+ movl 24(%esp),%ebx # n
+# .align 4
+ shrl $2,%ebx
+ jz .L99
+.L28:
+ movl (%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,(%esi) # put low into return addr
+ movl %edx,4(%esi) # put high into return addr
+
+ movl 4(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,8(%esi) # put low into return addr
+ movl %edx,12(%esi) # put high into return addr
+
+ movl 8(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,16(%esi) # put low into return addr
+ movl %edx,20(%esi) # put high into return addr
+
+ movl 12(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,24(%esi) # put low into return addr
+ movl %edx,28(%esi) # put high into return addr
+
+ addl $16,%edi
+ addl $32,%esi
+ decl %ebx # n-=4;
+ jz .L99
+ jmp .L28
+# .align 4
+.L99:
+ movl 24(%esp),%ebx # n
+ andl $3,%ebx
+ jz .L29
+ movl (%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,(%esi) # put low into return addr
+ movl %edx,4(%esi) # put high into return addr
+ decl %ebx # n--;
+ jz .L29
+ movl 4(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,8(%esi) # put low into return addr
+ movl %edx,12(%esi) # put high into return addr
+ decl %ebx # n--;
+ jz .L29
+ movl 8(%edi),%eax # get a
+ mull %eax # a*a
+ movl %eax,16(%esi) # put low into return addr
+ movl %edx,20(%esi) # put high into return addr
+
+.L29:
+ popl %ebx
+ popl %esi
+ popl %edi
+ ret
+.Lfe3:
+ .size _bn_sqr_words,.Lfe3-_bn_sqr_words
+
+ .align 4
+.globl _bn_div64
+ .type _bn_div64,@function
+_bn_div64:
+ movl 4(%esp),%edx # a
+ movl 8(%esp),%eax # b
+ divl 12(%esp) # ab/c
+ ret
+.Lfe4:
+ .size _bn_div64,.Lfe4-_bn_div64
+ .ident "GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86-sol.s b/crypto/bn/asm/x86-sol.s
new file mode 100644
index 0000000..c961e64
--- /dev/null
+++ b/crypto/bn/asm/x86-sol.s
@@ -0,0 +1,224 @@
+ .file "bn_mulw.c"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align 16
+.globl bn_mul_add_word
+ .type bn_mul_add_word,@function
+bn_mul_add_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ / ax L(t)
+ / dx H(t)
+ / bx a
+ / cx w
+ / di r
+ / si c
+ / bp num
+ xorl %esi,%esi / c=0
+ movl 20(%esp),%edi / r => edi
+ movl 24(%esp),%ebx / a => exb
+ movl 28(%esp),%ebp / num => ebp
+ movl 32(%esp),%ecx / w => ecx
+
+ .align 4
+.L110:
+ movl %ecx,%eax / w => eax
+ mull (%ebx) / w * *a
+ addl (%edi),%eax / L(t)+= *r
+ adcl $0,%edx / H(t)+= carry
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L111
+
+ movl %ecx,%eax / w => eax
+ mull 4(%ebx) / w * *a
+ addl 4(%edi),%eax / L(t)+= *r
+ adcl $0,%edx / H(t)+= carry
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,4(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L111
+
+ movl %ecx,%eax / w => eax
+ mull 8(%ebx) / w * *a
+ addl 8(%edi),%eax / L(t)+= *r
+ adcl $0,%edx / H(t)+= carry
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,8(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L111
+
+ movl %ecx,%eax / w => eax
+ mull 12(%ebx) / w * *a
+ addl 12(%edi),%eax / L(t)+= *r
+ adcl $0,%edx / H(t)+= carry
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,12(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L111
+
+ addl $16,%ebx / a+=4 (4 words)
+ addl $16,%edi / r+=4 (4 words)
+
+ jmp .L110
+ .align 16
+.L111:
+ movl %esi,%eax / return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe1:
+ .size bn_mul_add_word,.Lfe1-bn_mul_add_word
+ .align 16
+.globl bn_mul_word
+ .type bn_mul_word,@function
+bn_mul_word:
+ pushl %ebp
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+
+ / ax L(t)
+ / dx H(t)
+ / bx a
+ / cx w
+ / di r
+ / num bp
+ / si c
+ xorl %esi,%esi / c=0
+ movl 20(%esp),%edi / r => edi
+ movl 24(%esp),%ebx / a => exb
+ movl 28(%esp),%ebp / num => ebp
+ movl 32(%esp),%ecx / w => ecx
+
+ .align 4
+.L210:
+ movl %ecx,%eax / w => eax
+ mull (%ebx) / w * *a
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L211
+
+ movl %ecx,%eax / w => eax
+ mull 4(%ebx) / w * *a
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,4(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L211
+
+ movl %ecx,%eax / w => eax
+ mull 8(%ebx) / w * *a
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,8(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L211
+
+ movl %ecx,%eax / w => eax
+ mull 12(%ebx) / w * *a
+ addl %esi,%eax / L(t)+=c
+ adcl $0,%edx / H(t)+=carry
+ movl %eax,12(%edi) / *r=L(t)
+ movl %edx,%esi / c=H(t)
+ decl %ebp / --num
+ je .L211
+
+ addl $16,%ebx / a+=4 (4 words)
+ addl $16,%edi / r+=4 (4 words)
+
+ jmp .L210
+ .align 16
+.L211:
+ movl %esi,%eax / return(c)
+ popl %ebx
+ popl %esi
+ popl %edi
+ popl %ebp
+ ret
+.Lfe2:
+ .size bn_mul_word,.Lfe2-bn_mul_word
+
+ .align 16
+.globl bn_sqr_words
+ .type bn_sqr_words,@function
+bn_sqr_words:
+ pushl %edi
+ pushl %esi
+ pushl %ebx
+ movl 16(%esp),%esi / r
+ movl 20(%esp),%edi / a
+ movl 24(%esp),%ebx / n
+ .align 4
+.L28:
+ movl (%edi),%eax / get a
+ mull %eax / a*a
+ movl %eax,(%esi) / put low into return addr
+ movl %edx,4(%esi) / put high into return addr
+ decl %ebx / n--;
+ je .L29
+
+ movl 4(%edi),%eax / get a
+ mull %eax / a*a
+ movl %eax,8(%esi) / put low into return addr
+ movl %edx,12(%esi) / put high into return addr
+ decl %ebx / n--;
+ je .L29
+
+ movl 8(%edi),%eax / get a
+ mull %eax / a*a
+ movl %eax,16(%esi) / put low into return addr
+ movl %edx,20(%esi) / put high into return addr
+ decl %ebx / n--;
+ je .L29
+
+ movl 12(%edi),%eax / get a
+ mull %eax / a*a
+ movl %eax,24(%esi) / put low into return addr
+ movl %edx,28(%esi) / put high into return addr
+ decl %ebx / n--;
+ je .L29
+
+ addl $16,%edi
+ addl $32,%esi
+ jmp .L28
+ .align 16
+.L29:
+ popl %ebx
+ popl %esi
+ popl %edi
+ ret
+.Lfe3:
+ .size bn_sqr_words,.Lfe3-bn_sqr_words
+
+ .align 16
+.globl bn_div64
+ .type bn_div64,@function
+bn_div64:
+ movl 4(%esp),%edx / a
+ movl 8(%esp),%eax / b
+ divl 12(%esp) / ab/c
+ ret
+.Lfe4:
+ .size bn_div64,.Lfe4-bn_div64
+ .ident "GCC: (GNU) 2.6.3"
diff --git a/crypto/bn/asm/x86nt32.asm b/crypto/bn/asm/x86nt32.asm
new file mode 100644
index 0000000..0198c2c
--- /dev/null
+++ b/crypto/bn/asm/x86nt32.asm
@@ -0,0 +1,288 @@
+ TITLE bn_mulw.c
+ .386P
+.model FLAT
+PUBLIC _bn_mul_add_word
+_TEXT SEGMENT
+; File bn_mulw.c
+_bn_mul_add_word PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ mov edi,DWORD PTR 20[esp] ; r
+ mov ebx,DWORD PTR 24[esp] ; a
+ mov ecx,DWORD PTR 32[esp] ; w
+ xor esi,esi ; c=0
+
+ mov ebp,DWORD PTR 28[esp] ; num
+ shr ebp,2 ; num/4
+ jz $L666
+
+$L546:
+ ; Round one
+ mov eax,DWORD PTR [ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR [edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR [edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+
+ ; Round two
+ mov eax,DWORD PTR 4[ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR 4[edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR 4[edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+
+ ; Round three
+ mov eax,DWORD PTR 8[ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR 8[edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR 8[edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+
+ ; Round four
+ mov eax,DWORD PTR 12[ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR 12[edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR 12[edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+
+ add ebx,16
+ add edi,16
+
+ dec ebp
+ jz $L666
+ jmp $L546
+$L666:
+ mov ebp,DWORD PTR 28[esp] ; num
+ and ebp,3 ; num%4
+ jz $L547
+
+ ; Round one
+ mov eax,DWORD PTR [ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR [edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR [edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+ dec ebp
+ jz $L547
+ ; Round two
+ mov eax,DWORD PTR 4[ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR 4[edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR 4[edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+ dec ebp
+ jz $L547
+ ; Round three
+ mov eax,DWORD PTR 8[ebx] ; edx:eax = *a * w
+ mul ecx
+ add eax,DWORD PTR 8[edi] ; *r+=ax
+ adc edx,0
+ add eax,esi ; edx:eax += c
+ adc edx,0
+ mov DWORD PTR 8[edi],eax ; *r+=ax
+ mov esi,edx ; c = overflow
+
+$L547:
+ mov eax,esi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_bn_mul_add_word ENDP
+_TEXT ENDS
+PUBLIC _bn_mul_word
+_TEXT SEGMENT
+_bn_mul_word PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+
+ mov edi,DWORD PTR 20[esp] ; r
+ mov ebx,DWORD PTR 24[esp] ; a
+ mov ebp,DWORD PTR 28[esp] ; num
+ mov ecx,DWORD PTR 32[esp] ; w
+ xor esi,esi ; c=0
+
+ shr ebp,2 ; num/4
+ jz $L266
+
+$L593:
+ ; Round one
+ mov eax,DWORD PTR [ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR [edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+ ; Round two
+ mov eax,DWORD PTR 4[ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR 4[edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+ ; Round three
+ mov eax,DWORD PTR 8[ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR 8[edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+ ; Round four
+ mov eax,DWORD PTR 12[ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR 12[edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+
+ add ebx,16
+ add edi,16
+
+ dec ebp
+ jz $L266
+ jmp $L593
+$L266:
+ mov ebp,DWORD PTR 28[esp] ; num
+ and ebp,3
+ jz $L601
+
+ ; Round one
+ mov eax,DWORD PTR [ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR [edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+ dec ebp
+ jz $L601
+ ; Round two
+ mov eax,DWORD PTR 4[ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR 4[edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+ dec ebp
+ jz $L601
+ ; Round three
+ mov eax,DWORD PTR 8[ebx] ; edx:eax= w * *a
+ mul ecx
+ add eax,esi ; edx:eax+=c
+ adc edx,0
+ mov DWORD PTR 8[edi],eax ; *r=eax
+ mov esi,edx ; c=edx
+
+$L601:
+ mov eax,esi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_bn_mul_word ENDP
+_TEXT ENDS
+PUBLIC _bn_sqr_words
+_TEXT SEGMENT
+_bn_sqr_words PROC NEAR
+ push ebx
+ push esi
+ push edi
+ mov esi,DWORD PTR 16[esp] ; r
+ mov edi,DWORD PTR 20[esp] ; a
+ mov ebx,DWORD PTR 24[esp] ; num
+
+ shr ebx,2 ; num/4
+ jz $L111
+$L640:
+ ; Round 1
+ mov eax, DWORD PTR [edi]
+ mul eax ; *a * *a
+ mov DWORD PTR [esi],eax
+ mov DWORD PTR 4[esi],edx
+ ; Round 2
+ mov eax, DWORD PTR 4[edi]
+ mul eax ; *a * *a
+ mov DWORD PTR 8[esi],eax
+ mov DWORD PTR 12[esi],edx
+ ; Round 3
+ mov eax, DWORD PTR 8[edi]
+ mul eax ; *a * *a
+ mov DWORD PTR 16[esi],eax
+ mov DWORD PTR 20[esi],edx
+ ; Round 4
+ mov eax, DWORD PTR 12[edi]
+ mul eax ; *a * *a
+ mov DWORD PTR 24[esi],eax
+ mov DWORD PTR 28[esi],edx
+
+ add edi,16
+ add esi,32
+
+ dec ebx
+ jz $L111
+ jmp $L640
+$L111:
+ mov ebx,DWORD PTR 24[esp] ; num
+ and ebx,3 ; num%3
+ jz $L645
+
+ ; Round 1
+ mov eax, DWORD PTR [edi]
+ mul eax ; *a * *a
+ mov DWORD PTR [esi],eax
+ mov DWORD PTR 4[esi],edx
+ dec ebx
+ jz $L645
+ ; Round 2
+ mov eax, DWORD PTR 4[edi]
+ mul eax ; *a * *a
+ mov DWORD PTR 8[esi],eax
+ mov DWORD PTR 12[esi],edx
+ dec ebx
+ jz $L645
+ ; Round 3
+ mov eax, DWORD PTR 8[edi]
+ mul eax ; *a * *a
+ mov DWORD PTR 16[esi],eax
+ mov DWORD PTR 20[esi],edx
+
+$L645:
+ pop edi
+ pop esi
+ pop ebx
+ ret
+_bn_sqr_words ENDP
+_TEXT ENDS
+PUBLIC _bn_div64
+_TEXT SEGMENT
+_bn_div64 PROC NEAR
+ mov edx, DWORD PTR 4[esp]
+ mov eax, DWORD PTR 8[esp]
+ div DWORD PTR 12[esp]
+ ret
+_bn_div64 ENDP
+_TEXT ENDS
+END
diff --git a/crypto/bn/asm/x86nt32.uu b/crypto/bn/asm/x86nt32.uu
new file mode 100644
index 0000000..9920798
--- /dev/null
+++ b/crypto/bn/asm/x86nt32.uu
@@ -0,0 +1,22 @@
+begin 640 x86nt32.obj
+M3`$"`/H&DC-6`@``"P`````````N=&5X=```````````````\@$``&0`````
+M```````````````@`#!@+F1A=&$```#R`0````````````!6`@``````````
+M````````0``PP%535E>+?"04BUPD&(M,)"`S]HML)!S![0)T7(L#]^$#!X/2
+M``/&@](`B0>+\HM#!/?A`T<$@](``\:#T@")1P2+\HM#"/?A`T<(@](``\:#
+MT@")1PB+\HM##/?A`T<,@](``\:#T@")1PR+\H/#$(/'$$UT`NNDBVPD'(/E
+M`W1"BP/WX0,'@](``\:#T@")!XOR370MBT,$]^$#1P2#T@`#QH/2`(E'!(OR
+M3705BT,(]^$#1PB#T@`#QH/2`(E'"(ORB\9?7EM=PU535E>+?"04BUPD&(ML
+M)!R+3"0@,_;![0)T18L#]^$#QH/2`(D'B_*+0P3WX0/&@](`B4<$B_*+0PCW
+MX0/&@](`B4<(B_*+0PSWX0/&@](`B4<,B_*#PQ"#QQ!-=`+KNXML)!R#Y0-T
+M,8L#]^$#QH/2`(D'B_)-="&+0P3WX0/&@](`B4<$B_)-=`^+0PCWX0/&@](`
+MB4<(B_*+QE]>6UW#4U97BW0D$(M\)!2+7"08P>L"=#6+!_?@B0:)5@2+1P3W
+MX(E&"(E6#(M'"/?@B480B584BT<,]^")1AB)5AR#QQ"#QB!+=`+KRXM<)!B#
+MXP-T)8L']^")!HE6!$MT&8M'!/?@B48(B58,2W0+BT<(]^")1A")5A1?7EO#
+MBU0D!(M$)`CW="0,PRYF:6QE`````````/[_``!G`BY<8W)Y<'1O7&)N7&%S
+M;5QX.#9N=#,R+F%S;0```````````"YT97AT``````````$````#`?(!````
+M`````````````````"YD871A``````````(````#`0``````````````````
+M```````````$``````````$`(``"```````5````R0````$`(``"```````B
+M````:@$```$`(``"```````P````Y0$```$`(``"`#H```!?8FY?;75L7V%D
+L9%]W;W)D`%]B;E]M=6Q?=V]R9`!?8FY?<W%R7W=O<F1S`%]B;E]D:78V-```
+`
+end
diff --git a/crypto/bn/asm/x86w16.asm b/crypto/bn/asm/x86w16.asm
new file mode 100644
index 0000000..6687491
--- /dev/null
+++ b/crypto/bn/asm/x86w16.asm
@@ -0,0 +1,297 @@
+; Static Name Aliases
+;
+ TITLE bn_mulw.c
+ .8087
+F_TEXT SEGMENT WORD PUBLIC 'CODE'
+F_TEXT ENDS
+_DATA SEGMENT WORD PUBLIC 'DATA'
+_DATA ENDS
+CONST SEGMENT WORD PUBLIC 'CONST'
+CONST ENDS
+_BSS SEGMENT WORD PUBLIC 'BSS'
+_BSS ENDS
+DGROUP GROUP CONST, _BSS, _DATA
+ ASSUME DS: DGROUP, SS: DGROUP
+F_TEXT SEGMENT
+ ASSUME CS: F_TEXT
+ PUBLIC _bn_mul_add_word
+_bn_mul_add_word PROC FAR
+; Line 58
+ push bp
+ push bx
+ push si
+ push di
+ push ds
+ push es
+ mov bp,sp
+; w = 26
+; num = 24
+; ap = 20
+; rp = 16
+ xor si,si ;c=0;
+ mov di,WORD PTR [bp+16] ; load r
+ mov ds,WORD PTR [bp+18] ; load r
+ mov bx,WORD PTR [bp+20] ; load a
+ mov es,WORD PTR [bp+22] ; load a
+ mov cx,WORD PTR [bp+26] ; load w
+ mov bp,WORD PTR [bp+24] ; load num
+
+ shr bp,1 ; div count by 4 and do groups of 4
+ shr bp,1
+ je $L555
+
+$L546:
+ mov ax,cx
+ mul WORD PTR es:[bx] ; w* *a
+ add ax,WORD PTR ds:[di] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di],ax
+ mov si,dx
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+2] ; w* *a
+ add ax,WORD PTR ds:[di+2] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+2],ax
+ mov si,dx
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+4] ; w* *a
+ add ax,WORD PTR ds:[di+4] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+4],ax
+ mov si,dx
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+6] ; w* *a
+ add ax,WORD PTR ds:[di+6] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+6],ax
+ mov si,dx
+ ;
+ add bx,8
+ add di,8
+ ;
+ dec bp
+ je $L555
+ jmp $L546
+;
+;
+$L555:
+ mov bp,sp
+ mov bp,WORD PTR [bp+24] ; load num
+ and bp,3
+ dec bp
+ js $L547
+
+ mov ax,cx
+ mul WORD PTR es:[bx] ; w* *a
+ add ax,WORD PTR ds:[di] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di],ax
+ mov si,dx
+ dec bp
+ js $L547 ; Note that we are now testing for -1
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+2] ; w* *a
+ add ax,WORD PTR ds:[di+2] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+2],ax
+ mov si,dx
+ dec bp
+ js $L547
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+4] ; w* *a
+ add ax,WORD PTR ds:[di+4] ; + *r
+ adc dx,0
+ adc ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+4],ax
+ mov si,dx
+$L547:
+ mov ax,si
+ pop es
+ pop ds
+ pop di
+ pop si
+ pop bx
+ pop bp
+ ret
+ nop
+
+_bn_mul_add_word ENDP
+ PUBLIC _bn_mul_word
+_bn_mul_word PROC FAR
+; Line 76
+ push bp
+ push bx
+ push si
+ push di
+ push ds
+ push es
+ xor si,si
+ mov bp,sp
+ mov di,WORD PTR [bp+16] ; r
+ mov ds,WORD PTR [bp+18]
+ mov bx,WORD PTR [bp+20] ; a
+ mov es,WORD PTR [bp+22]
+ mov cx,WORD PTR [bp+26] ; w
+ mov bp,WORD PTR [bp+24] ; num
+$FC743:
+ mov ax,cx
+ mul WORD PTR es:[bx]
+ add ax,si
+ adc dx,0
+ mov WORD PTR ds:[di],ax
+ mov si,dx
+ dec bp
+ je $L764
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+2]
+ add ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+2],ax
+ mov si,dx
+ dec bp
+ je $L764
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+4]
+ add ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+4],ax
+ mov si,dx
+ dec bp
+ je $L764
+ ;
+ mov ax,cx
+ mul WORD PTR es:[bx+6]
+ add ax,si
+ adc dx,0
+ mov WORD PTR ds:[di+6],ax
+ mov si,dx
+ dec bp
+ je $L764
+ ;
+ add bx,8
+ add di,8
+ jmp $FC743
+ nop
+$L764:
+ mov ax,si
+ pop es
+ pop ds
+ pop di
+ pop si
+ pop bx
+ pop bp
+ ret
+ nop
+_bn_mul_word ENDP
+ PUBLIC _bn_sqr_words
+_bn_sqr_words PROC FAR
+; Line 92
+ push bp
+ push bx
+ push si
+ push di
+ push ds
+ push es
+ mov bp,sp
+ mov si,WORD PTR [bp+16]
+ mov ds,WORD PTR [bp+18]
+ mov di,WORD PTR [bp+20]
+ mov es,WORD PTR [bp+22]
+ mov bx,WORD PTR [bp+24]
+
+ mov bp,bx ; save a memory lookup later
+ shr bx,1 ; div count by 4 and do groups of 4
+ shr bx,1
+ je $L666
+
+$L765:
+ mov ax,WORD PTR es:[di]
+ mul ax
+ mov WORD PTR ds:[si],ax
+ mov WORD PTR ds:[si+2],dx
+ ;
+ mov ax,WORD PTR es:[di+2]
+ mul ax
+ mov WORD PTR ds:[si+4],ax
+ mov WORD PTR ds:[si+6],dx
+ ;
+ mov ax,WORD PTR es:[di+4]
+ mul ax
+ mov WORD PTR ds:[si+8],ax
+ mov WORD PTR ds:[si+10],dx
+ ;
+ mov ax,WORD PTR es:[di+6]
+ mul ax
+ mov WORD PTR ds:[si+12],ax
+ mov WORD PTR ds:[si+14],dx
+ ;
+ add di,8
+ add si,16
+ dec bx
+ je $L666
+ jmp $L765
+$L666:
+ and bp,3
+ dec bp ; The copied value of bx (num)
+ js $L645
+ ;
+ mov ax,WORD PTR es:[di]
+ mul ax
+ mov WORD PTR ds:[si],ax
+ mov WORD PTR ds:[si+2],dx
+ dec bp
+ js $L645
+ ;
+ mov ax,WORD PTR es:[di+2]
+ mul ax
+ mov WORD PTR ds:[si+4],ax
+ mov WORD PTR ds:[si+6],dx
+ dec bp
+ js $L645
+ ;
+ mov ax,WORD PTR es:[di+4]
+ mul ax
+ mov WORD PTR ds:[si+8],ax
+ mov WORD PTR ds:[si+10],dx
+$L645:
+ pop es
+ pop ds
+ pop di
+ pop si
+ pop bx
+ pop bp
+ ret
+
+_bn_sqr_words ENDP
+ PUBLIC _bn_div64
+_bn_div64 PROC FAR
+ push bp
+ mov bp,sp
+ mov dx, WORD PTR [bp+6]
+ mov ax, WORD PTR [bp+8]
+ div WORD PTR [bp+10]
+ pop bp
+ ret
+_bn_div64 ENDP
+F_TEXT ENDS
+END
diff --git a/crypto/bn/asm/x86w16.uu b/crypto/bn/asm/x86w16.uu
new file mode 100644
index 0000000..89c5e14
--- /dev/null
+++ b/crypto/bn/asm/x86w16.uu
@@ -0,0 +1,20 @@
+begin 640 x86w16.obj
+M@!P`&BY<8W)Y<'1O7&)N7&%S;5QX.#9W,38N87-MQY8U```$7T)34P5?1$%4
+M009$1U)/55`&1E]415A4!4-/3E-4`T)34P5#3TY35`1$051!!$-/1$5EF`<`
+M2/`!!0H!&)@'`$@```,)`0R8!P!(```&"`$*F`<`2````@<!#YH(``3_`O\#
+M_P14D$4```$-7V)N7W-Q<E]W;W)D<U4!``E?8FY?9&EV-C3B`0`07V)N7VUU
+M;%]A9&1?=V]R9`````Q?8FY?;75L7W=O<F3<``#`B`0``*(!T:#T`0$``%53
+M5E<>!HOL,_:+?A".7A*+7A2.1A:+3AJ+;AC1[='M=&"+P2;W)P,%@](`$\:#
+MT@")!8ORB\$F]V<"`T4"@](`$\:#T@")10*+\HO!)O=G!`-%!(/2`!/&@](`
+MB44$B_*+P2;W9P8#10:#T@`3QH/2`(E%!HOR@\,(@\<(370"ZZ"+[(MN&(/E
+M`TUX18O!)O<G`P6#T@`3QH/2`(D%B_)->"^+P2;W9P(#10*#T@`3QH/2`(E%
+M`HOR37@6B\$F]V<$`T4$@](`$\:#T@")102+\HO&!Q]?7EM=RY!54U97'@8S
+M]HOLBWX0CEX2BUX4CD86BTX:BVX8B\$F]R<#QH/2`(D%B_)-=$*+P2;W9P(#
+MQH/2`(E%`HOR370OB\$F]V<$`\:#T@")102+\DUT'(O!)O=G!@/&@](`B44&
+MB_)-=`F#PPB#QPCKKI"+Q@<?7UY;7<N055-65QX&B^R+=A".7A*+?A2.1A:+
+M7AB+Z]'KT>MT.2:+!??@B02)5`(FBT4"]^")1`2)5`8FBT4$]^")1`B)5`HF
+MBT4&]^")1`R)5`Z#QPB#QA!+=`+KQX/E`TUX*":+!??@B02)5`)->!LFBT4"
+M]^")1`2)5`9->`PFBT4$]^")1`B)5`H''U]>6UW+58OLBU8&BT8(]W8*7<NZ
+%B@(``'0`
+`
+end
diff --git a/crypto/bn/asm/x86w32.asm b/crypto/bn/asm/x86w32.asm
new file mode 100644
index 0000000..0e4452d
--- /dev/null
+++ b/crypto/bn/asm/x86w32.asm
@@ -0,0 +1,303 @@
+; Static Name Aliases
+;
+ TITLE bn_mulw.c
+ .386
+F_TEXT SEGMENT WORD USE16 PUBLIC 'CODE'
+F_TEXT ENDS
+_DATA SEGMENT WORD USE16 PUBLIC 'DATA'
+_DATA ENDS
+CONST SEGMENT WORD USE16 PUBLIC 'CONST'
+CONST ENDS
+_BSS SEGMENT WORD USE16 PUBLIC 'BSS'
+_BSS ENDS
+DGROUP GROUP CONST, _BSS, _DATA
+ ASSUME DS: DGROUP, SS: DGROUP
+F_TEXT SEGMENT
+ ASSUME CS: F_TEXT
+ PUBLIC _bn_mul_add_word
+_bn_mul_add_word PROC FAR
+; Line 58
+ push bp
+ push bx
+ push esi
+ push di
+ push ds
+ push es
+ mov bp,sp
+; w = 28
+; num = 26
+; ap = 22
+; rp = 18
+ xor esi,esi ;c=0;
+ mov di,WORD PTR [bp+18] ; load r
+ mov ds,WORD PTR [bp+20] ; load r
+ mov bx,WORD PTR [bp+22] ; load a
+ mov es,WORD PTR [bp+24] ; load a
+ mov ecx,DWORD PTR [bp+28] ; load w
+ mov bp,WORD PTR [bp+26] ; load num
+ shr bp,1 ; div count by 4 and do groups of 4
+ shr bp,1
+ je $L555
+
+$L546:
+ mov eax,ecx
+ mul DWORD PTR es:[bx] ; w* *a
+ add eax,DWORD PTR ds:[di] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di],eax
+ mov esi,edx
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+4] ; w* *a
+ add eax,DWORD PTR ds:[di+4] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+4],eax
+ mov esi,edx
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+8] ; w* *a
+ add eax,DWORD PTR ds:[di+8] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+8],eax
+ mov esi,edx
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+12] ; w* *a
+ add eax,DWORD PTR ds:[di+12] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+12],eax
+ mov esi,edx
+ ;
+ add bx,16
+ add di,16
+ ;
+ dec bp
+ je $L555
+ jmp $L546
+;
+;
+$L555:
+ mov bp,sp
+ mov bp,WORD PTR [bp+26] ; load num
+ and bp,3
+ dec bp
+ js $L547
+
+ mov eax,ecx
+ mul DWORD PTR es:[bx] ; w* *a
+ add eax,DWORD PTR ds:[di] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di],eax
+ mov esi,edx
+ dec bp
+ js $L547 ; Note that we are now testing for -1
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+4] ; w* *a
+ add eax,DWORD PTR ds:[di+4] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+4],eax
+ mov esi,edx
+ dec bp
+ js $L547
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+8] ; w* *a
+ add eax,DWORD PTR ds:[di+8] ; + *r
+ adc edx,0
+ adc eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+8],eax
+ mov esi,edx
+$L547:
+ mov eax,esi
+ mov edx,esi
+ shr edx,16
+ pop es
+ pop ds
+ pop di
+ pop esi
+ pop bx
+ pop bp
+ ret
+ nop
+
+_bn_mul_add_word ENDP
+ PUBLIC _bn_mul_word
+_bn_mul_word PROC FAR
+; Line 76
+ push bp
+ push bx
+ push esi
+ push di
+ push ds
+ push es
+ xor esi,esi
+ mov bp,sp
+ mov di,WORD PTR [bp+18] ; r
+ mov ds,WORD PTR [bp+20]
+ mov bx,WORD PTR [bp+22] ; a
+ mov es,WORD PTR [bp+24]
+ mov ecx,DWORD PTR [bp+28] ; w
+ mov bp,WORD PTR [bp+26] ; num
+
+$FC743:
+ mov eax,ecx
+ mul DWORD PTR es:[bx]
+ add eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di],eax
+ mov esi,edx
+ dec bp
+ je $L764
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+4]
+ add eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+4],eax
+ mov esi,edx
+ dec bp
+ je $L764
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+8]
+ add eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+8],eax
+ mov esi,edx
+ dec bp
+ je $L764
+ ;
+ mov eax,ecx
+ mul DWORD PTR es:[bx+12]
+ add eax,esi
+ adc edx,0
+ mov DWORD PTR ds:[di+12],eax
+ mov esi,edx
+ dec bp
+ je $L764
+ ;
+ add bx,16
+ add di,16
+ jmp $FC743
+ nop
+$L764:
+ mov eax,esi
+ mov edx,esi
+ shr edx,16
+ pop es
+ pop ds
+ pop di
+ pop esi
+ pop bx
+ pop bp
+ ret
+ nop
+_bn_mul_word ENDP
+ PUBLIC _bn_sqr_words
+_bn_sqr_words PROC FAR
+; Line 92
+ push bp
+ push bx
+ push si
+ push di
+ push ds
+ push es
+ mov bp,sp
+ mov si,WORD PTR [bp+16]
+ mov ds,WORD PTR [bp+18]
+ mov di,WORD PTR [bp+20]
+ mov es,WORD PTR [bp+22]
+ mov bx,WORD PTR [bp+24]
+
+ mov bp,bx ; save a memory lookup later
+ shr bx,1 ; div count by 4 and do groups of 4
+ shr bx,1
+ je $L666
+
+$L765:
+ mov eax,DWORD PTR es:[di]
+ mul eax
+ mov DWORD PTR ds:[si],eax
+ mov DWORD PTR ds:[si+4],edx
+ ;
+ mov eax,DWORD PTR es:[di+4]
+ mul eax
+ mov DWORD PTR ds:[si+8],eax
+ mov DWORD PTR ds:[si+12],edx
+ ;
+ mov eax,DWORD PTR es:[di+8]
+ mul eax
+ mov DWORD PTR ds:[si+16],eax
+ mov DWORD PTR ds:[si+20],edx
+ ;
+ mov eax,DWORD PTR es:[di+12]
+ mul eax
+ mov DWORD PTR ds:[si+24],eax
+ mov DWORD PTR ds:[si+28],edx
+ ;
+ add di,16
+ add si,32
+ dec bx
+ je $L666
+ jmp $L765
+$L666:
+ and bp,3
+ dec bp ; The copied value of bx (num)
+ js $L645
+ ;
+ mov eax,DWORD PTR es:[di]
+ mul eax
+ mov DWORD PTR ds:[si],eax
+ mov DWORD PTR ds:[si+4],edx
+ dec bp
+ js $L645
+ ;
+ mov eax,DWORD PTR es:[di+4]
+ mul eax
+ mov DWORD PTR ds:[si+8],eax
+ mov DWORD PTR ds:[si+12],edx
+ dec bp
+ js $L645
+ ;
+ mov eax,DWORD PTR es:[di+8]
+ mul eax
+ mov DWORD PTR ds:[si+16],eax
+ mov DWORD PTR ds:[si+20],edx
+$L645:
+ pop es
+ pop ds
+ pop di
+ pop si
+ pop bx
+ pop bp
+ ret
+
+_bn_sqr_words ENDP
+ PUBLIC _bn_div64
+_bn_div64 PROC FAR
+ push bp
+ mov bp,sp
+ mov edx, DWORD PTR [bp+6]
+ mov eax, DWORD PTR [bp+10]
+ div DWORD PTR [bp+14]
+ mov edx,eax
+ shr edx,16
+ pop bp
+ ret
+_bn_div64 ENDP
+F_TEXT ENDS
+END
diff --git a/crypto/bn/asm/x86w32.uu b/crypto/bn/asm/x86w32.uu
new file mode 100644
index 0000000..edcd84e
--- /dev/null
+++ b/crypto/bn/asm/x86w32.uu
@@ -0,0 +1,23 @@
+begin 640 x86w32.obj
+M@!P`&BY<8W)Y<'1O7&)N7&%S;5QX.#9W,S(N87-MR98U```$7T)34P5?1$%4
+M009$1U)/55`&1E]415A4!4-/3E-4`T)34P5#3TY35`1$051!!$-/1$5EF`<`
+M2(`"!0H!AY@'`$@```,)`0R8!P!(```&"`$*F`<`2````@<!#YH(``3_`O\#
+M_P14D$4```$-7V)N7W-Q<E]W;W)D<[\!``E?8FY?9&EV-C1H`@`07V)N7VUU
+M;%]A9&1?=V]R9`````Q?8FY?;75L7W=O<F0B`0"(B`0``*(!T:"$`@$``%53
+M9E97'@:+[&8S]HM^$HY>%(M>%HY&&&:+3AR+;AK1[='M#X2``&:+P68F]R=F
+M`P5F@](`9A/&9H/2`&:)!6:+\F:+P68F]V<$9@-%!&:#T@!F$\9F@](`9HE%
+M!&:+\F:+P68F]V<(9@-%"&:#T@!F$\9F@](`9HE%"&:+\F:+P68F]V<,9@-%
+M#&:#T@!F$\9F@](`9HE%#&:+\H/#$(/'$$UT`NN`B^R+;AJ#Y0-->%UFB\%F
+M)O<G9@,%9H/2`&83QF:#T@!FB05FB_)->#]FB\%F)O=G!&8#101F@](`9A/&
+M9H/2`&:)101FB_)->!YFB\%F)O=G"&8#10AF@](`9A/&9H/2`&:)10AFB_)F
+MB\9FB]9FP>H0!Q]?9EY;7<N055-F5E<>!F8S]HOLBWX2CEX4BUX6CD889HM.
+M'(MN&F:+P68F]R=F`\9F@](`9HD%9HOR37149HO!9B;W9P1F`\9F@](`9HE%
+M!&:+\DUT.V:+P68F]V<(9@/&9H/2`&:)10AFB_)-=")FB\%F)O=G#&8#QF:#
+MT@!FB44,9HOR370)@\,0@\<0ZY:09HO&9HO69L'J$`<?7V9>6UW+D%535E<>
+M!HOLBW80CEX2BWX4CD86BUX8B^O1Z]'K=$EF)HL%9O?@9HD$9HE4!&8FBT4$
+M9O?@9HE$"&:)5`QF)HM%"&;WX&:)1!!FB5049B:+10QF]^!FB4089HE4'(/'
+M$(/&($MT`NNW@^4#37@T9B:+!6;WX&:)!&:)5`1->"-F)HM%!&;WX&:)1`AF
+MB50,37@09B:+10AF]^!FB4009HE4%`<?7UY;7<M5B^QFBU8&9HM&"F;W=@YF
+.B]!FP>H07<O`B@(``'0`
+`
+end
diff --git a/crypto/bn/bn.err b/crypto/bn/bn.err
new file mode 100644
index 0000000..5fe4b6d
--- /dev/null
+++ b/crypto/bn/bn.err
@@ -0,0 +1,20 @@
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+#define BN_F_BN_BL_CTX_INIT 100
+#define BN_F_BN_BL_CTX_NEW 101
+#define BN_F_BN_BN2ASCII 102
+#define BN_F_BN_CTX_NEW 103
+#define BN_F_BN_DIV 104
+#define BN_F_BN_EXPAND2 105
+#define BN_F_BN_MOD_EXP_MONT 106
+#define BN_F_BN_MOD_INVERSE 107
+#define BN_F_BN_MOD_MUL_RECIPROCAL 108
+#define BN_F_BN_NEW 109
+#define BN_F_BN_RAND 110
+
+/* Reason codes. */
+#define BN_R_BAD_RECIPROCAL 100
+#define BN_R_CALLED_WITH_EVEN_MODULUS 101
+#define BN_R_DIV_BY_ZERO 102
+#define BN_R_NO_INVERSE 103
diff --git a/crypto/bn/bn.h b/crypto/bn/bn.h
new file mode 100644
index 0000000..9326f4d
--- /dev/null
+++ b/crypto/bn/bn.h
@@ -0,0 +1,433 @@
+/* crypto/bn/bn.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bn.org since bn.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_BN_H
+#define HEADER_BN_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef BN_LLONG
+
+#ifdef WIN32
+#define BN_LLONG /* This comment stops Configure mutilating things */
+#endif
+
+#define RECP_MUL_MOD
+#define MONT_MUL_MOD
+
+/* This next option uses the C libraries (2 word)/(1 word) function.
+ * If it is not defined, I use my C version (which is slower).
+ * The reason for this flag is that when the particular C compiler
+ * library routine is used, and the library is linked with a different
+ * compiler, the library is missing. This mostly happens when the
+ * library is built with gcc and then linked using nornal cc. This would
+ * be a common occurance because gcc normally produces code that is
+ * 2 times faster than system compilers for the big number stuff.
+ * For machines with only one compiler (or shared libraries), this should
+ * be on. Again this in only really a problem on machines
+ * using "long long's", are 32bit, and are not using my assember code. */
+#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
+#define BN_DIV2W
+#endif
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+
+/* assuming long is 64bit - this is the DEC Alpha
+ * unsigned long long is only 64 bits :-(, don't define
+ * BN_LLONG for the DEC Alpha */
+#ifdef SIXTY_FOUR_BIT_LONG
+#define BN_ULLONG unsigned long long
+#define BN_ULONG unsigned long
+#define BN_LONG long
+#define BN_BITS 128
+#define BN_BYTES 8
+#define BN_BITS2 64
+#define BN_BITS4 32
+#define BN_MASK2 (0xffffffffffffffffL)
+#define BN_MASK2l (0xffffffffL)
+#define BN_MASK2h (0xffffffff00000000L)
+#define BN_MASK2h1 (0xffffffff80000000L)
+#define BN_TBIT (0x8000000000000000L)
+#endif
+
+#ifdef SIXTY_FOUR_BIT
+#undef BN_LLONG
+/* #define BN_ULLONG unsigned long long */
+#define BN_ULONG unsigned long long
+#define BN_LONG long long
+#define BN_BITS 128
+#define BN_BYTES 8
+#define BN_BITS2 64
+#define BN_BITS4 32
+#define BN_MASK2 (0xffffffffffffffffLL)
+#define BN_MASK2l (0xffffffffL)
+#define BN_MASK2h (0xffffffff00000000LL)
+#define BN_MASK2h1 (0xffffffff80000000LL)
+#define BN_TBIT (0x8000000000000000LL)
+#endif
+
+#ifdef THIRTY_TWO_BIT
+#ifdef WIN32
+#define BN_ULLONG unsigned _int64
+#else
+#define BN_ULLONG unsigned long long
+#endif
+#define BN_ULONG unsigned long
+#define BN_LONG long
+#define BN_BITS 64
+#define BN_BYTES 4
+#define BN_BITS2 32
+#define BN_BITS4 16
+#define BN_MASK2 (0xffffffffL)
+#define BN_MASK2l (0xffff)
+#define BN_MASK2h1 (0xffff8000L)
+#define BN_MASK2h (0xffff0000L)
+#define BN_TBIT (0x80000000L)
+#endif
+
+#ifdef SIXTEEN_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG unsigned long
+#define BN_ULONG unsigned short
+#define BN_LONG short
+#define BN_BITS 32
+#define BN_BYTES 2
+#define BN_BITS2 16
+#define BN_BITS4 8
+#define BN_MASK2 (0xffff)
+#define BN_MASK2l (0xff)
+#define BN_MASK2h1 (0xff80)
+#define BN_MASK2h (0xff00)
+#define BN_TBIT (0x8000)
+#endif
+
+#ifdef EIGHT_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG unsigned short
+#define BN_ULONG unsigned char
+#define BN_LONG char
+#define BN_BITS 16
+#define BN_BYTES 1
+#define BN_BITS2 8
+#define BN_BITS4 4
+#define BN_MASK2 (0xff)
+#define BN_MASK2l (0xf)
+#define BN_MASK2h1 (0xf8)
+#define BN_MASK2h (0xf0)
+#define BN_TBIT (0x80)
+#endif
+
+#define BN_DEFAULT_BITS 1280
+
+#ifdef BIGNUM
+#undef BIGNUM
+#endif
+
+typedef struct bignum_st
+ {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int max; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ } BIGNUM;
+
+/* Used for temp variables */
+#define BN_CTX_NUM 12
+typedef struct bignum_ctx
+ {
+ int tos;
+ BIGNUM *bn[BN_CTX_NUM+1];
+ } BN_CTX;
+
+/* Used for montgomery multiplication */
+typedef struct bn_mont_ctx_st
+ {
+ int ri; /* number of bits in R */
+ BIGNUM *RR; /* used to convert to montgomery form */
+ BIGNUM *N; /* The modulus */
+ BIGNUM *Ni; /* The inverse of N */
+ BN_ULONG n0; /* word form of inverse, normally only one of
+ * Ni or n0 is defined */
+ } BN_MONT_CTX;
+
+#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
+ r,a,(mont)->RR,(mont),ctx)
+
+#define BN_prime_checks (5)
+
+#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
+#define BN_is_zero(a) (((a)->top <= 1) && ((a)->d[0] == (BN_ULONG)0))
+#define BN_is_one(a) (BN_is_word((a),1))
+#define BN_is_odd(a) ((a)->d[0] & 1)
+#define BN_one(a) (BN_set_word((a),1))
+#define BN_zero(a) (BN_set_word((a),0))
+
+#define bn_fix_top(a) \
+ { \
+ BN_ULONG *fix_top_l; \
+ for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+ if (*(fix_top_l--)) break; \
+ }
+
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+
+
+#ifndef NOPROTO
+BIGNUM *BN_value_one(void);
+char * BN_options(void);
+BN_CTX *BN_CTX_new(void);
+void BN_CTX_free(BN_CTX *c);
+int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
+int BN_num_bits(BIGNUM *a);
+int BN_num_bits_word(BN_ULONG);
+BIGNUM *BN_new(void);
+void BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret);
+int BN_bn2bin(BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
+BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
+BN_ULONG BN_div_word(BIGNUM *a, unsigned long w);
+int BN_add_word(BIGNUM *a, unsigned long w);
+int BN_set_word(BIGNUM *a, unsigned long w);
+unsigned long BN_get_word(BIGNUM *a);
+int BN_cmp(BIGNUM *a, BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, BIGNUM *a);
+int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
+ BIGNUM *m,BN_CTX *ctx);
+int BN_mask_bits(BIGNUM *a,int n);
+int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m,
+ BIGNUM *i, int nb, BN_CTX *ctx);
+int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m,
+ BN_CTX *ctx);
+#ifndef WIN16
+int BN_print_fp(FILE *fp, BIGNUM *a);
+#endif
+#ifdef HEADER_BIO_H
+int BN_print(BIO *fp, BIGNUM *a);
+#else
+int BN_print(char *fp, BIGNUM *a);
+#endif
+int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, BIGNUM *a);
+void BN_clear(BIGNUM *a);
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+BIGNUM *BN_dup(BIGNUM *a);
+int BN_ucmp(BIGNUM *a, BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char * BN_bn2ascii(BIGNUM *a);
+int BN_ascii2bn(BIGNUM **a,char *str);
+int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
+BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
+BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
+ BIGNUM *rem,void (*callback)(int,int));
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
+ BN_CTX *ctx);
+void ERR_load_BN_strings(void );
+
+BN_ULONG bn_mul_add_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void );
+int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx);
+
+#else
+
+BIGNUM *BN_value_one();
+char * BN_options();
+BN_CTX *BN_CTX_new();
+void BN_CTX_free();
+int BN_rand();
+int BN_num_bits();
+int BN_num_bits_word();
+BIGNUM *BN_new();
+void BN_clear_free();
+BIGNUM *BN_copy();
+BIGNUM *BN_bin2bn();
+int BN_bn2bin();
+int BN_sub();
+void bn_qsub();
+void bn_qadd();
+int BN_add();
+int BN_mod();
+int BN_div();
+int BN_mul();
+int BN_sqr();
+BN_ULONG BN_mod_word();
+BN_ULONG BN_div_word();
+int BN_add_word();
+int BN_set_word();
+unsigned long BN_get_word();
+int BN_cmp();
+void BN_free();
+int BN_is_bit_set();
+int BN_lshift();
+int BN_lshift1();
+int BN_mod_exp();
+int BN_mod_exp_mont();
+int BN_mod_exp_recp();
+int BN_mod_exp_simple();
+int BN_mask_bits();
+int BN_mod_mul_reciprocal();
+int BN_mod_mul();
+#ifndef WIN16
+int BN_print_fp();
+#endif
+int BN_print();
+int BN_reciprocal();
+int BN_rshift();
+int BN_rshift1();
+void BN_clear();
+BIGNUM *bn_expand2();
+BIGNUM *BN_dup();
+int BN_ucmp();
+int BN_set_bit();
+int BN_clear_bit();
+char * BN_bn2ascii();
+int BN_ascii2bn();
+int BN_gcd();
+BIGNUM *BN_mod_inverse();
+BIGNUM *BN_generate_prime();
+int BN_is_prime();
+void ERR_load_BN_strings();
+
+BN_ULONG bn_mul_add_word();
+BN_ULONG bn_mul_word();
+void bn_sqr_words();
+BN_ULONG bn_div64();
+
+int BN_mod_mul_montgomery();
+int BN_from_montgomery();
+BN_MONT_CTX *BN_MONT_CTX_new();
+void BN_MONT_CTX_free();
+int BN_MONT_CTX_set();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+#define BN_F_BN_BL_CTX_INIT 100
+#define BN_F_BN_BL_CTX_NEW 101
+#define BN_F_BN_BN2ASCII 102
+#define BN_F_BN_CTX_NEW 103
+#define BN_F_BN_DIV 104
+#define BN_F_BN_EXPAND2 105
+#define BN_F_BN_MOD_EXP_MONT 106
+#define BN_F_BN_MOD_INVERSE 107
+#define BN_F_BN_MOD_MUL_RECIPROCAL 108
+#define BN_F_BN_NEW 109
+#define BN_F_BN_RAND 110
+
+/* Reason codes. */
+#define BN_R_BAD_RECIPROCAL 100
+#define BN_R_CALLED_WITH_EVEN_MODULUS 101
+#define BN_R_DIV_BY_ZERO 102
+#define BN_R_NO_INVERSE 103
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/bn/bn.org b/crypto/bn/bn.org
new file mode 100644
index 0000000..9326f4d
--- /dev/null
+++ b/crypto/bn/bn.org
@@ -0,0 +1,433 @@
+/* crypto/bn/bn.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify bn.org since bn.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_BN_H
+#define HEADER_BN_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#undef BN_LLONG
+
+#ifdef WIN32
+#define BN_LLONG /* This comment stops Configure mutilating things */
+#endif
+
+#define RECP_MUL_MOD
+#define MONT_MUL_MOD
+
+/* This next option uses the C libraries (2 word)/(1 word) function.
+ * If it is not defined, I use my C version (which is slower).
+ * The reason for this flag is that when the particular C compiler
+ * library routine is used, and the library is linked with a different
+ * compiler, the library is missing. This mostly happens when the
+ * library is built with gcc and then linked using nornal cc. This would
+ * be a common occurance because gcc normally produces code that is
+ * 2 times faster than system compilers for the big number stuff.
+ * For machines with only one compiler (or shared libraries), this should
+ * be on. Again this in only really a problem on machines
+ * using "long long's", are 32bit, and are not using my assember code. */
+#if defined(MSDOS) || defined(WINDOWS) || defined(linux)
+#define BN_DIV2W
+#endif
+
+/* Only one for the following should be defined */
+/* The prime number generation stuff may not work when
+ * EIGHT_BIT but I don't care since I've only used this mode
+ * for debuging the bignum libraries */
+#undef SIXTY_FOUR_BIT_LONG
+#undef SIXTY_FOUR_BIT
+#define THIRTY_TWO_BIT
+#undef SIXTEEN_BIT
+#undef EIGHT_BIT
+
+/* assuming long is 64bit - this is the DEC Alpha
+ * unsigned long long is only 64 bits :-(, don't define
+ * BN_LLONG for the DEC Alpha */
+#ifdef SIXTY_FOUR_BIT_LONG
+#define BN_ULLONG unsigned long long
+#define BN_ULONG unsigned long
+#define BN_LONG long
+#define BN_BITS 128
+#define BN_BYTES 8
+#define BN_BITS2 64
+#define BN_BITS4 32
+#define BN_MASK2 (0xffffffffffffffffL)
+#define BN_MASK2l (0xffffffffL)
+#define BN_MASK2h (0xffffffff00000000L)
+#define BN_MASK2h1 (0xffffffff80000000L)
+#define BN_TBIT (0x8000000000000000L)
+#endif
+
+#ifdef SIXTY_FOUR_BIT
+#undef BN_LLONG
+/* #define BN_ULLONG unsigned long long */
+#define BN_ULONG unsigned long long
+#define BN_LONG long long
+#define BN_BITS 128
+#define BN_BYTES 8
+#define BN_BITS2 64
+#define BN_BITS4 32
+#define BN_MASK2 (0xffffffffffffffffLL)
+#define BN_MASK2l (0xffffffffL)
+#define BN_MASK2h (0xffffffff00000000LL)
+#define BN_MASK2h1 (0xffffffff80000000LL)
+#define BN_TBIT (0x8000000000000000LL)
+#endif
+
+#ifdef THIRTY_TWO_BIT
+#ifdef WIN32
+#define BN_ULLONG unsigned _int64
+#else
+#define BN_ULLONG unsigned long long
+#endif
+#define BN_ULONG unsigned long
+#define BN_LONG long
+#define BN_BITS 64
+#define BN_BYTES 4
+#define BN_BITS2 32
+#define BN_BITS4 16
+#define BN_MASK2 (0xffffffffL)
+#define BN_MASK2l (0xffff)
+#define BN_MASK2h1 (0xffff8000L)
+#define BN_MASK2h (0xffff0000L)
+#define BN_TBIT (0x80000000L)
+#endif
+
+#ifdef SIXTEEN_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG unsigned long
+#define BN_ULONG unsigned short
+#define BN_LONG short
+#define BN_BITS 32
+#define BN_BYTES 2
+#define BN_BITS2 16
+#define BN_BITS4 8
+#define BN_MASK2 (0xffff)
+#define BN_MASK2l (0xff)
+#define BN_MASK2h1 (0xff80)
+#define BN_MASK2h (0xff00)
+#define BN_TBIT (0x8000)
+#endif
+
+#ifdef EIGHT_BIT
+#ifndef BN_DIV2W
+#define BN_DIV2W
+#endif
+#define BN_ULLONG unsigned short
+#define BN_ULONG unsigned char
+#define BN_LONG char
+#define BN_BITS 16
+#define BN_BYTES 1
+#define BN_BITS2 8
+#define BN_BITS4 4
+#define BN_MASK2 (0xff)
+#define BN_MASK2l (0xf)
+#define BN_MASK2h1 (0xf8)
+#define BN_MASK2h (0xf0)
+#define BN_TBIT (0x80)
+#endif
+
+#define BN_DEFAULT_BITS 1280
+
+#ifdef BIGNUM
+#undef BIGNUM
+#endif
+
+typedef struct bignum_st
+ {
+ BN_ULONG *d; /* Pointer to an array of 'BN_BITS2' bit chunks. */
+ int top; /* Index of last used d +1. */
+ /* The next are internal book keeping for bn_expand. */
+ int max; /* Size of the d array. */
+ int neg; /* one if the number is negative */
+ } BIGNUM;
+
+/* Used for temp variables */
+#define BN_CTX_NUM 12
+typedef struct bignum_ctx
+ {
+ int tos;
+ BIGNUM *bn[BN_CTX_NUM+1];
+ } BN_CTX;
+
+/* Used for montgomery multiplication */
+typedef struct bn_mont_ctx_st
+ {
+ int ri; /* number of bits in R */
+ BIGNUM *RR; /* used to convert to montgomery form */
+ BIGNUM *N; /* The modulus */
+ BIGNUM *Ni; /* The inverse of N */
+ BN_ULONG n0; /* word form of inverse, normally only one of
+ * Ni or n0 is defined */
+ } BN_MONT_CTX;
+
+#define BN_to_montgomery(r,a,mont,ctx) BN_mod_mul_montgomery(\
+ r,a,(mont)->RR,(mont),ctx)
+
+#define BN_prime_checks (5)
+
+#define BN_num_bytes(a) ((BN_num_bits(a)+7)/8)
+#define BN_is_word(a,w) (((a)->top == 1) && ((a)->d[0] == (BN_ULONG)(w)))
+#define BN_is_zero(a) (((a)->top <= 1) && ((a)->d[0] == (BN_ULONG)0))
+#define BN_is_one(a) (BN_is_word((a),1))
+#define BN_is_odd(a) ((a)->d[0] & 1)
+#define BN_one(a) (BN_set_word((a),1))
+#define BN_zero(a) (BN_set_word((a),0))
+
+#define bn_fix_top(a) \
+ { \
+ BN_ULONG *fix_top_l; \
+ for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+ if (*(fix_top_l--)) break; \
+ }
+
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+
+
+#ifndef NOPROTO
+BIGNUM *BN_value_one(void);
+char * BN_options(void);
+BN_CTX *BN_CTX_new(void);
+void BN_CTX_free(BN_CTX *c);
+int BN_rand(BIGNUM *rnd, int bits, int top,int bottom);
+int BN_num_bits(BIGNUM *a);
+int BN_num_bits_word(BN_ULONG);
+BIGNUM *BN_new(void);
+void BN_clear_free(BIGNUM *a);
+BIGNUM *BN_copy(BIGNUM *a, BIGNUM *b);
+BIGNUM *BN_bin2bn(unsigned char *s,int len,BIGNUM *ret);
+int BN_bn2bin(BIGNUM *a, unsigned char *to);
+int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void bn_qsub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+void bn_qadd(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+int BN_sqr(BIGNUM *r, BIGNUM *a,BN_CTX *ctx);
+BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
+BN_ULONG BN_div_word(BIGNUM *a, unsigned long w);
+int BN_add_word(BIGNUM *a, unsigned long w);
+int BN_set_word(BIGNUM *a, unsigned long w);
+unsigned long BN_get_word(BIGNUM *a);
+int BN_cmp(BIGNUM *a, BIGNUM *b);
+void BN_free(BIGNUM *a);
+int BN_is_bit_set(BIGNUM *a, int n);
+int BN_lshift(BIGNUM *r, BIGNUM *a, int n);
+int BN_lshift1(BIGNUM *r, BIGNUM *a);
+int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int BN_mod_exp_mont(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int BN_mod_exp_recp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+int BN_mod_exp_simple(BIGNUM *r, BIGNUM *a, BIGNUM *p,
+ BIGNUM *m,BN_CTX *ctx);
+int BN_mask_bits(BIGNUM *a,int n);
+int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m,
+ BIGNUM *i, int nb, BN_CTX *ctx);
+int BN_mod_mul(BIGNUM *ret, BIGNUM *a, BIGNUM *b, BIGNUM *m,
+ BN_CTX *ctx);
+#ifndef WIN16
+int BN_print_fp(FILE *fp, BIGNUM *a);
+#endif
+#ifdef HEADER_BIO_H
+int BN_print(BIO *fp, BIGNUM *a);
+#else
+int BN_print(char *fp, BIGNUM *a);
+#endif
+int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
+int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+int BN_rshift1(BIGNUM *r, BIGNUM *a);
+void BN_clear(BIGNUM *a);
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+BIGNUM *BN_dup(BIGNUM *a);
+int BN_ucmp(BIGNUM *a, BIGNUM *b);
+int BN_set_bit(BIGNUM *a, int n);
+int BN_clear_bit(BIGNUM *a, int n);
+char * BN_bn2ascii(BIGNUM *a);
+int BN_ascii2bn(BIGNUM **a,char *str);
+int BN_gcd(BIGNUM *r,BIGNUM *in_a,BIGNUM *in_b,BN_CTX *ctx);
+BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
+BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
+ BIGNUM *rem,void (*callback)(int,int));
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
+ BN_CTX *ctx);
+void ERR_load_BN_strings(void );
+
+BN_ULONG bn_mul_add_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+BN_ULONG bn_mul_word(BN_ULONG *rp, BN_ULONG *ap, int num, BN_ULONG w);
+void bn_sqr_words(BN_ULONG *rp, BN_ULONG *ap, int num);
+BN_ULONG bn_div64(BN_ULONG h, BN_ULONG l, BN_ULONG d);
+
+BN_MONT_CTX *BN_MONT_CTX_new(void );
+int BN_mod_mul_montgomery(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_MONT_CTX *mont,
+ BN_CTX *ctx);
+int BN_from_montgomery(BIGNUM *r,BIGNUM *a,BN_MONT_CTX *mont,BN_CTX *ctx);
+void BN_MONT_CTX_free(BN_MONT_CTX *mont);
+int BN_MONT_CTX_set(BN_MONT_CTX *mont,BIGNUM *modulus,BN_CTX *ctx);
+
+#else
+
+BIGNUM *BN_value_one();
+char * BN_options();
+BN_CTX *BN_CTX_new();
+void BN_CTX_free();
+int BN_rand();
+int BN_num_bits();
+int BN_num_bits_word();
+BIGNUM *BN_new();
+void BN_clear_free();
+BIGNUM *BN_copy();
+BIGNUM *BN_bin2bn();
+int BN_bn2bin();
+int BN_sub();
+void bn_qsub();
+void bn_qadd();
+int BN_add();
+int BN_mod();
+int BN_div();
+int BN_mul();
+int BN_sqr();
+BN_ULONG BN_mod_word();
+BN_ULONG BN_div_word();
+int BN_add_word();
+int BN_set_word();
+unsigned long BN_get_word();
+int BN_cmp();
+void BN_free();
+int BN_is_bit_set();
+int BN_lshift();
+int BN_lshift1();
+int BN_mod_exp();
+int BN_mod_exp_mont();
+int BN_mod_exp_recp();
+int BN_mod_exp_simple();
+int BN_mask_bits();
+int BN_mod_mul_reciprocal();
+int BN_mod_mul();
+#ifndef WIN16
+int BN_print_fp();
+#endif
+int BN_print();
+int BN_reciprocal();
+int BN_rshift();
+int BN_rshift1();
+void BN_clear();
+BIGNUM *bn_expand2();
+BIGNUM *BN_dup();
+int BN_ucmp();
+int BN_set_bit();
+int BN_clear_bit();
+char * BN_bn2ascii();
+int BN_ascii2bn();
+int BN_gcd();
+BIGNUM *BN_mod_inverse();
+BIGNUM *BN_generate_prime();
+int BN_is_prime();
+void ERR_load_BN_strings();
+
+BN_ULONG bn_mul_add_word();
+BN_ULONG bn_mul_word();
+void bn_sqr_words();
+BN_ULONG bn_div64();
+
+int BN_mod_mul_montgomery();
+int BN_from_montgomery();
+BN_MONT_CTX *BN_MONT_CTX_new();
+void BN_MONT_CTX_free();
+int BN_MONT_CTX_set();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BN functions. */
+
+/* Function codes. */
+#define BN_F_BN_BL_CTX_INIT 100
+#define BN_F_BN_BL_CTX_NEW 101
+#define BN_F_BN_BN2ASCII 102
+#define BN_F_BN_CTX_NEW 103
+#define BN_F_BN_DIV 104
+#define BN_F_BN_EXPAND2 105
+#define BN_F_BN_MOD_EXP_MONT 106
+#define BN_F_BN_MOD_INVERSE 107
+#define BN_F_BN_MOD_MUL_RECIPROCAL 108
+#define BN_F_BN_NEW 109
+#define BN_F_BN_RAND 110
+
+/* Reason codes. */
+#define BN_R_BAD_RECIPROCAL 100
+#define BN_R_CALLED_WITH_EVEN_MODULUS 101
+#define BN_R_DIV_BY_ZERO 102
+#define BN_R_NO_INVERSE 103
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/bn/bn_add.c b/crypto/bn/bn_add.c
new file mode 100644
index 0000000..ecdb745
--- /dev/null
+++ b/crypto/bn/bn_add.c
@@ -0,0 +1,170 @@
+/* crypto/bn/bn_add.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r can == a or b */
+int BN_add(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ BIGNUM *tmp;
+
+ /* a + b a+b
+ * a + -b a-b
+ * -a + b b-a
+ * -a + -b -(a+b)
+ */
+ if (a->neg ^ b->neg)
+ {
+ /* only one is negative */
+ if (a->neg)
+ { tmp=a; a=b; b=tmp; }
+
+ /* we are now a - b */
+ if (bn_expand(r,((a->top > b->top)?a->top:b->top)*BN_BITS2)
+ == NULL) return(0);
+
+ if (BN_ucmp(a,b) < 0)
+ {
+ bn_qsub(r,b,a);
+ r->neg=1;
+ }
+ else
+ {
+ bn_qsub(r,a,b);
+ r->neg=0;
+ }
+ return(1);
+ }
+
+ if (a->neg) /* both are neg */
+ r->neg=1;
+ else
+ r->neg=0;
+
+ i=(a->top > b->top);
+ if (bn_expand(r,(((i)?a->top:b->top)+1)*BN_BITS2) == NULL) return(0);
+
+ if (i)
+ bn_qadd(r,a,b);
+ else
+ bn_qadd(r,b,a);
+ return(1);
+ }
+
+/* unsigned add of b to a, r must be large enough */
+void bn_qadd(r,a,b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ register int i;
+ int max,min;
+ BN_ULONG *ap,*bp,*rp,carry,t1,t2;
+
+ max=a->top;
+ min=b->top;
+ r->top=max;
+
+ ap=a->d;
+ bp=b->d;
+ rp=r->d;
+ carry=0;
+ for (i=0; i<min; i++)
+ {
+ t1= *(ap++);
+ t2= *(bp++);
+ if (carry)
+ {
+ carry=(t2 >= ((~t1)&BN_MASK2));
+ t2=(t1+t2+1)&BN_MASK2;
+ }
+ else
+ {
+ t2=(t1+t2)&BN_MASK2;
+ carry=(t2 < t1);
+ }
+ *(rp++)=t2;
+ }
+ if (carry)
+ {
+ while (i < max)
+ {
+ t1= *(ap++);
+ t2=(t1+1)&BN_MASK2;
+ *(rp++)=t2;
+ carry=(t2 < t1);
+ i++;
+ if (!carry) break;
+ }
+ if ((i >= max) && carry)
+ {
+ *(rp++)=1;
+ r->top++;
+ }
+ }
+ for (; i<max; i++)
+ *(rp++)= *(ap++);
+ /* memcpy(rp,ap,sizeof(*ap)*(max-i));*/
+ }
+
diff --git a/crypto/bn/bn_bld.c b/crypto/bn/bn_bld.c
new file mode 100644
index 0000000..966db43
--- /dev/null
+++ b/crypto/bn/bn_bld.c
@@ -0,0 +1,144 @@
+/* crypto/bn/bn_bld.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_BL_CTX *BN_BL_CTX_new()
+ {
+ BN_BL_CTX *ret;
+
+ if ((ret=(BN_BL_CTX *)Malloc(sizeof(BN_BL_CTX))) == NULL)
+ {
+ BNerr(BN_F_BN_BL_CTX_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ if ((ret->num=BN_new()) == NULL) goto err;
+ if ((ret->mod=BN_new()) == NULL) goto err;
+ ret->inum=NULL;
+ ret->count=16;
+ ret->count=1;
+ return(ret);
+ }
+
+int BN_BL_CTX_Init(a,mod)
+BN_BL_CTX *a;
+BIGNUM *mod;
+ {
+ int i;
+ BN_CTX *ctx;
+
+ if ((ctx=BN_CTX_new()) == NULL) goto m_err;
+
+ if (BN_copy(a->mod,mod) == NULL) goto err;
+ i=BN_num_bits(mod);
+ if (!BN_rand(a->num,i,1,0)) goto err;
+
+ if (a->inum != NULL) BN_clear_free(a->inum);
+ a->inum=BN_mod_inverse(a->num,a->mod,ctx)
+ ret->count=16;
+ return(1);
+m_err:
+ BNerr(BN_F_BN_BL_CTX_INIT,ERR_R_MALLOC_FAILURE);
+err:
+ return(0);
+ }
+
+BN_BL_CTX *BN_BL_CTX_Update(a)
+BN_BL_CTX *a;
+ {
+ BN_CTX *ctx;
+ BN_BL_CTX *new;
+
+ if (--a->count > 0)
+ return(1);
+
+ new=BN_BL_CTX_new();
+ /* set/get lock */
+ if ((ctx=BN_CTX_new()) == NULL)
+ return(NULL);
+ new->inum=BN_new();
+
+ BN_mod_mul(new->num,a->num,a->num,a->mod,ctx);
+ BN_mod_mul(new->inum,a->inum,a->inum,a->mod,ctx);
+ BN_copy(new->mod,a->mod);
+ BN_BL_CTX_free(a);
+ return(new);
+ }
+
+void BN_BL_CTX_free(a)
+BN_BL_CTX *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_RSA);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"BN_BL_CTX_free, bad reference count\n");
+ abort();
+ }
+#endif
+ if (a->num == NULL) BN_clear_free(a->num);
+ if (a->inum == NULL) BN_clear_free(a->inum);
+ if (a->mod == NULL) BN_clear_free(a->mod);
+ }
diff --git a/crypto/bn/bn_div.c b/crypto/bn/bn_div.c
new file mode 100644
index 0000000..0ce4d41
--- /dev/null
+++ b/crypto/bn/bn_div.c
@@ -0,0 +1,286 @@
+/* crypto/bn/bn_div.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* The old slow way */
+#if 0
+int BN_div(dv, rem, m, d,ctx)
+BIGNUM *dv;
+BIGNUM *rem;
+BIGNUM *m;
+BIGNUM *d;
+BN_CTX *ctx;
+ {
+ int i,nm,nd;
+ BIGNUM *D;
+
+ if (BN_is_zero(d))
+ {
+ BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+ return(0);
+ }
+
+ if (BN_ucmp(m,d) < 0)
+ {
+ if (rem != NULL)
+ { if (BN_copy(rem,m) == NULL) return(0); }
+ if (dv != NULL) BN_zero(dv);
+ return(1);
+ }
+
+ D=ctx->bn[ctx->tos];
+ if (dv == NULL) dv=ctx->bn[ctx->tos+1];
+ if (rem == NULL) rem=ctx->bn[ctx->tos+2];
+
+ nd=BN_num_bits(d);
+ nm=BN_num_bits(m);
+ if (BN_copy(D,d) == NULL) return(0);
+ if (BN_copy(rem,m) == NULL) return(0);
+
+ /* The next 2 are needed so we can do a dv->d[0]|=1 later
+ * since BN_lshift1 will only work once there is a value :-) */
+ BN_zero(dv);
+ dv->top=1;
+
+ if (!BN_lshift(D,D,nm-nd)) return(0);
+ for (i=nm-nd; i>=0; i--)
+ {
+ if (!BN_lshift1(dv,dv)) return(0);
+ if (BN_ucmp(rem,D) >= 0)
+ {
+ dv->d[0]|=1;
+ bn_qsub(rem,rem,D);
+ }
+/* CAN IMPROVE (and have now :=) */
+ if (!BN_rshift1(D,D)) return(0);
+ }
+ rem->neg=BN_is_zero(rem)?0:m->neg;
+ dv->neg=m->neg^d->neg;
+ return(1);
+ }
+
+#else
+
+int BN_div(dv, rm, num, divisor,ctx)
+BIGNUM *dv;
+BIGNUM *rm;
+BIGNUM *num;
+BIGNUM *divisor;
+BN_CTX *ctx;
+ {
+ int norm_shift,i,j,loop;
+ BIGNUM *tmp,wnum,*snum,*sdiv,*res;
+ BN_ULONG *resp,*wnump;
+ BN_ULONG d0,d1;
+ int num_n,div_n;
+
+ if (BN_is_zero(num))
+ {
+ BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+ return(0);
+ }
+
+ if (BN_ucmp(num,divisor) < 0)
+ {
+ if (rm != NULL)
+ { if (BN_copy(rm,num) == NULL) return(0); }
+ if (dv != NULL) BN_zero(dv);
+ return(1);
+ }
+
+ tmp=ctx->bn[ctx->tos];
+ tmp->neg=0;
+ snum=ctx->bn[ctx->tos+1];
+ sdiv=ctx->bn[ctx->tos+2];
+ if (dv == NULL)
+ res=ctx->bn[ctx->tos+3];
+ else res=dv;
+
+ /* First we normalise the numbers */
+ norm_shift=BN_BITS2-((BN_num_bits(divisor))%BN_BITS2);
+ BN_lshift(sdiv,divisor,norm_shift);
+ sdiv->neg=0;
+ norm_shift+=BN_BITS2;
+ BN_lshift(snum,num,norm_shift);
+ snum->neg=0;
+ div_n=sdiv->top;
+ num_n=snum->top;
+ loop=num_n-div_n;
+
+ /* Lets setup a 'window' into snum
+ * This is the part that corresponds to the current
+ * 'area' being divided */
+ wnum.d= &(snum->d[loop]);
+ wnum.top= div_n;
+ wnum.max= snum->max; /* a bit of a lie */
+ wnum.neg= 0;
+
+ /* Get the top 2 words of sdiv */
+ /* i=sdiv->top; */
+ d0=sdiv->d[div_n-1];
+ d1=(div_n == 1)?0:sdiv->d[div_n-2];
+
+ /* pointer to the 'top' of snum */
+ wnump= &(snum->d[num_n-1]);
+
+ /* Setup to 'res' */
+ res->neg= (num->neg^divisor->neg);
+ res->top=loop;
+ if (!bn_expand(res,(loop+1)*BN_BITS2)) goto err;
+ resp= &(res->d[loop-1]);
+
+ /* space for temp */
+ if (!bn_expand(tmp,(div_n+1)*BN_BITS2)) goto err;
+
+ if (BN_ucmp(&wnum,sdiv) >= 0)
+ {
+ bn_qsub(&wnum,&wnum,sdiv);
+ *resp=1;
+ res->d[res->top-1]=1;
+ }
+ else
+ res->top--;
+ resp--;
+
+ for (i=0; i<loop-1; i++)
+ {
+ BN_ULONG q,n0,n1;
+ BN_ULONG l0;
+
+ wnum.d--; wnum.top++;
+ n0=wnump[0];
+ n1=wnump[-1];
+ if (n0 == d0)
+ q=BN_MASK2;
+ else
+ q=bn_div64(n0,n1,d0);
+ {
+#ifdef BN_LLONG
+ BN_ULLONG t1,t2,rem;
+ t1=((BN_ULLONG)n0<<BN_BITS2)|n1;
+ for (;;)
+ {
+ t2=(BN_ULLONG)d1*q;
+ rem=t1-(BN_ULLONG)q*d0;
+ if ((rem>>BN_BITS2) ||
+ (t2 <= ((BN_ULLONG)(rem<<BN_BITS2)+wnump[-2])))
+ break;
+ q--;
+ }
+#else
+ BN_ULONG t1l,t1h,t2l,t2h,t3l,t3h,ql,qh,t3t;
+ t1h=n0;
+ t1l=n1;
+ for (;;)
+ {
+ t2l=LBITS(d1); t2h=HBITS(d1);
+ ql =LBITS(q); qh =HBITS(q);
+ mul64(t2l,t2h,ql,qh); /* t2=(BN_ULLONG)d1*q; */
+
+ t3t=LBITS(d0); t3h=HBITS(d0);
+ mul64(t3t,t3h,ql,qh); /* t3=t1-(BN_ULLONG)q*d0; */
+ t3l=(t1l-t3t);
+ if (t3l > t1l) t3h++;
+ t3h=(t1h-t3h);
+
+ /*if ((t3>>BN_BITS2) ||
+ (t2 <= ((t3<<BN_BITS2)+wnump[-2])))
+ break; */
+ if (t3h) break;
+ if (t2h < t3l) break;
+ if ((t2h == t3l) && (t2l <= wnump[-2])) break;
+
+ q--;
+ }
+#endif
+ }
+ l0=bn_mul_word(tmp->d,sdiv->d,div_n,q);
+ tmp->d[div_n]=l0;
+ for (j=div_n+1; j>0; j--)
+ if (tmp->d[j-1]) break;
+ tmp->top=j;
+
+ j=wnum.top;
+ BN_sub(&wnum,&wnum,tmp);
+
+ snum->top=snum->top+wnum.top-j;
+
+ if (wnum.neg)
+ {
+ q--;
+ j=wnum.top;
+ BN_add(&wnum,&wnum,sdiv);
+ snum->top+=wnum.top-j;
+ }
+ *(resp--)=q;
+ wnump--;
+ }
+ if (rm != NULL)
+ {
+ BN_rshift(rm,snum,norm_shift);
+ rm->neg=num->neg;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+#endif
diff --git a/crypto/bn/bn_err.c b/crypto/bn/bn_err.c
new file mode 100644
index 0000000..38818d6
--- /dev/null
+++ b/crypto/bn/bn_err.c
@@ -0,0 +1,98 @@
+/* lib/bn/bn_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "bn.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA BN_str_functs[]=
+ {
+{ERR_PACK(0,BN_F_BN_BL_CTX_INIT,0), "BN_BL_CTX_INIT"},
+{ERR_PACK(0,BN_F_BN_BL_CTX_NEW,0), "BN_BL_CTX_NEW"},
+{ERR_PACK(0,BN_F_BN_BN2ASCII,0), "BN_bn2ascii"},
+{ERR_PACK(0,BN_F_BN_CTX_NEW,0), "BN_CTX_new"},
+{ERR_PACK(0,BN_F_BN_DIV,0), "BN_div"},
+{ERR_PACK(0,BN_F_BN_EXPAND2,0), "bn_expand2"},
+{ERR_PACK(0,BN_F_BN_MOD_EXP_MONT,0), "BN_mod_exp_mont"},
+{ERR_PACK(0,BN_F_BN_MOD_INVERSE,0), "BN_mod_inverse"},
+{ERR_PACK(0,BN_F_BN_MOD_MUL_RECIPROCAL,0), "BN_mod_mul_reciprocal"},
+{ERR_PACK(0,BN_F_BN_NEW,0), "BN_new"},
+{ERR_PACK(0,BN_F_BN_RAND,0), "BN_rand"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA BN_str_reasons[]=
+ {
+{BN_R_BAD_RECIPROCAL ,"bad reciprocal"},
+{BN_R_CALLED_WITH_EVEN_MODULUS ,"called with even modulus"},
+{BN_R_DIV_BY_ZERO ,"div by zero"},
+{BN_R_NO_INVERSE ,"no inverse"},
+{0,NULL},
+ };
+
+void ERR_load_BN_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_BN,BN_str_functs);
+ ERR_load_strings(ERR_LIB_BN,BN_str_reasons);
+ }
+ }
diff --git a/crypto/bn/bn_exp.c b/crypto/bn/bn_exp.c
new file mode 100644
index 0000000..0a0db37
--- /dev/null
+++ b/crypto/bn/bn_exp.c
@@ -0,0 +1,510 @@
+/* crypto/bn/bn_exp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* slow but works */
+int BN_mod_mul(ret, a, b, m, ctx)
+BIGNUM *ret;
+BIGNUM *a;
+BIGNUM *b;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ BIGNUM *t;
+ int r=0;
+
+ t=ctx->bn[ctx->tos++];
+ if (a == b)
+ { if (!BN_sqr(t,a,ctx)) goto err; }
+ else
+ { if (!BN_mul(t,a,b)) goto err; }
+ if (!BN_mod(ret,t,m,ctx)) goto err;
+ r=1;
+err:
+ ctx->tos--;
+ return(r);
+ }
+
+#if 0
+/* this one works - simple but works */
+int BN_mod_exp(r,a,p,m,ctx)
+BIGNUM *r,*a,*p,*m;
+BN_CTX *ctx;
+ {
+ int i,bits,ret=0;
+ BIGNUM *v,*tmp;
+
+ v=ctx->bn[ctx->tos++];
+ tmp=ctx->bn[ctx->tos++];
+
+ if (BN_copy(v,a) == NULL) goto err;
+ bits=BN_num_bits(p);
+
+ if (BN_is_odd(p))
+ { if (BN_copy(r,a) == NULL) goto err; }
+ else { if (BN_one(r)) goto err; }
+
+ for (i=1; i<bits; i++)
+ {
+ if (!BN_sqr(tmp,v,ctx)) goto err;
+ if (!BN_mod(v,tmp,m,ctx)) goto err;
+ if (BN_is_bit_set(p,i))
+ {
+ if (!BN_mul(tmp,r,v)) goto err;
+ if (!BN_mod(r,tmp,m,ctx)) goto err;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos-=2;
+ return(ret);
+ }
+
+#endif
+
+int BN_mod_exp(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int ret;
+
+#ifdef MONT_MUL_MOD
+ /* I have finally been able to take out this pre-condition of
+ * the top bit being set. It was caused by an error in BN_div
+ * with negatives. There was also another problem when for a^b%m
+ * a >= m. eay 07-May-97 */
+/* if ((m->d[m->top-1]&BN_TBIT) && BN_is_odd(m)) */
+
+ if (BN_is_odd(m))
+ { ret=BN_mod_exp_mont(r,a,p,m,ctx); }
+ else
+#endif
+#ifdef RECP_MUL_MOD
+ { ret=BN_mod_exp_recp(r,a,p,m,ctx); }
+#else
+ { ret=BN_mod_exp_simple(r,a,p,m,ctx); }
+#endif
+
+ return(ret);
+ }
+
+/* #ifdef RECP_MUL_MOD */
+int BN_mod_exp_recp(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int nb,i,j,bits,ret=0,wstart,wend,window,wvalue;
+ int start=1;
+ BIGNUM *d,*aa;
+ BIGNUM *val[16];
+
+ d=ctx->bn[ctx->tos++];
+ aa=ctx->bn[ctx->tos++];
+ bits=BN_num_bits(p);
+
+ if (bits == 0)
+ {
+ BN_one(r);
+ return(1);
+ }
+ nb=BN_reciprocal(d,m,ctx);
+ if (nb == -1) goto err;
+
+ val[0]=BN_new();
+ if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */
+ if (!BN_mod_mul_reciprocal(aa,val[0],val[0],m,d,nb,ctx))
+ goto err; /* 2 */
+
+ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+ window=1;
+ else if (bits >= 256)
+ window=5; /* max size of window */
+ else if (bits >= 128)
+ window=4;
+ else
+ window=3;
+
+ j=1<<(window-1);
+ for (i=1; i<j; i++)
+ {
+ val[i]=BN_new();
+ if (!BN_mod_mul_reciprocal(val[i],val[i-1],aa,m,d,nb,ctx))
+ goto err;
+ }
+ for (; i<16; i++)
+ val[i]=NULL;
+
+ start=1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue=0; /* The 'value' of the window */
+ wstart=bits-1; /* The top bit of the window */
+ wend=0; /* The bottom bit of the window */
+
+ if (!BN_one(r)) goto err;
+
+ for (;;)
+ {
+ if (BN_is_bit_set(p,wstart) == 0)
+ {
+ if (!start)
+ if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx))
+ goto err;
+ if (wstart == 0) break;
+ wstart--;
+ continue;
+ }
+ /* We now have wstart on a 'set' bit, we now need to work out
+ * how bit a window to do. To do this we need to scan
+ * forward until the last set bit before the end of the
+ * window */
+ j=wstart;
+ wvalue=1;
+ wend=0;
+ for (i=1; i<window; i++)
+ {
+ if (wstart-i < 0) break;
+ if (BN_is_bit_set(p,wstart-i))
+ {
+ wvalue<<=(i-wend);
+ wvalue|=1;
+ wend=i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j=wend+1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i=0; i<j; i++)
+ {
+ if (!BN_mod_mul_reciprocal(r,r,r,m,d,nb,ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul_reciprocal(r,r,val[wvalue>>1],m,d,nb,ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart-=wend+1;
+ wvalue=0;
+ start=0;
+ if (wstart < 0) break;
+ }
+ ret=1;
+err:
+ ctx->tos-=2;
+ for (i=0; i<16; i++)
+ if (val[i] != NULL) BN_clear_free(val[i]);
+ return(ret);
+ }
+/* #endif */
+
+/* #ifdef MONT_MUL_MOD */
+int BN_mod_exp_mont(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int i,j,bits,ret=0,wstart,wend,window,wvalue;
+ int start=1;
+ BIGNUM *d,*aa;
+ BIGNUM *val[16];
+ BN_MONT_CTX *mont=NULL;
+
+ if (!(m->d[0] & 1))
+ {
+ BNerr(BN_F_BN_MOD_EXP_MONT,BN_R_CALLED_WITH_EVEN_MODULUS);
+ return(0);
+ }
+ d=ctx->bn[ctx->tos++];
+ bits=BN_num_bits(p);
+ if (bits == 0)
+ {
+ BN_one(r);
+ return(1);
+ }
+
+ /* If this is not done, things will break in the montgomery
+ * part */
+
+ if ((mont=BN_MONT_CTX_new()) == NULL) goto err;
+ if (!BN_MONT_CTX_set(mont,m,ctx)) goto err;
+
+ val[0]=BN_new();
+ if (BN_ucmp(a,m) >= 0)
+ {
+ BN_mod(val[0],a,m,ctx);
+ aa=val[0];
+ }
+ else
+ aa=a;
+ if (!BN_to_montgomery(val[0],aa,mont,ctx)) goto err; /* 1 */
+ if (!BN_mod_mul_montgomery(d,val[0],val[0],mont,ctx)) goto err; /* 2 */
+
+ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+ window=1;
+ else if (bits >= 256)
+ window=5; /* max size of window */
+ else if (bits >= 128)
+ window=4;
+ else
+ window=3;
+
+ j=1<<(window-1);
+ for (i=1; i<j; i++)
+ {
+ val[i]=BN_new();
+ if (!BN_mod_mul_montgomery(val[i],val[i-1],d,mont,ctx))
+ goto err;
+ }
+ for (; i<16; i++)
+ val[i]=NULL;
+
+ start=1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue=0; /* The 'value' of the window */
+ wstart=bits-1; /* The top bit of the window */
+ wend=0; /* The bottom bit of the window */
+
+ if (!BN_to_montgomery(r,BN_value_one(),mont,ctx)) goto err;
+ for (;;)
+ {
+ if (BN_is_bit_set(p,wstart) == 0)
+ {
+ if (!start)
+ if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
+ goto err;
+ if (wstart == 0) break;
+ wstart--;
+ continue;
+ }
+ /* We now have wstart on a 'set' bit, we now need to work out
+ * how bit a window to do. To do this we need to scan
+ * forward until the last set bit before the end of the
+ * window */
+ j=wstart;
+ wvalue=1;
+ wend=0;
+ for (i=1; i<window; i++)
+ {
+ if (wstart-i < 0) break;
+ if (BN_is_bit_set(p,wstart-i))
+ {
+ wvalue<<=(i-wend);
+ wvalue|=1;
+ wend=i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j=wend+1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i=0; i<j; i++)
+ {
+ if (!BN_mod_mul_montgomery(r,r,r,mont,ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul_montgomery(r,r,val[wvalue>>1],mont,ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart-=wend+1;
+ wvalue=0;
+ start=0;
+ if (wstart < 0) break;
+ }
+ BN_from_montgomery(r,r,mont,ctx);
+ ret=1;
+err:
+ if (mont != NULL) BN_MONT_CTX_free(mont);
+ ctx->tos--;
+ for (i=0; i<16; i++)
+ if (val[i] != NULL) BN_clear_free(val[i]);
+ return(ret);
+ }
+/* #endif */
+
+/* The old fallback, simple version :-) */
+int BN_mod_exp_simple(r,a,p,m,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *p;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int i,j,bits,ret=0,wstart,wend,window,wvalue;
+ int start=1;
+ BIGNUM *d;
+ BIGNUM *val[16];
+
+ d=ctx->bn[ctx->tos++];
+ bits=BN_num_bits(p);
+
+ if (bits == 0)
+ {
+ BN_one(r);
+ return(1);
+ }
+
+ val[0]=BN_new();
+ if (!BN_mod(val[0],a,m,ctx)) goto err; /* 1 */
+ if (!BN_mod_mul(d,val[0],val[0],m,ctx))
+ goto err; /* 2 */
+
+ if (bits <= 17) /* This is probably 3 or 0x10001, so just do singles */
+ window=1;
+ else if (bits >= 256)
+ window=5; /* max size of window */
+ else if (bits >= 128)
+ window=4;
+ else
+ window=3;
+
+ j=1<<(window-1);
+ for (i=1; i<j; i++)
+ {
+ val[i]=BN_new();
+ if (!BN_mod_mul(val[i],val[i-1],d,m,ctx))
+ goto err;
+ }
+ for (; i<16; i++)
+ val[i]=NULL;
+
+ start=1; /* This is used to avoid multiplication etc
+ * when there is only the value '1' in the
+ * buffer. */
+ wvalue=0; /* The 'value' of the window */
+ wstart=bits-1; /* The top bit of the window */
+ wend=0; /* The bottom bit of the window */
+
+ if (!BN_one(r)) goto err;
+
+ for (;;)
+ {
+ if (BN_is_bit_set(p,wstart) == 0)
+ {
+ if (!start)
+ if (!BN_mod_mul(r,r,r,m,ctx))
+ goto err;
+ if (wstart == 0) break;
+ wstart--;
+ continue;
+ }
+ /* We now have wstart on a 'set' bit, we now need to work out
+ * how bit a window to do. To do this we need to scan
+ * forward until the last set bit before the end of the
+ * window */
+ j=wstart;
+ wvalue=1;
+ wend=0;
+ for (i=1; i<window; i++)
+ {
+ if (wstart-i < 0) break;
+ if (BN_is_bit_set(p,wstart-i))
+ {
+ wvalue<<=(i-wend);
+ wvalue|=1;
+ wend=i;
+ }
+ }
+
+ /* wend is the size of the current window */
+ j=wend+1;
+ /* add the 'bytes above' */
+ if (!start)
+ for (i=0; i<j; i++)
+ {
+ if (!BN_mod_mul(r,r,r,m,ctx))
+ goto err;
+ }
+
+ /* wvalue will be an odd number < 2^window */
+ if (!BN_mod_mul(r,r,val[wvalue>>1],m,ctx))
+ goto err;
+
+ /* move the 'window' down further */
+ wstart-=wend+1;
+ wvalue=0;
+ start=0;
+ if (wstart < 0) break;
+ }
+ ret=1;
+err:
+ ctx->tos--;
+ for (i=0; i<16; i++)
+ if (val[i] != NULL) BN_clear_free(val[i]);
+ return(ret);
+ }
+
diff --git a/crypto/bn/bn_gcd.c b/crypto/bn/bn_gcd.c
new file mode 100644
index 0000000..9b0bc2b
--- /dev/null
+++ b/crypto/bn/bn_gcd.c
@@ -0,0 +1,203 @@
+/* crypto/bn/bn_gcd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#ifndef NOPROTO
+static BIGNUM *euclid(BIGNUM *a, BIGNUM *b);
+#else
+static BIGNUM *euclid();
+#endif
+
+int BN_gcd(r,in_a,in_b,ctx)
+BIGNUM *r,*in_a,*in_b;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*t;
+ int ret=0;
+
+ a=ctx->bn[ctx->tos];
+ b=ctx->bn[ctx->tos+1];
+
+ if (BN_copy(a,in_a) == NULL) goto err;
+ if (BN_copy(b,in_b) == NULL) goto err;
+
+ if (BN_cmp(a,b) < 0) { t=a; a=b; b=t; }
+ t=euclid(a,b);
+ if (t == NULL) goto err;
+
+ if (BN_copy(r,t) == NULL) goto err;
+ ret=1;
+err:
+ return(ret);
+ }
+
+static BIGNUM *euclid(a,b)
+BIGNUM *a,*b;
+ {
+ BIGNUM *t;
+ int shifts=0;
+
+ for (;;)
+ {
+ if (BN_is_zero(b))
+ break;
+
+ if (BN_is_odd(a))
+ {
+ if (BN_is_odd(b))
+ {
+ if (!BN_sub(a,a,b)) goto err;
+ if (!BN_rshift1(a,a)) goto err;
+ if (BN_cmp(a,b) < 0)
+ { t=a; a=b; b=t; }
+ }
+ else /* a odd - b even */
+ {
+ if (!BN_rshift1(b,b)) goto err;
+ if (BN_cmp(a,b) < 0)
+ { t=a; a=b; b=t; }
+ }
+ }
+ else /* a is even */
+ {
+ if (BN_is_odd(b))
+ {
+ if (!BN_rshift1(a,a)) goto err;
+ if (BN_cmp(a,b) < 0)
+ { t=a; a=b; b=t; }
+ }
+ else /* a even - b even */
+ {
+ if (!BN_rshift1(a,a)) goto err;
+ if (!BN_rshift1(b,b)) goto err;
+ shifts++;
+ }
+ }
+ }
+ if (shifts)
+ {
+ if (!BN_lshift(a,a,shifts)) goto err;
+ }
+ return(a);
+err:
+ return(NULL);
+ }
+
+/* solves ax == 1 (mod n) */
+BIGNUM *BN_mod_inverse(a, n, ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+ {
+ BIGNUM *A,*B,*X,*Y,*M,*D,*R;
+ BIGNUM *ret=NULL,*T;
+ int sign;
+
+ A=ctx->bn[ctx->tos];
+ B=ctx->bn[ctx->tos+1];
+ X=ctx->bn[ctx->tos+2];
+ D=ctx->bn[ctx->tos+3];
+ M=ctx->bn[ctx->tos+4];
+ Y=ctx->bn[ctx->tos+5];
+ ctx->tos+=6;
+ R=BN_new();
+ if (R == NULL) goto err;
+
+ BN_zero(X);
+ BN_one(Y);
+ if (BN_copy(A,a) == NULL) goto err;
+ if (BN_copy(B,n) == NULL) goto err;
+ sign=1;
+
+ while (!BN_is_zero(B))
+ {
+ if (!BN_div(D,M,A,B,ctx)) goto err;
+ T=A;
+ A=B;
+ B=M;
+ /* T has a struct, M does not */
+
+ if (!BN_mul(T,D,X)) goto err;
+ if (!BN_add(T,T,Y)) goto err;
+ M=Y;
+ Y=X;
+ X=T;
+ sign= -sign;
+ }
+ if (sign < 0)
+ {
+ if (!BN_sub(Y,n,Y)) goto err;
+ }
+
+ if (BN_is_one(A))
+ { if (!BN_mod(R,Y,n,ctx)) goto err; }
+ else
+ {
+ BNerr(BN_F_BN_MOD_INVERSE,BN_R_NO_INVERSE);
+ goto err;
+ }
+ ret=R;
+err:
+ if ((ret == NULL) && (R != NULL)) BN_free(R);
+ ctx->tos-=6;
+ return(ret);
+ }
+
diff --git a/crypto/bn/bn_lcl.h b/crypto/bn/bn_lcl.h
new file mode 100644
index 0000000..4d44651
--- /dev/null
+++ b/crypto/bn/bn_lcl.h
@@ -0,0 +1,216 @@
+/* crypto/bn/bn_lcl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BN_LCL_H
+#define HEADER_BN_LCL_H
+
+#include "bn.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*************************************************************
+ * Using the long long type
+ */
+#define Lw(t) (((BN_ULONG)(t))&BN_MASK2)
+#define Hw(t) (((BN_ULONG)((t)>>BN_BITS2))&BN_MASK2)
+
+#define bn_fix_top(a) \
+ { \
+ BN_ULONG *fix_top_l; \
+ for (fix_top_l= &((a)->d[(a)->top-1]); (a)->top > 0; (a)->top--) \
+ if (*(fix_top_l--)) break; \
+ }
+
+#define bn_expand(n,b) ((((b)/BN_BITS2) <= (n)->max)?(n):bn_expand2((n),(b)))
+
+#ifdef BN_LLONG
+#define mul_add(r,a,w,c) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)w * (a) + (r) + (c); \
+ (r)=Lw(t); \
+ (c)= Hw(t); \
+ }
+
+#define mul(r,a,w,c) { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)w * (a) + (c); \
+ (r)=Lw(t); \
+ (c)= Hw(t); \
+ }
+
+#define bn_mul_words(r1,r2,a,b) \
+ { \
+ BN_ULLONG t; \
+ t=(BN_ULLONG)(a)*(b); \
+ r1=Lw(t); \
+ r2=Hw(t); \
+ }
+
+#else
+/*************************************************************
+ * No long long type
+ */
+
+#define LBITS(a) ((a)&BN_MASK2l)
+#define HBITS(a) (((a)>>BN_BITS4)&BN_MASK2l)
+#define L2HBITS(a) ((BN_ULONG)((a)&BN_MASK2l)<<BN_BITS4)
+
+#define LLBITS(a) ((a)&BN_MASKl)
+#define LHBITS(a) (((a)>>BN_BITS2)&BN_MASKl)
+#define LL2HBITS(a) ((BN_ULLONG)((a)&BN_MASKl)<<BN_BITS2)
+
+#define mul64(l,h,bl,bh) \
+ { \
+ BN_ULONG m,m1,lt,ht; \
+ \
+ lt=l; \
+ ht=h; \
+ m =(bh)*(lt); \
+ lt=(bl)*(lt); \
+ m1=(bl)*(ht); \
+ ht =(bh)*(ht); \
+ m+=m1; if ((m&BN_MASK2) < m1) ht+=L2HBITS(1L); \
+ ht+=HBITS(m); \
+ m1=L2HBITS(m); \
+ lt+=m1; if ((lt&BN_MASK2) < m1) ht++; \
+ (l)=lt; \
+ (h)=ht; \
+ }
+
+#define sqr64(lo,ho,in) \
+ { \
+ BN_ULONG l,h,m; \
+ \
+ h=(in); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ m =(l)*(h); \
+ l*=l; \
+ h*=h; \
+ h+=(m&BN_MASK2h1)>>(BN_BITS4-1); \
+ m =(m&BN_MASK2l)<<(BN_BITS4+1); \
+ l+=m; if ((l&BN_MASK2) < m) h++; \
+ (lo)=l; \
+ (ho)=h; \
+ }
+
+#define mul_add(r,a,bl,bh,c) { \
+ BN_ULONG l,h; \
+ \
+ h= (a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ mul64(l,h,(bl),(bh)); \
+ \
+ /* non-multiply part */ \
+ l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+ (c)=(r); \
+ l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+ (c)=h&BN_MASK2; \
+ (r)=l&BN_MASK2; \
+ }
+
+#define mul(r,a,bl,bh,c) { \
+ BN_ULONG l,h; \
+ \
+ h= (a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ mul64(l,h,(bl),(bh)); \
+ \
+ /* non-multiply part */ \
+ l+=(c); if ((l&BN_MASK2) < (c)) h++; \
+ (c)=h&BN_MASK2; \
+ (r)=l&BN_MASK2; \
+ }
+
+#define bn_mul_words(r1,r2,a,b) \
+ { \
+ BN_ULONG l,h,bl,bh; \
+ \
+ h=(a); \
+ l=LBITS(h); \
+ h=HBITS(h); \
+ bh=(b); \
+ bl=LBITS(bh); \
+ bh=HBITS(bh); \
+ \
+ mul64(l,h,bl,bh); \
+ \
+ (r1)=l; \
+ (r2)=h; \
+ }
+#endif
+
+#ifndef NOPROTO
+
+BIGNUM *bn_expand2(BIGNUM *b, int bits);
+
+#else
+
+BIGNUM *bn_expand2();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
new file mode 100644
index 0000000..288ebca
--- /dev/null
+++ b/crypto/bn/bn_lib.c
@@ -0,0 +1,565 @@
+/* crypto/bn/bn_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+char *BN_version="Big Number part of SSLeay 0.8.1b 29-Jun-1998";
+
+BIGNUM *BN_value_one()
+ {
+ static BN_ULONG data_one=1L;
+ static BIGNUM const_one={&data_one,1,1,0};
+
+ return(&const_one);
+ }
+
+char *BN_options()
+ {
+ static int init=0;
+ static char data[16];
+
+ if (!init)
+ {
+ init++;
+#ifdef BN_LLONG
+ sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULLONG)*8,
+ (int)sizeof(BN_ULONG)*8);
+#else
+ sprintf(data,"bn(%d,%d)",(int)sizeof(BN_ULONG)*8,
+ (int)sizeof(BN_ULONG)*8);
+#endif
+ }
+ return(data);
+ }
+
+int BN_num_bits_word(l)
+BN_ULONG l;
+ {
+ static char bits[256]={
+ 0,1,2,2,3,3,3,3,4,4,4,4,4,4,4,4,
+ 5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,5,
+ 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
+ 6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,6,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,7,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ 8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,8,
+ };
+
+#ifdef SIXTY_FOUR_BIT_LONG
+ if (l & 0xffffffff00000000L)
+ {
+ if (l & 0xffff000000000000L)
+ {
+ if (l & 0xff00000000000000L)
+ {
+ return(bits[l>>56]+56);
+ }
+ else return(bits[l>>48]+48);
+ }
+ else
+ {
+ if (l & 0x0000ff0000000000L)
+ {
+ return(bits[l>>40]+40);
+ }
+ else return(bits[l>>32]+32);
+ }
+ }
+ else
+#else
+#ifdef SIXTY_FOUR_BIT
+ if (l & 0xffffffff00000000LL)
+ {
+ if (l & 0xffff000000000000LL)
+ {
+ if (l & 0xff00000000000000LL)
+ {
+ return(bits[l>>56]+56);
+ }
+ else return(bits[l>>48]+48);
+ }
+ else
+ {
+ if (l & 0x0000ff0000000000LL)
+ {
+ return(bits[l>>40]+40);
+ }
+ else return(bits[l>>32]+32);
+ }
+ }
+ else
+#endif
+#endif
+ {
+#if defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xffff0000L)
+ {
+ if (l & 0xff000000L)
+ return(bits[l>>24L]+24);
+ else return(bits[l>>16L]+16);
+ }
+ else
+#endif
+ {
+#if defined(SIXTEEN_BIT) || defined(THIRTY_TWO_BIT) || defined(SIXTY_FOUR_BIT) || defined(SIXTY_FOUR_BIT_LONG)
+ if (l & 0xff00L)
+ return(bits[l>>8]+8);
+ else
+#endif
+ return(bits[l ] );
+ }
+ }
+ }
+
+int BN_num_bits(a)
+BIGNUM *a;
+ {
+ BN_ULONG l;
+ int i;
+
+ if (a->top == 0) return(0);
+ l=a->d[a->top-1];
+ i=(a->top-1)*BN_BITS2;
+ if (l == 0)
+ {
+#ifndef WIN16
+ fprintf(stderr,"BAD TOP VALUE\n");
+#endif
+ abort();
+ }
+ return(i+BN_num_bits_word(l));
+ }
+
+void BN_clear_free(a)
+BIGNUM *a;
+ {
+ if (a == NULL) return;
+ if (a->d != NULL)
+ {
+ memset(a->d,0,a->max*sizeof(a->d[0]));
+ Free(a->d);
+ }
+ memset(a,0,sizeof(BIGNUM));
+ Free(a);
+ }
+
+void BN_free(a)
+BIGNUM *a;
+ {
+ if (a == NULL) return;
+ if (a->d != NULL) Free(a->d);
+ Free(a);
+ }
+
+BIGNUM *BN_new()
+ {
+ BIGNUM *ret;
+ BN_ULONG *p;
+
+ ret=(BIGNUM *)Malloc(sizeof(BIGNUM));
+ if (ret == NULL) goto err;
+ ret->top=0;
+ ret->neg=0;
+ ret->max=(BN_DEFAULT_BITS/BN_BITS2);
+ p=(BN_ULONG *)Malloc(sizeof(BN_ULONG)*(ret->max+1));
+ if (p == NULL) goto err;
+ ret->d=p;
+
+ memset(p,0,(ret->max+1)*sizeof(p[0]));
+ return(ret);
+err:
+ BNerr(BN_F_BN_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+BN_CTX *BN_CTX_new()
+ {
+ BN_CTX *ret;
+ BIGNUM *n;
+ int i,j;
+
+ ret=(BN_CTX *)Malloc(sizeof(BN_CTX));
+ if (ret == NULL) goto err2;
+
+ for (i=0; i<BN_CTX_NUM; i++)
+ {
+ n=BN_new();
+ if (n == NULL) goto err;
+ ret->bn[i]=n;
+ }
+
+ /* There is actually an extra one, this is for debugging my
+ * stuff */
+ ret->bn[BN_CTX_NUM]=NULL;
+
+ ret->tos=0;
+ return(ret);
+err:
+ for (j=0; j<i; j++)
+ BN_free(ret->bn[j]);
+ Free(ret);
+err2:
+ BNerr(BN_F_BN_CTX_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+void BN_CTX_free(c)
+BN_CTX *c;
+ {
+ int i;
+
+ for (i=0; i<BN_CTX_NUM; i++)
+ BN_clear_free(c->bn[i]);
+ Free(c);
+ }
+
+BIGNUM *bn_expand2(b, bits)
+BIGNUM *b;
+int bits;
+ {
+ BN_ULONG *p;
+ register int n;
+
+ while (bits > b->max*BN_BITS2)
+ {
+ n=((bits+BN_BITS2-1)/BN_BITS2)*2;
+ p=b->d=(BN_ULONG *)Realloc(b->d,sizeof(BN_ULONG)*(n+1));
+ if (p == NULL)
+ {
+ BNerr(BN_F_BN_EXPAND2,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ memset(&(p[b->max]),0,((n+1)-b->max)*sizeof(BN_ULONG));
+ b->max=n;
+ }
+ return(b);
+ }
+
+BIGNUM *BN_dup(a)
+BIGNUM *a;
+ {
+ BIGNUM *r;
+
+ r=BN_new();
+ if (r == NULL) return(NULL);
+ return((BIGNUM *)BN_copy(r,a));
+ }
+
+BIGNUM *BN_copy(a, b)
+BIGNUM *a;
+BIGNUM *b;
+ {
+ if (bn_expand(a,b->top*BN_BITS2) == NULL) return(NULL);
+ memcpy(a->d,b->d,sizeof(b->d[0])*b->top);
+/* memset(&(a->d[b->top]),0,sizeof(a->d[0])*(a->max-b->top));*/
+ a->top=b->top;
+ a->neg=b->neg;
+ return(a);
+ }
+
+void BN_clear(a)
+BIGNUM *a;
+ {
+ memset(a->d,0,a->max*sizeof(a->d[0]));
+ a->top=0;
+ a->neg=0;
+ }
+
+unsigned long BN_get_word(a)
+BIGNUM *a;
+ {
+ int i,n;
+ unsigned long ret=0;
+
+ n=BN_num_bytes(a);
+ if (n > sizeof(unsigned long))
+#ifdef SIXTY_FOUR_BIT_LONG
+ return(BN_MASK2);
+#else
+ return(0xFFFFFFFFL);
+#endif
+ for (i=a->top-1; i>=0; i--)
+ {
+#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
+ ret<<=BN_BITS4; /* stops the compiler complaining */
+ ret<<=BN_BITS4;
+#endif
+ ret|=a->d[i];
+ }
+ return(ret);
+ }
+
+int BN_set_word(a,w)
+BIGNUM *a;
+unsigned long w;
+ {
+ int i,n;
+ if (bn_expand(a,sizeof(unsigned long)*8) == NULL) return(0);
+
+ n=sizeof(unsigned long)/BN_BYTES;
+ a->neg=0;
+ a->top=0;
+ a->d[0]=(BN_ULONG)w&BN_MASK2;
+ if (a->d[0] != 0) a->top=1;
+ for (i=1; i<n; i++)
+ {
+ /* the following is done instead of
+ * w>>=BN_BITS2 so compilers don't complain
+ * on builds where sizeof(long) == BN_TYPES */
+#ifndef SIXTY_FOUR_BIT /* the data item > unsigned long */
+ w>>=BN_BITS4;
+ w>>=BN_BITS4;
+#endif
+ a->d[i]=(BN_ULONG)w&BN_MASK2;
+ if (a->d[i] != 0) a->top=i+1;
+ }
+ return(1);
+ }
+
+/* ignore negative */
+BIGNUM *BN_bin2bn(s, len, ret)
+unsigned char *s;
+int len;
+BIGNUM *ret;
+ {
+ unsigned int i,m;
+ unsigned int n;
+ BN_ULONG l;
+
+ if (ret == NULL) ret=BN_new();
+ if (ret == NULL) return(NULL);
+ l=0;
+ n=len;
+ if (n == 0)
+ {
+ ret->top=0;
+ return(ret);
+ }
+ if (bn_expand(ret,(int)(n+2)*8) == NULL)
+ return(NULL);
+ i=((n-1)/BN_BYTES)+1;
+ m=((n-1)%(BN_BYTES));
+ ret->top=i;
+ while (n-- > 0)
+ {
+ l=(l<<8L)| *(s++);
+ if (m-- == 0)
+ {
+ ret->d[--i]=l;
+ l=0;
+ m=BN_BYTES-1;
+ }
+ }
+ /* need to call this due to clear byte at top if avoiding
+ * having the top bit set (-ve number) */
+ bn_fix_top(ret);
+ return(ret);
+ }
+
+/* ignore negative */
+int BN_bn2bin(a, to)
+BIGNUM *a;
+unsigned char *to;
+ {
+ int n,i;
+ BN_ULONG l;
+
+ n=i=BN_num_bytes(a);
+ while (i-- > 0)
+ {
+ l=a->d[i/BN_BYTES];
+ *(to++)=(unsigned char)(l>>(8*(i%BN_BYTES)))&0xff;
+ }
+ return(n);
+ }
+
+int BN_ucmp(a, b)
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ BN_ULONG t1,t2,*ap,*bp;
+
+ i=a->top-b->top;
+ if (i != 0) return(i);
+ ap=a->d;
+ bp=b->d;
+ for (i=a->top-1; i>=0; i--)
+ {
+ t1= ap[i];
+ t2= bp[i];
+ if (t1 != t2)
+ return(t1 > t2?1:-1);
+ }
+ return(0);
+ }
+
+int BN_cmp(a, b)
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ int gt,lt;
+ BN_ULONG t1,t2;
+
+ if ((a == NULL) || (b == NULL))
+ {
+ if (a != NULL)
+ return(-1);
+ else if (b != NULL)
+ return(1);
+ else
+ return(0);
+ }
+ if (a->neg != b->neg)
+ {
+ if (a->neg)
+ return(-1);
+ else return(1);
+ }
+ if (a->neg == 0)
+ { gt=1; lt= -1; }
+ else { gt= -1; lt=1; }
+
+ if (a->top > b->top) return(gt);
+ if (a->top < b->top) return(lt);
+ for (i=a->top-1; i>=0; i--)
+ {
+ t1=a->d[i];
+ t2=b->d[i];
+ if (t1 > t2) return(gt);
+ if (t1 < t2) return(lt);
+ }
+ return(0);
+ }
+
+int BN_set_bit(a, n)
+BIGNUM *a;
+int n;
+ {
+ int i,j;
+
+ i=n/BN_BITS2;
+ j=n%BN_BITS2;
+ if (a->top <= i) return(0);
+
+ a->d[i]|=(1L<<j);
+ return(1);
+ }
+
+int BN_clear_bit(a, n)
+BIGNUM *a;
+int n;
+ {
+ int i,j;
+
+ i=n/BN_BITS2;
+ j=n%BN_BITS2;
+ if (a->top <= i) return(0);
+
+ a->d[i]&=(~(1L<<j));
+ return(1);
+ }
+
+int BN_is_bit_set(a, n)
+BIGNUM *a;
+int n;
+ {
+ int i,j;
+
+ if (n < 0) return(0);
+ i=n/BN_BITS2;
+ j=n%BN_BITS2;
+ if (a->top <= i) return(0);
+ return((a->d[i]&(((BN_ULONG)1)<<j))?1:0);
+ }
+
+int BN_mask_bits(a,n)
+BIGNUM *a;
+int n;
+ {
+ int b,w;
+
+ w=n/BN_BITS2;
+ b=n%BN_BITS2;
+ if (w >= a->top) return(0);
+ if (b == 0)
+ a->top=w;
+ else
+ {
+ a->top=w+1;
+ a->d[w]&= ~(BN_MASK2<<b);
+ while ((w >= 0) && (a->d[w] == 0))
+ {
+ a->top--;
+ w--;
+ }
+ }
+ return(1);
+ }
diff --git a/crypto/bn/bn_mod.c b/crypto/bn/bn_mod.c
new file mode 100644
index 0000000..c94241f
--- /dev/null
+++ b/crypto/bn/bn_mod.c
@@ -0,0 +1,97 @@
+/* crypto/bn/bn_mod.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* rem != m */
+int BN_mod(rem, m, d,ctx)
+BIGNUM *rem;
+BIGNUM *m;
+BIGNUM *d;
+BN_CTX *ctx;
+ {
+#if 0 /* The old slow way */
+ int i,nm,nd;
+ BIGNUM *dv;
+
+ if (BN_ucmp(m,d) < 0)
+ return((BN_copy(rem,m) == NULL)?0:1);
+
+ dv=ctx->bn[ctx->tos];
+
+ if (!BN_copy(rem,m)) return(0);
+
+ nm=BN_num_bits(rem);
+ nd=BN_num_bits(d);
+ if (!BN_lshift(dv,d,nm-nd)) return(0);
+ for (i=nm-nd; i>=0; i--)
+ {
+ if (BN_cmp(rem,dv) >= 0)
+ {
+ if (!BN_sub(rem,rem,dv)) return(0);
+ }
+ if (!BN_rshift1(dv,dv)) return(0);
+ }
+ return(1);
+#else
+ return(BN_div(NULL,rem,m,d,ctx));
+#endif
+ }
+
diff --git a/crypto/bn/bn_mont.c b/crypto/bn/bn_mont.c
new file mode 100644
index 0000000..932d10b
--- /dev/null
+++ b/crypto/bn/bn_mont.c
@@ -0,0 +1,280 @@
+/* crypto/bn/bn_mont.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_mod_mul_montgomery(r,a,b,mont,ctx)
+BIGNUM *r,*a,*b;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+ {
+ BIGNUM *tmp;
+
+ tmp=ctx->bn[ctx->tos++];
+
+ if (a == b)
+ {
+ if (!BN_sqr(tmp,a,ctx)) goto err;
+ }
+ else
+ {
+ if (!BN_mul(tmp,a,b)) goto err;
+ }
+ /* reduce from aRR to aR */
+ if (!BN_from_montgomery(r,tmp,mont,ctx)) goto err;
+ ctx->tos--;
+ return(1);
+err:
+ return(0);
+ }
+
+#define MONT_WORD
+
+#ifdef MONT_WORD
+int BN_from_montgomery(ret,a,mont,ctx)
+BIGNUM *ret;
+BIGNUM *a;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+ {
+ BIGNUM *n,*t1,*r;
+ BN_ULONG *ap,*np,*rp,k,n0,v,v2;
+ int al,nl,max,i,x;
+ int retn=0;
+
+ t1=ctx->bn[ctx->tos];
+ r=ctx->bn[ctx->tos+1];
+
+ if (!BN_copy(r,a)) goto err;
+ n=mont->N;
+
+ if (!BN_copy(t1,a)) goto err;
+ BN_mask_bits(t1,mont->ri);
+
+ a=t1;
+
+ al=a->top;
+ nl=n->top;
+ if ((al == 0) || (nl == 0)) { r->top=0; return(1); }
+
+ max=(nl+al+1); /* allow for overflow (no?) XXX */
+ if (bn_expand(r,(max)*BN_BITS2) == NULL) goto err;
+
+ r->neg=a->neg^n->neg;
+ ap=a->d;
+ np=n->d;
+ rp=r->d;
+
+ /* clear the top bytes of T */
+ for (i=r->top; i<max; i++) /* memset? XXX */
+ r->d[i]=0;
+/* memset(&(r->d[r->top]),0,(max-r->top)*sizeof(BN_ULONG)); */
+
+ r->top=max;
+ n0=mont->n0;
+
+ for (i=0; i<nl; i++)
+ {
+ /* This is were part words probably goes wrong */
+ k=(rp[0]*n0)&BN_MASK2;
+ v=bn_mul_add_word(rp,np,nl,k);
+
+ for (x=nl; v; x++)
+ {
+ v2=rp[x];
+ v2+=v;
+ rp[x]=v2;
+ v=((v2&BN_MASK2) < v)?1:0; /* ever true? XXX */
+ }
+ rp++;
+ }
+ while (r->d[r->top-1] == 0)
+ r->top--;
+
+ BN_rshift(ret,r,mont->ri);
+
+ if (BN_ucmp(ret,mont->N) >= 0)
+ {
+ bn_qsub(ret,ret,mont->N); /* XXX */
+ }
+ retn=1;
+err:
+ return(retn);
+ }
+#else
+int BN_from_montgomery(r,a,mont,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BN_MONT_CTX *mont;
+BN_CTX *ctx;
+ {
+ BIGNUM *t1,*t2;
+
+ t1=ctx->bn[ctx->tos];
+ t2=ctx->bn[ctx->tos+1];
+
+ if (!BN_copy(t1,a)) goto err;
+ /* can cheat */
+ BN_mask_bits(t1,mont->ri);
+
+ if (!BN_mul(t2,t1,mont->Ni)) goto err;
+ BN_mask_bits(t2,mont->ri);
+
+ if (!BN_mul(t1,t2,mont->N)) goto err;
+ if (!BN_add(t2,a,t1)) goto err;
+ BN_rshift(r,t2,mont->ri);
+
+ if (BN_ucmp(r,mont->N) >= 0)
+ bn_qsub(r,r,mont->N);
+
+ return(1);
+err:
+ return(0);
+ }
+#endif
+
+BN_MONT_CTX *BN_MONT_CTX_new()
+ {
+ BN_MONT_CTX *ret;
+
+ if ((ret=(BN_MONT_CTX *)Malloc(sizeof(BN_MONT_CTX))) == NULL)
+ return(NULL);
+ ret->ri=0;
+ ret->RR=BN_new();
+ ret->N=BN_new();
+ ret->Ni=NULL;
+ if ((ret->RR == NULL) || (ret->N == NULL))
+ {
+ BN_MONT_CTX_free(ret);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+void BN_MONT_CTX_free(mont)
+BN_MONT_CTX *mont;
+ {
+ if (mont->RR != NULL) BN_free(mont->RR);
+ if (mont->N != NULL) BN_free(mont->N);
+ if (mont->Ni != NULL) BN_free(mont->Ni);
+ Free(mont);
+ }
+
+int BN_MONT_CTX_set(mont,mod,ctx)
+BN_MONT_CTX *mont;
+BIGNUM *mod;
+BN_CTX *ctx;
+ {
+ BIGNUM *Ri=NULL,*R=NULL;
+
+ if (mont->RR == NULL) mont->RR=BN_new();
+ if (mont->N == NULL) mont->N=BN_new();
+
+ R=mont->RR; /* grab RR as a temp */
+ BN_copy(mont->N,mod); /* Set N */
+
+#ifdef MONT_WORD
+{
+ BIGNUM tmod;
+ BN_ULONG buf[2];
+ /* int z; */
+
+ mont->ri=(BN_num_bits(mod)+(BN_BITS2-1))/BN_BITS2*BN_BITS2;
+ BN_lshift(R,BN_value_one(),BN_BITS2); /* R */
+ /* I was bad, this modification of a passed variable was
+ * breaking the multithreaded stuff :-(
+ * z=mod->top;
+ * mod->top=1; */
+
+ buf[0]=mod->d[0];
+ buf[1]=0;
+ tmod.d=buf;
+ tmod.top=1;
+ tmod.max=mod->max;
+ tmod.neg=mod->neg;
+
+ if ((Ri=BN_mod_inverse(R,&tmod,ctx)) == NULL) goto err; /* Ri */
+ BN_lshift(Ri,Ri,BN_BITS2); /* R*Ri */
+ bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */
+ BN_div(Ri,NULL,Ri,&tmod,ctx);
+ mont->n0=Ri->d[0];
+ BN_free(Ri);
+ /* mod->top=z; */
+}
+#else
+ mont->ri=BN_num_bits(mod);
+ BN_lshift(R,BN_value_one(),mont->ri); /* R */
+ if ((Ri=BN_mod_inverse(R,mod,ctx)) == NULL) goto err; /* Ri */
+ BN_lshift(Ri,Ri,mont->ri); /* R*Ri */
+ bn_qsub(Ri,Ri,BN_value_one()); /* R*Ri - 1 */
+ BN_div(Ri,NULL,Ri,mod,ctx);
+ if (mont->Ni != NULL) BN_free(mont->Ni);
+ mont->Ni=Ri; /* Ni=(R*Ri-1)/N */
+#endif
+
+ /* setup RR for conversions */
+ BN_lshift(mont->RR,BN_value_one(),mont->ri*2);
+ BN_mod(mont->RR,mont->RR,mont->N,ctx);
+
+ return(1);
+err:
+ return(0);
+ }
+
diff --git a/crypto/bn/bn_mul.c b/crypto/bn/bn_mul.c
new file mode 100644
index 0000000..3c8bf23
--- /dev/null
+++ b/crypto/bn/bn_mul.c
@@ -0,0 +1,99 @@
+/* crypto/bn/bn_mul.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must be different to a and b */
+int BN_mul(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int i;
+ int max,al,bl;
+ BN_ULONG *ap,*bp,*rp;
+
+ al=a->top;
+ bl=b->top;
+ if ((al == 0) || (bl == 0))
+ {
+ r->top=0;
+ return(1);
+ }
+
+ max=(al+bl);
+ if (bn_expand(r,(max)*BN_BITS2) == NULL) return(0);
+ r->top=max;
+ r->neg=a->neg^b->neg;
+ ap=a->d;
+ bp=b->d;
+ rp=r->d;
+
+ rp[al]=bn_mul_word(rp,ap,al,*(bp++));
+ rp++;
+ for (i=1; i<bl; i++)
+ {
+ rp[al]=bn_mul_add_word(rp,ap,al,*(bp++));
+ rp++;
+ }
+ if (r->d[max-1] == 0) r->top--;
+ return(1);
+ }
+
diff --git a/crypto/bn/bn_mulw.c b/crypto/bn/bn_mulw.c
new file mode 100644
index 0000000..d903127
--- /dev/null
+++ b/crypto/bn/bn_mulw.c
@@ -0,0 +1,303 @@
+/* crypto/bn/bn_mulw.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+#ifdef BN_LLONG
+
+BN_ULONG bn_mul_add_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+ {
+ BN_ULONG c1=0;
+
+ for (;;)
+ {
+ mul_add(rp[0],ap[0],w,c1);
+ if (--num == 0) break;
+ mul_add(rp[1],ap[1],w,c1);
+ if (--num == 0) break;
+ mul_add(rp[2],ap[2],w,c1);
+ if (--num == 0) break;
+ mul_add(rp[3],ap[3],w,c1);
+ if (--num == 0) break;
+ ap+=4;
+ rp+=4;
+ }
+
+ return(c1);
+ }
+
+BN_ULONG bn_mul_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+ {
+ BN_ULONG c1=0;
+
+ for (;;)
+ {
+ mul(rp[0],ap[0],w,c1);
+ if (--num == 0) break;
+ mul(rp[1],ap[1],w,c1);
+ if (--num == 0) break;
+ mul(rp[2],ap[2],w,c1);
+ if (--num == 0) break;
+ mul(rp[3],ap[3],w,c1);
+ if (--num == 0) break;
+ ap+=4;
+ rp+=4;
+ }
+ return(c1);
+ }
+
+void bn_sqr_words(r,a,n)
+BN_ULONG *r,*a;
+int n;
+ {
+ for (;;)
+ {
+ BN_ULLONG t;
+
+ t=(BN_ULLONG)(a[0])*(a[0]);
+ r[0]=Lw(t); r[1]=Hw(t);
+ if (--n == 0) break;
+
+ t=(BN_ULLONG)(a[1])*(a[1]);
+ r[2]=Lw(t); r[3]=Hw(t);
+ if (--n == 0) break;
+
+ t=(BN_ULLONG)(a[2])*(a[2]);
+ r[4]=Lw(t); r[5]=Hw(t);
+ if (--n == 0) break;
+
+ t=(BN_ULLONG)(a[3])*(a[3]);
+ r[6]=Lw(t); r[7]=Hw(t);
+ if (--n == 0) break;
+
+ a+=4;
+ r+=8;
+ }
+ }
+
+#else
+
+BN_ULONG bn_mul_add_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+ {
+ BN_ULONG c=0;
+ BN_ULONG bl,bh;
+
+ bl=LBITS(w);
+ bh=HBITS(w);
+
+ for (;;)
+ {
+ mul_add(rp[0],ap[0],bl,bh,c);
+ if (--num == 0) break;
+ mul_add(rp[1],ap[1],bl,bh,c);
+ if (--num == 0) break;
+ mul_add(rp[2],ap[2],bl,bh,c);
+ if (--num == 0) break;
+ mul_add(rp[3],ap[3],bl,bh,c);
+ if (--num == 0) break;
+ ap+=4;
+ rp+=4;
+ }
+ return(c);
+ }
+
+BN_ULONG bn_mul_word(rp,ap,num,w)
+BN_ULONG *rp,*ap;
+int num;
+BN_ULONG w;
+ {
+ BN_ULONG carry=0;
+ BN_ULONG bl,bh;
+
+ bl=LBITS(w);
+ bh=HBITS(w);
+
+ for (;;)
+ {
+ mul(rp[0],ap[0],bl,bh,carry);
+ if (--num == 0) break;
+ mul(rp[1],ap[1],bl,bh,carry);
+ if (--num == 0) break;
+ mul(rp[2],ap[2],bl,bh,carry);
+ if (--num == 0) break;
+ mul(rp[3],ap[3],bl,bh,carry);
+ if (--num == 0) break;
+ ap+=4;
+ rp+=4;
+ }
+ return(carry);
+ }
+
+void bn_sqr_words(r,a,n)
+BN_ULONG *r,*a;
+int n;
+ {
+ for (;;)
+ {
+ sqr64(r[0],r[1],a[0]);
+ if (--n == 0) break;
+
+ sqr64(r[2],r[3],a[1]);
+ if (--n == 0) break;
+
+ sqr64(r[4],r[5],a[2]);
+ if (--n == 0) break;
+
+ sqr64(r[6],r[7],a[3]);
+ if (--n == 0) break;
+
+ a+=4;
+ r+=8;
+ }
+ }
+
+#endif
+
+#if defined(BN_LLONG) && defined(BN_DIV2W)
+
+BN_ULONG bn_div64(h,l,d)
+BN_ULONG h,l,d;
+ {
+ return((BN_ULONG)(((((BN_ULLONG)h)<<BN_BITS2)|l)/(BN_ULLONG)d));
+ }
+
+#else
+
+/* Divide h-l by d and return the result. */
+/* I need to test this some more :-( */
+BN_ULONG bn_div64(h,l,d)
+BN_ULONG h,l,d;
+ {
+ BN_ULONG dh,dl,q,ret=0,th,tl,t;
+ int i,count=2;
+
+ if (d == 0) return(BN_MASK2);
+
+ i=BN_num_bits_word(d);
+ if ((i != BN_BITS2) && (h > (BN_ULONG)1<<i))
+ {
+#ifndef WIN16
+ fprintf(stderr,"Division would overflow (%d)\n",i);
+#endif
+ abort();
+ }
+ i=BN_BITS2-i;
+ if (h >= d) h-=d;
+
+ if (i)
+ {
+ d<<=i;
+ h=(h<<i)|(l>>(BN_BITS2-i));
+ l<<=i;
+ }
+ dh=(d&BN_MASK2h)>>BN_BITS4;
+ dl=(d&BN_MASK2l);
+ for (;;)
+ {
+ if ((h>>BN_BITS4) == dh)
+ q=BN_MASK2l;
+ else
+ q=h/dh;
+
+ for (;;)
+ {
+ t=(h-q*dh);
+ if ((t&BN_MASK2h) ||
+ ((dl*q) <= (
+ (t<<BN_BITS4)+
+ ((l&BN_MASK2h)>>BN_BITS4))))
+ break;
+ q--;
+ }
+ th=q*dh;
+ tl=q*dl;
+ t=(tl>>BN_BITS4);
+ tl=(tl<<BN_BITS4)&BN_MASK2h;
+ th+=t;
+
+ if (l < tl) th++;
+ l-=tl;
+ if (h < th)
+ {
+ h+=d;
+ q--;
+ }
+ h-=th;
+
+ if (--count == 0) break;
+
+ ret=q<<BN_BITS4;
+ h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
+ l=(l&BN_MASK2l)<<BN_BITS4;
+ }
+ ret|=q;
+ return(ret);
+ }
+#endif
+
diff --git a/crypto/bn/bn_prime.c b/crypto/bn/bn_prime.c
new file mode 100644
index 0000000..07a8289
--- /dev/null
+++ b/crypto/bn/bn_prime.c
@@ -0,0 +1,389 @@
+/* crypto/bn/bn_prime.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "rand.h"
+
+/* The quick seive algorithm approach to weeding out primes is
+ * Philip Zimmermann's, as implemented in PGP. I have had a read of
+ * his comments and implemented my own version.
+ */
+#include "bn_prime.h"
+
+#ifndef NOPROTO
+static int witness(BIGNUM *a, BIGNUM *n, BN_CTX *ctx);
+static int probable_prime(BIGNUM *rnd, int bits);
+static int probable_prime_dh(BIGNUM *rnd, int bits,
+ BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+static int probable_prime_dh_strong(BIGNUM *rnd, int bits,
+ BIGNUM *add, BIGNUM *rem, BN_CTX *ctx);
+#else
+static int witness();
+static int probable_prime();
+static int probable_prime_dh();
+static int probable_prime_dh_strong();
+#endif
+
+BIGNUM *BN_generate_prime(bits,strong,add,rem,callback)
+int bits;
+int strong;
+BIGNUM *add;
+BIGNUM *rem;
+void (*callback)(P_I_I);
+ {
+ BIGNUM *rnd=NULL;
+ BIGNUM *ret=NULL;
+ BIGNUM *t=NULL;
+ int i,j,c1=0;
+ BN_CTX *ctx;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ if ((rnd=BN_new()) == NULL) goto err;
+ if (strong)
+ if ((t=BN_new()) == NULL) goto err;
+loop:
+ /* make a random number and set the top and bottom bits */
+ if (add == NULL)
+ {
+ if (!probable_prime(rnd,bits)) goto err;
+ }
+ else
+ {
+ if (strong)
+ {
+ if (!probable_prime_dh_strong(rnd,bits,add,rem,ctx))
+ goto err;
+ }
+ else
+ {
+ if (!probable_prime_dh(rnd,bits,add,rem,ctx))
+ goto err;
+ }
+ }
+ /* if (BN_mod_word(rnd,(BN_ULONG)3) == 1) goto loop; */
+ if (callback != NULL) callback(0,c1++);
+
+ if (!strong)
+ {
+ i=BN_is_prime(rnd,BN_prime_checks,callback,ctx);
+ if (i == -1) goto err;
+ if (i == 0) goto loop;
+ }
+ else
+ {
+ /* for a strong prime generation,
+ * check that (p-1)/2 is prime.
+ * Since a prime is odd, We just
+ * need to divide by 2 */
+ if (!BN_rshift1(t,rnd)) goto err;
+
+ for (i=0; i<BN_prime_checks; i++)
+ {
+ j=BN_is_prime(rnd,1,callback,ctx);
+ if (j == -1) goto err;
+ if (j == 0) goto loop;
+
+ j=BN_is_prime(t,1,callback,ctx);
+ if (j == -1) goto err;
+ if (j == 0) goto loop;
+
+ if (callback != NULL) callback(2,c1-1);
+ /* We have a strong prime test pass */
+ }
+ }
+ /* we have a prime :-) */
+ ret=rnd;
+err:
+ if ((ret == NULL) && (rnd != NULL)) BN_free(rnd);
+ if (t != NULL) BN_free(t);
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ret);
+ }
+
+int BN_is_prime(a,checks,callback,ctx_passed)
+BIGNUM *a;
+int checks;
+void (*callback)(P_I_I);
+BN_CTX *ctx_passed;
+ {
+ int i,j,c2=0,ret= -1;
+ BIGNUM *check;
+ BN_CTX *ctx;
+
+ if (ctx_passed != NULL)
+ ctx=ctx_passed;
+ else
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+ check=ctx->bn[ctx->tos++];
+ for (i=0; i<checks; i++)
+ {
+ if (!BN_rand(check,BN_num_bits(a)-1,0,0)) goto err;
+ j=witness(check,a,ctx);
+ if (j == -1) goto err;
+ if (j)
+ {
+ ret=0;
+ goto err;
+ }
+ if (callback != NULL) callback(1,c2++);
+ }
+ ret=1;
+err:
+ ctx->tos--;
+ if ((ctx_passed == NULL) && (ctx != NULL))
+ BN_CTX_free(ctx);
+
+ return(ret);
+ }
+
+#define RECP_MUL_MOD
+
+static int witness(a, n,ctx)
+BIGNUM *a;
+BIGNUM *n;
+BN_CTX *ctx;
+ {
+ int k,i,nb,ret= -1;
+ BIGNUM *d,*dd,*tmp;
+ BIGNUM *d1,*d2,*x,*n1,*inv;
+
+ d1=ctx->bn[ctx->tos];
+ d2=ctx->bn[ctx->tos+1];
+ x=ctx->bn[ctx->tos+2];
+ n1=ctx->bn[ctx->tos+3];
+ inv=ctx->bn[ctx->tos+4];
+ ctx->tos+=5;
+
+ d=d1;
+ dd=d2;
+ if (!BN_one(d)) goto err;
+ if (!BN_sub(n1,n,d)) goto err; /* n1=n-1; */
+ k=BN_num_bits(n1);
+
+ /* i=BN_num_bits(n); */
+#ifdef RECP_MUL_MOD
+ nb=BN_reciprocal(inv,n,ctx); /**/
+ if (nb == -1) goto err;
+#endif
+
+ for (i=k-1; i>=0; i--)
+ {
+ if (BN_copy(x,d) == NULL) goto err;
+#ifndef RECP_MUL_MOD
+ if (!BN_mod_mul(dd,d,d,n,ctx)) goto err;
+#else
+ if (!BN_mod_mul_reciprocal(dd,d,d,n,inv,nb,ctx)) goto err;
+#endif
+ if ( BN_is_one(dd) &&
+ !BN_is_one(x) &&
+ (BN_cmp(x,n1) != 0))
+ {
+ ret=1;
+ goto err;
+ }
+ if (BN_is_bit_set(n1,i))
+ {
+#ifndef RECP_MUL_MOD
+ if (!BN_mod_mul(d,dd,a,n,ctx)) goto err;
+#else
+ if (!BN_mod_mul_reciprocal(d,dd,a,n,inv,nb,ctx)) goto err;
+#endif
+ }
+ else
+ {
+ tmp=d;
+ d=dd;
+ dd=tmp;
+ }
+ }
+ if (BN_is_one(d))
+ i=0;
+ else i=1;
+ ret=i;
+err:
+ ctx->tos-=5;
+ return(ret);
+ }
+
+static int probable_prime(rnd, bits)
+BIGNUM *rnd;
+int bits;
+ {
+ int i;
+ MS_STATIC BN_ULONG mods[NUMPRIMES];
+ BN_ULONG delta;
+
+ if (!BN_rand(rnd,bits,1,1)) return(0);
+ /* we now have a random number 'rand' to test. */
+ for (i=1; i<NUMPRIMES; i++)
+ mods[i]=BN_mod_word(rnd,(BN_ULONG)primes[i]);
+ delta=0;
+ loop: for (i=1; i<NUMPRIMES; i++)
+ {
+ /* check that rnd is not a prime and also
+ * that gcd(rnd-1,primes) == 1 (except for 2) */
+ if (((mods[i]+delta)%primes[i]) <= 1)
+ {
+ delta+=2;
+ /* perhaps need to check for overflow of
+ * delta (but delta can be upto 2^32) */
+ goto loop;
+ }
+ }
+ if (!BN_add_word(rnd,delta)) return(0);
+ return(1);
+ }
+
+static int probable_prime_dh(rnd, bits, add, rem,ctx)
+BIGNUM *rnd;
+int bits;
+BIGNUM *add;
+BIGNUM *rem;
+BN_CTX *ctx;
+ {
+ int i,ret=0;
+ BIGNUM *t1;
+
+ t1=ctx->bn[ctx->tos++];
+
+ if (!BN_rand(rnd,bits,0,1)) goto err;
+
+ /* we need ((rnd-rem) % add) == 0 */
+
+ if (!BN_mod(t1,rnd,add,ctx)) goto err;
+ if (!BN_sub(rnd,rnd,t1)) goto err;
+ if (rem == NULL)
+ { if (!BN_add_word(rnd,1)) goto err; }
+ else
+ { if (!BN_add(rnd,rnd,rem)) goto err; }
+
+ /* we now have a random number 'rand' to test. */
+
+ loop: for (i=1; i<NUMPRIMES; i++)
+ {
+ /* check that rnd is a prime */
+ if (BN_mod_word(rnd,(BN_LONG)primes[i]) <= 1)
+ {
+ if (!BN_add(rnd,rnd,add)) goto err;
+ goto loop;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos--;
+ return(ret);
+ }
+
+static int probable_prime_dh_strong(p, bits, padd, rem,ctx)
+BIGNUM *p;
+int bits;
+BIGNUM *padd;
+BIGNUM *rem;
+BN_CTX *ctx;
+ {
+ int i,ret=0;
+ BIGNUM *t1,*qadd=NULL,*q=NULL;
+
+ bits--;
+ t1=ctx->bn[ctx->tos++];
+ q=ctx->bn[ctx->tos++];
+ qadd=ctx->bn[ctx->tos++];
+
+ if (!BN_rshift1(qadd,padd)) goto err;
+
+ if (!BN_rand(q,bits,0,1)) goto err;
+
+ /* we need ((rnd-rem) % add) == 0 */
+ if (!BN_mod(t1,q,qadd,ctx)) goto err;
+ if (!BN_sub(q,q,t1)) goto err;
+ if (rem == NULL)
+ { if (!BN_add_word(q,1)) goto err; }
+ else
+ {
+ if (!BN_rshift1(t1,rem)) goto err;
+ if (!BN_add(q,q,t1)) goto err;
+ }
+
+ /* we now have a random number 'rand' to test. */
+ if (!BN_lshift1(p,q)) goto err;
+ if (!BN_add_word(p,1)) goto err;
+
+ loop: for (i=1; i<NUMPRIMES; i++)
+ {
+ /* check that p and q are prime */
+ /* check that for p and q
+ * gcd(p-1,primes) == 1 (except for 2) */
+ if ( (BN_mod_word(p,(BN_LONG)primes[i]) == 0) ||
+ (BN_mod_word(q,(BN_LONG)primes[i]) == 0))
+ {
+ if (!BN_add(p,p,padd)) goto err;
+ if (!BN_add(q,q,qadd)) goto err;
+ goto loop;
+ }
+ }
+ ret=1;
+err:
+ ctx->tos-=3;
+ return(ret);
+ }
+
diff --git a/crypto/bn/bn_prime.h b/crypto/bn/bn_prime.h
new file mode 100644
index 0000000..1d6df58
--- /dev/null
+++ b/crypto/bn/bn_prime.h
@@ -0,0 +1,325 @@
+/* crypto/bn/bn_prime.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef EIGHT_BIT
+#define NUMPRIMES 2048
+#else
+#define NUMPRIMES 54
+#endif
+static unsigned int primes[NUMPRIMES]=
+ {
+ 2, 3, 5, 7, 11, 13, 17, 19,
+ 23, 29, 31, 37, 41, 43, 47, 53,
+ 59, 61, 67, 71, 73, 79, 83, 89,
+ 97, 101, 103, 107, 109, 113, 127, 131,
+ 137, 139, 149, 151, 157, 163, 167, 173,
+ 179, 181, 191, 193, 197, 199, 211, 223,
+ 227, 229, 233, 239, 241, 251,
+#ifndef EIGHT_BIT
+ 257, 263,
+ 269, 271, 277, 281, 283, 293, 307, 311,
+ 313, 317, 331, 337, 347, 349, 353, 359,
+ 367, 373, 379, 383, 389, 397, 401, 409,
+ 419, 421, 431, 433, 439, 443, 449, 457,
+ 461, 463, 467, 479, 487, 491, 499, 503,
+ 509, 521, 523, 541, 547, 557, 563, 569,
+ 571, 577, 587, 593, 599, 601, 607, 613,
+ 617, 619, 631, 641, 643, 647, 653, 659,
+ 661, 673, 677, 683, 691, 701, 709, 719,
+ 727, 733, 739, 743, 751, 757, 761, 769,
+ 773, 787, 797, 809, 811, 821, 823, 827,
+ 829, 839, 853, 857, 859, 863, 877, 881,
+ 883, 887, 907, 911, 919, 929, 937, 941,
+ 947, 953, 967, 971, 977, 983, 991, 997,
+ 1009,1013,1019,1021,1031,1033,1039,1049,
+ 1051,1061,1063,1069,1087,1091,1093,1097,
+ 1103,1109,1117,1123,1129,1151,1153,1163,
+ 1171,1181,1187,1193,1201,1213,1217,1223,
+ 1229,1231,1237,1249,1259,1277,1279,1283,
+ 1289,1291,1297,1301,1303,1307,1319,1321,
+ 1327,1361,1367,1373,1381,1399,1409,1423,
+ 1427,1429,1433,1439,1447,1451,1453,1459,
+ 1471,1481,1483,1487,1489,1493,1499,1511,
+ 1523,1531,1543,1549,1553,1559,1567,1571,
+ 1579,1583,1597,1601,1607,1609,1613,1619,
+ 1621,1627,1637,1657,1663,1667,1669,1693,
+ 1697,1699,1709,1721,1723,1733,1741,1747,
+ 1753,1759,1777,1783,1787,1789,1801,1811,
+ 1823,1831,1847,1861,1867,1871,1873,1877,
+ 1879,1889,1901,1907,1913,1931,1933,1949,
+ 1951,1973,1979,1987,1993,1997,1999,2003,
+ 2011,2017,2027,2029,2039,2053,2063,2069,
+ 2081,2083,2087,2089,2099,2111,2113,2129,
+ 2131,2137,2141,2143,2153,2161,2179,2203,
+ 2207,2213,2221,2237,2239,2243,2251,2267,
+ 2269,2273,2281,2287,2293,2297,2309,2311,
+ 2333,2339,2341,2347,2351,2357,2371,2377,
+ 2381,2383,2389,2393,2399,2411,2417,2423,
+ 2437,2441,2447,2459,2467,2473,2477,2503,
+ 2521,2531,2539,2543,2549,2551,2557,2579,
+ 2591,2593,2609,2617,2621,2633,2647,2657,
+ 2659,2663,2671,2677,2683,2687,2689,2693,
+ 2699,2707,2711,2713,2719,2729,2731,2741,
+ 2749,2753,2767,2777,2789,2791,2797,2801,
+ 2803,2819,2833,2837,2843,2851,2857,2861,
+ 2879,2887,2897,2903,2909,2917,2927,2939,
+ 2953,2957,2963,2969,2971,2999,3001,3011,
+ 3019,3023,3037,3041,3049,3061,3067,3079,
+ 3083,3089,3109,3119,3121,3137,3163,3167,
+ 3169,3181,3187,3191,3203,3209,3217,3221,
+ 3229,3251,3253,3257,3259,3271,3299,3301,
+ 3307,3313,3319,3323,3329,3331,3343,3347,
+ 3359,3361,3371,3373,3389,3391,3407,3413,
+ 3433,3449,3457,3461,3463,3467,3469,3491,
+ 3499,3511,3517,3527,3529,3533,3539,3541,
+ 3547,3557,3559,3571,3581,3583,3593,3607,
+ 3613,3617,3623,3631,3637,3643,3659,3671,
+ 3673,3677,3691,3697,3701,3709,3719,3727,
+ 3733,3739,3761,3767,3769,3779,3793,3797,
+ 3803,3821,3823,3833,3847,3851,3853,3863,
+ 3877,3881,3889,3907,3911,3917,3919,3923,
+ 3929,3931,3943,3947,3967,3989,4001,4003,
+ 4007,4013,4019,4021,4027,4049,4051,4057,
+ 4073,4079,4091,4093,4099,4111,4127,4129,
+ 4133,4139,4153,4157,4159,4177,4201,4211,
+ 4217,4219,4229,4231,4241,4243,4253,4259,
+ 4261,4271,4273,4283,4289,4297,4327,4337,
+ 4339,4349,4357,4363,4373,4391,4397,4409,
+ 4421,4423,4441,4447,4451,4457,4463,4481,
+ 4483,4493,4507,4513,4517,4519,4523,4547,
+ 4549,4561,4567,4583,4591,4597,4603,4621,
+ 4637,4639,4643,4649,4651,4657,4663,4673,
+ 4679,4691,4703,4721,4723,4729,4733,4751,
+ 4759,4783,4787,4789,4793,4799,4801,4813,
+ 4817,4831,4861,4871,4877,4889,4903,4909,
+ 4919,4931,4933,4937,4943,4951,4957,4967,
+ 4969,4973,4987,4993,4999,5003,5009,5011,
+ 5021,5023,5039,5051,5059,5077,5081,5087,
+ 5099,5101,5107,5113,5119,5147,5153,5167,
+ 5171,5179,5189,5197,5209,5227,5231,5233,
+ 5237,5261,5273,5279,5281,5297,5303,5309,
+ 5323,5333,5347,5351,5381,5387,5393,5399,
+ 5407,5413,5417,5419,5431,5437,5441,5443,
+ 5449,5471,5477,5479,5483,5501,5503,5507,
+ 5519,5521,5527,5531,5557,5563,5569,5573,
+ 5581,5591,5623,5639,5641,5647,5651,5653,
+ 5657,5659,5669,5683,5689,5693,5701,5711,
+ 5717,5737,5741,5743,5749,5779,5783,5791,
+ 5801,5807,5813,5821,5827,5839,5843,5849,
+ 5851,5857,5861,5867,5869,5879,5881,5897,
+ 5903,5923,5927,5939,5953,5981,5987,6007,
+ 6011,6029,6037,6043,6047,6053,6067,6073,
+ 6079,6089,6091,6101,6113,6121,6131,6133,
+ 6143,6151,6163,6173,6197,6199,6203,6211,
+ 6217,6221,6229,6247,6257,6263,6269,6271,
+ 6277,6287,6299,6301,6311,6317,6323,6329,
+ 6337,6343,6353,6359,6361,6367,6373,6379,
+ 6389,6397,6421,6427,6449,6451,6469,6473,
+ 6481,6491,6521,6529,6547,6551,6553,6563,
+ 6569,6571,6577,6581,6599,6607,6619,6637,
+ 6653,6659,6661,6673,6679,6689,6691,6701,
+ 6703,6709,6719,6733,6737,6761,6763,6779,
+ 6781,6791,6793,6803,6823,6827,6829,6833,
+ 6841,6857,6863,6869,6871,6883,6899,6907,
+ 6911,6917,6947,6949,6959,6961,6967,6971,
+ 6977,6983,6991,6997,7001,7013,7019,7027,
+ 7039,7043,7057,7069,7079,7103,7109,7121,
+ 7127,7129,7151,7159,7177,7187,7193,7207,
+ 7211,7213,7219,7229,7237,7243,7247,7253,
+ 7283,7297,7307,7309,7321,7331,7333,7349,
+ 7351,7369,7393,7411,7417,7433,7451,7457,
+ 7459,7477,7481,7487,7489,7499,7507,7517,
+ 7523,7529,7537,7541,7547,7549,7559,7561,
+ 7573,7577,7583,7589,7591,7603,7607,7621,
+ 7639,7643,7649,7669,7673,7681,7687,7691,
+ 7699,7703,7717,7723,7727,7741,7753,7757,
+ 7759,7789,7793,7817,7823,7829,7841,7853,
+ 7867,7873,7877,7879,7883,7901,7907,7919,
+ 7927,7933,7937,7949,7951,7963,7993,8009,
+ 8011,8017,8039,8053,8059,8069,8081,8087,
+ 8089,8093,8101,8111,8117,8123,8147,8161,
+ 8167,8171,8179,8191,8209,8219,8221,8231,
+ 8233,8237,8243,8263,8269,8273,8287,8291,
+ 8293,8297,8311,8317,8329,8353,8363,8369,
+ 8377,8387,8389,8419,8423,8429,8431,8443,
+ 8447,8461,8467,8501,8513,8521,8527,8537,
+ 8539,8543,8563,8573,8581,8597,8599,8609,
+ 8623,8627,8629,8641,8647,8663,8669,8677,
+ 8681,8689,8693,8699,8707,8713,8719,8731,
+ 8737,8741,8747,8753,8761,8779,8783,8803,
+ 8807,8819,8821,8831,8837,8839,8849,8861,
+ 8863,8867,8887,8893,8923,8929,8933,8941,
+ 8951,8963,8969,8971,8999,9001,9007,9011,
+ 9013,9029,9041,9043,9049,9059,9067,9091,
+ 9103,9109,9127,9133,9137,9151,9157,9161,
+ 9173,9181,9187,9199,9203,9209,9221,9227,
+ 9239,9241,9257,9277,9281,9283,9293,9311,
+ 9319,9323,9337,9341,9343,9349,9371,9377,
+ 9391,9397,9403,9413,9419,9421,9431,9433,
+ 9437,9439,9461,9463,9467,9473,9479,9491,
+ 9497,9511,9521,9533,9539,9547,9551,9587,
+ 9601,9613,9619,9623,9629,9631,9643,9649,
+ 9661,9677,9679,9689,9697,9719,9721,9733,
+ 9739,9743,9749,9767,9769,9781,9787,9791,
+ 9803,9811,9817,9829,9833,9839,9851,9857,
+ 9859,9871,9883,9887,9901,9907,9923,9929,
+ 9931,9941,9949,9967,9973,10007,10009,10037,
+ 10039,10061,10067,10069,10079,10091,10093,10099,
+ 10103,10111,10133,10139,10141,10151,10159,10163,
+ 10169,10177,10181,10193,10211,10223,10243,10247,
+ 10253,10259,10267,10271,10273,10289,10301,10303,
+ 10313,10321,10331,10333,10337,10343,10357,10369,
+ 10391,10399,10427,10429,10433,10453,10457,10459,
+ 10463,10477,10487,10499,10501,10513,10529,10531,
+ 10559,10567,10589,10597,10601,10607,10613,10627,
+ 10631,10639,10651,10657,10663,10667,10687,10691,
+ 10709,10711,10723,10729,10733,10739,10753,10771,
+ 10781,10789,10799,10831,10837,10847,10853,10859,
+ 10861,10867,10883,10889,10891,10903,10909,10937,
+ 10939,10949,10957,10973,10979,10987,10993,11003,
+ 11027,11047,11057,11059,11069,11071,11083,11087,
+ 11093,11113,11117,11119,11131,11149,11159,11161,
+ 11171,11173,11177,11197,11213,11239,11243,11251,
+ 11257,11261,11273,11279,11287,11299,11311,11317,
+ 11321,11329,11351,11353,11369,11383,11393,11399,
+ 11411,11423,11437,11443,11447,11467,11471,11483,
+ 11489,11491,11497,11503,11519,11527,11549,11551,
+ 11579,11587,11593,11597,11617,11621,11633,11657,
+ 11677,11681,11689,11699,11701,11717,11719,11731,
+ 11743,11777,11779,11783,11789,11801,11807,11813,
+ 11821,11827,11831,11833,11839,11863,11867,11887,
+ 11897,11903,11909,11923,11927,11933,11939,11941,
+ 11953,11959,11969,11971,11981,11987,12007,12011,
+ 12037,12041,12043,12049,12071,12073,12097,12101,
+ 12107,12109,12113,12119,12143,12149,12157,12161,
+ 12163,12197,12203,12211,12227,12239,12241,12251,
+ 12253,12263,12269,12277,12281,12289,12301,12323,
+ 12329,12343,12347,12373,12377,12379,12391,12401,
+ 12409,12413,12421,12433,12437,12451,12457,12473,
+ 12479,12487,12491,12497,12503,12511,12517,12527,
+ 12539,12541,12547,12553,12569,12577,12583,12589,
+ 12601,12611,12613,12619,12637,12641,12647,12653,
+ 12659,12671,12689,12697,12703,12713,12721,12739,
+ 12743,12757,12763,12781,12791,12799,12809,12821,
+ 12823,12829,12841,12853,12889,12893,12899,12907,
+ 12911,12917,12919,12923,12941,12953,12959,12967,
+ 12973,12979,12983,13001,13003,13007,13009,13033,
+ 13037,13043,13049,13063,13093,13099,13103,13109,
+ 13121,13127,13147,13151,13159,13163,13171,13177,
+ 13183,13187,13217,13219,13229,13241,13249,13259,
+ 13267,13291,13297,13309,13313,13327,13331,13337,
+ 13339,13367,13381,13397,13399,13411,13417,13421,
+ 13441,13451,13457,13463,13469,13477,13487,13499,
+ 13513,13523,13537,13553,13567,13577,13591,13597,
+ 13613,13619,13627,13633,13649,13669,13679,13681,
+ 13687,13691,13693,13697,13709,13711,13721,13723,
+ 13729,13751,13757,13759,13763,13781,13789,13799,
+ 13807,13829,13831,13841,13859,13873,13877,13879,
+ 13883,13901,13903,13907,13913,13921,13931,13933,
+ 13963,13967,13997,13999,14009,14011,14029,14033,
+ 14051,14057,14071,14081,14083,14087,14107,14143,
+ 14149,14153,14159,14173,14177,14197,14207,14221,
+ 14243,14249,14251,14281,14293,14303,14321,14323,
+ 14327,14341,14347,14369,14387,14389,14401,14407,
+ 14411,14419,14423,14431,14437,14447,14449,14461,
+ 14479,14489,14503,14519,14533,14537,14543,14549,
+ 14551,14557,14561,14563,14591,14593,14621,14627,
+ 14629,14633,14639,14653,14657,14669,14683,14699,
+ 14713,14717,14723,14731,14737,14741,14747,14753,
+ 14759,14767,14771,14779,14783,14797,14813,14821,
+ 14827,14831,14843,14851,14867,14869,14879,14887,
+ 14891,14897,14923,14929,14939,14947,14951,14957,
+ 14969,14983,15013,15017,15031,15053,15061,15073,
+ 15077,15083,15091,15101,15107,15121,15131,15137,
+ 15139,15149,15161,15173,15187,15193,15199,15217,
+ 15227,15233,15241,15259,15263,15269,15271,15277,
+ 15287,15289,15299,15307,15313,15319,15329,15331,
+ 15349,15359,15361,15373,15377,15383,15391,15401,
+ 15413,15427,15439,15443,15451,15461,15467,15473,
+ 15493,15497,15511,15527,15541,15551,15559,15569,
+ 15581,15583,15601,15607,15619,15629,15641,15643,
+ 15647,15649,15661,15667,15671,15679,15683,15727,
+ 15731,15733,15737,15739,15749,15761,15767,15773,
+ 15787,15791,15797,15803,15809,15817,15823,15859,
+ 15877,15881,15887,15889,15901,15907,15913,15919,
+ 15923,15937,15959,15971,15973,15991,16001,16007,
+ 16033,16057,16061,16063,16067,16069,16073,16087,
+ 16091,16097,16103,16111,16127,16139,16141,16183,
+ 16187,16189,16193,16217,16223,16229,16231,16249,
+ 16253,16267,16273,16301,16319,16333,16339,16349,
+ 16361,16363,16369,16381,16411,16417,16421,16427,
+ 16433,16447,16451,16453,16477,16481,16487,16493,
+ 16519,16529,16547,16553,16561,16567,16573,16603,
+ 16607,16619,16631,16633,16649,16651,16657,16661,
+ 16673,16691,16693,16699,16703,16729,16741,16747,
+ 16759,16763,16787,16811,16823,16829,16831,16843,
+ 16871,16879,16883,16889,16901,16903,16921,16927,
+ 16931,16937,16943,16963,16979,16981,16987,16993,
+ 17011,17021,17027,17029,17033,17041,17047,17053,
+ 17077,17093,17099,17107,17117,17123,17137,17159,
+ 17167,17183,17189,17191,17203,17207,17209,17231,
+ 17239,17257,17291,17293,17299,17317,17321,17327,
+ 17333,17341,17351,17359,17377,17383,17387,17389,
+ 17393,17401,17417,17419,17431,17443,17449,17467,
+ 17471,17477,17483,17489,17491,17497,17509,17519,
+ 17539,17551,17569,17573,17579,17581,17597,17599,
+ 17609,17623,17627,17657,17659,17669,17681,17683,
+ 17707,17713,17729,17737,17747,17749,17761,17783,
+ 17789,17791,17807,17827,17837,17839,17851,17863,
+#endif
+ };
diff --git a/crypto/bn/bn_prime.pl b/crypto/bn/bn_prime.pl
new file mode 100644
index 0000000..979385a
--- /dev/null
+++ b/crypto/bn/bn_prime.pl
@@ -0,0 +1,56 @@
+#!/usr/local/bin/perl
+# bn_prime.pl
+
+$num=2048;
+$num=$ARGV[0] if ($#ARGV >= 0);
+
+push(@primes,2);
+$p=1;
+loop: while ($#primes < $num-1)
+ {
+ $p+=2;
+ $s=int(sqrt($p));
+
+ for ($i=0; $primes[$i]<=$s; $i++)
+ {
+ next loop if (($p%$primes[$i]) == 0);
+ }
+ push(@primes,$p);
+ }
+
+print <<"EOF";
+/* Auto generated by bn_prime.pl */
+/* Copyright (C) 1995-1997 Eric Young (eay\@mincom.oz.au).
+ * All rights reserved.
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * See the COPYRIGHT file in the SSLeay distribution for more details.
+ */
+
+EOF
+
+for ($i=0; $i <= $#primes; $i++)
+ {
+ if ($primes[$i] > 256)
+ {
+ $eight=$i;
+ last;
+ }
+ }
+
+printf "#ifndef EIGHT_BIT\n";
+printf "#define NUMPRIMES %d\n",$num;
+printf "#else\n";
+printf "#define NUMPRIMES %d\n",$eight;
+printf "#endif\n";
+print "static unsigned int primes[NUMPRIMES]=\n\t{\n\t";
+$init=0;
+for ($i=0; $i <= $#primes; $i++)
+ {
+ printf "\n#ifndef EIGHT_BIT\n\t" if ($primes[$i] > 256) && !($init++);
+ printf("\n\t") if (($i%8) == 0) && ($i != 0);
+ printf("%4d,",$primes[$i]);
+ }
+print "\n#endif\n\t};\n";
+
+
diff --git a/crypto/bn/bn_print.c b/crypto/bn/bn_print.c
new file mode 100644
index 0000000..36bc0d1
--- /dev/null
+++ b/crypto/bn/bn_print.c
@@ -0,0 +1,218 @@
+/* crypto/bn/bn_print.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <ctype.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "bn_lcl.h"
+
+static char *Hex="0123456789ABCDEF";
+
+/* Must 'Free' the returned data */
+char *BN_bn2ascii(a)
+BIGNUM *a;
+ {
+ int i,j,v,z=0;
+ char *buf;
+ char *p;
+
+ buf=(char *)Malloc(a->top*BN_BYTES*2+2);
+ if (buf == NULL)
+ {
+ BNerr(BN_F_BN_BN2ASCII,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf;
+ if (a->neg) *(p++)='-';
+ if (a->top == 0) *(p++)='0';
+ for (i=a->top-1; i >=0; i--)
+ {
+ for (j=BN_BITS2-8; j >= 0; j-=8)
+ {
+ /* strip leading zeros */
+ v=((int)(a->d[i]>>(long)j))&0xff;
+ if (z || (v != 0))
+ {
+ *(p++)=Hex[v>>4];
+ *(p++)=Hex[v&0x0f];
+ z=1;
+ }
+ }
+ }
+ *p='\0';
+err:
+ return(buf);
+ }
+
+int BN_ascii2bn(bn,a)
+BIGNUM **bn;
+char *a;
+ {
+ BIGNUM *ret=NULL;
+ BN_ULONG l=0;
+ int neg=0,h,m,i,j,k,c;
+ int num;
+
+ if ((a == NULL) || (*a == '\0')) return(0);
+
+ if (*a == '-') { neg=1; a++; }
+
+ for (i=0; isxdigit(a[i]); i++)
+ ;
+
+ num=i+neg;
+ if (bn == NULL) return(num);
+
+ /* a is the start of the hex digets, and it is 'i' long */
+ if (*bn == NULL)
+ {
+ if ((ret=BN_new()) == NULL) return(0);
+ }
+ else
+ {
+ ret= *bn;
+ BN_zero(ret);
+ }
+
+ /* i is the number of hex digests; */
+ if (bn_expand(ret,i*4) == NULL) goto err;
+
+ j=i; /* least significate 'hex' */
+ m=0;
+ h=0;
+ while (j > 0)
+ {
+ m=((BN_BYTES*2) <= j)?(BN_BYTES*2):j;
+ l=0;
+ for (;;)
+ {
+ c=a[j-m];
+ if ((c >= '0') && (c <= '9')) k=c-'0';
+ else if ((c >= 'a') && (c <= 'f')) k=c-'a'+10;
+ else if ((c >= 'A') && (c <= 'F')) k=c-'A'+10;
+ else k=0; /* paranoia */
+ l=(l<<4)|k;
+
+ if (--m <= 0)
+ {
+ ret->d[h++]=l;
+ break;
+ }
+ }
+ j-=(BN_BYTES*2);
+ }
+ ret->top=h;
+ bn_fix_top(ret);
+ ret->neg=neg;
+
+ *bn=ret;
+ return(num);
+err:
+ if (*bn == NULL) BN_free(ret);
+ return(0);
+ }
+
+#ifndef NO_BIO
+
+#ifndef WIN16
+int BN_print_fp(fp, a)
+FILE *fp;
+BIGNUM *a;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ return(0);
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=BN_print(b,a);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int BN_print(bp, a)
+BIO *bp;
+BIGNUM *a;
+ {
+ int i,j,v,z=0;
+ int ret=0;
+
+ if ((a->neg) && (BIO_write(bp,"-",1) != 1)) goto end;
+ if ((a->top == 0) && (BIO_write(bp,"0",1) != 1)) goto end;
+ for (i=a->top-1; i >=0; i--)
+ {
+ for (j=BN_BITS2-4; j >= 0; j-=4)
+ {
+ /* strip leading zeros */
+ v=((int)(a->d[i]>>(long)j))&0x0f;
+ if (z || (v != 0))
+ {
+ if (BIO_write(bp,&(Hex[v]),1) != 1)
+ goto end;
+ z=1;
+ }
+ }
+ }
+ ret=1;
+end:
+ return(ret);
+ }
+
+#endif
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
new file mode 100644
index 0000000..e3530a5
--- /dev/null
+++ b/crypto/bn/bn_rand.c
@@ -0,0 +1,121 @@
+/* crypto/bn/bn_rand.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+#include "rand.h"
+
+int BN_rand(rnd, bits, top, bottom)
+BIGNUM *rnd;
+int bits;
+int top;
+int bottom;
+ {
+ unsigned char *buf=NULL;
+ int ret=0,bit,bytes,mask;
+ time_t tim;
+
+ bytes=(bits+7)/8;
+ bit=(bits-1)%8;
+ mask=0xff<<bit;
+
+ buf=(unsigned char *)Malloc(bytes);
+ if (buf == NULL)
+ {
+ BNerr(BN_F_BN_RAND,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* make a random number and set the top and bottom bits */
+ time(&tim);
+ RAND_seed((unsigned char *)&tim,sizeof(tim));
+
+ RAND_bytes(buf,(int)bytes);
+ if (top)
+ {
+ if (bit == 0)
+ {
+ buf[0]=1;
+ buf[1]|=0x80;
+ }
+ else
+ {
+ buf[0]|=(3<<(bit-1));
+ buf[0]&= ~(mask<<1);
+ }
+ }
+ else
+ {
+ buf[0]|=(1<<bit);
+ buf[0]&= ~(mask<<1);
+ }
+ if (bottom) /* set bottom bits to whatever odd is */
+ buf[bytes-1]|=1;
+ if (!BN_bin2bn(buf,bytes,rnd)) goto err;
+ ret=1;
+err:
+ if (buf != NULL)
+ {
+ memset(buf,0,bytes);
+ Free(buf);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/bn/bn_recp.c b/crypto/bn/bn_recp.c
new file mode 100644
index 0000000..fd9ca4d
--- /dev/null
+++ b/crypto/bn/bn_recp.c
@@ -0,0 +1,125 @@
+/* crypto/bn/bn_recp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_mod_mul_reciprocal(r, x, y, m, i, nb, ctx)
+BIGNUM *r;
+BIGNUM *x;
+BIGNUM *y;
+BIGNUM *m;
+BIGNUM *i;
+int nb;
+BN_CTX *ctx;
+ {
+ int ret=0,j;
+ BIGNUM *a,*b,*c,*d;
+
+ a=ctx->bn[ctx->tos++];
+ b=ctx->bn[ctx->tos++];
+ c=ctx->bn[ctx->tos++];
+ d=ctx->bn[ctx->tos++];
+
+ if (x == y)
+ { if (!BN_sqr(a,x,ctx)) goto err; }
+ else
+ { if (!BN_mul(a,x,y)) goto err; }
+ if (!BN_rshift(d,a,nb)) goto err;
+ if (!BN_mul(b,d,i)) goto err;
+ if (!BN_rshift(c,b,nb)) goto err;
+ if (!BN_mul(b,m,c)) goto err;
+ if (!BN_sub(r,a,b)) goto err;
+ j=0;
+ while (BN_cmp(r,m) >= 0)
+ {
+ if (j++ > 2)
+ {
+ BNerr(BN_F_BN_MOD_MUL_RECIPROCAL,BN_R_BAD_RECIPROCAL);
+ goto err;
+ }
+ if (!BN_sub(r,r,m)) goto err;
+ }
+
+ ret=1;
+err:
+ ctx->tos-=4;
+ return(ret);
+ }
+
+int BN_reciprocal(r, m,ctx)
+BIGNUM *r;
+BIGNUM *m;
+BN_CTX *ctx;
+ {
+ int nm,ret= -1;
+ BIGNUM *t;
+
+ t=ctx->bn[ctx->tos++];
+
+ nm=BN_num_bits(m);
+ if (!BN_lshift(t,BN_value_one(),nm*2)) goto err;
+
+ if (!BN_div(r,NULL,t,m,ctx)) goto err;
+ ret=nm;
+err:
+ ctx->tos--;
+ return(ret);
+ }
+
diff --git a/crypto/bn/bn_shift.c b/crypto/bn/bn_shift.c
new file mode 100644
index 0000000..d711887
--- /dev/null
+++ b/crypto/bn/bn_shift.c
@@ -0,0 +1,210 @@
+/* crypto/bn/bn_shift.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+int BN_lshift1(r, a)
+BIGNUM *r;
+BIGNUM *a;
+ {
+ register BN_ULONG *ap,*rp,t,c;
+ int i;
+
+ if (r != a)
+ {
+ r->neg=a->neg;
+ if (bn_expand(r,(a->top+1)*BN_BITS2) == NULL) return(0);
+ r->top=a->top;
+ }
+ else
+ {
+ if (bn_expand(r,(a->top+1)*BN_BITS2) == NULL) return(0);
+ }
+ ap=a->d;
+ rp=r->d;
+ c=0;
+ for (i=0; i<a->top; i++)
+ {
+ t= *(ap++);
+ *(rp++)=((t<<1)|c)&BN_MASK2;
+ c=(t & BN_TBIT)?1:0;
+ }
+ if (c)
+ {
+ *rp=1;
+ r->top++;
+ }
+ return(1);
+ }
+
+int BN_rshift1(r, a)
+BIGNUM *r;
+BIGNUM *a;
+ {
+ BN_ULONG *ap,*rp,t,c;
+ int i;
+
+ if (BN_is_zero(a))
+ {
+ BN_zero(r);
+ return(1);
+ }
+ if (a != r)
+ {
+ if (bn_expand(r,a->top*BN_BITS2) == NULL) return(0);
+ r->top=a->top;
+ r->neg=a->neg;
+ }
+ ap=a->d;
+ rp=r->d;
+ c=0;
+ for (i=a->top-1; i>=0; i--)
+ {
+ t=ap[i];
+ rp[i]=((t>>1)&BN_MASK2)|c;
+ c=(t&1)?BN_TBIT:0;
+ }
+ bn_fix_top(r);
+ return(1);
+ }
+
+int BN_lshift(r, a, n)
+BIGNUM *r;
+BIGNUM *a;
+int n;
+ {
+ int i,nw,lb,rb;
+ BN_ULONG *t,*f;
+ BN_ULONG l;
+
+ r->neg=a->neg;
+ if (bn_expand(r,(a->top*BN_BITS2)+n) == NULL) return(0);
+ nw=n/BN_BITS2;
+ lb=n%BN_BITS2;
+ rb=BN_BITS2-lb;
+ f=a->d;
+ t=r->d;
+ t[a->top+nw]=0;
+ if (lb == 0)
+ for (i=a->top-1; i>=0; i--)
+ t[nw+i]=f[i];
+ else
+ for (i=a->top-1; i>=0; i--)
+ {
+ l=f[i];
+ t[nw+i+1]|=(l>>rb)&BN_MASK2;
+ t[nw+i]=(l<<lb)&BN_MASK2;
+ }
+ memset(t,0,nw*sizeof(t[0]));
+/* for (i=0; i<nw; i++)
+ t[i]=0;*/
+ r->top=a->top+nw+1;
+ bn_fix_top(r);
+ return(1);
+ }
+
+int BN_rshift(r, a, n)
+BIGNUM *r;
+BIGNUM *a;
+int n;
+ {
+ int i,j,nw,lb,rb;
+ BN_ULONG *t,*f;
+ BN_ULONG l,tmp;
+
+ nw=n/BN_BITS2;
+ rb=n%BN_BITS2;
+ lb=BN_BITS2-rb;
+ if (nw > a->top)
+ {
+ BN_zero(r);
+ return(1);
+ }
+ if (r != a)
+ {
+ r->neg=a->neg;
+ if (bn_expand(r,(a->top-nw+1)*BN_BITS2) == NULL) return(0);
+ }
+
+ f= &(a->d[nw]);
+ t=r->d;
+ j=a->top-nw;
+ r->top=j;
+
+ if (rb == 0)
+ {
+ for (i=j+1; i > 0; i--)
+ *(t++)= *(f++);
+ }
+ else
+ {
+ l= *(f++);
+ for (i=1; i<j; i++)
+ {
+ tmp =(l>>rb)&BN_MASK2;
+ l= *(f++);
+ *(t++) =(tmp|(l<<lb))&BN_MASK2;
+ }
+ *(t++) =(l>>rb)&BN_MASK2;
+ }
+ *t=0;
+ bn_fix_top(r);
+ return(1);
+ }
diff --git a/crypto/bn/bn_sqr.c b/crypto/bn/bn_sqr.c
new file mode 100644
index 0000000..4c3f0a0
--- /dev/null
+++ b/crypto/bn/bn_sqr.c
@@ -0,0 +1,161 @@
+/* crypto/bn/bn_sqr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* r must not be a */
+/* I've just gone over this and it is now %20 faster on x86 - eay - 27 Jun 96 */
+int BN_sqr(r, a, ctx)
+BIGNUM *r;
+BIGNUM *a;
+BN_CTX *ctx;
+ {
+ int i,j,max,al;
+ BIGNUM *tmp;
+ BN_ULONG *ap,*rp,c;
+
+ tmp=ctx->bn[ctx->tos];
+
+ al=a->top;
+ if (al == 0)
+ {
+ r->top=0;
+ return(1);
+ }
+
+ max=(al*2);
+ if (bn_expand(r,max*BN_BITS2) == NULL) return(0);
+ if (bn_expand(tmp,max*BN_BITS2) == NULL) return(0);
+
+ r->neg=0;
+
+ ap=a->d;
+ rp=r->d;
+ rp[0]=rp[max-1]=0;
+ rp++;
+ j=al;
+
+ if (--j > 0)
+ {
+ ap++;
+ rp[j]=bn_mul_word(rp,ap,j,ap[-1]);
+ rp+=2;
+ }
+
+ for (i=2; i<al; i++)
+ {
+ j--;
+ ap++;
+ rp[j]=bn_mul_add_word(rp,ap,j,ap[-1]);
+ rp+=2;
+ }
+
+ /* inlined shift, 2 words at once */
+ j=max;
+ rp=r->d;
+ c=0;
+ for (i=0; i<j; i++)
+ {
+ BN_ULONG t;
+
+ t= *rp;
+ *(rp++)=((t<<1)|c)&BN_MASK2;
+ c=(t & BN_TBIT)?1:0;
+
+#if 0
+ t= *rp;
+ *(rp++)=((t<<1)|c)&BN_MASK2;
+ c=(t & BN_TBIT)?1:0;
+#endif
+ }
+ /* there will not be a carry */
+
+ bn_sqr_words(tmp->d,a->d,al);
+
+ /* inlined add */
+ ap=tmp->d;
+ rp=r->d;
+ c=0;
+ j=max;
+ for (i=0; i<j; i++)
+ {
+ BN_ULONG t1,t2;
+
+ t1= *(ap++);
+ t2= *rp;
+ if (c)
+ {
+ c=(t2 >= ((~t1)&BN_MASK2));
+ t2=(t1+t2+1)&BN_MASK2;
+ }
+ else
+ {
+ t2=(t1+t2)&BN_MASK2;
+ c=(t2<t1);
+ }
+ *(rp++)=t2;
+ }
+ /* there will be no carry */
+
+ r->top=max;
+ if (r->d[max-1] == 0) r->top--;
+ return(1);
+ }
+
diff --git a/crypto/bn/bn_sub.c b/crypto/bn/bn_sub.c
new file mode 100644
index 0000000..b0febc3
--- /dev/null
+++ b/crypto/bn/bn_sub.c
@@ -0,0 +1,176 @@
+/* crypto/bn/bn_sub.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+/* unsigned subtraction of b from a, a must be larger than b. */
+void bn_qsub(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int max,min;
+ register BN_ULONG t1,t2,*ap,*bp,*rp;
+ int i,carry;
+#if defined(IRIX_CC_BUG) && !defined(LINT)
+ int dummy;
+#endif
+
+ max=a->top;
+ min=b->top;
+ ap=a->d;
+ bp=b->d;
+ rp=r->d;
+
+ carry=0;
+ for (i=0; i<min; i++)
+ {
+ t1= *(ap++);
+ t2= *(bp++);
+ if (carry)
+ {
+ carry=(t1 <= t2);
+ t1=(t1-t2-1);
+ }
+ else
+ {
+ carry=(t1 < t2);
+ t1=(t1-t2);
+ }
+#if defined(IRIX_CC_BUG) && !defined(LINT)
+ dummy=t1;
+#endif
+ *(rp++)=t1&BN_MASK2;
+ }
+ if (carry) /* subtracted */
+ {
+ while (i < max)
+ {
+ i++;
+ t1= *(ap++);
+ t2=(t1-1)&BN_MASK2;
+ *(rp++)=t2;
+ if (t1 > t2) break;
+ }
+ }
+ memcpy(rp,ap,sizeof(*rp)*(max-i));
+/* for (; i<max; i++)
+ *(rp++)= *(ap++);*/
+
+ r->top=max;
+ bn_fix_top(r);
+ }
+
+int BN_sub(r, a, b)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int max,i;
+ int add=0,neg=0;
+ BIGNUM *tmp;
+
+ /* a - b a-b
+ * a - -b a+b
+ * -a - b -(a+b)
+ * -a - -b b-a
+ */
+ if (a->neg)
+ {
+ if (b->neg)
+ { tmp=a; a=b; b=tmp; }
+ else
+ { add=1; neg=1; }
+ }
+ else
+ {
+ if (b->neg) { add=1; neg=0; }
+ }
+
+ if (add)
+ {
+ i=(a->top > b->top);
+ if (bn_expand(r,(((i)?a->top:b->top)+1)*BN_BITS2) == NULL)
+ return(0);
+ if (i)
+ bn_qadd(r,a,b);
+ else
+ bn_qadd(r,b,a);
+ r->neg=neg;
+ return(1);
+ }
+
+ /* We are actually doing a - b :-) */
+
+ max=(a->top > b->top)?a->top:b->top;
+ if (bn_expand(r,max*BN_BITS2) == NULL) return(0);
+ if (BN_ucmp(a,b) < 0)
+ {
+ bn_qsub(r,b,a);
+ r->neg=1;
+ }
+ else
+ {
+ bn_qsub(r,a,b);
+ r->neg=0;
+ }
+ return(1);
+ }
+
diff --git a/crypto/bn/bn_word.c b/crypto/bn/bn_word.c
new file mode 100644
index 0000000..b61ddd9
--- /dev/null
+++ b/crypto/bn/bn_word.c
@@ -0,0 +1,155 @@
+/* crypto/bn/bn_word.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn_lcl.h"
+
+BN_ULONG BN_mod_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+#ifndef BN_LLONG
+ BN_ULONG ret=0;
+#else
+ BN_ULLONG ret=0;
+#endif
+ int i;
+
+ for (i=a->top-1; i>=0; i--)
+ {
+#ifndef BN_LLONG
+ ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(int)w;
+ ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(int)w;
+#else
+ ret=(BN_ULLONG)(((ret<<(BN_ULLONG)BN_BITS2)|a->d[i])%
+ (BN_ULLONG)w);
+#endif
+ }
+ return((BN_ULONG)ret);
+ }
+
+BN_ULONG BN_div_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+ BN_ULONG ret;
+ int i;
+
+ if (a->top == 0) return(0);
+ ret=0;
+ for (i=a->top-1; i>=0; i--)
+ {
+#ifndef BN_LLONG
+ ret=((ret<<BN_BITS4)|((a->d[i]>>BN_BITS4)&BN_MASK2l))%(int)w;
+ ret=((ret<<BN_BITS4)|(a->d[i]&BN_MASK2l))%(int)w;
+#else
+ BN_ULLONG ll;
+
+ ll=((BN_ULLONG)ret<<(BN_ULONG)BN_BITS2)|a->d[i];
+ a->d[i]=(BN_ULONG)(ll/w);
+ ret=(BN_ULONG)(ll%w);
+#endif
+ }
+ if (a->d[a->top-1] == 0)
+ a->top--;
+ return(ret);
+ }
+
+int BN_add_word(a, w)
+BIGNUM *a;
+unsigned long w;
+ {
+ BN_ULONG l;
+ int i;
+
+ if (bn_expand(a,a->top*BN_BITS2+1) == NULL) return(0);
+ i=0;
+ for (;;)
+ {
+ l=(a->d[i]+(BN_ULONG)w)&BN_MASK2;
+ a->d[i]=l;
+ if (w > l)
+ w=1;
+ else
+ break;
+ i++;
+ }
+ if (i >= a->top)
+ a->top++;
+ return(1);
+ }
+
+#ifdef undef
+BN_ULONG *BN_mod_inverse_word(a)
+BN_ULONG a;
+ {
+ BN_ULONG A,B,X,Y,M,D,R,RET,T;
+ int sign,hight=1;
+
+ X=0;
+ Y=1;
+ A=0;
+ B=a;
+ sign=1;
+
+ while (B != 0)
+ {
+
+#endif
+
diff --git a/crypto/bn/bnspeed.c b/crypto/bn/bnspeed.c
new file mode 100644
index 0000000..3b83a26
--- /dev/null
+++ b/crypto/bn/bnspeed.c
@@ -0,0 +1,240 @@
+/* crypto/bn/bnspeed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* most of this code has been pilfered from my libdes speed.c program */
+
+#undef PROG
+#define PROG bnspeed_main
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <signal.h>
+#include <string.h>
+#include "crypto.h"
+#include "err.h"
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "bn.h"
+#include "x509.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD hack */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#undef BUFSIZE
+#define BUFSIZE ((long)1024*8)
+int run=0;
+
+#ifndef NOPROTO
+static double Time_F(int s);
+#else
+static double Time_F();
+#endif
+
+#define START 0
+#define STOP 1
+
+static double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret < 1e-3)?1e-3:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret < 0.001)?0.001:ret);
+ }
+#endif
+ }
+
+#define NUM_SIZES 5
+/*static int sizes[NUM_SIZES]={256,512,1024,2048};*/
+static int sizes[NUM_SIZES]={59,179,299,419,539};
+
+void do_mul(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ BN_CTX *ctx;
+ BIGNUM *a,*b,*c,*r;
+
+ ctx=BN_CTX_new();
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ r=BN_new();
+
+ do_mul(a,b,c,ctx);
+ }
+
+void do_mul(r,a,b,ctx)
+BIGNUM *r;
+BIGNUM *a;
+BIGNUM *b;
+BN_CTX *ctx;
+ {
+ int i,j,k;
+ double tm;
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ BN_rand(a,sizes[i],1,0);
+ for (j=i; j<NUM_SIZES; j++)
+ {
+ BN_rand(b,sizes[j],1,0);
+ Time_F(START);
+ for (k=0; k<100000; k++)
+ BN_mul(r,b,a);
+ tm=Time_F(STOP);
+ printf("mul %3d x %3d -> %7.4f\n",sizes[i],sizes[j],tm/10.0);
+ }
+ }
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ BN_rand(a,sizes[i],1,0);
+ Time_F(START);
+ for (k=0; k<100000; k++)
+ BN_sqr(r,a,ctx);
+ tm=Time_F(STOP);
+ printf("sqr %3d x %3d -> %7.4f\n",sizes[i],sizes[i],tm/10.0);
+ }
+
+ for (i=0; i<NUM_SIZES; i++)
+ {
+ BN_rand(a,sizes[i],1,0);
+ for (j=i; j<NUM_SIZES; j++)
+ {
+ BN_rand(b,sizes[j],1,0);
+ Time_F(START);
+ for (k=0; k<100000; k++)
+ BN_div(r, NULL, b, a,ctx);
+ tm=Time_F(STOP);
+ printf("div %3d / %3d -> %7.4f\n",sizes[j],sizes[i],tm/10.0);
+ }
+ }
+ }
+
diff --git a/crypto/bn/bntest.c b/crypto/bn/bntest.c
new file mode 100644
index 0000000..7a2f0b8
--- /dev/null
+++ b/crypto/bn/bntest.c
@@ -0,0 +1,775 @@
+/* crypto/bn/bntest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "x509.h"
+#include "err.h"
+
+#ifndef NOPROTO
+int test_add (BIO *bp);
+int test_sub (BIO *bp);
+int test_lshift1 (BIO *bp);
+int test_lshift (BIO *bp);
+int test_rshift1 (BIO *bp);
+int test_rshift (BIO *bp);
+int test_div (BIO *bp,BN_CTX *ctx);
+int test_mul (BIO *bp);
+int test_sqr (BIO *bp,BN_CTX *ctx);
+int test_mont (BIO *bp,BN_CTX *ctx);
+int test_mod (BIO *bp,BN_CTX *ctx);
+int test_mod_mul (BIO *bp,BN_CTX *ctx);
+int test_mod_exp (BIO *bp,BN_CTX *ctx);
+int rand_neg(void);
+#else
+int test_add ();
+int test_sub ();
+int test_lshift1 ();
+int test_lshift ();
+int test_rshift1 ();
+int test_rshift ();
+int test_div ();
+int test_mul ();
+int test_sqr ();
+int test_mont ();
+int test_mod ();
+int test_mod_mul ();
+int test_mod_exp ();
+int rand_neg();
+#endif
+
+static int results=0;
+
+#ifdef WIN16
+#define APPS_WIN16
+#include "../bio/bss_file.c"
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BN_CTX *ctx;
+ BIO *out;
+ char *outfile=NULL;
+
+ srand((unsigned int)time(NULL));
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-results") == 0)
+ results=1;
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) break;
+ outfile= *(++argv);
+ }
+ argc--;
+ argv++;
+ }
+
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) exit(1);
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ if (outfile == NULL)
+ {
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ }
+ else
+ {
+ if (!BIO_write_filename(out,outfile))
+ {
+ perror(outfile);
+ exit(1);
+ }
+ }
+
+ if (!results)
+ BIO_puts(out,"obase=16\nibase=16\n");
+
+ fprintf(stderr,"test BN_add\n");
+ if (!test_add(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_sub\n");
+ if (!test_sub(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_lshift1\n");
+ if (!test_lshift1(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_lshift\n");
+ if (!test_lshift(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_rshift1\n");
+ if (!test_rshift1(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_rshift\n");
+ if (!test_rshift(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_div\n");
+ if (!test_div(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mod\n");
+ if (!test_mod(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mul\n");
+ if (!test_mul(out)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_sqr\n");
+ if (!test_sqr(out,ctx)) goto err;
+ fflush(stdout);
+
+ fprintf(stderr,"test BN_mod_mul\n");
+ if (!test_mod_mul(out,ctx)) goto err;
+ fflush(stdout);
+
+/*
+ fprintf(stderr,"test BN_mont\n");
+ if (!test_mont(out,ctx)) goto err;
+ fflush(stdout);
+*/
+ fprintf(stderr,"test BN_mod_exp\n");
+ if (!test_mod_exp(out,ctx)) goto err;
+ fflush(stdout);
+
+/**/
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+ exit(1);
+ return(1);
+ }
+
+int test_add(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,512,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,450+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<10000; j++)
+ BN_add(c,a,b);
+ BN_add(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," + ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_sub(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,512,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,400+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<10000; j++)
+ BN_sub(c,a,b);
+ BN_sub(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_div(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+
+ BN_rand(a,400,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,50+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_div(d,c,a,b,ctx);
+ BN_div(d,c,a,b,ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,d);
+ BIO_puts(bp,"\n");
+
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," % ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ return(1);
+ }
+
+int test_mul(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,200,0,0);
+ for (i=0; i<100; i++)
+ {
+ BN_rand(b,250+i,0,0);
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mul(c,a,b);
+ BN_mul(c,a,b);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_sqr(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ c=BN_new();
+
+ for (i=0; i<40; i++)
+ {
+ BN_rand(a,40+i*10,0,0);
+ a->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_sqr(c,a,ctx);
+ BN_sqr(c,a,ctx);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,a);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mont(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*A,*B;
+ BIGNUM *n;
+ int i;
+ int j;
+ BN_MONT_CTX *mont;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ A=BN_new();
+ B=BN_new();
+ n=BN_new();
+
+ mont=BN_MONT_CTX_new();
+
+ BN_rand(a,100,0,0); /**/
+ BN_rand(b,100,0,0); /**/
+ for (i=0; i<10; i++)
+ {
+ BN_rand(n,(100%BN_BITS2+1)*BN_BITS2*i*BN_BITS2,0,1); /**/
+ BN_MONT_CTX_set(mont,n,ctx);
+
+ BN_to_montgomery(A,a,mont,ctx);
+ BN_to_montgomery(B,b,mont,ctx);
+
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+ BN_mod_mul_montgomery(c,A,B,mont,ctx);/**/
+ BN_from_montgomery(A,c,mont,ctx);/**/
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+#ifdef undef
+fprintf(stderr,"%d * %d %% %d\n",
+BN_num_bits(a),
+BN_num_bits(b),
+BN_num_bits(mont->N));
+#endif
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,mont->N);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,A);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_MONT_CTX_free(mont);
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mod(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+ int j;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+
+ BN_rand(a,1024,0,0); /**/
+ for (i=0; i<20; i++)
+ {
+ BN_rand(b,450+i*10,0,0); /**/
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod(c,a,b,ctx);/**/
+ BN_mod(c,a,b,ctx);/**/
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," % ");
+ BN_print(bp,b);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,c);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_mod_mul(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d,*e;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ e=BN_new();
+
+ BN_rand(c,1024,0,0); /**/
+ for (i=0; i<10; i++)
+ {
+ BN_rand(a,475+i*10,0,0); /**/
+ BN_rand(b,425+i*10,0,0); /**/
+ a->neg=rand_neg();
+ b->neg=rand_neg();
+ /* if (bp == NULL)
+ for (j=0; j<100; j++)
+ BN_mod_mul(d,a,b,c,ctx);*/ /**/
+
+ if (!BN_mod_mul(e,a,b,c,ctx))
+ {
+ unsigned long l;
+
+ while ((l=ERR_get_error()))
+ fprintf(stderr,"ERROR:%s\n",
+ ERR_error_string(l,NULL));
+ exit(1);
+ }
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,e);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return(1);
+ }
+
+int test_mod_exp(bp,ctx)
+BIO *bp;
+BN_CTX *ctx;
+ {
+ BIGNUM *a,*b,*c,*d,*e;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ e=BN_new();
+
+ BN_rand(c,30,0,1); /* must be odd for montgomery */
+ for (i=0; i<6; i++)
+ {
+ BN_rand(a,20+i*5,0,0); /**/
+ BN_rand(b,2+i,0,0); /**/
+
+ if (!BN_mod_exp(d,a,b,c,ctx))
+ return(00);
+
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," ^ ");
+ BN_print(bp,b);
+ BIO_puts(bp," % ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,d);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ BN_free(d);
+ BN_free(e);
+ return(1);
+ }
+
+int test_lshift(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ BN_one(c);
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_lshift(b,a,i+1);
+ BN_add(c,c,c);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_lshift1(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_lshift1(b,a);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," * 2");
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ BN_copy(a,b);
+ }
+ BN_free(a);
+ BN_free(b);
+ return(1);
+ }
+
+int test_rshift(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b,*c;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ BN_one(c);
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_rshift(b,a,i+1);
+ BN_add(c,c,c);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / ");
+ BN_print(bp,c);
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ }
+ BN_free(a);
+ BN_free(b);
+ BN_free(c);
+ return(1);
+ }
+
+int test_rshift1(bp)
+BIO *bp;
+ {
+ BIGNUM *a,*b;
+ int i;
+
+ a=BN_new();
+ b=BN_new();
+
+ BN_rand(a,200,0,0); /**/
+ a->neg=rand_neg();
+ for (i=0; i<70; i++)
+ {
+ BN_rshift1(b,a);
+ if (bp != NULL)
+ {
+ if (!results)
+ {
+ BN_print(bp,a);
+ BIO_puts(bp," / 2");
+ BIO_puts(bp," - ");
+ }
+ BN_print(bp,b);
+ BIO_puts(bp,"\n");
+ }
+ BN_copy(a,b);
+ }
+ BN_free(a);
+ BN_free(b);
+ return(1);
+ }
+
+int rand_neg()
+ {
+ static unsigned int neg=0;
+ static int sign[8]={0,0,0,1,1,0,1,1};
+
+ return(sign[(neg++)%8]);
+ }
diff --git a/crypto/bn/exptest.c b/crypto/bn/exptest.c
new file mode 100644
index 0000000..4880df1
--- /dev/null
+++ b/crypto/bn/exptest.c
@@ -0,0 +1,148 @@
+/* crypto/bn/exptest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "bio.h"
+#include "bn.h"
+#include "rand.h"
+#include "err.h"
+
+#define NUM_BITS (BN_BITS*2)
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BN_CTX *ctx;
+ BIO *out=NULL;
+ int i,ret;
+ unsigned char c;
+ BIGNUM *r_mont,*r_recp,*a,*b,*m;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) exit(1);
+ r_mont=BN_new();
+ r_recp=BN_new();
+ a=BN_new();
+ b=BN_new();
+ m=BN_new();
+ if ( (r_mont == NULL) || (r_recp == NULL) ||
+ (a == NULL) || (b == NULL))
+ goto err;
+
+#ifdef WIN16
+ out=BIO_new(BIO_s_file_internal_w16());
+#else
+ out=BIO_new(BIO_s_file());
+#endif
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ for (i=0; i<200; i++)
+ {
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(a,NUM_BITS+c,0,0);
+
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(b,NUM_BITS+c,0,0);
+
+ RAND_bytes(&c,1);
+ c=(c%BN_BITS)-BN_BITS2;
+ BN_rand(m,NUM_BITS+c,0,1);
+
+ BN_mod(a,a,m,ctx);
+ BN_mod(b,b,m,ctx);
+
+ ret=BN_mod_exp_mont(r_mont,a,b,m,ctx);
+ if (ret <= 0)
+ { printf("BN_mod_exp_mont() problems\n"); exit(1); }
+
+ ret=BN_mod_exp_recp(r_recp,a,b,m,ctx);
+ if (ret <= 0)
+ { printf("BN_mod_exp_recp() problems\n"); exit(1); }
+
+ if (BN_cmp(r_mont,r_recp) != 0)
+ {
+ printf("\nmont and recp results differ\n");
+ printf("a (%3d) = ",BN_num_bits(a)); BN_print(out,a);
+ printf("\nb (%3d) = ",BN_num_bits(b)); BN_print(out,b);
+ printf("\nm (%3d) = ",BN_num_bits(m)); BN_print(out,m);
+ printf("\nrecp ="); BN_print(out,r_recp);
+ printf("\nmont ="); BN_print(out,r_mont);
+ printf("\n");
+ exit(1);
+ }
+ else
+ {
+ printf(".");
+ fflush(stdout);
+ }
+ }
+ printf(" done\n");
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(out);
+ exit(1);
+ return(1);
+ }
+
diff --git a/crypto/bn/stuff/bn_knuth.c b/crypto/bn/stuff/bn_knuth.c
new file mode 100644
index 0000000..9a3f413
--- /dev/null
+++ b/crypto/bn/stuff/bn_knuth.c
@@ -0,0 +1,378 @@
+/* crypto/bn/bn_knuth.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+
+/* This is just a test implementation, it has not been modified for
+ * speed and it still has memory leaks. */
+
+int BN_mask_bits(BIGNUM *a,int n);
+
+#undef DEBUG
+#define MAIN
+
+/* r must be different to a and b
+ * Toom-Cook multiplication algorithm, taken from
+ * The Art Of Computer Programming, Volume 2, Donald Knuth
+ */
+
+#define CODE1 ((BIGNUM *)0x01)
+#define CODE2 ((BIGNUM *)0x02)
+#define CODE3 ((BIGNUM *)0x03)
+#define MAXK (30+1)
+
+#define C3 3
+#define C4 4
+#define C5 5
+#define C6 6
+#define C7 7
+#define C8 8
+#define C9 9
+#define C10 10
+#define DONE 11
+
+int new_total=0;
+int Free_total=0;
+int max=0,max_total=0;
+
+BIGNUM *LBN_new(void );
+BIGNUM *LBN_dup(BIGNUM *a);
+void LBN_free(BIGNUM *a);
+
+int BN_mul_knuth(w, a, b)
+BIGNUM *w;
+BIGNUM *a;
+BIGNUM *b;
+ {
+ int ret=1;
+ int i,j,n,an,bn,y,z;
+ BIGNUM *U[MAXK],*V[MAXK],*T[MAXK];
+ BIGNUM *C[(MAXK*2*3)];
+ BIGNUM *W[(MAXK*2)],*t1,*t2,*t3,*t4;
+ int Utos,Vtos,Ctos,Wtos,Ttos;
+ unsigned int k,Q,R;
+ unsigned int q[MAXK];
+ unsigned int r[MAXK];
+ int state;
+
+ /* C1 */
+ Utos=Vtos=Ctos=Wtos=Ttos=0;
+ k=1;
+ q[0]=q[1]=64;
+ r[0]=r[1]=4;
+ Q=6;
+ R=2;
+
+ if (!bn_expand(w,BN_BITS2*2)) goto err;
+ an=BN_num_bits(a);
+ bn=BN_num_bits(b);
+ n=(an > bn)?an:bn;
+ while ((q[k-1]+q[k]) < n)
+ {
+ k++;
+ Q+=R;
+ i=R+1;
+ if ((i*i) <= Q) R=i;
+ q[k]=(1<<Q);
+ r[k]=(1<<R);
+ }
+#ifdef DEBUG
+ printf("k =");
+ for (i=0; i<=k; i++) printf("%7d",i);
+ printf("\nq[k]=");
+ for (i=0; i<=k; i++) printf("%7d",q[i]);
+ printf("\nr[k]=");
+ for (i=0; i<=k; i++) printf("%7d",r[i]);
+ printf("\n");
+#endif
+
+ /* C2 */
+ C[Ctos++]=CODE1;
+ if ((t1=LBN_dup(a)) == NULL) goto err;
+ C[Ctos++]=t1;
+ if ((t1=LBN_dup(b)) == NULL) goto err;
+ C[Ctos++]=t1;
+
+ state=C3;
+ for (;;)
+ {
+#ifdef DEBUG
+ printf("state=C%d, Ctos=%d Wtos=%d\n",state,Ctos,Wtos);
+#endif
+ switch (state)
+ {
+ int lr,lq,lp;
+ case C3:
+ k--;
+ if (k == 0)
+ {
+ t1=C[--Ctos];
+ t2=C[--Ctos];
+#ifdef DEBUG
+ printf("Ctos=%d poped %d\n",Ctos,2);
+#endif
+ if ((t2->top == 0) || (t1->top == 0))
+ w->top=0;
+ else
+ BN_mul(w,t1,t2);
+
+ LBN_free(t1); /* FREE */
+ LBN_free(t2); /* FREE */
+ state=C10;
+ }
+ else
+ {
+ lr=r[k];
+ lq=q[k];
+ lp=q[k-1]+q[k];
+ state=C4;
+ }
+ break;
+ case C4:
+ for (z=0; z<2; z++) /* do for u and v */
+ {
+ /* break the item at C[Ctos-1]
+ * into lr+1 parts of lq bits each
+ * for j=0; j<=2r; j++
+ */
+ t1=C[--Ctos]; /* pop off u */
+#ifdef DEBUG
+ printf("Ctos=%d poped %d\n",Ctos,1);
+#endif
+ if ((t2=LBN_dup(t1)) == NULL) goto err;
+ BN_mask_bits(t2,lq);
+ T[Ttos++]=t2;
+#ifdef DEBUG
+ printf("C4 r=0 bits=%d\n",BN_num_bits(t2));
+#endif
+ for (i=1; i<=lr; i++)
+ {
+ if (!BN_rshift(t1,t1,lq)) goto err;
+ if ((t2=LBN_dup(t1)) == NULL) goto err;
+ BN_mask_bits(t2,lq);
+ T[Ttos++]=t2;
+#ifdef DEBUG
+ printf("C4 r=%d bits=%d\n",i,
+ BN_num_bits(t2));
+#endif
+ }
+ LBN_free(t1);
+
+ if ((t2=LBN_new()) == NULL) goto err;
+ if ((t3=LBN_new()) == NULL) goto err;
+ for (j=0; j<=2*lr; j++)
+ {
+ if ((t1=LBN_new()) == NULL) goto err;
+
+ if (!BN_set_word(t3,j)) goto err;
+ for (i=lr; i>=0; i--)
+ {
+ if (!BN_mul(t2,t1,t3)) goto err;
+ if (!BN_add(t1,t2,T[i])) goto err;
+ }
+ /* t1 is U(j) */
+ if (z == 0)
+ U[Utos++]=t1;
+ else
+ V[Vtos++]=t1;
+ }
+ LBN_free(t2);
+ LBN_free(t3);
+ while (Ttos) LBN_free(T[--Ttos]);
+ }
+#ifdef DEBUG
+ for (i=0; i<Utos; i++)
+ printf("U[%2d]=%4d bits\n",i,BN_num_bits(U[i]));
+ for (i=0; i<Vtos; i++)
+ printf("V[%2d]=%4d bits\n",i,BN_num_bits(V[i]));
+#endif
+ /* C5 */
+#ifdef DEBUG
+ printf("PUSH CODE2 and %d CODE3 onto stack\n",2*lr);
+#endif
+ C[Ctos++]=CODE2;
+ for (i=2*lr; i>0; i--)
+ {
+ C[Ctos++]=V[i];
+ C[Ctos++]=U[i];
+ C[Ctos++]=CODE3;
+ }
+ C[Ctos++]=V[0];
+ C[Ctos++]=U[0];
+#ifdef DEBUG
+ printf("Ctos=%d pushed %d\n",Ctos,2*lr*3+3);
+#endif
+ Vtos=Utos=0;
+ state=C3;
+ break;
+ case C6:
+ if ((t1=LBN_dup(w)) == NULL) goto err;
+ W[Wtos++]=t1;
+#ifdef DEBUG
+ printf("put %d bit number onto w\n",BN_num_bits(t1));
+#endif
+ state=C3;
+ break;
+ case C7:
+ lr=r[k];
+ lq=q[k];
+ lp=q[k]+q[k-1];
+ z=Wtos-2*lr-1;
+ for (j=1; j<=2*lr; j++)
+ {
+ for (i=2*lr; i>=j; i--)
+ {
+ if (!BN_sub(W[z+i],W[z+i],W[z+i-1])) goto err;
+ BN_div_word(W[z+i],j);
+ }
+ }
+ state=C8;
+ break;
+ case C8:
+ y=2*lr-1;
+ if ((t1=LBN_new()) == NULL) goto err;
+ if ((t3=LBN_new()) == NULL) goto err;
+
+ for (j=y; j>0; j--)
+ {
+ if (!BN_set_word(t3,j)) goto err;
+ for (i=j; i<=y; i++)
+ {
+ if (!BN_mul(t1,W[z+i+1],t3)) goto err;
+ if (!BN_sub(W[z+i],W[z+i],t1)) goto err;
+ }
+ }
+ LBN_free(t1);
+ LBN_free(t3);
+ state=C9;
+ break;
+ case C9:
+ BN_zero(w);
+#ifdef DEBUG
+ printf("lq=%d\n",lq);
+#endif
+ for (i=lr*2; i>=0; i--)
+ {
+ BN_lshift(w,w,lq);
+ BN_add(w,w,W[z+i]);
+ }
+ for (i=0; i<=lr*2; i++)
+ LBN_free(W[--Wtos]);
+ state=C10;
+ break;
+ case C10:
+ k++;
+ t1=C[--Ctos];
+#ifdef DEBUG
+ printf("Ctos=%d poped %d\n",Ctos,1);
+ printf("code= CODE%d\n",t1);
+#endif
+ if (t1 == CODE3)
+ state=C6;
+ else if (t1 == CODE2)
+ {
+ if ((t2=LBN_dup(w)) == NULL) goto err;
+ W[Wtos++]=t2;
+ state=C7;
+ }
+ else if (t1 == CODE1)
+ {
+ state=DONE;
+ }
+ else
+ {
+ printf("BAD ERROR\n");
+ goto err;
+ }
+ break;
+ default:
+ printf("bad state\n");
+ goto err;
+ break;
+ }
+ if (state == DONE) break;
+ }
+ ret=1;
+err:
+ if (ret == 0) printf("ERROR\n");
+ return(ret);
+ }
+
+#ifdef MAIN
+main()
+ {
+ BIGNUM *a,*b,*r;
+ int i;
+
+ if ((a=LBN_new()) == NULL) goto err;
+ if ((b=LBN_new()) == NULL) goto err;
+ if ((r=LBN_new()) == NULL) goto err;
+
+ if (!BN_rand(a,1024*2,0,0)) goto err;
+ if (!BN_rand(b,1024*2,0,0)) goto err;
+
+ for (i=0; i<10; i++)
+ {
+ if (!BN_mul_knuth(r,a,b)) goto err; /**/
+ /*if (!BN_mul(r,a,b)) goto err; /**/
+ }
+BN_print(stdout,a); printf(" * ");
+BN_print(stdout,b); printf(" =\n");
+BN_print(stdout,r); printf("\n");
+
+printf("BN_new() =%d\nBN_free()=%d max=%d\n",new_total,Free_total,max);
+
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors(stderr);
+ exit(1);
+ }
+#endif
+
+int BN_mask_bits(a,n)
+BIGNUM *a;
+int n;
+ {
+ int b,w;
+
+ w=n/BN_BITS2;
+ b=n%BN_BITS2;
+ if (w >= a->top) return(0);
+ if (b == 0)
+ a->top=w;
+ else
+ {
+ a->top=w+1;
+ a->d[w]&= ~(BN_MASK2<<b);
+ }
+ return(1);
+ }
+
+BIGNUM *LBN_dup(a)
+BIGNUM *a;
+ {
+ new_total++;
+ max_total++;
+ if (max_total > max) max=max_total;
+ return(BN_dup(a));
+ }
+
+BIGNUM *LBN_new()
+ {
+ new_total++;
+ max_total++;
+ if (max_total > max) max=max_total;
+ return(BN_new());
+ }
+
+void LBN_free(a)
+BIGNUM *a;
+ {
+ max_total--;
+ if (max_total > max) max=max_total;
+ Free_total++;
+ BN_free(a);
+ }
diff --git a/crypto/bn/stuff/div.c b/crypto/bn/stuff/div.c
new file mode 100644
index 0000000..3d6e086
--- /dev/null
+++ b/crypto/bn/stuff/div.c
@@ -0,0 +1,340 @@
+/* crypto/bn/div.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+
+BN_ULONG bn_div_2word();
+
+int BN_div2(dv, rm, num, div,ctx)
+BIGNUM *dv;
+BIGNUM *rm;
+BIGNUM *num;
+BIGNUM *div;
+BN_CTX *ctx;
+ {
+ int norm_shift,i,j,nm,nd,loop;
+ BIGNUM *tmp,wnum,*snum,*sdiv,*res;
+ BN_ULONG *resp,*wnump;
+ BN_ULONG d0,d1;
+ int num_n,div_n;
+
+#ifdef DEBUG
+BN_print(stdout,num); printf(" number\n");
+BN_print(stdout,div); printf(" divisor\n");
+#endif
+ if (BN_is_zero(num))
+ {
+ BNerr(BN_F_BN_DIV,BN_R_DIV_BY_ZERO);
+ return(0);
+ }
+
+ if (BN_cmp(num,div) < 0)
+ {
+ if (rm != NULL)
+ { if (BN_copy(rm,num) == NULL) return(0); }
+ if (dv != NULL) BN_zero(dv);
+ return(1);
+ }
+
+ tmp=ctx->bn[ctx->tos];
+ snum=ctx->bn[ctx->tos+1];
+ sdiv=ctx->bn[ctx->tos+2];
+ if (dv == NULL)
+ res=ctx->bn[ctx->tos+3];
+ else res=dv;
+
+ /* First we normalise the numbers */
+ norm_shift=BN_BITS2-((BN_num_bits(div))%BN_BITS2);
+ BN_lshift(sdiv,div,norm_shift);
+ norm_shift+=BN_BITS2;
+ BN_lshift(snum,num,norm_shift);
+ div_n=sdiv->top;
+ num_n=snum->top;
+ loop=num_n-div_n;
+#ifdef DEBUG
+BN_print(stdout,snum); printf(" shifted num, forget last word\n");
+BN_print(stdout,sdiv); printf(" shifted div\n");
+#endif
+
+ /* Lets setup a 'win'dow into snum
+ * This is the part that corresponds to the current
+ * 'area' being divided */
+ wnum.d= &(snum->d[loop]);
+ wnum.top= div_n;
+ wnum.max= snum->max; /* a bit of a lie */
+ wnum.neg= 0;
+
+ /* Get the top 2 words of sdiv */
+ i=sdiv->top;
+ d0=sdiv->d[div_n-1];
+ d1=sdiv->d[div_n-2];
+
+ /* pointer to the 'top' of snum */
+ wnump= &(snum->d[num_n-1]);
+
+ /* Setup to 'res' */
+ res->neg=0;
+ res->top=loop;
+ resp= &(res->d[loop-1]);
+ bn_expand(res,(loop+1)*BN_BITS2);
+
+ /* space for temp */
+ bn_expand(tmp,(div_n+1)*BN_BITS2);
+
+#ifdef DEBUG
+printf("wnum="); BN_print(stdout,&wnum); printf(" initial sub check\n");
+printf("div ="); BN_print(stdout,sdiv); printf(" loop=%d\n",loop);
+#endif
+ if (BN_cmp(&wnum,sdiv) >= 0)
+ {
+ BN_sub(&wnum,&wnum,sdiv);
+ *resp=1;
+ res->d[res->top-1]=1;
+ }
+ else
+ res->top--;
+ resp--;
+#ifdef DEBUG
+BN_print(stdout,res); printf(" initial result\n");
+BN_print(stdout,&wnum); printf(" wnum\n");
+#endif
+
+ for (i=0; i<loop-1; i++)
+ {
+ BN_ULONG q,n0;
+ BN_ULLONG t1,t2,t3;
+ BN_ULONG l0;
+
+ wnum.d--;
+ wnum.top++;
+
+#ifdef DEBUG
+BN_print(stderr,&wnum); printf(" to divide\n");
+#endif
+
+ q=0;
+ n0=wnump[0];
+ t1=((BN_ULLONG)n0<<BN_BITS2)|wnump[-1];
+ if (n0 == d0)
+ q=BN_MASK2;
+ else
+ {
+ t2=(t1/d0);
+ q=(t2&BN_MASK2);
+#ifdef DEBUG
+printf("t1=%08X / d0=%08X = %X (%X)\n",t1,d0,q,t2);
+#endif
+ }
+ for (;;)
+ {
+ t2=(BN_ULLONG)d1*q;
+ t3=t1-(BN_ULLONG)q*d0;
+#ifdef DEBUG
+printf("d1*q= %X n01-q*d0 = %X\n",t2,t3);
+#endif
+ if ((t3>>BN_BITS2) ||
+ (t2 <= ((t3<<BN_BITS2)+wnump[-2])))
+ break;
+#ifdef DEBUG
+printf("reduce q\n");
+#endif
+ q--;
+ }
+ l0=bn_mul_word(tmp->d,sdiv->d,div_n,q);
+ if (l0)
+ tmp->d[div_n]=l0;
+ else
+ tmp->d[div_n]=0;
+ for (j=div_n+1; j>0; j--)
+ if (tmp->d[j-1]) break;
+ tmp->top=j;
+
+#ifdef DEBUG
+printf("q=%08X\n",q);
+BN_print(stdout,&wnum); printf(" number\n");
+BN_print(stdout,tmp); printf(" subtract\n");
+
+BN_print(stdout,snum); printf(" shifted number before\n");
+BN_print(stdout,&wnum); printf(" wnum before\n");
+#endif
+ j=wnum.top;
+ BN_sub(&wnum,&wnum,tmp);
+ snum->top=snum->top+wnum.top-j;
+
+#ifdef DEBUG
+BN_print(stdout,&wnum); printf(" wnum after\n");
+BN_print(stdout,snum); printf(" shifted number after\n");
+#endif
+
+ if (wnum.neg)
+ {
+ q--;
+ j=wnum.top;
+ BN_add(&wnum,&wnum,sdiv);
+ snum->top+=wnum.top-j;
+ fprintf(stderr,"addback\n");
+#ifdef DEBUG
+BN_print(stdout,snum); printf("after addback************************:\n");
+#endif
+ }
+ *(resp--)=q;
+#ifdef DEBUG
+BN_print(stdout,res); printf(" result\n");
+#endif
+ wnump--;
+ }
+ if (rm != NULL)
+ BN_rshift(rm,snum,norm_shift);
+ return(1);
+ }
+
+main()
+ {
+ BIGNUM *a,*b,*c,*d;
+ BIGNUM *cc,*dd;
+ BN_CTX *ctx;
+ int i,x;
+
+ a=BN_new();
+ b=BN_new();
+ c=BN_new();
+ d=BN_new();
+ cc=BN_new();
+ dd=BN_new();
+ ctx=BN_CTX_new();
+
+for (i=0; i<10240; i++)
+ {
+ BN_rand(a,80,0,0);
+ BN_rand(b,60,0,0);
+
+ BN_div2(d,c,a,b,ctx);
+ BN_div(dd,cc,a,b,ctx);
+ if ((BN_cmp(d,dd) != 0) || (BN_cmp(c,cc) != 0))
+ {
+ BN_print(stderr,a); fprintf(stderr," / ");
+ BN_print(stderr,b); fprintf(stderr," d=");
+ BN_print(stderr,d); fprintf(stderr," r= ");
+ BN_print(stderr,c); fprintf(stderr,"\nd=");
+ BN_print(stderr,dd); fprintf(stderr," r= ");
+ BN_print(stderr,cc); fprintf(stderr,"\n");
+ }
+
+ }
+
+#ifdef undef
+/*
+ BN_rand(a,600,0,0);
+ BN_rand(b,400,0,0);
+ for (i=0; i<2000000; i++)
+ {
+ BN_div2(d,c,a,b,ctx);
+ }
+*/
+/* for (i=0;;) */
+/* for (i=0; i<0xffffffff; i++)
+ {
+ BN_ULONG rr,r,a,b,c;
+ BN_ULLONG l;
+
+ a=rand()&BN_MASK2;
+ b=rand()&BN_MASK2;
+ for (;;)
+ {
+ c=rand()&BN_MASK2;
+ if (c) break;
+ }
+/* for (x=1; x<256*256; x++) */
+ {
+ c=x;
+ a=i>>8;
+ b=i&0xff;
+ a&= ~(0xFFFFFF<<(BN_num_bits_word(c)));
+
+ r=bn_div_2word(a,b,c);
+
+ rr=(BN_ULONG)((((BN_ULLONG)a<<BN_BITS2)|b)/c);
+
+ if ((i & 0xfffff) == 0) fprintf(stderr,"%d\n",i,r,rr);
+/*if (x == 255)
+ fprintf(stderr,"%6d/%3d = %4d %4d\n",(a<<8)|b,c,r,rr); */
+ if (rr != r)
+ {
+ fprintf(stderr,"%8d %02X%02X / %02X = %02X %02X\n",
+ i,a,b,c,rr,r);
+ abort();
+ }
+ }
+ }
+#endif
+ }
+
+/* Divide h-l by d and return the result. */
+BN_ULONG bn_div_2word(l,h,d)
+BN_ULONG l,h,d;
+ {
+ BN_ULONG dh,dl,q,ret=0,th,tl,t,top;
+ int i,count=2;
+
+ if (d == 0) return(-1);
+
+ i=BN_num_bits_word(d);
+ if ((i != BN_BITS2) && (h > 1<<i))
+ {
+ fprintf(stderr,"Division would overflow\n");
+ abort();
+ }
+ i=BN_BITS2-i;
+ if (h >= d) h-=d;
+
+ if (i)
+ {
+ d<<=i;
+ h=(h<<i)|(l>>(BN_BITS2-i));
+ l<<=i;
+ }
+ dh=(d&BN_MASK2h)>>BN_BITS4;
+ dl=(d&BN_MASK2l);
+ for (;;)
+ {
+ if ((h>>BN_BITS4) == dh)
+ q=BN_MASK2l;
+ else
+ q=h/dh;
+
+ for (;;)
+ {
+ t=(h-q*dh);
+ if ((t&BN_MASK2h) ||
+ ((dl*q) <= (
+ (t<<BN_BITS4)+
+ ((l&BN_MASK2h)>>BN_BITS4))))
+ break;
+ q--;
+ }
+ th=q*dh;
+ tl=q*dl;
+ t=(tl>>BN_BITS4);
+ tl=(tl<<BN_BITS4)&BN_MASK2h;
+ th+=t;
+
+ if (l < tl) th++;
+ l-=tl;
+ if (h < th)
+ {
+ fprintf(stderr,"add back\n");
+ h+=d;
+ q--;
+ }
+ h-=th;
+
+ if (--count == 0) break;
+
+ ret=q<<BN_BITS4;
+ h=((h<<BN_BITS4)|(l>>BN_BITS4))&BN_MASK2;
+ l=(l&BN_MASK2l)<<BN_BITS4;
+ }
+ ret|=q;
+ return(ret);
+ }
diff --git a/crypto/bn/stuff/mont.doc b/crypto/bn/stuff/mont.doc
new file mode 100644
index 0000000..55d1d79
--- /dev/null
+++ b/crypto/bn/stuff/mont.doc
@@ -0,0 +1,17 @@
+All numbers (a) are stored aR mod N (except abRR)
+
+RR = REDC(R*R) /* RR mod N */
+
+
+convert a -> aR
+convert b -> bR
+
+ {
+ abRR = aR * bR
+ abR = REDC(abRR); /* mod N */
+ }
+
+ab = REDC(abR); /* mod N */
+
+
+REDC strips off a multiplicaion by R mod N
diff --git a/crypto/bn/stuff/wei_mulw.c b/crypto/bn/stuff/wei_mulw.c
new file mode 100644
index 0000000..7f8a1e5
--- /dev/null
+++ b/crypto/bn/stuff/wei_mulw.c
@@ -0,0 +1,410 @@
+/* crypto/bn/wei_mulw.c */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "bn_lcl.h"
+
+BN_ULONG bn_add_word(BN_ULONG *a,BN_ULONG c,int num);
+BN_ULONG bn_add_words(BN_ULONG *ret,BN_ULONG *a,BN_ULONG *b,int num);
+BN_ULONG bn_sub_words(BN_ULONG *ret,BN_ULONG *a,BN_ULONG *b,int num);
+
+void BN_mul_4words(BN_ULONG *ret,BN_ULONG a0,BN_ULONG a1,
+ BN_ULONG b0,BN_ULONG b1);
+
+void pr(a,n,s)
+BN_ULONG *a;
+int n;
+ {
+ while (n--)
+ fprintf(stdout,"%02X",a[n]);
+ fprintf(stdout,"%s",s);
+ }
+
+
+BN_ULONG bn_add_word(a,w,num)
+BN_ULONG *a;
+BN_ULONG w;
+int num;
+ {
+ BN_ULONG t;
+
+#ifdef DEBUG
+{ BN_ULONG *aa=a; int i; for (i=num; i>0; i--) fprintf(stdout,"%02X",aa[i-1]);
+fprintf(stdout," + %X - ",w); i=num;
+#endif
+
+loop:
+ t= *a;
+ t=(t+w)&BN_MASK2;
+ *(a++)=t;
+ w=(t < w);
+ if (w && --num) goto loop;
+
+#ifdef DEBUG
+for (; i>0; i--) fprintf(stdout,"%02X",aa[i-1]);
+fprintf(stdout,"\n");
+}
+#endif
+
+ return(w);
+ }
+
+BN_ULONG bn_add_words(r,a,b,num)
+BN_ULONG *r;
+BN_ULONG *a;
+BN_ULONG *b;
+int num;
+ {
+#if defined(BN_LLONG)
+ BN_ULLONG t;
+ BN_ULONG c=0;
+ int i;
+
+ if (num&1) abort();
+
+ for (i=0; i<num; i+=2)
+ {
+ t=(BN_ULLONG)a[i]+b[i]+c;
+ r[i+0]=L(t);
+ t=(BN_ULLONG) H(t)+a[i+1]+b[i+1];
+ r[i+1]=L(t);
+ c=H(t);
+ }
+ return(c);
+#else
+ BN_ULONG c=0,t1,t2;
+
+ for ( ; num; num--)
+ {
+ t1= *(a++);
+ t2= *(b++);
+
+ if (c)
+ {
+ c=(t2 >= ((~t1)&BN_MASK2));
+ (*r++)=(t1+t2+1)&BN_MASK2;
+ }
+ else
+ {
+ t2=(t1+t2)&BN_MASK2;
+ c=(t2 < t1);
+ (*r++)=t2;
+ }
+ }
+ return(c);
+#endif
+ }
+
+BN_ULONG bn_sub_words(r,a,b,num)
+BN_ULONG *r;
+BN_ULONG *a;
+BN_ULONG *b;
+int num;
+ {
+#if defined(BN_LLONG)
+ BN_ULLONG t;
+ BN_ULONG c=0;
+ int i;
+
+ if (num&1) abort();
+
+ for (i=0; i<num; i+=2)
+ {
+ t=(BN_ULLONG)a[i]-b[i]-c;
+ r[i+0]=L(t);
+ t=(BN_ULLONG)a[i+1]-b[i+1]-(0-H(t))&BN_MASK2;
+ r[i+1]=L(t);
+ c=H(t);
+ }
+ return(c);
+#else
+ BN_ULONG c=0,t1,t2;
+
+ for ( ; num; num--)
+ {
+ t1= *(a++);
+ t2= *(b++);
+
+ if (c)
+ {
+ c=(t1 <= t2);
+ t1=(t1-t2-1);
+ }
+ else
+ {
+ c=(t1 < t2);
+ t1=(t1-t2);
+ }
+ (*r++)=t1&BN_MASK2;
+ }
+ return(c);
+#endif
+ }
+
+
+/* ret[3,2,1,0] = a1,a0 * b1,b0 */
+void BN_mul_4words(ret,a0,a1,b0,b1)
+BN_ULONG *ret;
+BN_ULONG a0,a1,b0,b1;
+ {
+ BN_ULONG s,u;
+ BN_ULLONG fix,a0b0,a1b1,tmp;
+
+ if (a1 >= a0)
+ {
+ s=(a1-a0);
+ u=(b0-b1);
+ fix=(BN_ULLONG)s*u;
+ if (b0 >= b1) s=0;
+ }
+ else
+ {
+ BN_ULONG u;
+
+ if (b0 > b1)
+ {
+ s=(b0-b1);
+ u=(a1-a0);
+ fix=(BN_ULLONG)s*u;
+ }
+ else
+ {
+ u=(a0-a1);
+ s=(b1-b0);
+ fix=(BN_ULLONG)s*u;
+ s=0;
+ }
+ }
+
+ a0b0=(BN_ULLONG)a0*b0;
+ ret[0]=L(a0b0);
+
+ a1b1=(BN_ULLONG)a1*b1;
+ tmp=(BN_ULLONG) H(a0b0) + L(a0b0) + L(fix) + L(a1b1);
+ ret[1]=L(tmp);
+
+ tmp=(BN_ULLONG) a1b1 + H(tmp) + H(a0b0) + H(fix) + H(a1b1) - s;
+ ret[2]=L(tmp);
+ ret[3]=H(tmp);
+ }
+
+/* ret[3,2,1,0] += a1,a0 * b1,b0 */
+BN_ULONG BN_mul_add_4words(ret,a0,a1,b0,b1)
+BN_ULONG *ret;
+BN_ULONG a0,a1,b0,b1;
+ {
+ BN_ULONG s,u;
+ BN_ULLONG fix,a0b0,a1b1,tmp;
+
+#ifdef DEBUG
+fprintf(stdout,"%02X%02X%02X%02X",ret[3],ret[2],ret[1],ret[0]);
+fprintf(stdout," + ( %02X%02X * %02X%02X ) - ",a1,a0,b1,b0);
+#endif
+ if (a1 >= a0)
+ {
+ s=(a1-a0);
+ u=(b0-b1);
+ fix=(BN_ULLONG)s*u;
+ if (b0 >= b1) s=0;
+ }
+ else
+ {
+ if (b0 > b1)
+ {
+ s=(b0-b1);
+ u=(a1-a0);
+ fix=(BN_ULLONG)s*u;
+ }
+ else
+ {
+ u=(a0-a1);
+ s=(b1-b0);
+ fix=(BN_ULLONG)s*u;
+ s=0;
+ }
+ }
+
+ a0b0=(BN_ULLONG)a0*b0;
+ tmp=a0b0+ret[0];
+ ret[0]=L(tmp);
+
+ a1b1=(BN_ULLONG)a1*b1;
+ tmp=(BN_ULLONG) H(tmp) + L(a0b0) + L(fix) + L(a1b1) + ret[1];
+ ret[1]=L(tmp);
+
+ tmp=(BN_ULLONG) H(tmp) + L(a1b1) + H(a0b0) +
+ H(fix) + H(a1b1) -s + ret[2];
+ ret[2]=L(tmp);
+
+ tmp=(BN_ULLONG) H(tmp) + H(a1b1) + ret[3];
+ ret[3]=L(tmp);
+#ifdef DEBUG
+fprintf(stdout,"%02X%02X%02X%02X%02X\n",H(tmp),ret[3],ret[2],ret[1],ret[0]);
+#endif
+ return(H(tmp));
+ }
+
+/* ret[3,2,1,0] += a1,a0 * a1,a0 */
+void BN_sqr_4words(ret,a0,a1)
+BN_ULONG *ret;
+BN_ULONG a0,a1;
+ {
+ BN_ULONG s,u;
+ BN_ULLONG tmp,tmp2;
+
+ tmp=(BN_ULLONG)a0*a0;
+ ret[0]=L(tmp);
+
+ tmp2=(BN_ULLONG)a0*a1;
+ tmp=(BN_ULLONG)H(tmp)+L(tmp2)*2;
+ ret[1]=L(tmp);
+
+ tmp=(BN_ULLONG)a1*a1+H(tmp)+H(tmp2)*2;
+ ret[2]=L(tmp);
+ ret[3]=L(tmp);
+ }
+
+#define N0 (0)
+#define N1 (half)
+#define N2 (num)
+#define N3 (num+half)
+
+#define word_cmp(r,a,b,num) \
+ { \
+ int n=num; \
+\
+ (r)=0; \
+ while (n--) \
+ { \
+ if ((a)[(n)] > (b)[(n)]) \
+ { (r)=1; break; } \
+ else if ((a)[(n)] < (b)[(n)]) \
+ { (r)= -1; break; } \
+ } \
+ }
+
+
+/* (a->top == b->top) && (a->top >= 2) && !(a->top & 1) */
+void bn_recursize_mul(r,t,a,b,num)
+BN_ULONG *r,*t,*a,*b;
+int num;
+ {
+ if ((num < 2) || (num&1))
+ abort();
+
+/* fprintf(stderr,"num=%d half=%d\n",num,num/2);*/
+ if (num == 2)
+ BN_mul_4words(r,a[0],a[1],b[0],b[1]);
+ else if (num == 4)
+ {
+ BN_ULONG c,tmp;
+
+ BN_mul_4words(&(r[0]),a[0],a[1],b[0],b[1]);
+ BN_mul_4words(&(r[4]),a[2],a[3],b[2],b[3]);
+
+ c =BN_mul_add_4words(&(r[2]),a[0],a[1],b[2],b[3]);
+ c+=BN_mul_add_4words(&(r[2]),a[2],a[3],b[0],b[1]);
+
+ bn_add_word(&(r[6]),c,2);
+ }
+ else
+ {
+ int half=num/2;
+ int carry,cmp_a,cmp_b;
+
+ word_cmp(cmp_a,&(a[0]),&(a[half]),half);
+ word_cmp(cmp_b,&(b[0]),&(b[half]),half);
+
+ switch (cmp_a*2+cmp_a+cmp_b)
+ {
+ case -4:
+ bn_sub_words(&(t[N0]),&(a[N1]),&(a[N0]),half);
+ bn_sub_words(&(t[N1]),&(b[N0]),&(b[N1]),half);
+ bn_recursize_mul(&(r[N1]),&(t[N2]),
+ &(t[N0]),&(t[N1]),half);
+ bn_sub_words(&(r[N2]),&(r[N2]),&(t[N0]),half);
+ carry= -1;
+ break;
+ case -2:
+ bn_sub_words(&(t[N0]),&(a[N1]),&(a[N0]),half);
+ bn_sub_words(&(t[N1]),&(b[N0]),&(b[N1]),half);
+ bn_recursize_mul(&(r[N1]),&(t[N2]),
+ &(t[N0]),&(t[N1]),half);
+ carry=0;
+ break;
+ case 2:
+ bn_sub_words(&(t[N0]),&(a[N0]),&(a[N1]),half);
+ bn_sub_words(&(t[N1]),&(b[N1]),&(b[N0]),half);
+ bn_recursize_mul(&(r[N1]),&(t[N2]),
+ &(t[N0]),&(t[N1]),half);
+ carry=0;
+ break;
+ case 4:
+ bn_sub_words(&(t[N0]),&(a[N1]),&(a[N0]),half);
+ bn_sub_words(&(t[N1]),&(b[N0]),&(b[N1]),half);
+ bn_recursize_mul(&(r[N1]),&(t[N2]),
+ &(t[N0]),&(t[N1]),half);
+ bn_sub_words(&(r[N2]),&(r[N2]),&(t[N1]),half);
+ carry= -1;
+ break;
+ default:
+ memset(&(r[N1]),0,sizeof(BN_ULONG)*num);
+ break;
+ }
+
+ bn_recursize_mul(&(t[N0]),&(t[N2]),&(a[N0]),&(b[N0]),half);
+#ifdef DEBUG
+ pr(a,half," * ");
+ pr(b,half," - ");
+ pr(t,num," - 0\n");
+#endif
+ memcpy(&(r[N0]),&(t[N0]),half*sizeof(BN_ULONG));
+ if (bn_add_words(&(r[N1]),&(r[N1]),&(t[N1]),half))
+ { bn_add_word(&(t[N1]),1,half); }
+
+ carry+=bn_add_words(&(r[N1]),&(r[N1]),&(t[N0]),num);
+
+ bn_recursize_mul(&(t[N0]),&(t[N2]),&(a[N1]),&(b[N1]),half);
+
+ carry+=bn_add_words(&(r[N1]),&(r[N1]),&(t[N0]),num);
+ carry+=bn_add_words(&(r[N2]),&(r[N2]),&(t[N0]),half);
+ memcpy(&(r[N3]),&(t[N1]),half*sizeof(BN_ULONG));
+
+ bn_add_word(&(r[N3]),carry,half);
+ }
+ }
+
+main()
+ {
+ BIGNUM *a,*b,*r,*t;
+ int i,j;
+
+ a=BN_new();
+ b=BN_new();
+ r=BN_new();
+ t=BN_new();
+
+#define BITS 1024
+ bn_expand(r,BITS*2);
+ bn_expand(t,BITS*2);
+ fprintf(stdout,"obase=16\n");
+ fprintf(stdout,"ibase=16\n");
+ for (i=0; i<10; i++)
+ {
+ BN_rand(a,BITS,0,0);
+ BN_rand(b,BITS,0,0);
+ r->top=(BITS*2)/BN_BITS2;
+ memset(r->d,0,sizeof(r->top)*sizeof(BN_ULONG));
+ memset(t->d,0,sizeof(r->top)*sizeof(BN_ULONG));
+ for (j=0; j<1000; j++)
+ {
+
+/* BN_mul(r,a,b); /**/
+ bn_recursize_mul(r->d,t->d,a->d,b->d,a->top); /**/
+ }
+ BN_print(stdout,a); fprintf(stdout," * ");
+ BN_print(stdout,b); fprintf(stdout," - ");
+ BN_print(stdout,r); fprintf(stdout,"\n");
+ }
+ }
diff --git a/crypto/buffer/Makefile.ssl b/crypto/buffer/Makefile.ssl
new file mode 100644
index 0000000..3536793
--- /dev/null
+++ b/crypto/buffer/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/buffer/Makefile
+#
+
+DIR= buffer
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=buffer
+ERRC=buf_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= buffer.c $(ERRC).c
+LIBOBJ= buffer.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= buffer.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/buffer/buf_err.c b/crypto/buffer/buf_err.c
new file mode 100644
index 0000000..8cb9f33
--- /dev/null
+++ b/crypto/buffer/buf_err.c
@@ -0,0 +1,81 @@
+/* lib/buf/buf_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "buffer.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA BUF_str_functs[]=
+ {
+{ERR_PACK(0,BUF_F_BUF_MEM_GROW,0), "BUF_MEM_grow"},
+{ERR_PACK(0,BUF_F_BUF_MEM_NEW,0), "BUF_MEM_new"},
+{ERR_PACK(0,BUF_F_BUF_STRDUP,0), "BUF_strdup"},
+{ERR_PACK(0,BUF_F_PXYCLNT_READ,0), "PXYCLNT_READ"},
+{0,NULL},
+ };
+
+void ERR_load_BUF_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_BUF,BUF_str_functs);
+ }
+ }
diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
new file mode 100644
index 0000000..df7e2fa
--- /dev/null
+++ b/crypto/buffer/buffer.c
@@ -0,0 +1,139 @@
+/* crypto/buffer/buffer.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+
+BUF_MEM *BUF_MEM_new()
+ {
+ BUF_MEM *ret;
+
+ ret=(BUF_MEM *)Malloc(sizeof(BUF_MEM));
+ if (ret == NULL)
+ {
+ BUFerr(BUF_F_BUF_MEM_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->length=0;
+ ret->max=0;
+ ret->data=NULL;
+ return(ret);
+ }
+
+void BUF_MEM_free(a)
+BUF_MEM *a;
+ {
+ if (a->data != NULL)
+ {
+ memset(a->data,0,(unsigned int)a->max);
+ Free(a->data);
+ }
+ Free(a);
+ }
+
+int BUF_MEM_grow(str, len)
+BUF_MEM *str;
+int len;
+ {
+ char *ret;
+ unsigned int n;
+
+ if (str->length >= len) return(len);
+ if (str->max >= len)
+ {
+ memset(&(str->data[str->length]),0,len-str->length);
+ str->length=len;
+ return(len);
+ }
+ n=(len+3)/3*4;
+ if (str->data == NULL)
+ ret=(char *)Malloc(n);
+ else
+ ret=(char *)Realloc(str->data,n);
+ if (ret == NULL)
+ {
+ BUFerr(BUF_F_BUF_MEM_GROW,ERR_R_MALLOC_FAILURE);
+ len=0;
+ }
+ else
+ {
+ str->data=ret;
+ str->length=len;
+ str->max=n;
+ }
+ return(len);
+ }
+
+char *BUF_strdup(str)
+char *str;
+ {
+ char *ret;
+ int n;
+
+ n=strlen(str);
+ ret=Malloc(n+1);
+ if (ret == NULL)
+ {
+ BUFerr(BUF_F_BUF_STRDUP,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ memcpy(ret,str,n+1);
+ return(ret);
+ }
+
diff --git a/crypto/buffer/buffer.err b/crypto/buffer/buffer.err
new file mode 100644
index 0000000..62b775e
--- /dev/null
+++ b/crypto/buffer/buffer.err
@@ -0,0 +1,9 @@
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+#define BUF_F_BUF_MEM_GROW 100
+#define BUF_F_BUF_MEM_NEW 101
+#define BUF_F_BUF_STRDUP 102
+#define BUF_F_PXYCLNT_READ 103
+
+/* Reason codes. */
diff --git a/crypto/buffer/buffer.h b/crypto/buffer/buffer.h
new file mode 100644
index 0000000..87c9071
--- /dev/null
+++ b/crypto/buffer/buffer.h
@@ -0,0 +1,107 @@
+/* crypto/buffer/buffer.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_BUFFER_H
+#define HEADER_BUFFER_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct buf_mem_st
+ {
+ int length;
+ char *data;
+ int max;
+ } BUF_MEM;
+
+#ifndef NOPROTO
+BUF_MEM *BUF_MEM_new(void);
+void BUF_MEM_free(BUF_MEM *a);
+int BUF_MEM_grow(BUF_MEM *str, int len);
+char * BUF_strdup(char *str);
+
+void ERR_load_BUF_strings(void );
+
+#else
+
+BUF_MEM *BUF_MEM_new();
+void BUF_MEM_free();
+int BUF_MEM_grow();
+char * BUF_strdup();
+
+void ERR_load_BUF_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the BUF functions. */
+
+/* Function codes. */
+#define BUF_F_BUF_MEM_GROW 100
+#define BUF_F_BUF_MEM_NEW 101
+#define BUF_F_BUF_STRDUP 102
+#define BUF_F_PXYCLNT_READ 103
+
+/* Reason codes. */
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/conf/Makefile.ssl b/crypto/conf/Makefile.ssl
new file mode 100644
index 0000000..878ac70
--- /dev/null
+++ b/crypto/conf/Makefile.ssl
@@ -0,0 +1,85 @@
+#
+# SSLeay/crypto/conf/Makefile
+#
+
+DIR= conf
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=conf
+ERRC=conf_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= conf.c $(ERRC).c
+
+LIBOBJ= conf.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= conf.h
+HEADER= conf_lcl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/conf/cnf_save.c b/crypto/conf/cnf_save.c
new file mode 100644
index 0000000..8524802
--- /dev/null
+++ b/crypto/conf/cnf_save.c
@@ -0,0 +1,106 @@
+/* crypto/conf/cnf_save.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "conf.h"
+
+void print_conf(CONF_VALUE *cv);
+
+main()
+ {
+ LHASH *conf;
+ long l;
+
+ conf=CONF_load(NULL,"../../apps/ssleay.cnf",&l);
+ if (conf == NULL)
+ {
+ fprintf(stderr,"error loading config, line %ld\n",l);
+ exit(1);
+ }
+
+ lh_doall(conf,print_conf);
+ }
+
+
+void print_conf(cv)
+CONF_VALUE *cv;
+ {
+ int i;
+ CONF_VALUE *v;
+ char *section;
+ char *name;
+ char *value;
+ STACK *s;
+
+ /* If it is a single entry, return */
+
+ if (cv->name != NULL) return;
+
+ printf("[ %s ]\n",cv->section);
+ s=(STACK *)cv->value;
+
+ for (i=0; i<sk_num(s); i++)
+ {
+ v=(CONF_VALUE *)sk_value(s,i);
+ section=(v->section == NULL)?"None":v->section;
+ name=(v->name == NULL)?"None":v->name;
+ value=(v->value == NULL)?"None":v->value;
+ printf("%s=%s\n",name,value);
+ }
+ printf("\n");
+ }
diff --git a/crypto/conf/conf.c b/crypto/conf/conf.c
new file mode 100644
index 0000000..68243e9
--- /dev/null
+++ b/crypto/conf/conf.c
@@ -0,0 +1,725 @@
+/* crypto/conf/conf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "stack.h"
+#include "lhash.h"
+#include "conf.h"
+#include "buffer.h"
+#include "err.h"
+
+#include "conf_lcl.h"
+
+#ifndef NOPROTO
+static void value_free_hash(CONF_VALUE *a, LHASH *conf);
+static void value_free_stack(CONF_VALUE *a,LHASH *conf);
+static unsigned long hash(CONF_VALUE *v);
+static int cmp(CONF_VALUE *a,CONF_VALUE *b);
+static char *eat_ws(char *p);
+static char *eat_alpha_numeric(char *p);
+static void clear_comments(char *p);
+static int str_copy(LHASH *conf,char *section,char **to, char *from);
+static char *scan_quote(char *p);
+static CONF_VALUE *new_section(LHASH *conf,char *section);
+static CONF_VALUE *get_section(LHASH *conf,char *section);
+#else
+static void value_free_hash();
+static void value_free_stack();
+static unsigned long hash();
+static int cmp();
+static char *eat_ws();
+static char *eat_alpha_numeric();
+static void clear_comments();
+static int str_copy();
+static char *scan_quote();
+static CONF_VALUE *new_section();
+static CONF_VALUE *get_section();
+#endif
+
+#define scan_esc(p) ((*(++p) == '\0')?(p):(++p))
+
+char *CONF_version="CONF part of SSLeay 0.8.1b 29-Jun-1998";
+
+LHASH *CONF_load(h,file,line)
+LHASH *h;
+char *file;
+long *line;
+ {
+ LHASH *ret=NULL;
+ FILE *in=NULL;
+#define BUFSIZE 512
+ int bufnum=0,i,ii;
+ BUF_MEM *buff=NULL;
+ char *s,*p,*end;
+ int again,n,eline=0;
+ CONF_VALUE *v=NULL,*vv,*tv;
+ CONF_VALUE *sv=NULL;
+ char *section=NULL,*buf;
+ STACK *section_sk=NULL,*ts;
+ char *start,*psection,*pname;
+
+ if ((buff=BUF_MEM_new()) == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_BUF_LIB);
+ goto err;
+ }
+
+ in=fopen(file,"rb");
+ if (in == NULL)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_SYS_LIB);
+ goto err;
+ }
+
+ section=(char *)Malloc(10);
+ if (section == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strcpy(section,"default");
+
+ if (h == NULL)
+ {
+ if ((ret=lh_new(hash,cmp)) == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ else
+ ret=h;
+
+ sv=new_section(ret,section);
+ if (sv == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+ goto err;
+ }
+ section_sk=(STACK *)sv->value;
+
+ bufnum=0;
+ for (;;)
+ {
+ again=0;
+ if (!BUF_MEM_grow(buff,bufnum+BUFSIZE))
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_BUF_LIB);
+ goto err;
+ }
+ p= &(buff->data[bufnum]);
+ *p='\0';
+ fgets(p,BUFSIZE-1,in);
+ p[BUFSIZE-1]='\0';
+ ii=i=strlen(p);
+ if (i == 0) break;
+ while (i > 0)
+ {
+ if ((p[i-1] != '\r') && (p[i-1] != '\n'))
+ break;
+ else
+ i--;
+ }
+ /* we removed some trailing stuff so there is a new
+ * line on the end. */
+ if (i == ii)
+ again=1; /* long line */
+ else
+ {
+ p[i]='\0';
+ eline++; /* another input line */
+ }
+
+ /* we now have a line with trailing \r\n removed */
+
+ /* i is the number of bytes */
+ bufnum+=i;
+
+ v=NULL;
+ /* check for line continuation */
+ if (bufnum >= 1)
+ {
+ /* If we have bytes and the last char '\\' and
+ * second last char is not '\\' */
+ p= &(buff->data[bufnum-1]);
+ if ( IS_ESC(p[0]) &&
+ ((bufnum <= 1) || !IS_ESC(p[-1])))
+ {
+ bufnum--;
+ again=1;
+ }
+ }
+ if (again) continue;
+ bufnum=0;
+ buf=buff->data;
+
+ clear_comments(buf);
+ n=strlen(buf);
+ s=eat_ws(buf);
+ if (IS_EOF(*s)) continue; /* blank line */
+ if (*s == '[')
+ {
+ s++;
+ start=eat_ws(s);
+ end=eat_alpha_numeric(start);
+ p=eat_ws(end);
+ if (*p != ']')
+ {
+ CONFerr(CONF_F_CONF_LOAD,CONF_R_MISSING_CLOSE_SQUARE_BRACKET);
+ goto err;
+ }
+ *end='\0';
+ if (!str_copy(ret,NULL,§ion,start)) goto err;
+ if ((sv=get_section(ret,section)) == NULL)
+ sv=new_section(ret,section);
+ if (sv == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+ goto err;
+ }
+ section_sk=(STACK *)sv->value;
+ continue;
+ }
+ else
+ {
+ pname=s;
+ psection=NULL;
+ end=eat_alpha_numeric(s);
+ if ((end[0] == ':') && (end[1] == ':'))
+ {
+ *end='\0';
+ end+=2;
+ psection=pname;
+ pname=end;
+ end=eat_alpha_numeric(end);
+ }
+ p=eat_ws(end);
+ if (*p != '=')
+ {
+ CONFerr(CONF_F_CONF_LOAD,CONF_R_MISSING_EQUAL_SIGN);
+ goto err;
+ }
+ *end='\0';
+ p++;
+ start=eat_ws(p);
+ while (!IS_EOF(*p))
+ p++;
+ p--;
+ while ((p != start) && (IS_WS(*p)))
+ p--;
+ p++;
+ *p='\0';
+
+ if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (psection == NULL) psection=section;
+ v->name=(char *)Malloc(strlen(pname)+1);
+ v->value=NULL;
+ if (v->name == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strcpy(v->name,pname);
+ if (!str_copy(ret,psection,&(v->value),start)) goto err;
+
+ if (strcmp(psection,section) != 0)
+ {
+ if ((tv=get_section(ret,psection))
+ == NULL)
+ tv=new_section(ret,psection);
+ if (tv == NULL)
+ {
+ CONFerr(CONF_F_CONF_LOAD,CONF_R_UNABLE_TO_CREATE_NEW_SECTION);
+ goto err;
+ }
+ ts=(STACK *)tv->value;
+ }
+ else
+ {
+ tv=sv;
+ ts=section_sk;
+ }
+ v->section=tv->section;
+ if (!sk_push(ts,(char *)v))
+ {
+ CONFerr(CONF_F_CONF_LOAD,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ vv=(CONF_VALUE *)lh_insert(ret,(char *)v);
+ if (vv != NULL)
+ {
+ sk_delete_ptr(ts,(char *)vv);
+ Free(vv->name);
+ Free(vv->value);
+ Free(vv);
+ }
+ v=NULL;
+ }
+ }
+ if (buff != NULL) BUF_MEM_free(buff);
+ if (section != NULL) Free(section);
+ if (in != NULL) fclose(in);
+ return(ret);
+err:
+ if (buff != NULL) BUF_MEM_free(buff);
+ if (section != NULL) Free(section);
+ if (line != NULL) *line=eline;
+ if (in != NULL) fclose(in);
+ if ((h != ret) && (ret != NULL)) CONF_free(ret);
+ if (v != NULL)
+ {
+ if (v->name != NULL) Free(v->name);
+ if (v->value != NULL) Free(v->value);
+ if (v != NULL) Free(v);
+ }
+ return(NULL);
+ }
+
+char *CONF_get_string(conf,section,name)
+LHASH *conf;
+char *section;
+char *name;
+ {
+ CONF_VALUE *v,vv;
+ char *p;
+
+ if (name == NULL) return(NULL);
+ if (conf != NULL)
+ {
+ if (section != NULL)
+ {
+ vv.name=name;
+ vv.section=section;
+ v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
+ if (v != NULL) return(v->value);
+ if (strcmp(section,"ENV") == 0)
+ {
+ p=Getenv(name);
+ if (p != NULL) return(p);
+ }
+ }
+ vv.section="default";
+ vv.name=name;
+ v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
+ if (v != NULL)
+ return(v->value);
+ else
+ return(NULL);
+ }
+ else
+ return(Getenv(name));
+ }
+
+static CONF_VALUE *get_section(conf,section)
+LHASH *conf;
+char *section;
+ {
+ CONF_VALUE *v,vv;
+
+ if ((conf == NULL) || (section == NULL)) return(NULL);
+ vv.name=NULL;
+ vv.section=section;
+ v=(CONF_VALUE *)lh_retrieve(conf,(char *)&vv);
+ return(v);
+ }
+
+STACK *CONF_get_section(conf,section)
+LHASH *conf;
+char *section;
+ {
+ CONF_VALUE *v;
+
+ v=get_section(conf,section);
+ if (v != NULL)
+ return((STACK *)v->value);
+ else
+ return(NULL);
+ }
+
+long CONF_get_number(conf,section,name)
+LHASH *conf;
+char *section;
+char *name;
+ {
+ char *str;
+ long ret=0;
+
+ str=CONF_get_string(conf,section,name);
+ if (str == NULL) return(0);
+ for (;;)
+ {
+ if (IS_NUMER(*str))
+ ret=ret*10+(*str -'0');
+ else
+ return(ret);
+ str++;
+ }
+ }
+
+void CONF_free(conf)
+LHASH *conf;
+ {
+ if (conf == NULL) return;
+
+ conf->down_load=0; /* evil thing to make sure the 'Free()'
+ * works as expected */
+ lh_doall_arg(conf,(void (*)())value_free_hash,(char *)conf);
+
+ /* We now have only 'section' entries in the hash table.
+ * Due to problems with */
+
+ lh_doall_arg(conf,(void (*)())value_free_stack,(char *)conf);
+ lh_free(conf);
+ }
+
+static void value_free_hash(a,conf)
+CONF_VALUE *a;
+LHASH *conf;
+ {
+ if (a->name != NULL)
+ {
+ a=(CONF_VALUE *)lh_delete(conf,(char *)a);
+ }
+ }
+
+static void value_free_stack(a,conf)
+CONF_VALUE *a;
+LHASH *conf;
+ {
+ CONF_VALUE *vv;
+ STACK *sk;
+ int i;
+
+ if (a->name != NULL) return;
+
+ sk=(STACK *)a->value;
+ for (i=sk_num(sk)-1; i>=0; i--)
+ {
+ vv=(CONF_VALUE *)sk_value(sk,i);
+ Free(vv->value);
+ Free(vv->name);
+ Free(vv);
+ }
+ if (sk != NULL) sk_free(sk);
+ Free(a->section);
+ Free(a);
+ }
+
+static void clear_comments(p)
+char *p;
+ {
+ char *to;
+
+ to=p;
+ for (;;)
+ {
+ if (IS_COMMENT(*p))
+ {
+ *p='\0';
+ return;
+ }
+ if (IS_QUOTE(*p))
+ {
+ p=scan_quote(p);
+ continue;
+ }
+ if (IS_ESC(*p))
+ {
+ p=scan_esc(p);
+ continue;
+ }
+ if (IS_EOF(*p))
+ return;
+ else
+ p++;
+ }
+ }
+
+static int str_copy(conf,section,pto,from)
+LHASH *conf;
+char *section;
+char **pto,*from;
+ {
+ int q,r,rr=0,to=0,len=0;
+ char *s,*e,*rp,*p,*rrp,*np,*cp,v;
+ BUF_MEM *buf;
+
+ if ((buf=BUF_MEM_new()) == NULL) return(0);
+
+ len=strlen(from)+1;
+ if (!BUF_MEM_grow(buf,len)) goto err;
+
+ for (;;)
+ {
+ if (IS_QUOTE(*from))
+ {
+ q= *from;
+ from++;
+ while ((*from != '\0') && (*from != q))
+ {
+ if (*from == '\\')
+ {
+ from++;
+ if (*from == '\0') break;
+ }
+ buf->data[to++]= *(from++);
+ }
+ }
+ else if (*from == '\\')
+ {
+ from++;
+ v= *(from++);
+ if (v == '\0') break;
+ else if (v == 'r') v='\r';
+ else if (v == 'n') v='\n';
+ else if (v == 'b') v='\b';
+ else if (v == 't') v='\t';
+ buf->data[to++]= v;
+ }
+ else if (*from == '\0')
+ break;
+ else if (*from == '$')
+ {
+ /* try to expand it */
+ rrp=NULL;
+ s= &(from[1]);
+ if (*s == '{')
+ q='}';
+ else if (*s == '(')
+ q=')';
+ else q=0;
+
+ if (q) s++;
+ cp=section;
+ e=np=s;
+ while (IS_ALPHA_NUMERIC(*e))
+ e++;
+ if ((e[0] == ':') && (e[1] == ':'))
+ {
+ cp=np;
+ rrp=e;
+ rr= *e;
+ *rrp='\0';
+ e+=2;
+ np=e;
+ while (IS_ALPHA_NUMERIC(*e))
+ e++;
+ }
+ r= *e;
+ *e='\0';
+ rp=e;
+ if (q)
+ {
+ if (r != q)
+ {
+ CONFerr(CONF_F_STR_COPY,CONF_R_NO_CLOSE_BRACE);
+ goto err;
+ }
+ e++;
+ }
+ /* So at this point we have
+ * ns which is the start of the name string which is
+ * '\0' terminated.
+ * cs which is the start of the section string which is
+ * '\0' terminated.
+ * e is the 'next point after'.
+ * r and s are the chars replaced by the '\0'
+ * rp and sp is where 'r' and 's' came from.
+ */
+ p=CONF_get_string(conf,cp,np);
+ if (rrp != NULL) *rrp=rr;
+ *rp=r;
+ if (p == NULL)
+ {
+ CONFerr(CONF_F_STR_COPY,CONF_R_VARIABLE_HAS_NO_VALUE);
+ goto err;
+ }
+ BUF_MEM_grow(buf,(strlen(p)+len-(e-from)));
+ while (*p)
+ buf->data[to++]= *(p++);
+ from=e;
+ }
+ else
+ buf->data[to++]= *(from++);
+ }
+ buf->data[to]='\0';
+ if (*pto != NULL) Free(*pto);
+ *pto=buf->data;
+ Free(buf);
+ return(1);
+err:
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(0);
+ }
+
+static char *eat_ws(p)
+char *p;
+ {
+ while (IS_WS(*p) && (!IS_EOF(*p)))
+ p++;
+ return(p);
+ }
+
+static char *eat_alpha_numeric(p)
+char *p;
+ {
+ for (;;)
+ {
+ if (IS_ESC(*p))
+ {
+ p=scan_esc(p);
+ continue;
+ }
+ if (!IS_ALPHA_NUMERIC_PUNCT(*p))
+ return(p);
+ p++;
+ }
+ }
+
+static unsigned long hash(v)
+CONF_VALUE *v;
+ {
+ return((lh_strhash(v->section)<<2)^lh_strhash(v->name));
+ }
+
+static int cmp(a,b)
+CONF_VALUE *a,*b;
+ {
+ int i;
+
+ if (a->section != b->section)
+ {
+ i=strcmp(a->section,b->section);
+ if (i) return(i);
+ }
+
+ if ((a->name != NULL) && (b->name != NULL))
+ {
+ i=strcmp(a->name,b->name);
+ return(i);
+ }
+ else if (a->name == b->name)
+ return(0);
+ else
+ return((a->name == NULL)?-1:1);
+ }
+
+static char *scan_quote(p)
+char *p;
+ {
+ int q= *p;
+
+ p++;
+ while (!(IS_EOF(*p)) && (*p != q))
+ {
+ if (IS_ESC(*p))
+ {
+ p++;
+ if (IS_EOF(*p)) return(p);
+ }
+ p++;
+ }
+ if (*p == q) p++;
+ return(p);
+ }
+
+static CONF_VALUE *new_section(conf,section)
+LHASH *conf;
+char *section;
+ {
+ STACK *sk=NULL;
+ int ok=0,i;
+ CONF_VALUE *v=NULL,*vv;
+
+ if ((sk=sk_new_null()) == NULL)
+ goto err;
+ if ((v=(CONF_VALUE *)Malloc(sizeof(CONF_VALUE))) == NULL)
+ goto err;
+ i=strlen(section)+1;
+ if ((v->section=(char *)Malloc(i)) == NULL)
+ goto err;
+
+ memcpy(v->section,section,i);
+ v->name=NULL;
+ v->value=(char *)sk;
+
+ vv=(CONF_VALUE *)lh_insert(conf,(char *)v);
+#ifndef WIN16
+ if (vv != NULL)
+ {
+ fprintf(stderr,"internal fault\n");
+ abort();
+ }
+#endif
+ ok=1;
+err:
+ if (!ok)
+ {
+ if (sk != NULL) sk_free(sk);
+ if (v != NULL) Free(v);
+ v=NULL;
+ }
+ return(v);
+ }
diff --git a/crypto/conf/conf.err b/crypto/conf/conf.err
new file mode 100644
index 0000000..933d3d6
--- /dev/null
+++ b/crypto/conf/conf.err
@@ -0,0 +1,12 @@
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+#define CONF_F_CONF_LOAD 100
+#define CONF_F_STR_COPY 101
+
+/* Reason codes. */
+#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+#define CONF_R_MISSING_EQUAL_SIGN 101
+#define CONF_R_NO_CLOSE_BRACE 102
+#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+#define CONF_R_VARIABLE_HAS_NO_VALUE 104
diff --git a/crypto/conf/conf.h b/crypto/conf/conf.h
new file mode 100644
index 0000000..a23ec95
--- /dev/null
+++ b/crypto/conf/conf.h
@@ -0,0 +1,114 @@
+/* crypto/conf/conf.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CONF_H
+#define HEADER_CONF_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "lhash.h"
+
+typedef struct
+ {
+ char *section;
+ char *name;
+ char *value;
+ } CONF_VALUE;
+
+#ifndef NOPROTO
+
+LHASH *CONF_load(LHASH *conf,char *file,long *eline);
+STACK *CONF_get_section(LHASH *conf,char *section);
+char *CONF_get_string(LHASH *conf,char *group,char *name);
+long CONF_get_number(LHASH *conf,char *group,char *name);
+void CONF_free(LHASH *conf);
+void ERR_load_CONF_strings(void );
+
+#else
+
+LHASH *CONF_load();
+STACK *CONF_get_section();
+char *CONF_get_string();
+long CONF_get_number();
+void CONF_free();
+void ERR_load_CONF_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the CONF functions. */
+
+/* Function codes. */
+#define CONF_F_CONF_LOAD 100
+#define CONF_F_STR_COPY 101
+
+/* Reason codes. */
+#define CONF_R_MISSING_CLOSE_SQUARE_BRACKET 100
+#define CONF_R_MISSING_EQUAL_SIGN 101
+#define CONF_R_NO_CLOSE_BRACE 102
+#define CONF_R_UNABLE_TO_CREATE_NEW_SECTION 103
+#define CONF_R_VARIABLE_HAS_NO_VALUE 104
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/conf/conf_err.c b/crypto/conf/conf_err.c
new file mode 100644
index 0000000..b88c5b7
--- /dev/null
+++ b/crypto/conf/conf_err.c
@@ -0,0 +1,90 @@
+/* lib/conf/conf_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "conf.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA CONF_str_functs[]=
+ {
+{ERR_PACK(0,CONF_F_CONF_LOAD,0), "CONF_load"},
+{ERR_PACK(0,CONF_F_STR_COPY,0), "STR_COPY"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA CONF_str_reasons[]=
+ {
+{CONF_R_MISSING_CLOSE_SQUARE_BRACKET ,"missing close square bracket"},
+{CONF_R_MISSING_EQUAL_SIGN ,"missing equal sign"},
+{CONF_R_NO_CLOSE_BRACE ,"no close brace"},
+{CONF_R_UNABLE_TO_CREATE_NEW_SECTION ,"unable to create new section"},
+{CONF_R_VARIABLE_HAS_NO_VALUE ,"variable has no value"},
+{0,NULL},
+ };
+
+void ERR_load_CONF_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_CONF,CONF_str_functs);
+ ERR_load_strings(ERR_LIB_CONF,CONF_str_reasons);
+ }
+ }
diff --git a/crypto/conf/conf_lcl.h b/crypto/conf/conf_lcl.h
new file mode 100644
index 0000000..8ae7ce0
--- /dev/null
+++ b/crypto/conf/conf_lcl.h
@@ -0,0 +1,102 @@
+/* crypto/conf/conf_lcl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define CONF_NUMBER 1
+#define CONF_UPPER 2
+#define CONF_LOWER 4
+#define CONF_UNDER 256
+#define CONF_PUNCTUATION 512
+#define CONF_WS 16
+#define CONF_ESC 32
+#define CONF_QUOTE 64
+#define CONF_COMMENT 128
+#define CONF_EOF 8
+#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_ALPHA_NUMERIC_PUNCT (CONF_ALPHA|CONF_NUMBER|CONF_UNDER| \
+ CONF_PUNCTUATION)
+
+#define IS_COMMENT(a) (CONF_COMMENT&(CONF_type[(a)&0x7f]))
+#define IS_EOF(a) ((a) == '\0')
+#define IS_ESC(a) ((a) == '\\')
+#define IS_NUMER(a) (CONF_type[(a)&0x7f]&CONF_NUMBER)
+#define IS_WS(a) (CONF_type[(a)&0x7f]&CONF_WS)
+#define IS_ALPHA_NUMERIC(a) (CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC)
+#define IS_ALPHA_NUMERIC_PUNCT(a) \
+ (CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC_PUNCT)
+#define IS_QUOTE(a) (CONF_type[(a)&0x7f]&CONF_QUOTE)
+
+static unsigned short CONF_type[128]={
+ 0x008,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
+ 0x000,0x010,0x010,0x000,0x000,0x010,0x000,0x000,
+ 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
+ 0x000,0x000,0x000,0x000,0x000,0x000,0x000,0x000,
+ 0x010,0x200,0x040,0x080,0x000,0x200,0x200,0x040,
+ 0x000,0x000,0x200,0x200,0x200,0x200,0x200,0x200,
+ 0x001,0x001,0x001,0x001,0x001,0x001,0x001,0x001,
+ 0x001,0x001,0x000,0x200,0x000,0x000,0x000,0x200,
+ 0x200,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
+ 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
+ 0x002,0x002,0x002,0x002,0x002,0x002,0x002,0x002,
+ 0x002,0x002,0x002,0x000,0x020,0x000,0x200,0x100,
+ 0x040,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
+ 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
+ 0x004,0x004,0x004,0x004,0x004,0x004,0x004,0x004,
+ 0x004,0x004,0x004,0x000,0x200,0x000,0x200,0x000,
+ };
+
diff --git a/crypto/conf/keysets.pl b/crypto/conf/keysets.pl
new file mode 100644
index 0000000..1aed0c8
--- /dev/null
+++ b/crypto/conf/keysets.pl
@@ -0,0 +1,61 @@
+#!/usr/local/bin/perl
+
+$NUMBER=0x01;
+$UPPER=0x02;
+$LOWER=0x04;
+$EOF=0x08;
+$WS=0x10;
+$ESC=0x20;
+$QUOTE=0x40;
+$COMMENT=0x80;
+$UNDER=0x100;
+
+foreach (0 .. 127)
+ {
+ $v=0;
+ $c=sprintf("%c",$_);
+ $v|=$NUMBER if ($c =~ /[0-9]/);
+ $v|=$UPPER if ($c =~ /[A-Z]/);
+ $v|=$LOWER if ($c =~ /[a-z]/);
+ $v|=$UNDER if ($c =~ /_/);
+ $v|=$WS if ($c =~ / \t\r\n/);
+ $v|=$ESC if ($c =~ /\\/);
+ $v|=$QUOTE if ($c =~ /['`"]/);
+ $v|=$COMMENT if ($c =~ /\#/);
+ $v|=$EOF if ($c =~ /\0/);
+
+ push(@V,$v);
+ }
+
+print <<"EOF";
+#define CONF_NUMBER $NUMBER
+#define CONF_UPPER $UPPER
+#define CONF_LOWER $LOWER
+#define CONF_EOF $EOF
+#define CONF_WS $WS
+#define CONF_ESC $ESC
+#define CONF_QUOTE $QUOTE
+#define CONF_COMMENT $COMMENT
+#define CONF_ALPHA (CONF_UPPER|CONF_LOWER)
+#define CONF_ALPHA_NUMERIC (CONF_ALPHA|CONF_NUMBER|CONF_UNDER)
+#define CONF_UNDER $UNDER
+
+#define IS_COMMENT(a) (CONF_COMMENT&(CONF_type[(a)&0x7f]))
+#define IS_EOF(a) ((a) == '\\0')
+#define IS_ESC(a) ((a) == '\\\\')
+#define IS_NUMER(a) (CONF_type[(a)&0x7f]&CONF_NUMBER)
+#define IS_WS(a) (CONF_type[(a)&0x7f]&CONF_WS)
+#define IS_ALPHA_NUMERIC(a) (CONF_type[(a)&0x7f]&CONF_ALPHA_NUMERIC)
+#define IS_QUOTE(a) (CONF_type[(a)&0x7f]&CONF_QUOTE)
+
+EOF
+
+print "static unsigned short CONF_type[128]={";
+
+for ($i=0; $i<128; $i++)
+ {
+ print "\n\t" if ($i % 8) == 0;
+ printf "0x%03X,",$V[$i];
+ }
+
+print "\n\t};\n";
diff --git a/crypto/conf/ssleay.cnf b/crypto/conf/ssleay.cnf
new file mode 100644
index 0000000..ed33af6
--- /dev/null
+++ b/crypto/conf/ssleay.cnf
@@ -0,0 +1,78 @@
+#
+# This is a test configuration file for use in SSLeay etc...
+#
+
+init = 5
+in\#it1 =10
+init2='10'
+init3='10\''
+init4="10'"
+init5='='10\'' again'
+
+SSLeay::version = 0.5.0
+
+[genrsa]
+default_bits = 512
+SSLEAY::version = 0.5.0
+
+[gendh]
+default_bits = 512
+def_generator = 2
+
+[s_client]
+cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\
+cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5'
+cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5"
+cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5
+
+[ default ]
+cert_dir = $ENV::HOME/.ca_certs
+
+HOME = /tmp/eay
+
+tmp_cert_dir = $HOME/.ca_certs
+tmp2_cert_dir = thisis$(HOME)stuff
+
+LOGNAME = Eric Young (home=$HOME)
+
+[ special ]
+
+H=$HOME
+H=$default::HOME
+H=$ENV::HOME
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = $HOME/.rand
+
+[ req ]
+default_bits = 512
+default_keyfile = privkey.pem
+
+Attribute_type_1 = countryName
+Attribute_text_1 = Country Name (2 letter code)
+Attribute_default_1 = AU
+
+Attribute_type_2 = stateOrProvinceName
+Attribute_text_2 = State or Province Name (full name)
+Attribute_default_2 = Queensland
+
+Attribute_type_3 = localityName
+Attribute_text_3 = Locality Name (eg, city)
+
+Attribute_type_4 = organizationName
+Attribute_text_4 = Organization Name (eg, company)
+Attribute_default_4 = Mincom Pty Ltd
+
+Attribute_type_5 = organizationalUnitName
+Attribute_text_5 = Organizational Unit Name (eg, section)
+Attribute_default_5 = TR
+
+Attribute_type_6 = commonName
+Attribute_text_6 = Common Name (eg, YOUR name)
+
+Attribute_type_7 = emailAddress
+Attribute_text_7 = Email Address
+
diff --git a/crypto/conf/test.c b/crypto/conf/test.c
new file mode 100644
index 0000000..1718592
--- /dev/null
+++ b/crypto/conf/test.c
@@ -0,0 +1,91 @@
+/* crypto/conf/test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "conf.h"
+
+main()
+ {
+ LHASH *conf;
+ long eline;
+ char *s,*s2;
+
+ conf=CONF_load(NULL,"ssleay.conf",&eline);
+ if (conf == NULL)
+ {
+ ERR_load_crypto_strings();
+ printf("unable to load configuration, line %ld\n",eline);
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+ lh_stats(conf,stdout);
+ lh_node_stats(conf,stdout);
+ lh_node_usage_stats(conf,stdout);
+
+ s=CONF_get_string(conf,NULL,"init2");
+ printf("init2=%s\n",(s == NULL)?"NULL":s);
+
+ s=CONF_get_string(conf,NULL,"cipher1");
+ printf("cipher1=%s\n",(s == NULL)?"NULL":s);
+
+ s=CONF_get_string(conf,"s_client","cipher1");
+ printf("s_client:cipher1=%s\n",(s == NULL)?"NULL":s);
+
+ exit(0);
+ }
diff --git a/crypto/cryptall.h b/crypto/cryptall.h
new file mode 100644
index 0000000..8eb0855
--- /dev/null
+++ b/crypto/cryptall.h
@@ -0,0 +1,110 @@
+/* crypto/cryptall.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTOALL_H
+#define HEADER_CRYPTOALL_H
+
+#include "buffer.h"
+#include "stack.h"
+#include "lhash.h"
+
+#include "err.h"
+
+#ifdef NO_MD2
+#include <md2.h>
+#else
+#include "md2.h"
+#endif
+#ifdef NO_MD5
+#include <md5.h>
+#else
+#include "md5.h"
+#endif
+#include "sha.h"
+
+#ifdef NO_DES
+#include <des.h>
+#else
+#include "des.h"
+#endif
+#include "rc2.h"
+#include "rc4.h"
+#include "idea.h"
+
+#include "bn.h"
+#include "dh.h"
+#include "rsa.h"
+#include "dsa.h"
+
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"
+
+#include "err.h"
+#include "evp.h"
+
+#include "meth.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"
+
+#include "crypto.h"
+
+#endif
diff --git a/crypto/cryptlib.c b/crypto/cryptlib.c
new file mode 100644
index 0000000..12cf073
--- /dev/null
+++ b/crypto/cryptlib.c
@@ -0,0 +1,267 @@
+/* crypto/cryptlib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "date.h"
+
+/* real #defines in crypto.h, keep these upto date */
+static char* lock_names[CRYPTO_NUM_LOCKS] =
+ {
+ "<<ERROR>>",
+ "err",
+ "err_hash",
+ "x509",
+ "x509_info",
+ "x509_pkey",
+ "x509_crl",
+ "x509_req",
+ "dsa",
+ "rsa",
+ "evp_pkey",
+ "x509_store",
+ "ssl_ctx",
+ "ssl_cert",
+ "ssl_session",
+ "ssl",
+ "rand",
+ "debug_malloc",
+ "bio_gethostbyname",
+ "BIO",
+ };
+
+#ifndef NOPROTO
+static void (MS_FAR *locking_callback)(int mode,int type,
+ char *file,int line)=NULL;
+static int (MS_FAR *add_lock_callback)(int *pointer,int amount,
+ int type,char *file,int line)=NULL;
+static unsigned long (MS_FAR *id_callback)(void)=NULL;
+#else
+static void (MS_FAR *locking_callback)()=NULL;
+static int (MS_FAR *add_lock_callback)()=NULL;
+static unsigned long (MS_FAR *id_callback)()=NULL;
+#endif
+
+void (*CRYPTO_get_locking_callback(P_V))(P_I_I_P_I)
+ {
+ return(locking_callback);
+ }
+
+int (*CRYPTO_get_add_lock_callback(P_V))(P_IP_I_I_P_I)
+ {
+ return(add_lock_callback);
+ }
+
+void CRYPTO_set_locking_callback(func)
+void (*func)(P_I_I_P_I);
+ {
+ locking_callback=func;
+ }
+
+void CRYPTO_set_add_lock_callback(func)
+int (*func)(P_IP_I_I_P_I);
+ {
+ add_lock_callback=func;
+ }
+
+unsigned long (*CRYPTO_get_id_callback(P_V))(P_V)
+ {
+ return(id_callback);
+ }
+
+void CRYPTO_set_id_callback(func)
+unsigned long (*func)(P_V);
+ {
+ id_callback=func;
+ }
+
+unsigned long CRYPTO_thread_id()
+ {
+ unsigned long ret=0;
+
+ if (id_callback == NULL)
+ {
+#ifdef WIN16
+ ret=(unsigned long)GetCurrentTask();
+#elif defined(WIN32)
+ ret=(unsigned long)GetCurrentThreadId();
+#elif defined(MSDOS)
+ ret=1L;
+#else
+ ret=(unsigned long)getpid();
+#endif
+ }
+ else
+ ret=id_callback();
+ return(ret);
+ }
+
+void CRYPTO_lock(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef LOCK_DEBUG
+ {
+ char *rw_text,*operation_text;
+
+ if (mode & CRYPTO_LOCK)
+ operation_text="lock ";
+ else if (mode & CRYPTO_UNLOCK)
+ operation_text="unlock";
+ else
+ operation_text="ERROR ";
+
+ if (mode & CRYPTO_READ)
+ rw_text="r";
+ else if (mode & CRYPTO_WRITE)
+ rw_text="w";
+ else
+ rw_text="ERROR";
+
+ fprintf(stderr,"lock:%08lx:(%s)%s %-18s %s:%d\n",
+ CRYPTO_thread_id(), rw_text, operation_text,
+ CRYPTO_get_lock_name(type), file, line);
+ }
+#endif
+ if (locking_callback != NULL)
+ locking_callback(mode,type,file,line);
+ }
+
+int CRYPTO_add_lock(pointer,amount,type,file,line)
+int *pointer;
+int amount;
+int type;
+char *file;
+int line;
+ {
+ int ret;
+
+ if (add_lock_callback != NULL)
+ {
+#ifdef LOCK_DEBUG
+ int before= *pointer;
+#endif
+
+ ret=add_lock_callback(pointer,amount,type,file,line);
+#ifdef LOCK_DEBUG
+ fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+ CRYPTO_thread_id(),
+ before,amount,ret,
+ CRYPTO_get_lock_name(type),
+ file,line);
+#endif
+ *pointer=ret;
+ }
+ else
+ {
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,file,line);
+
+ ret= *pointer+amount;
+#ifdef LOCK_DEBUG
+ fprintf(stderr,"ladd:%08lx:%2d+%2d->%2d %-18s %s:%d\n",
+ CRYPTO_thread_id(),
+ *pointer,amount,ret,
+ CRYPTO_get_lock_name(type),
+ file,line);
+#endif
+ *pointer=ret;
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,file,line);
+ }
+ return(ret);
+ }
+
+char *CRYPTO_get_lock_name(type)
+int type;
+ {
+ if ((type < 0) || (type >= CRYPTO_NUM_LOCKS))
+ return("ERROR");
+ return(lock_names[type]);
+ }
+
+#ifdef _DLL
+#ifdef WIN32
+
+/* All we really need to do is remove the 'error' state when a thread
+ * detaches */
+
+BOOL WINAPI DLLEntryPoint(hinstDLL,fdwReason,lpvReserved)
+HINSTANCE hinstDLL;
+DWORD fdwReason;
+LPVOID lpvReserved;
+ {
+ switch(fdwReason)
+ {
+ case DLL_PROCESS_ATTACH:
+ break;
+ case DLL_THREAD_ATTACH:
+ break;
+ case DLL_THREAD_DETACH:
+ ERR_remove_state(0);
+ break;
+ case DLL_PROCESS_DETACH:
+ break;
+ }
+ return(TRUE);
+ }
+#endif
+
+#endif
diff --git a/crypto/cryptlib.h b/crypto/cryptlib.h
new file mode 100644
index 0000000..cce9a99
--- /dev/null
+++ b/crypto/cryptlib.h
@@ -0,0 +1,98 @@
+/* crypto/cryptlib.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTLIB_H
+#define HEADER_CRYPTLIB_H
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef FLAT_INC
+
+#include "e_os.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "bio.h"
+#include "err.h"
+
+#else
+
+#include "../e_os.h"
+#include "crypto.h"
+#include "buffer/buffer.h"
+#include "bio/bio.h"
+#include "err/err.h"
+#endif
+
+#define X509_CERT_AREA "/usr/local/ssl"
+#define X509_CERT_DIR "/usr/local/ssl/certs"
+#define X509_CERT_FILE "/usr/local/ssl/cert.pem"
+#define X509_PRIVATE_DIR "/usr/local/ssl/private"
+
+#define X509_CERT_DIR_EVP "SSL_CERT_DIR"
+#define X509_CERT_FILE_EVP "SSL_CERT_FILE"
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/crypto.c b/crypto/crypto.c
new file mode 100644
index 0000000..16c4af4
--- /dev/null
+++ b/crypto/crypto.c
@@ -0,0 +1,512 @@
+/* crypto/crypto.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* If you are happy to use the assmbler version of bn/bn_mulw.c, define
+ * BN_ASM */
+#ifndef BN_ASM
+#undef BN_ASM
+#endif
+
+#ifndef DES_ASM
+#undef DES_ASM
+#endif
+
+#ifndef BF_ASM
+#undef BF_ASM
+#endif
+
+/* The following defines are only to break the compiles into chunks.
+ * If you wish to not compile some sections, use the 'NO_XXX' macros
+ */
+#ifndef CRYPTO_SUBSET
+/* Define all subset symbols. */
+#define CRYPTO_LIB_SUBSET
+#define CRYPTO_ASN1_SUBSET
+#define CRYPTO_BN_SUBSET
+#define CRYPTO_BUFFER_SUBSET
+#define CRYPTO_BIO_SUBSET
+#define CRYPTO_CONF_SUBSET
+#define CRYPTO_DES_SUBSET
+#define CRYPTO_DH_SUBSET
+#define CRYPTO_DSA_SUBSET
+#define CRYPTO_ERROR_SUBSET
+#define CRYPTO_EVP_SUBSET
+#define CRYPTO_IDEA_SUBSET
+#define CRYPTO_LHASH_SUBSET
+#define CRYPTO_MD_SUBSET
+#define CRYPTO_MDC2_SUBSET
+#define CRYPTO_METH_SUBSET
+#define CRYPTO_OBJECTS_SUBSET
+#define CRYPTO_PEM_SUBSET
+#define CRYPTO_RAND_SUBSET
+#define CRYPTO_RC_SUBSET
+#define CRYPTO_BF_SUBSET
+#define CRYPTO_RSA_SUBSET
+#define CRYPTO_SHA_SUBSET
+#define CRYPTO_SHA1_SUBSET
+#define CRYPTO_STACK_SUBSET
+#define CRYPTO_TXT_DB_SUBSET
+#define CRYPTO_X509_SUBSET
+#define CRYPTO_PKCS7_SUBSET
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define USE_SOCKETS
+#include "../e_os.h"
+
+#include "buffer.h"
+#include "bio.h"
+#include "stack.h"
+#include "lhash.h"
+
+#include "err.h"
+
+#include "bn.h"
+#include "evp.h"
+
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"
+
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"
+
+#ifdef CRYPTO_LIB_SUBSET
+#include "cryptlib.c"
+#include "mem.c"
+#include "cversion.c"
+#endif
+
+#ifdef CRYPTO_ASN1_SUBSET
+#include "asn1/a_meth.c"
+#include "asn1/a_bitstr.c"
+#include "asn1/a_d2i_fp.c"
+#include "asn1/a_dup.c"
+#include "asn1/a_hdr.c"
+#include "asn1/a_i2d_fp.c"
+#include "asn1/a_int.c"
+#include "asn1/a_bool.c"
+#include "asn1/a_bytes.c"
+#include "asn1/a_object.c"
+#include "asn1/a_octet.c"
+#include "asn1/a_print.c"
+#include "asn1/a_set.c"
+#include "asn1/a_sign.c"
+#include "asn1/a_type.c"
+#include "asn1/a_utctm.c"
+#include "asn1/a_verify.c"
+#include "asn1/a_digest.c"
+#include "asn1/asn1_err.c"
+#include "asn1/asn1_lib.c"
+#include "asn1/asn1_par.c"
+#ifndef NO_DH
+#include "asn1/d2i_dhp.c"
+#include "asn1/i2d_dhp.c"
+#endif
+#ifndef NO_DSA
+#include "asn1/d2i_dsap.c"
+#include "asn1/i2d_dsap.c"
+#include "asn1/d2i_s_pr.c"
+#include "asn1/i2d_s_pr.c"
+#include "asn1/d2i_s_pu.c"
+#include "asn1/i2d_s_pu.c"
+#endif
+#ifndef NO_RSA
+#include "asn1/d2i_r_pr.c"
+#include "asn1/i2d_r_pr.c"
+#include "asn1/d2i_r_pu.c"
+#include "asn1/i2d_r_pu.c"
+#include "asn1/n_pkey.c"
+#endif
+#include "asn1/d2i_pr.c"
+#include "asn1/d2i_pu.c"
+#include "asn1/i2d_pr.c"
+#include "asn1/i2d_pu.c"
+#include "asn1/f_int.c"
+#include "asn1/f_string.c"
+#include "asn1/p7_dgst.c"
+#include "asn1/p7_enc.c"
+#include "asn1/p7_enc_c.c"
+#include "asn1/p7_evp.c"
+#include "asn1/p7_i_s.c"
+#include "asn1/p7_lib.c"
+#include "asn1/p7_recip.c"
+#include "asn1/p7_s_e.c"
+#include "asn1/p7_signd.c"
+#include "asn1/p7_signi.c"
+#include "asn1/t_pkey.c"
+#include "asn1/t_req.c"
+#include "asn1/t_x509.c"
+#include "asn1/x_algor.c"
+#include "asn1/x_attrib.c"
+#include "asn1/x_exten.c"
+#include "asn1/x_cinf.c"
+#include "asn1/x_crl.c"
+#include "asn1/x_info.c"
+#include "asn1/x_name.c"
+#include "asn1/x_pkey.c"
+#include "asn1/x_pubkey.c"
+#include "asn1/x_req.c"
+#include "asn1/x_sig.c"
+#include "asn1/x_spki.c"
+#include "asn1/x_val.c"
+#include "asn1/x_x509.c"
+#endif
+#ifdef CRYPTO_BN_SUBSET
+#include "bn/bn_add.c"
+#include "bn/bn_div.c"
+#include "bn/bn_exp.c"
+#include "bn/bn_mont.c"
+#include "bn/bn_recp.c"
+#include "bn/bn_gcd.c"
+#include "bn/bn_lib.c"
+#include "bn/bn_mod.c"
+#include "bn/bn_mul.c"
+#ifndef BN_ASM
+#include "bn/bn_mulw.c"
+#endif
+#include "bn/bn_prime.c"
+#include "bn/bn_rand.c"
+#include "bn/bn_shift.c"
+#include "bn/bn_sqr.c"
+#include "bn/bn_sub.c"
+#include "bn/bn_word.c"
+#include "bn/bn_print.c"
+#include "bn/bn_err.c"
+#endif
+#ifdef CRYPTO_BIO_SUBSET
+#include "bio/bf_buff.c"
+#include "bio/bf_null.c"
+#include "bio/bf_nbio.c"
+#include "bio/bio_cb.c"
+#include "bio/bio_lib.c"
+#include "bio/bss_fd.c"
+#include "bio/bss_file.c"
+#include "bio/bss_mem.c"
+#include "bio/bss_null.c"
+#ifdef VMS
+#include "bio/bss_rtcp.c"
+#endif
+#include "bio/bss_sock.c"
+#include "bio/bss_conn.c"
+#include "bio/bss_acpt.c"
+#include "bio/b_sock.c"
+#include "bio/b_print.c"
+#include "bio/b_dump.c"
+#include "bio/bio_err.c"
+#endif
+#ifdef CRYPTO_BUFFER_SUBSET
+#include "buffer/buf_err.c"
+#include "buffer/buffer.c"
+#endif
+#ifdef CRYPTO_CONF_SUBSET
+#include "conf/conf.c"
+#include "conf/conf_err.c"
+#endif
+#ifdef CRYPTO_DES_SUBSET
+#include "des/read_pwd.c"
+#ifndef NO_DES
+#ifndef DES_ASM
+#include "des/fcrypt_b.c"
+#include "des/des_enc.c"
+#endif
+#include "des/ncbc_enc.c"
+#include "des/cbc3_enc.c"
+#include "des/cbc_cksm.c"
+#include "des/xcbc_enc.c"
+#include "des/cbc_enc.c"
+#include "des/ede_enc.c"
+#include "des/cfb64ede.c"
+#include "des/cfb64enc.c"
+#include "des/cfb_enc.c"
+#include "des/ecb3_enc.c"
+#include "des/ecb_enc.c"
+#include "des/enc_read.c"
+#include "des/enc_writ.c"
+#include "des/fcrypt.c"
+#include "des/ofb64ede.c"
+#include "des/ofb64enc.c"
+#include "des/ofb_enc.c"
+#include "des/pcbc_enc.c"
+#include "des/qud_cksm.c"
+#include "des/rand_key.c"
+#include "des/read2pwd.c"
+#include "des/rpc_enc.c"
+#include "des/set_key.c"
+#include "des/str2key.c"
+#include "des/supp.c"
+#endif
+#endif
+#ifdef CRYPTO_DH_SUBSET
+#ifndef NO_DH
+#include "dh/dh_check.c"
+#include "dh/dh_err.c"
+#include "dh/dh_gen.c"
+#include "dh/dh_key.c"
+#include "dh/dh_lib.c"
+#endif
+#endif
+#ifdef CRYPTO_DSA_SUBSET
+#ifndef NO_DSA
+#include "dsa/dsa_gen.c"
+#include "dsa/dsa_key.c"
+#include "dsa/dsa_lib.c"
+#include "dsa/dsa_sign.c"
+#include "dsa/dsa_vrf.c"
+#include "dsa/dsa_err.c"
+#endif
+#endif
+#ifdef CRYPTO_ERROR_SUBSET
+#include "err/err.c"
+#include "err/err_all.c"
+#include "err/err_prn.c"
+#endif
+#ifdef CRYPTO_EVP_SUBSET
+#include "evp/bio_md.c"
+#include "evp/bio_b64.c"
+#include "evp/bio_enc.c"
+#include "evp/c_all.c"
+#include "evp/digest.c"
+#ifndef NO_DES
+#include "evp/e_cbc_3d.c"
+#include "evp/e_cfb_3d.c"
+#include "evp/e_ecb_3d.c"
+#include "evp/e_ofb_3d.c"
+#include "evp/e_cbc_d.c"
+#include "evp/e_cfb_d.c"
+#include "evp/e_xcbc_d.c"
+#include "evp/e_ecb_d.c"
+#include "evp/e_ofb_d.c"
+#endif
+#ifndef NO_IDEA
+#include "evp/e_cbc_i.c"
+#include "evp/e_cfb_i.c"
+#include "evp/e_ecb_i.c"
+#include "evp/e_ofb_i.c"
+#endif
+#ifndef NO_RC2
+#include "evp/e_cbc_r2.c"
+#include "evp/e_cfb_r2.c"
+#include "evp/e_ecb_r2.c"
+#include "evp/e_ofb_r2.c"
+#endif
+#ifndef NO_BLOWFISH
+#include "evp/e_cbc_bf.c"
+#include "evp/e_cfb_bf.c"
+#include "evp/e_ecb_bf.c"
+#include "evp/e_ofb_bf.c"
+#endif
+#ifndef NO_RC4
+#include "evp/e_rc4.c"
+#endif
+#include "evp/names.c"
+#include "evp/e_null.c"
+#include "evp/encode.c"
+#include "evp/evp_enc.c"
+#include "evp/evp_err.c"
+#include "evp/evp_key.c"
+#include "evp/m_null.c"
+#include "evp/p_lib.c"
+#ifndef NO_RSA
+#include "evp/p_open.c"
+#include "evp/p_seal.c"
+#endif
+#include "evp/p_sign.c"
+#include "evp/p_verify.c"
+#endif
+#ifdef CRYPTO_IDEA_SUBSET
+#ifndef NO_IDEA
+#include "idea/i_cbc.c"
+#include "idea/i_cfb64.c"
+#include "idea/i_ecb.c"
+#include "idea/i_ofb64.c"
+#include "idea/i_skey.c"
+#endif
+#endif
+#ifdef CRYPTO_BF_SUBSET
+#ifndef NO_BLOWFISH
+#include "bf/bf_cfb64.c"
+#include "bf/bf_ecb.c"
+#ifndef BF_ASM
+#include "bf/bf_enc.c"
+#endif
+#include "bf/bf_cbc.c"
+#include "bf/bf_ofb64.c"
+#include "bf/bf_skey.c"
+#endif
+#endif
+#ifdef CRYPTO_LHASH_SUBSET
+#include "lhash/lh_stats.c"
+#include "lhash/lhash.c"
+#endif
+#ifdef CRYPTO_MD_SUBSET
+#ifndef NO_MD2
+#include "md/md2_dgst.c"
+#include "md/md2_one.c"
+#include "evp/m_md2.c"
+#endif
+#ifndef NO_MD5
+#include "md/md5_dgst.c"
+#include "md/md5_one.c"
+#include "evp/m_md5.c"
+#endif
+#endif
+#ifdef CRYPTO_MDC2_SUBSET
+#ifndef NO_MDC2
+#include "mdc2/mdc2dgst.c"
+#include "mdc2/mdc2_one.c"
+#include "evp/m_mdc2.c"
+#endif
+#endif
+#ifdef CRYPTO_OBJECTS_SUBSET
+#include "objects/obj_dat.c"
+#include "objects/obj_err.c"
+#include "objects/obj_lib.c"
+#endif
+#ifdef CRYPTO_PEM_SUBSET
+#include "pem/pem_err.c"
+#include "pem/pem_info.c"
+#include "pem/pem_lib.c"
+#include "pem/pem_all.c"
+#ifndef NO_RSA
+#include "pem/pem_seal.c"
+#include "pem/pem_sign.c"
+#endif
+#endif
+#ifdef CRYPTO_RAND_SUBSET
+#include "rand/md_rand.c"
+#include "rand/randfile.c"
+#endif
+#ifdef CRYPTO_RC_SUBSET
+#ifndef NO_RC4
+#include "rc2/rc2_cbc.c"
+#include "rc2/rc2_ecb.c"
+#include "rc2/rc2_skey.c"
+#include "rc2/rc2cfb64.c"
+#include "rc2/rc2ofb64.c"
+#include "rc4/rc4_enc.c"
+#endif
+#endif
+#ifdef CRYPTO_RSA_SUBSET
+#ifndef NO_RSA
+#include "rsa/rsa_enc.c"
+#include "rsa/rsa_err.c"
+#include "rsa/rsa_gen.c"
+#include "rsa/rsa_lib.c"
+#include "rsa/rsa_sign.c"
+#include "rsa/rsa_saos.c"
+#endif
+#endif
+#ifdef CRYPTO_SHA1_SUBSET
+#ifndef NO_SHA1
+#include "sha/sha1_one.c"
+#include "sha/sha1dgst.c"
+#include "evp/m_dss1.c"
+#include "evp/m_sha1.c"
+#endif
+#endif
+#ifdef CRYPTO_SHA_SUBSET
+#ifndef NO_SHA
+#include "evp/m_dss.c"
+#include "sha/sha_dgst.c"
+#include "sha/sha_one.c"
+#include "evp/m_sha.c"
+#endif
+#endif
+#ifdef CRYPTO_STACK_SUBSET
+#include "stack/stack.c"
+#endif
+#ifdef CRYPTO_TXT_DB_SUBSET
+#include "txt_db/txt_db.c"
+#endif
+#ifdef CRYPTO_X509_SUBSET
+#include "x509/x509_cmp.c"
+#include "x509/x509_d2.c"
+#include "x509/x509_def.c"
+#include "x509/x509_err.c"
+#include "x509/x509_ext.c"
+#include "x509/x509_lu.c"
+#include "x509/x509_obj.c"
+#include "x509/x509_r2x.c"
+#include "x509/x509_req.c"
+#include "x509/x509_set.c"
+#include "x509/x509_v3.c"
+#include "x509/x509_vfy.c"
+#include "x509/x509name.c"
+#include "x509/x509pack.c"
+#include "x509/x509rset.c"
+#include "x509/x509type.c"
+#include "x509/x_all.c"
+#include "x509/x509_txt.c"
+#include "x509/by_dir.c"
+#include "x509/by_file.c"
+#include "x509/v3_net.c"
+#include "x509/v3_x509.c"
+#endif
+#endif
+#ifdef CRYPTO_PKCS7_SUBSET /* I have an excplicit removal of 7 lines */
+#include "pkcs7/pk7_lib.c"
+#include "pkcs7/pkcs7err.c"
+#endif
+
diff --git a/crypto/crypto.h b/crypto/crypto.h
new file mode 100644
index 0000000..fd7ff6a
--- /dev/null
+++ b/crypto/crypto.h
@@ -0,0 +1,247 @@
+/* crypto/crypto.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_CRYPTO_H
+#define HEADER_CRYPTO_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* This is more to be used to check the correct DLL is being used
+ * in the MS world. */
+#define SSLEAY_VERSION_NUMBER 0x0800 /* Version 0.5.1c would be 0513 */
+
+#define SSLEAY_VERSION 0
+/* #define SSLEAY_OPTIONS 1 no longer supported */
+#define SSLEAY_CFLAGS 2
+#define SSLEAY_BUILT_ON 3
+
+/* When changing the CRYPTO_LOCK_* list, be sure to maintin the text lock
+ * names in cryptlib.c
+ */
+
+#define CRYPTO_LOCK_ERR 1
+#define CRYPTO_LOCK_ERR_HASH 2
+#define CRYPTO_LOCK_X509 3
+#define CRYPTO_LOCK_X509_INFO 4
+#define CRYPTO_LOCK_X509_PKEY 5
+#define CRYPTO_LOCK_X509_CRL 6
+#define CRYPTO_LOCK_X509_REQ 7
+#define CRYPTO_LOCK_DSA 8
+#define CRYPTO_LOCK_RSA 9
+#define CRYPTO_LOCK_EVP_PKEY 10
+#define CRYPTO_LOCK_X509_STORE 11
+#define CRYPTO_LOCK_SSL_CTX 12
+#define CRYPTO_LOCK_SSL_CERT 13
+#define CRYPTO_LOCK_SSL_SESSION 14
+#define CRYPTO_LOCK_SSL 15
+#define CRYPTO_LOCK_RAND 16
+#define CRYPTO_LOCK_MALLOC 17
+#define CRYPTO_LOCK_BIO 18
+#define CRYPTO_LOCK_BIO_GETHOSTBYNAME 19
+#define CRYPTO_NUM_LOCKS 20
+
+#define CRYPTO_LOCK 1
+#define CRYPTO_UNLOCK 2
+#define CRYPTO_READ 4
+#define CRYPTO_WRITE 8
+
+/* The following stuff is not being used, it was not finished for
+ * SSLeay 0.6.0 */
+#ifndef CRYPTO_w_lock
+#define CRYPTO_w_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#define CRYPTO_w_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_WRITE,type,__FILE__,__LINE__)
+#define CRYPTO_r_lock(type) \
+ CRYPTO_lock(CRYPTO_LOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#define CRYPTO_r_unlock(type) \
+ CRYPTO_lock(CRYPTO_UNLOCK|CRYPTO_READ,type,__FILE__,__LINE__)
+#define CRYPTO_add(addr,amount,type) \
+ CRYPTO_add_lock(addr,amount,type,__FILE__,__LINE__)
+
+#endif
+
+/* The following can be used to detect memory leaks in the SSLeay library.
+ * It used, it turns on malloc checking */
+
+#define CRYPTO_MEM_CHECK_OFF 0x0
+#define CRYPTO_MEM_CHECK_ON 0x1
+
+/*
+typedef struct crypto_mem_st
+ {
+ char *(*malloc_func)();
+ char *(*realloc_func)();
+ void (*free_func)();
+ } CRYPTO_MEM_FUNC;
+*/
+
+
+/* Use this for win32 DLL's */
+#define CRYPTO_malloc_init() CRYPTO_set_mem_functions(\
+ (char *(*)())malloc,\
+ (char *(*)())realloc,\
+ (void (*)())free)
+
+#ifdef CRYPTO_MDEBUG
+#define Malloc(num) CRYPTO_dbg_malloc((int)num,__FILE__,__LINE__)
+#define Realloc(addr,num) \
+ CRYPTO_dbg_realloc((char *)addr,(int)num,__FILE__,__LINE__)
+#define Remalloc(addr,num) \
+ CRYPTO_dbg_remalloc((char **)addr,(int)num,__FILE__,__LINE__)
+#define FreeFunc CRYPTO_dbg_free
+#define Free(addr) CRYPTO_dbg_free((char *)(addr))
+#else
+#define Remalloc CRYPTO_remalloc
+#if defined(WIN32) || defined(MFUNC)
+#define Malloc CRYPTO_malloc
+#define Realloc(a,n) CRYPTO_realloc((char *)(a),(n))
+#define FreeFunc CRYPTO_free
+#define Free(addr) CRYPTO_free((char *)(addr))
+#else
+#define Malloc malloc
+#define Realloc realloc
+#define FreeFunc free
+#define Free(addr) free((char *)(addr))
+#endif /* WIN32 || MFUNC */
+#endif /* MDEBUG */
+
+#ifndef NOPROTO
+
+char *SSLeay_version(int type);
+unsigned long SSLeay(void);
+
+int CRYPTO_mem_ctrl(int mode);
+void CRYPTO_lock(int mode, int type,char *file,int line);
+void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
+ int line));
+void (*CRYPTO_get_locking_callback(void))(int mode,int type,char *file,
+ int line);
+void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,
+ int type,char *file, int line));
+int (*CRYPTO_get_add_lock_callback(void))(int *num,int mount,
+ int type,char *file,int line);
+void CRYPTO_set_id_callback(unsigned long (*func)(void));
+unsigned long (*CRYPTO_get_id_callback(void))(void);
+unsigned long CRYPTO_thread_id(void);
+char *CRYPTO_get_lock_name(int type);
+int CRYPTO_add_lock(int *pointer,int amount,int type, char *file,int line);
+
+void CRYPTO_set_mem_functions(char *(*m)(),char *(*r)(), void (*free_func)());
+void CRYPTO_get_mem_functions(char *(**m)(),char *(**r)(), void (**f)());
+
+char *CRYPTO_malloc(int num);
+char *CRYPTO_realloc(char *addr,int num);
+void CRYPTO_free(char *);
+char *CRYPTO_remalloc(char *addr,int num);
+
+char *CRYPTO_dbg_malloc(int num,char *file,int line);
+char *CRYPTO_dbg_realloc(char *addr,int num,char *file,int line);
+void CRYPTO_dbg_free(char *);
+char *CRYPTO_dbg_remalloc(char *addr,int num,char *file,int line);
+#ifndef WIN16
+void CRYPTO_mem_leaks_fp(FILE *);
+#endif
+#ifdef HEADER_BIO_H
+void CRYPTO_mem_leaks(BIO *);
+#endif
+/* unsigned long order, char *file, int line, int num_bytes, char *addr */
+void CRYPTO_mem_leaks_cb(void (*cb)());
+
+#else
+
+int CRYPTO_mem_ctrl();
+char *SSLeay_version();
+unsigned long SSLeay();
+
+void CRYPTO_lock();
+void CRYPTO_set_locking_callback();
+void (*CRYPTO_get_locking_callback())();
+void CRYPTO_set_add_lock_callback();
+int (*CRYPTO_get_add_lock_callback())();
+void CRYPTO_set_id_callback();
+unsigned long (*CRYPTO_get_id_callback())();
+unsigned long CRYPTO_thread_id();
+char *CRYPTO_get_lock_name();
+int CRYPTO_add_lock();
+
+void CRYPTO_set_mem_functions();
+void CRYPTO_get_mem_functions();
+char *CRYPTO_malloc();
+char *CRYPTO_realloc();
+void CRYPTO_free();
+char *CRYPTO_remalloc();
+char *CRYPTO_dbg_remalloc();
+char *CRYPTO_dbg_malloc();
+char *CRYPTO_dbg_realloc();
+void CRYPTO_dbg_free();
+#ifndef WIN16
+void CRYPTO_mem_leaks_fp();
+#endif
+void CRYPTO_mem_leaks();
+void CRYPTO_mem_leaks_cb();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/cversion.c b/crypto/cversion.c
new file mode 100644
index 0000000..d36496d
--- /dev/null
+++ b/crypto/cversion.c
@@ -0,0 +1,99 @@
+/* crypto/cversion.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "date.h"
+
+char *SSLeay_version(t)
+int t;
+ {
+ if (t == SSLEAY_VERSION)
+ return("SSLeay 0.8.1b 29-Jun-1998");
+ if (t == SSLEAY_BUILT_ON)
+ {
+#ifdef DATE
+ static char buf[sizeof(DATE)+10];
+
+ sprintf(buf,"built on %s",DATE);
+ return(buf);
+#else
+ return("build date not available");
+#endif
+ }
+ if (t == SSLEAY_CFLAGS)
+ {
+#ifdef CFLAGS
+ static char buf[sizeof(CFLAGS)+10];
+
+ sprintf(buf,"C flags:%s",CFLAGS);
+ return(buf);
+#else
+ return("C flags not available");
+#endif
+ }
+ return("not available");
+ }
+
+unsigned long SSLeay()
+ {
+ return(SSLEAY_VERSION_NUMBER);
+ }
+
diff --git a/crypto/date.h b/crypto/date.h
new file mode 100644
index 0000000..ac96ada
--- /dev/null
+++ b/crypto/date.h
@@ -0,0 +1 @@
+#define DATE "Sat Jul 19 04:59:06 EST 1997"
diff --git a/crypto/des/COPYRIGHT b/crypto/des/COPYRIGHT
new file mode 100644
index 0000000..5469e1e
--- /dev/null
+++ b/crypto/des/COPYRIGHT
@@ -0,0 +1,50 @@
+Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+All rights reserved.
+
+This package is an DES implementation written by Eric Young (eay@cryptsoft.com).
+The implementation was written so as to conform with MIT's libdes.
+
+This library is free for commercial and non-commercial use as long as
+the following conditions are aheared to. The following conditions
+apply to all code found in this distribution.
+
+Copyright remains Eric Young's, and as such any Copyright notices in
+the code are not to be removed.
+If this package is used in a product, Eric Young should be given attribution
+as the author of that the SSL library. This can be in the form of a textual
+message at program startup or in documentation (online or textual) provided
+with the package.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions
+are met:
+1. Redistributions of source code must retain the copyright
+ notice, this list of conditions and the following disclaimer.
+2. Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in the
+ documentation and/or other materials provided with the distribution.
+3. All advertising materials mentioning features or use of this software
+ must display the following acknowledgement:
+ This product includes software developed by Eric Young (eay@cryptsoft.com)
+
+THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGE.
+
+The license and distribution terms for any publically available version or
+derivative of this code cannot be changed. i.e. this code cannot simply be
+copied and put under another distrubution license
+[including the GNU Public License.]
+
+The reason behind this being stated in this direct manner is past
+experience in code simply being copied and the attribution removed
+from it and then being distributed as part of other packages. This
+implementation was a non-trivial and unpaid effort.
diff --git a/crypto/des/DES.pm b/crypto/des/DES.pm
new file mode 100644
index 0000000..6a175b6
--- /dev/null
+++ b/crypto/des/DES.pm
@@ -0,0 +1,19 @@
+package DES;
+
+require Exporter;
+require DynaLoader;
+@ISA = qw(Exporter DynaLoader);
+# Items to export into callers namespace by default
+# (move infrequently used names to @EXPORT_OK below)
+@EXPORT = qw(
+);
+# Other items we are prepared to export if requested
+@EXPORT_OK = qw(
+crypt
+);
+
+# Preloaded methods go here. Autoload methods go after __END__, and are
+# processed by the autosplit program.
+bootstrap DES;
+1;
+__END__
diff --git a/crypto/des/DES.pod b/crypto/des/DES.pod
new file mode 100644
index 0000000..8a739e7
--- /dev/null
+++ b/crypto/des/DES.pod
@@ -0,0 +1,16 @@
+crypt <= crypt(buf,salt)
+key <= set_odd_parity(key)
+int <= is_weak_key(key)
+keysched<= set_key(key)
+key <= ecb_encrypt(string8,ks,enc)
+key <= ecb3_encrypt(input,ks1,ks2,enc)
+string <= cbc_encrypt(input,ks,ivec,enc) => ivec
+string <= cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,enc) => ivec1&ivec2
+ck1,ck2 <= cbc_cksum(input,ks,ivec) => ivec
+string <= pcbc_encrypt(input,ks,ivec,enc) => ivec
+string <= ofb_encrypt(input,numbits,ks,ivec) => ivec
+string <= cfb_encrypt(input,numbits,ks,ivec,enc) => ivec
+key <= random_key()
+key <= string_to_key(string)
+key1,key2<= string_to_2keys(string)
+
diff --git a/crypto/des/DES.xs b/crypto/des/DES.xs
new file mode 100644
index 0000000..b8050b9
--- /dev/null
+++ b/crypto/des/DES.xs
@@ -0,0 +1,268 @@
+#include "EXTERN.h"
+#include "perl.h"
+#include "XSUB.h"
+#include "des.h"
+
+#define deschar char
+static STRLEN len;
+
+static int
+not_here(s)
+char *s;
+{
+ croak("%s not implemented on this architecture", s);
+ return -1;
+}
+
+MODULE = DES PACKAGE = DES PREFIX = des_
+
+char *
+des_crypt(buf,salt)
+ char * buf
+ char * salt
+
+void
+des_set_odd_parity(key)
+ des_cblock * key
+PPCODE:
+ {
+ SV *s;
+
+ s=sv_newmortal();
+ sv_setpvn(s,(char *)key,8);
+ des_set_odd_parity((des_cblock *)SvPV(s,na));
+ PUSHs(s);
+ }
+
+int
+des_is_weak_key(key)
+ des_cblock * key
+
+des_key_schedule
+des_set_key(key)
+ des_cblock * key
+CODE:
+ des_set_key(key,RETVAL);
+OUTPUT:
+RETVAL
+
+des_cblock
+des_ecb_encrypt(input,ks,encrypt)
+ des_cblock * input
+ des_key_schedule * ks
+ int encrypt
+CODE:
+ des_ecb_encrypt(input,&RETVAL,*ks,encrypt);
+OUTPUT:
+RETVAL
+
+void
+des_cbc_encrypt(input,ks,ivec,encrypt)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ char *c;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_cbc_encrypt((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec,encrypt);
+ sv_setpvn(ST(2),(char *)c[len-8],8);
+ PUSHs(s);
+ }
+
+void
+des_cbc3_encrypt(input,ks1,ks2,ivec1,ivec2,encrypt)
+ char * input
+ des_key_schedule * ks1
+ des_key_schedule * ks2
+ des_cblock * ivec1
+ des_cblock * ivec2
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ des_3cbc_encrypt((des_cblock *)input,(des_cblock *)SvPV(s,na),
+ l,*ks1,*ks2,ivec1,ivec2,encrypt);
+ sv_setpvn(ST(3),(char *)ivec1,8);
+ sv_setpvn(ST(4),(char *)ivec2,8);
+ PUSHs(s);
+ }
+
+void
+des_cbc_cksum(input,ks,ivec)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+PPCODE:
+ {
+ SV *s1,*s2;
+ STRLEN len,l;
+ des_cblock c;
+ unsigned long i1,i2;
+
+ s1=sv_newmortal();
+ s2=sv_newmortal();
+ l=SvCUR(ST(0));
+ des_cbc_cksum((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec);
+ i1=c[4]|(c[5]<<8)|(c[6]<<16)|(c[7]<<24);
+ i2=c[0]|(c[1]<<8)|(c[2]<<16)|(c[3]<<24);
+ sv_setiv(s1,i1);
+ sv_setiv(s2,i2);
+ sv_setpvn(ST(2),(char *)c,8);
+ PUSHs(s1);
+ PUSHs(s2);
+ }
+
+void
+des_cfb_encrypt(input,numbits,ks,ivec,encrypt)
+ char * input
+ int numbits
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len;
+ char *c;
+
+ len=SvCUR(ST(0));
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_cfb_encrypt((unsigned char *)input,(unsigned char *)c,
+ (int)numbits,(long)len,*ks,ivec,encrypt);
+ sv_setpvn(ST(3),(char *)ivec,8);
+ PUSHs(s);
+ }
+
+des_cblock *
+des_ecb3_encrypt(input,ks1,ks2,encrypt)
+ des_cblock * input
+ des_key_schedule * ks1
+ des_key_schedule * ks2
+ int encrypt
+CODE:
+ {
+ des_cblock c;
+
+ des_ecb3_encrypt((des_cblock *)input,(des_cblock *)&c,
+ *ks1,*ks2,encrypt);
+ RETVAL= &c;
+ }
+OUTPUT:
+RETVAL
+
+void
+des_ofb_encrypt(input,numbits,ks,ivec)
+ unsigned char * input
+ int numbits
+ des_key_schedule * ks
+ des_cblock * ivec
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ unsigned char *c;
+
+ len=SvCUR(ST(0));
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(unsigned char *)SvPV(s,na);
+ des_ofb_encrypt((unsigned char *)input,(unsigned char *)c,
+ numbits,len,*ks,ivec);
+ sv_setpvn(ST(3),(char *)ivec,8);
+ PUSHs(s);
+ }
+
+void
+des_pcbc_encrypt(input,ks,ivec,encrypt)
+ char * input
+ des_key_schedule * ks
+ des_cblock * ivec
+ int encrypt
+PPCODE:
+ {
+ SV *s;
+ STRLEN len,l;
+ char *c;
+
+ l=SvCUR(ST(0));
+ len=((((unsigned long)l)+7)/8)*8;
+ s=sv_newmortal();
+ sv_setpvn(s,"",0);
+ SvGROW(s,len);
+ SvCUR_set(s,len);
+ c=(char *)SvPV(s,na);
+ des_pcbc_encrypt((des_cblock *)input,(des_cblock *)c,
+ l,*ks,ivec,encrypt);
+ sv_setpvn(ST(2),(char *)c[len-8],8);
+ PUSHs(s);
+ }
+
+des_cblock *
+des_random_key()
+CODE:
+ {
+ des_cblock c;
+
+ des_random_key(c);
+ RETVAL=&c;
+ }
+OUTPUT:
+RETVAL
+
+des_cblock *
+des_string_to_key(str)
+char * str
+CODE:
+ {
+ des_cblock c;
+
+ des_string_to_key(str,&c);
+ RETVAL=&c;
+ }
+OUTPUT:
+RETVAL
+
+void
+des_string_to_2keys(str)
+char * str
+PPCODE:
+ {
+ des_cblock c1,c2;
+ SV *s1,*s2;
+
+ des_string_to_2keys(str,&c1,&c2);
+ EXTEND(sp,2);
+ s1=sv_newmortal();
+ sv_setpvn(s1,(char *)c1,8);
+ s2=sv_newmortal();
+ sv_setpvn(s2,(char *)c2,8);
+ PUSHs(s1);
+ PUSHs(s2);
+ }
diff --git a/crypto/des/FILES b/crypto/des/FILES
new file mode 100644
index 0000000..4c7ea2d
--- /dev/null
+++ b/crypto/des/FILES
@@ -0,0 +1,96 @@
+/* General stuff */
+COPYRIGHT - Copyright info.
+MODES.DES - A description of the features of the different modes of DES.
+FILES - This file.
+INSTALL - How to make things compile.
+Imakefile - For use with kerberos.
+README - What this package is.
+VERSION - Which version this is and what was changed.
+KERBEROS - Kerberos version 4 notes.
+Makefile.PL - An old makefile to build with perl5, not current.
+Makefile.ssl - The SSLeay makefile
+Makefile.uni - The normal unix makefile.
+GNUmakefile - The makefile for use with glibc.
+makefile.bc - A Borland C makefile
+times - Some outputs from 'speed' on some machines.
+vms.com - For use when compiling under VMS
+
+/* My SunOS des(1) replacement */
+des.c - des(1) source code.
+des.man - des(1) manual.
+
+/* Testing and timing programs. */
+destest.c - Source for libdes.a test program.
+speed.c - Source for libdes.a timing program.
+rpw.c - Source for libdes.a testing password reading routines.
+
+/* libdes.a source code */
+des_crypt.man - libdes.a manual page.
+des.h - Public libdes.a header file.
+ecb_enc.c - des_ecb_encrypt() source, this contains the basic DES code.
+ecb3_enc.c - des_ecb3_encrypt() source.
+cbc_ckm.c - des_cbc_cksum() source.
+cbc_enc.c - des_cbc_encrypt() source.
+ncbc_enc.c - des_cbc_encrypt() that is 'normal' in that it copies
+ the new iv values back in the passed iv vector.
+ede_enc.c - des_ede3_cbc_encrypt() cbc mode des using triple DES.
+cbc3_enc.c - des_3cbc_encrypt() source, don't use this function.
+cfb_enc.c - des_cfb_encrypt() source.
+cfb64enc.c - des_cfb64_encrypt() cfb in 64 bit mode but setup to be
+ used as a stream cipher.
+cfb64ede.c - des_ede3_cfb64_encrypt() cfb in 64 bit mode but setup to be
+ used as a stream cipher and using triple DES.
+ofb_enc.c - des_cfb_encrypt() source.
+ofb64_enc.c - des_ofb_encrypt() ofb in 64 bit mode but setup to be
+ used as a stream cipher.
+ofb64ede.c - des_ede3_ofb64_encrypt() ofb in 64 bit mode but setup to be
+ used as a stream cipher and using triple DES.
+enc_read.c - des_enc_read() source.
+enc_writ.c - des_enc_write() source.
+pcbc_enc.c - des_pcbc_encrypt() source.
+qud_cksm.c - quad_cksum() source.
+rand_key.c - des_random_key() source.
+read_pwd.c - Source for des_read_password() plus related functions.
+set_key.c - Source for des_set_key().
+str2key.c - Covert a string of any length into a key.
+fcrypt.c - A small, fast version of crypt(3).
+des_locl.h - Internal libdes.a header file.
+podd.h - Odd parity tables - used in des_set_key().
+sk.h - Lookup tables used in des_set_key().
+spr.h - What is left of the S tables - used in ecb_encrypt().
+des_ver.h - header file for the external definition of the
+ version string.
+des.doc - SSLeay documentation for the library.
+
+/* The perl scripts - you can ignore these files they are only
+ * included for the curious */
+des.pl - des in perl anyone? des_set_key and des_ecb_encrypt
+ both done in a perl library.
+testdes.pl - Testing program for des.pl
+doIP - Perl script used to develop IP xor/shift code.
+doPC1 - Perl script used to develop PC1 xor/shift code.
+doPC2 - Generates sk.h.
+PC1 - Output of doPC1 should be the same as output from PC1.
+PC2 - used in development of doPC2.
+shifts.pl - Perl library used by my perl scripts.
+
+/* I started making a perl5 dynamic library for libdes
+ * but did not fully finish, these files are part of that effort. */
+DES.pm
+DES.pod
+DES.xs
+t
+typemap
+
+/* The following are for use with sun RPC implementaions. */
+rpc_des.h
+rpc_enc.c
+
+/* The following are contibuted by Mark Murray <mark@grondar.za>. They
+ * are not normally built into libdes due to machine specific routines
+ * contained in them. They are for use in the most recent incarnation of
+ * export kerberos v 4 (eBones). */
+supp.c
+new_rkey.c
+
+
diff --git a/crypto/des/INSTALL b/crypto/des/INSTALL
new file mode 100644
index 0000000..3b8dae6
--- /dev/null
+++ b/crypto/des/INSTALL
@@ -0,0 +1,69 @@
+Check the CC and CFLAGS lines in the makefile
+
+If your C library does not support the times(3) function, change the
+#define TIMES to
+#undef TIMES in speed.c
+If it does, check the HZ value for the times(3) function.
+If your system does not define CLK_TCK it will be assumed to
+be 100.0.
+
+If possible use gcc v 2.7.?
+Turn on the maximum optimising (normally '-O3 -fomit-frame-pointer' for gcc)
+In recent times, some system compilers give better performace.
+
+type 'make'
+
+run './destest' to check things are ok.
+run './rpw' to check the tty code for reading passwords works.
+run './speed' to see how fast those optimisations make the library run :-)
+run './des_opts' to determin the best compile time options.
+
+The output from des_opts should be put in the makefile options and des_enc.c
+should be rebuilt. For 64 bit computers, do not use the DES_PTR option.
+For the DEC Alpha, edit des.h and change DES_LONG to 'unsigned int'
+and then you can use the 'DES_PTR' option.
+
+The file options.txt has the options listed for best speed on quite a
+few systems. Look and the options (UNROLL, PTR, RISC2 etc) and then
+turn on the relevent option in the Makefile
+
+There are some special Makefile targets that make life easier.
+make cc - standard cc build
+make gcc - standard gcc build
+make x86-elf - x86 assember (elf), linux-elf.
+make x86-out - x86 assember (a.out), FreeBSD
+make x86-solaris- x86 assember
+make x86-bsdi - x86 assember (a.out with primative assember).
+
+If at all possible use the assember (for Windows NT/95, use
+asm/win32.obj to link with). The x86 assember is very very fast.
+
+A make install will by default install
+libdes.a in /usr/local/lib/libdes.a
+des in /usr/local/bin/des
+des_crypt.man in /usr/local/man/man3/des_crypt.3
+des.man in /usr/local/man/man1/des.1
+des.h in /usr/include/des.h
+
+des(1) should be compatible with sunOS's but I have been unable to
+test it.
+
+These routines should compile on MSDOS, most 32bit and 64bit version
+of Unix (BSD and SYSV) and VMS, without modification.
+The only problems should be #include files that are in the wrong places.
+
+These routines can be compiled under MSDOS.
+I have successfully encrypted files using des(1) under MSDOS and then
+decrypted the files on a SparcStation.
+I have been able to compile and test the routines with
+Microsoft C v 5.1 and Turbo C v 2.0.
+The code in this library is in no way optimised for the 16bit
+operation of MSDOS.
+
+When building for glibc, ignore all of the above and just unpack into
+glibc-1.??/des and then gmake as per normal.
+
+As a final note on performace. Certain CPUs like sparcs and Alpha often give
+a %10 speed difference depending on the link order. It is rather anoying
+when one program reports 'x' DES encrypts a second and another reports
+'x*0.9' the speed.
diff --git a/crypto/des/Imakefile b/crypto/des/Imakefile
new file mode 100644
index 0000000..1b9b562
--- /dev/null
+++ b/crypto/des/Imakefile
@@ -0,0 +1,35 @@
+# This Imakefile has not been tested for a while but it should still
+# work when placed in the correct directory in the kerberos v 4 distribution
+
+SRCS= cbc_cksm.c cbc_enc.c ecb_enc.c pcbc_enc.c \
+ qud_cksm.c rand_key.c read_pwd.c set_key.c str2key.c \
+ enc_read.c enc_writ.c fcrypt.c cfb_enc.c \
+ ecb3_enc.c ofb_enc.c ofb64enc.c
+
+OBJS= cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+ qud_cksm.o rand_key.o read_pwd.o set_key.o str2key.o \
+ enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+ ecb3_enc.o ofb_enc.o ofb64enc.o
+
+GENERAL=COPYRIGHT FILES INSTALL Imakefile README VERSION makefile times \
+ vms.com KERBEROS
+DES= des.c des.man
+TESTING=destest.c speed.c rpw.c
+LIBDES= des_crypt.man des.h des_locl.h podd.h sk.h spr.h
+
+PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+CODE= $(GENERAL) $(DES) $(TESTING) $(SRCS) $(LIBDES) $(PERL)
+
+SRCDIR=$(SRCTOP)/lib/des
+
+DBG= -O
+INCLUDE= -I$(SRCDIR)
+CC= cc
+
+library_obj_rule()
+
+install_library_target(des,$(OBJS),$(SRCS),)
+
+test(destest,libdes.a,)
+test(rpw,libdes.a,)
diff --git a/crypto/des/KERBEROS b/crypto/des/KERBEROS
new file mode 100644
index 0000000..f401b10
--- /dev/null
+++ b/crypto/des/KERBEROS
@@ -0,0 +1,41 @@
+ [ This is an old file, I don't know if it is true anymore
+ but I will leave the file here - eay 21/11/95 ]
+
+To use this library with Bones (kerberos without DES):
+1) Get my modified Bones - eBones. It can be found on
+ gondwana.ecr.mu.oz.au (128.250.1.63) /pub/athena/eBones-p9.tar.Z
+ and
+ nic.funet.fi (128.214.6.100) /pub/unix/security/Kerberos/eBones-p9.tar.Z
+
+2) Unpack this library in src/lib/des, makeing sure it is version
+ 3.00 or greater (libdes.tar.93-10-07.Z). This versions differences
+ from the version in comp.sources.misc volume 29 patchlevel2.
+ The primarily difference is that it should compile under kerberos :-).
+ It can be found at.
+ ftp.psy.uq.oz.au (130.102.32.1) /pub/DES/libdes.tar.93-10-07.Z
+
+Now do a normal kerberos build and things should work.
+
+One problem I found when I was build on my local sun.
+---
+For sunOS 4.1.1 apply the following patch to src/util/ss/make_commands.c
+
+*** make_commands.c.orig Fri Jul 3 04:18:35 1987
+--- make_commands.c Wed May 20 08:47:42 1992
+***************
+*** 98,104 ****
+ if (!rename(o_file, z_file)) {
+ if (!vfork()) {
+ chdir("/tmp");
+! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r", "-n",
+ z_file+5, 0);
+ perror("/bin/ld");
+ _exit(1);
+--- 98,104 ----
+ if (!rename(o_file, z_file)) {
+ if (!vfork()) {
+ chdir("/tmp");
+! execl("/bin/ld", "ld", "-o", o_file+5, "-s", "-r",
+ z_file+5, 0);
+ perror("/bin/ld");
+ _exit(1);
diff --git a/crypto/des/MODES.DES b/crypto/des/MODES.DES
new file mode 100644
index 0000000..0cbc44f
--- /dev/null
+++ b/crypto/des/MODES.DES
@@ -0,0 +1,84 @@
+Modes of DES
+Quite a bit of the following information has been taken from
+ AS 2805.5.2
+ Australian Standard
+ Electronic funds transfer - Requirements for interfaces,
+ Part 5.2: Modes of operation for an n-bit block cipher algorithm
+ Appendix A
+
+There are several different modes in which DES can be used, they are
+as follows.
+
+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
+- 64 bits are enciphered at a time.
+- The order of the blocks can be rearranged without detection.
+- The same plaintext block always produces the same ciphertext block
+ (for the same key) making it vulnerable to a 'dictionary attack'.
+- An error will only affect one ciphertext block.
+
+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
+- a multiple of 64 bits are enciphered at a time.
+- The CBC mode produces the same ciphertext whenever the same
+ plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext blocks dependent on the
+ current and all preceding plaintext blocks and therefore blocks can not
+ be rearranged.
+- The use of different starting variables prevents the same plaintext
+ enciphering to the same ciphertext.
+- An error will affect the current and the following ciphertext blocks.
+
+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The CFB mode produces the same ciphertext whenever the same
+ plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext variables dependent on the
+ current and all preceding variables and therefore j-bit variables are
+ chained together and con not be rearranged.
+- The use of different starting variables prevents the same plaintext
+ enciphering to the same ciphertext.
+- The strength of the CFB mode depends on the size of k (maximal if
+ j == k). In my implementation this is always the case.
+- Selection of a small value for j will require more cycles through
+ the encipherment algorithm per unit of plaintext and thus cause
+ greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- An error will affect the current and the following ciphertext variables.
+
+Output Feedback Mode (OFB) (des_ofb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The OFB mode produces the same ciphertext whenever the same
+ plaintext enciphered using the same key and starting variable. More
+ over, in the OFB mode the same key stream is produced when the same
+ key and start variable are used. Consequently, for security reasons
+ a specific start variable should be used only once for a given key.
+- The absence of chaining makes the OFB more vulnerable to specific attacks.
+- The use of different start variables values prevents the same
+ plaintext enciphering to the same ciphertext, by producing different
+ key streams.
+- Selection of a small value for j will require more cycles through
+ the encipherment algorithm per unit of plaintext and thus cause
+ greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- OFB mode of operation does not extend ciphertext errors in the
+ resultant plaintext output. Every bit error in the ciphertext causes
+ only one bit to be in error in the deciphered plaintext.
+- OFB mode is not self-synchronising. If the two operation of
+ encipherment and decipherment get out of synchronism, the system needs
+ to be re-initialised.
+- Each re-initialisation should use a value of the start variable
+different from the start variable values used before with the same
+key. The reason for this is that an identical bit stream would be
+produced each time from the same parameters. This would be
+susceptible to a 'known plaintext' attack.
+
+Triple ECB Mode (des_ecb3_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
+- As for ECB encryption but increases the effective key length to 112 bits.
+- If both keys are the same it is equivalent to encrypting once with
+ just one key.
+
+Triple CBC Mode (des_3cbc_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key1 again.
+- As for CBC encryption but increases the effective key length to 112 bits.
+- If both keys are the same it is equivalent to encrypting once with
+ just one key.
diff --git a/crypto/des/Makefile.PL b/crypto/des/Makefile.PL
new file mode 100644
index 0000000..b54a243
--- /dev/null
+++ b/crypto/des/Makefile.PL
@@ -0,0 +1,14 @@
+use ExtUtils::MakeMaker;
+# See lib/ExtUtils/MakeMaker.pm for details of how to influence
+# the contents of the Makefile being created.
+&writeMakefile(
+ 'potential_libs' => '', # e.g., '-lm'
+ 'INC' => '', # e.g., '-I/usr/include/other'
+ 'DISTNAME' => 'DES',
+ 'VERSION' => '0.1',
+ 'DEFINE' => '-DPERL5',
+ 'OBJECT' => 'DES.o cbc_cksm.o cbc_enc.o ecb_enc.o pcbc_enc.o \
+ rand_key.o set_key.o str2key.o \
+ enc_read.o enc_writ.o fcrypt.o cfb_enc.o \
+ ecb3_enc.o ofb_enc.o cbc3_enc.o des_enc.o',
+ );
diff --git a/crypto/des/Makefile.lit b/crypto/des/Makefile.lit
new file mode 100644
index 0000000..cfd1b40
--- /dev/null
+++ b/crypto/des/Makefile.lit
@@ -0,0 +1,249 @@
+# You must select the correct terminal control system to be used to
+# turn character echo off when reading passwords. There a 5 systems
+# SGTTY - the old BSD system
+# TERMIO - most system V boxes
+# TERMIOS - SGI (ala IRIX).
+# VMS - the DEC operating system
+# MSDOS - we all know what it is :-)
+# read_pwd.c makes a reasonable guess at what is correct.
+
+# Targets
+# make - twidle the options yourself :-)
+# make cc - standard cc options
+# make gcc - standard gcc options
+# make x86-elf - linux-elf etc
+# make x86-out - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# If you are on a DEC Alpha, edit des.h and change the DES_LONG
+# define to 'unsigned int'. I have seen this give a %20 speedup.
+
+OPTS0= -DLIBDES_LIT -DRAND -DTERMIO #-DNOCONST
+
+# Version 1.94 has changed the strings_to_key function so that it is
+# now compatible with MITs when the string is longer than 8 characters.
+# If you wish to keep the old version, uncomment the following line.
+# This will affect the -E/-D options on des(1).
+#OPTS1= -DOLD_STR_TO_KEY
+
+# There are 4 possible performance options
+# -DDES_PTR
+# -DDES_RISC1
+# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
+# -DDES_UNROLL
+# after the initial build, run 'des_opts' to see which options are best
+# for your platform. There are some listed in options.txt
+#OPTS2= -DDES_PTR
+#OPTS3= -DDES_RISC1 # or DES_RISC2
+#OPTS4= -DDES_UNROLL
+
+OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of des_encrypt*().
+DES_ENC=des_enc.o fcrypt_b.o # normal C version
+#DES_ENC=asm/dx86-elf.o asm/cx86-elf.o # elf format x86
+#DES_ENC=asm/dx86-out.o asm/cx86-out.o # a.out format x86
+#DES_ENC=asm/dx86-sol.o asm/cx86-sol.o # solaris format x86
+#DES_ENC=asm/dx86bsdi.o asm/cx86basi.o # bsdi format x86
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+OBJ_LIT=ede_enc.o cbc_enc.o ncbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+ xcbc_enc.o qud_cksm.o \
+ cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
+ enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o \
+ rand_key.o read_pwd.o read2pwd.o rpc_enc.o str2key.o supp.o
+
+GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
+ des.doc options.txt asm
+GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
+ GNUmakefile des.man DES.pm DES.pod DES.xs Makefile.PL \
+ Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
+ des.org des_locl.org
+TESTING_LIT= destest speed des_opts
+TESTING_FULL= destest speed des_opts $(TESTING_LIT)
+TESTING_SRC_LIT=destest.c speed.c des_opts.c
+TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
+HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
+HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
+LIBDES_LIT=ede_enc.c cbc_enc.c ncbc_enc.c ecb_enc.c fcrypt.c set_key.c \
+ des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
+ cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c cbc3_enc.c \
+ enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c \
+ rand_key.c rpc_enc.c str2key.c supp.c \
+ xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
+
+PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+OBJ= $(OBJ_LIT)
+GENERAL=$(GENERAL_LIT)
+TESTING=$(TESTING_LIT)
+TESTING_SRC=$(TESTING_SRC_LIT)
+HEADERS=$(HEADERS_LIT)
+LIBDES= $(LIBDES_LIT)
+
+ALL= $(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
+
+DLIB= libdes.a
+
+all: $(DLIB) $(TESTING)
+
+cc:
+ $(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+ $(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+ $(MAKE) DES_ENC='asm/dx86-elf.o asm/cx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+ $(MAKE) DES_ENC='asm/dx86-out.o asm/cx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+ $(MAKE) DES_ENC='asm/dx86-sol.o asm/cx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+ $(MAKE) DES_ENC='asm/dx86bsdi.o asm/cx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
+
+asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DELF asm/cx86unix.cpp | $(AS) -o asm/cx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+ as -o asm/dx86-sol.o asm/dx86-sol.s
+ rm -f asm/dx86-sol.s
+
+asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+ as -o asm/cx86-sol.o asm/cx86-sol.s
+ rm -f asm/cx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
+
+asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DOUT asm/cx86unix.cpp | $(AS) -o asm/cx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
+
+asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DBSDI asm/cx86unix.cpp | $(AS) -o asm/cx86bsdi.o
+
+test: all
+ ./destest
+
+$(DLIB): $(OBJ)
+ /bin/rm -f $(DLIB)
+ ar cr $(DLIB) $(OBJ)
+ -if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
+ else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
+ else exit 0; fi; fi
+
+des_opts: des_opts.o $(DLIB)
+ $(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
+
+destest: destest.o $(DLIB)
+ $(CC) $(CFLAGS) -o destest destest.o $(DLIB)
+
+rpw: rpw.o $(DLIB)
+ $(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
+
+speed: speed.o $(DLIB)
+ $(CC) $(CFLAGS) -o speed speed.o $(DLIB)
+
+des: des.o $(DLIB)
+ $(CC) $(CFLAGS) -o des des.o $(DLIB)
+
+tags:
+ ctags $(TESTING_SRC) $(LIBDES)
+
+tar_lit:
+ /bin/mv Makefile Makefile.tmp
+ /bin/cp Makefile.lit Makefile
+ tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
+ $(GENERAL_LIT) $(TESTING_SRC_LIT)
+ /bin/rm -f Makefile
+ /bin/mv Makefile.tmp Makefile
+
+tar:
+ tar chf libdes.tar $(ALL)
+
+shar:
+ shar $(ALL) >libdes.shar
+
+depend:
+ makedepend $(LIBDES) $(TESTING_SRC)
+
+clean:
+ /bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o
+
+dclean:
+ sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+ mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(DLIB) des
+ if test $(INSTALLTOP); then \
+ echo SSL style install; \
+ cp $(DLIB) $(INSTALLTOP)/lib; \
+ if test -s /bin/ranlib; then \
+ /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+ else \
+ if test -s /usr/bin/ranlib; then \
+ /usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+ fi; fi; \
+ chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
+ cp des.h $(INSTALLTOP)/include; \
+ chmod 644 $(INSTALLTOP)/include/des.h; \
+ cp des $(INSTALLTOP)/bin; \
+ chmod 755 $(INSTALLTOP)/bin/des; \
+ else \
+ echo Standalone install; \
+ cp $(DLIB) $(LIBDIR)/$(DLIB); \
+ if test -s /bin/ranlib; then \
+ /bin/ranlib $(LIBDIR)/$(DLIB); \
+ else \
+ if test -s /usr/bin/ranlib; then \
+ /usr/bin/ranlib $(LIBDIR)/$(DLIB); \
+ fi; \
+ fi; \
+ chmod 644 $(LIBDIR)/$(DLIB); \
+ cp des $(BINDIR)/des; \
+ chmod 711 $(BINDIR)/des; \
+ cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+ chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+ cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+ chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+ cp des.h $(INCDIR)/des.h; \
+ chmod 644 $(INCDIR)/des.h; \
+ fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/des/Makefile.ssl b/crypto/des/Makefile.ssl
new file mode 100644
index 0000000..51bfe7c
--- /dev/null
+++ b/crypto/des/Makefile.ssl
@@ -0,0 +1,135 @@
+#
+# SSLeay/crypto/des/Makefile
+#
+
+DIR= des
+TOP= ../..
+CC= cc
+CPP= $(CC) -E
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+DES_ENC= des_enc.o fcrypt_b.o
+# or use
+#DES_ENC= dx86-elf.o cx86-elf.o
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile des.org des_locl.org
+TEST=destest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= cbc3_enc.c cbc_cksm.c cbc_enc.c cfb64enc.c cfb_enc.c \
+ ecb3_enc.c ecb_enc.c ede_enc.c enc_read.c enc_writ.c \
+ fcrypt.c ncbc_enc.c ofb64enc.c ofb_enc.c pcbc_enc.c \
+ qud_cksm.c rand_key.c read_pwd.c rpc_enc.c set_key.c \
+ des_enc.c fcrypt_b.c read2pwd.c \
+ fcrypt.c xcbc_enc.c \
+ str2key.c cfb64ede.c ofb64ede.c supp.c
+
+LIBOBJ= set_key.o ecb_enc.o ede_enc.o cbc_enc.o cbc3_enc.o \
+ ecb3_enc.o cfb64enc.o cfb64ede.o cfb_enc.o ofb64ede.o \
+ enc_read.o enc_writ.o ncbc_enc.o ofb64enc.o \
+ ofb_enc.o str2key.o pcbc_enc.o qud_cksm.o rand_key.o \
+ ${DES_ENC} read2pwd.o \
+ fcrypt.o xcbc_enc.o read_pwd.o rpc_enc.o cbc_cksm.o supp.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= des.h
+HEADER= des_locl.h rpc_des.h podd.h sk.h spr.h des_ver.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+# elf
+asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+
+asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DELF asm/cx86unix.cpp | as -o asm/cx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+ as -o asm/dx86-sol.o asm/dx86-sol.s
+ rm -f asm/dx86-sol.s
+
+asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+ as -o asm/cx86-sol.o asm/cx86-sol.s
+ rm -f asm/cx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+
+asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DOUT asm/cx86unix.cpp | as -o asm/cx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+
+asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DBSDI asm/cx86unix.cpp | as -o asm/cx86bsdi.o
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile
+ /bin/rm -f des.doc
+ $(TOP)/util/point.sh ../../doc/des.doc des.doc
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+ /bin/rm -f asm/x86ms.pl asm/x86unix.pl
+ $(TOP)/util/point.sh ../../perlasm/x86ms.pl asm/x86ms.pl
+ $(TOP)/util/point.sh ../../perlasm/x86unix.pl asm/x86unix.pl
+
+install: installs
+
+installs:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o asm/*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/des/Makefile.uni b/crypto/des/Makefile.uni
new file mode 100644
index 0000000..4e29805
--- /dev/null
+++ b/crypto/des/Makefile.uni
@@ -0,0 +1,249 @@
+# You must select the correct terminal control system to be used to
+# turn character echo off when reading passwords. There a 5 systems
+# SGTTY - the old BSD system
+# TERMIO - most system V boxes
+# TERMIOS - SGI (ala IRIX).
+# VMS - the DEC operating system
+# MSDOS - we all know what it is :-)
+# read_pwd.c makes a reasonable guess at what is correct.
+
+# Targets
+# make - twidle the options yourself :-)
+# make cc - standard cc options
+# make gcc - standard gcc options
+# make x86-elf - linux-elf etc
+# make x86-out - linux-a.out, FreeBSD etc
+# make x86-solaris
+# make x86-bdsi
+
+# If you are on a DEC Alpha, edit des.h and change the DES_LONG
+# define to 'unsigned int'. I have seen this give a %20 speedup.
+
+OPTS0= -DRAND -DTERMIO #-DNOCONST
+
+# Version 1.94 has changed the strings_to_key function so that it is
+# now compatible with MITs when the string is longer than 8 characters.
+# If you wish to keep the old version, uncomment the following line.
+# This will affect the -E/-D options on des(1).
+#OPTS1= -DOLD_STR_TO_KEY
+
+# There are 4 possible performance options
+# -DDES_PTR
+# -DDES_RISC1
+# -DDES_RISC2 (only one of DES_RISC1 and DES_RISC2)
+# -DDES_UNROLL
+# after the initial build, run 'des_opts' to see which options are best
+# for your platform. There are some listed in options.txt
+#OPTS2= -DDES_PTR
+#OPTS3= -DDES_RISC1 # or DES_RISC2
+#OPTS4= -DDES_UNROLL
+
+OPTS= $(OPTS0) $(OPTS1) $(OPTS2) $(OPTS3) $(OPTS4)
+
+MAKE=make -f Makefile
+#CC=cc
+#CFLAG= -O
+
+CC=gcc
+#CFLAG= -O4 -funroll-loops -fomit-frame-pointer
+CFLAG= -O3 -fomit-frame-pointer
+
+CFLAGS=$(OPTS) $(CFLAG)
+CPP=$(CC) -E
+AS=as
+
+# Assember version of des_encrypt*().
+DES_ENC=des_enc.o fcrypt_b.o # normal C version
+#DES_ENC=asm/dx86-elf.o asm/cx86-elf.o # elf format x86
+#DES_ENC=asm/dx86-out.o asm/cx86-out.o # a.out format x86
+#DES_ENC=asm/dx86-sol.o asm/cx86-sol.o # solaris format x86
+#DES_ENC=asm/dx86bsdi.o asm/cx86basi.o # bsdi format x86
+
+LIBDIR=/usr/local/lib
+BINDIR=/usr/local/bin
+INCDIR=/usr/local/include
+MANDIR=/usr/local/man
+MAN1=1
+MAN3=3
+SHELL=/bin/sh
+OBJ_LIT=ede_enc.o cbc_enc.o ncbc_enc.o ecb_enc.o $(DES_ENC) fcrypt.o set_key.o
+OBJ_FULL=cbc3_enc.o cbc_cksm.o $(OBJ_LIT) pcbc_enc.o \
+ xcbc_enc.o qud_cksm.o \
+ cfb64ede.o cfb64enc.o cfb_enc.o ecb3_enc.o \
+ enc_read.o enc_writ.o ofb64ede.o ofb64enc.o ofb_enc.o \
+ rand_key.o read_pwd.o read2pwd.o rpc_enc.o str2key.o supp.o
+
+GENERAL_LIT=COPYRIGHT INSTALL README VERSION Makefile des_crypt.man \
+ des.doc options.txt asm
+GENERAL_FULL=$(GENERAL_LIT) FILES Imakefile times vms.com KERBEROS MODES.DES \
+ GNUmakefile des.man DES.pm DES.pod DES.xs Makefile.PL \
+ Makefile.uni typemap t Makefile.ssl makefile.bc Makefile.lit \
+ des.org des_locl.org
+TESTING_LIT= destest speed des_opts
+TESTING_FULL= destest speed des_opts $(TESTING_LIT)
+TESTING_SRC_LIT=destest.c speed.c des_opts.c
+TESTING_SRC_FULL=rpw.c $(TESTING_SRC_LIT)
+HEADERS_LIT=des_ver.h des.h des_locl.h podd.h sk.h spr.h
+HEADERS_FULL= $(HEADERS_LIT) rpc_des.h
+LIBDES_LIT=ede_enc.c cbc_enc.c ncbc_enc.c ecb_enc.c fcrypt.c set_key.c \
+ des_enc.c fcrypt_b.c
+LIBDES_FULL= cbc_cksm.c pcbc_enc.c qud_cksm.c \
+ cfb64ede.c cfb64enc.c cfb_enc.c ecb3_enc.c cbc3_enc.c \
+ enc_read.c enc_writ.c ofb64ede.c ofb64enc.c ofb_enc.c \
+ rand_key.c rpc_enc.c str2key.c supp.c \
+ xcbc_enc.c $(LIBDES_LIT) read_pwd.c read2pwd.c
+
+PERL= des.pl testdes.pl doIP doPC1 doPC2 PC1 PC2 shifts.pl
+
+OBJ= $(OBJ_FULL)
+GENERAL=$(GENERAL_FULL)
+TESTING=$(TESTING_FULL)
+TESTING_SRC=$(TESTING_SRC_FULL)
+HEADERS=$(HEADERS_FULL)
+LIBDES= $(LIBDES_FULL)
+
+ALL= $(GENERAL) $(TESTING_SRC) $(LIBDES) $(PERL) $(HEADERS)
+
+DLIB= libdes.a
+
+all: $(DLIB) $(TESTING)
+
+cc:
+ $(MAKE) CC=cc CFLAGS="-O $(OPTS) $(CFLAG)" all
+
+gcc:
+ $(MAKE) CC=gcc CFLAGS="-O3 -fomit-frame-pointer $(OPTS) $(CFLAG)" all
+
+x86-elf:
+ $(MAKE) DES_ENC='asm/dx86-elf.o asm/cx86-elf.o' CC=$(CC) CFLAGS="-DELF $(OPTS) $(CFLAG)" all
+
+x86-out:
+ $(MAKE) DES_ENC='asm/dx86-out.o asm/cx86-out.o' CC=$(CC) CFLAGS="-DOUT $(OPTS) $(CFLAG)" all
+
+x86-solaris:
+ $(MAKE) DES_ENC='asm/dx86-sol.o asm/cx86-sol.o' CC=$(CC) CFLAGS="-DSOL $(OPTS) $(CFLAG)" all
+
+x86-bsdi:
+ $(MAKE) DES_ENC='asm/dx86bsdi.o asm/cx86bsdi.o' CC=$(CC) CFLAGS="-DBSDI $(OPTS) $(CFLAG)" all
+
+# elf
+asm/dx86-elf.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DELF asm/dx86unix.cpp | $(AS) -o asm/dx86-elf.o
+
+asm/cx86-elf.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DELF asm/cx86unix.cpp | $(AS) -o asm/cx86-elf.o
+
+# solaris
+asm/dx86-sol.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CC) -E -DSOL asm/dx86unix.cpp | sed 's/^#.*//' > asm/dx86-sol.s
+ as -o asm/dx86-sol.o asm/dx86-sol.s
+ rm -f asm/dx86-sol.s
+
+asm/cx86-sol.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CC) -E -DSOL asm/cx86unix.cpp | sed 's/^#.*//' > asm/cx86-sol.s
+ as -o asm/cx86-sol.o asm/cx86-sol.s
+ rm -f asm/cx86-sol.s
+
+# a.out
+asm/dx86-out.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DOUT asm/dx86unix.cpp | $(AS) -o asm/dx86-out.o
+
+asm/cx86-out.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DOUT asm/cx86unix.cpp | $(AS) -o asm/cx86-out.o
+
+# bsdi
+asm/dx86bsdi.o: asm/dx86-cpp.s asm/dx86unix.cpp
+ $(CPP) -DBSDI asm/dx86unix.cpp | $(AS) -o asm/dx86bsdi.o
+
+asm/cx86bsdi.o: asm/cx86-cpp.s asm/cx86unix.cpp
+ $(CPP) -DBSDI asm/cx86unix.cpp | $(AS) -o asm/cx86bsdi.o
+
+test: all
+ ./destest
+
+$(DLIB): $(OBJ)
+ /bin/rm -f $(DLIB)
+ ar cr $(DLIB) $(OBJ)
+ -if test -s /bin/ranlib; then /bin/ranlib $(DLIB); \
+ else if test -s /usr/bin/ranlib; then /usr/bin/ranlib $(DLIB); \
+ else exit 0; fi; fi
+
+des_opts: des_opts.o $(DLIB)
+ $(CC) $(CFLAGS) -o des_opts des_opts.o $(DLIB)
+
+destest: destest.o $(DLIB)
+ $(CC) $(CFLAGS) -o destest destest.o $(DLIB)
+
+rpw: rpw.o $(DLIB)
+ $(CC) $(CFLAGS) -o rpw rpw.o $(DLIB)
+
+speed: speed.o $(DLIB)
+ $(CC) $(CFLAGS) -o speed speed.o $(DLIB)
+
+des: des.o $(DLIB)
+ $(CC) $(CFLAGS) -o des des.o $(DLIB)
+
+tags:
+ ctags $(TESTING_SRC) $(LIBDES)
+
+tar_lit:
+ /bin/mv Makefile Makefile.tmp
+ /bin/cp Makefile.lit Makefile
+ tar chf libdes-l.tar $(LIBDES_LIT) $(HEADERS_LIT) \
+ $(GENERAL_LIT) $(TESTING_SRC_LIT)
+ /bin/rm -f Makefile
+ /bin/mv Makefile.tmp Makefile
+
+tar:
+ tar chf libdes.tar $(ALL)
+
+shar:
+ shar $(ALL) >libdes.shar
+
+depend:
+ makedepend $(LIBDES) $(TESTING_SRC)
+
+clean:
+ /bin/rm -f *.o tags core $(TESTING) $(DLIB) .nfs* *.old *.bak asm/*.o
+
+dclean:
+ sed -e '/^# DO NOT DELETE THIS LINE/ q' Makefile >Makefile.new
+ mv -f Makefile.new Makefile
+
+# Eric is probably going to choke when he next looks at this --tjh
+install: $(DLIB) des
+ if test $(INSTALLTOP); then \
+ echo SSL style install; \
+ cp $(DLIB) $(INSTALLTOP)/lib; \
+ if test -s /bin/ranlib; then \
+ /bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+ else \
+ if test -s /usr/bin/ranlib; then \
+ /usr/bin/ranlib $(INSTALLTOP)/lib/$(DLIB); \
+ fi; fi; \
+ chmod 644 $(INSTALLTOP)/lib/$(DLIB); \
+ cp des.h $(INSTALLTOP)/include; \
+ chmod 644 $(INSTALLTOP)/include/des.h; \
+ cp des $(INSTALLTOP)/bin; \
+ chmod 755 $(INSTALLTOP)/bin/des; \
+ else \
+ echo Standalone install; \
+ cp $(DLIB) $(LIBDIR)/$(DLIB); \
+ if test -s /bin/ranlib; then \
+ /bin/ranlib $(LIBDIR)/$(DLIB); \
+ else \
+ if test -s /usr/bin/ranlib; then \
+ /usr/bin/ranlib $(LIBDIR)/$(DLIB); \
+ fi; \
+ fi; \
+ chmod 644 $(LIBDIR)/$(DLIB); \
+ cp des $(BINDIR)/des; \
+ chmod 711 $(BINDIR)/des; \
+ cp des_crypt.man $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+ chmod 644 $(MANDIR)/man$(MAN3)/des_crypt.$(MAN3); \
+ cp des.man $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+ chmod 644 $(MANDIR)/man$(MAN1)/des.$(MAN1); \
+ cp des.h $(INCDIR)/des.h; \
+ chmod 644 $(INCDIR)/des.h; \
+ fi
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/des/PC1 b/crypto/des/PC1
new file mode 100644
index 0000000..efb8348
--- /dev/null
+++ b/crypto/des/PC1
@@ -0,0 +1,28 @@
+#!/usr/local/bin/perl
+
+@PC1=( 57,49,41,33,25,17, 9,
+ 1,58,50,42,34,26,18,
+ 10, 2,59,51,43,35,27,
+ 19,11, 3,60,52,44,36,
+ "-","-","-","-",
+ 63,55,47,39,31,23,15,
+ 7,62,54,46,38,30,22,
+ 14, 6,61,53,45,37,29,
+ 21,13, 5,28,20,12, 4,
+ "-","-","-","-",
+ );
+
+foreach (@PC1)
+ {
+ if ($_ ne "-")
+ {
+ $_--;
+ $_=int($_/8)*8+7-($_%8);
+ printf "%2d ",$_;
+ }
+ else
+ { print "-- "; }
+ print "\n" if (((++$i) % 8) == 0);
+ print "\n" if ((($i) % 32) == 0);
+ }
+
diff --git a/crypto/des/PC2 b/crypto/des/PC2
new file mode 100644
index 0000000..2d56027
--- /dev/null
+++ b/crypto/des/PC2
@@ -0,0 +1,57 @@
+#!/usr/local/bin/perl
+
+@PC2_C=(14,17,11,24, 1, 5,
+ 3,28,15, 6,21,10,
+ 23,19,12, 4,26, 8,
+ 16, 7,27,20,13, 2,
+ );
+
+@PC2_D=(41,52,31,37,47,55,
+ 30,40,51,45,33,48,
+ 44,49,39,56,34,53,
+ 46,42,50,36,29,32,
+ );
+
+foreach (@PC2_C) {
+ if ($_ ne "-")
+ {
+ $_--;
+ printf "%2d ",$_; }
+ else { print "-- "; }
+ $C{$_}=1;
+ print "\n" if (((++$i) % 8) == 0);
+ }
+$i=0;
+print "\n";
+foreach (@PC2_D) {
+ if ($_ ne "-")
+ {
+ $_-=29;
+ printf "%2d ",$_; }
+ else { print "-- "; }
+ $D{$_}=1;
+ print "\n" if (((++$i) % 8) == 0); }
+
+print "\n";
+foreach $i (0 .. 27)
+ {
+ $_=$C{$i};
+ if ($_ ne "-") {printf "%2d ",$_;}
+ else { print "-- "; }
+ print "\n" if (((++$i) % 8) == 0);
+ }
+print "\n";
+
+print "\n";
+foreach $i (0 .. 27)
+ {
+ $_=$D{$i};
+ if ($_ ne "-") {printf "%2d ",$_;}
+ else { print "-- "; }
+ print "\n" if (((++$i) % 8) == 0);
+ }
+print "\n";
+sub numsort
+ {
+ $a-$b;
+ }
diff --git a/crypto/des/README b/crypto/des/README
new file mode 100644
index 0000000..621a5ab
--- /dev/null
+++ b/crypto/des/README
@@ -0,0 +1,54 @@
+
+ libdes, Version 4.01 10-Jan-97
+
+ Copyright (c) 1997, Eric Young
+ All rights reserved.
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms specified in COPYRIGHT.
+
+--
+The primary ftp site for this library is
+ftp://ftp.psy.uq.oz.au/pub/Crypto/DES/libdes-x.xx.tar.gz
+libdes is now also shipped with SSLeay. Primary ftp site of
+ftp://ftp.psy.uq.oz.au/pub/Crypto/SSL/SSLeay-x.x.x.tar.gz
+
+The best way to build this library is to build it as part of SSLeay.
+
+This kit builds a DES encryption library and a DES encryption program.
+It supports ecb, cbc, ofb, cfb, triple ecb, triple cbc, triple ofb,
+triple cfb, desx, and MIT's pcbc encryption modes and also has a fast
+implementation of crypt(3).
+It contains support routines to read keys from a terminal,
+generate a random key, generate a key from an arbitrary length string,
+read/write encrypted data from/to a file descriptor.
+
+The implementation was written so as to conform with the manual entry
+for the des_crypt(3) library routines from MIT's project Athena.
+
+destest should be run after compilation to test the des routines.
+rpw should be run after compilation to test the read password routines.
+The des program is a replacement for the sun des command. I believe it
+conforms to the sun version.
+
+The Imakefile is setup for use in the kerberos distribution.
+
+These routines are best compiled with gcc or any other good
+optimising compiler.
+Just turn you optimiser up to the highest settings and run destest
+after the build to make sure everything works.
+
+I believe these routines are close to the fastest and most portable DES
+routines that use small lookup tables (4.5k) that are publicly available.
+The fcrypt routine is faster than ufc's fcrypt (when compiling with
+gcc2 -O2) on the sparc 2 (1410 vs 1270) but is not so good on other machines
+(on a sun3/260 168 vs 336). It is a function of CPU on chip cache size.
+[ 10-Jan-97 and a function of an incorrect speed testing program in
+ ufc which gave much better test figures that reality ].
+
+It is worth noting that on sparc and Alpha CPUs, performance of the DES
+library can vary by upto %10 due to the positioning of files after application
+linkage.
+
+Eric Young (eay@cryptsoft.com)
+
diff --git a/crypto/des/VERSION b/crypto/des/VERSION
new file mode 100644
index 0000000..b5a2fb7
--- /dev/null
+++ b/crypto/des/VERSION
@@ -0,0 +1,387 @@
+Version 4.02
+ I was doing if (memcmp(weak_keys[i],key,sizeof(key)) == 0)
+ when checking for weak keys which is wrong :-(, pointed out by
+ rkus F.X.J. Oberhumer <markus.oberhumer@jk.uni-linz.ac.at>.
+
+Version 4.01
+ Even faster inner loop in the DES assember for x86 and a modification
+ for IP/FP which is faster on x86. Both of these changes are
+ from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>. His
+ changes make the assember run %40 faster on a pentium. This is just
+ a case of getting the instruction sequence 'just right'.
+ All credit to 'Svend' :-)
+ Quite a few special x86 'make' targets.
+ A libdes-l (lite) distribution.
+
+Version 4.00
+ After a bit of a pause, I'll up the major version number since this
+ is mostly a performace release. I've added x86 assember and
+ added more options for performance. A %28 speedup for gcc
+ on a pentium and the assember is a %50 speedup.
+ MIPS CPU's, sparc and Alpha are the main CPU's with speedups.
+ Run des_opts to work out which options should be used.
+ DES_RISC1/DES_RISC2 use alternative inner loops which use
+ more registers but should give speedups on any CPU that does
+ dual issue (pentium). DES_UNROLL unrolls the inner loop,
+ which costs in code size.
+
+Version 3.26
+ I've finally removed one of the shifts in D_ENCRYPT. This
+ meant I've changed the des_SPtrans table (spr.h), the set_key()
+ function and some things in des_enc.c. This has definitly
+ made things faster :-). I've known about this one for some
+ time but I've been too lazy to follow it up :-).
+ Noticed that in the D_ENCRYPT() macro, we can just do L^=(..)^(..)^..
+ instead of L^=((..)|(..)|(..).. This should save a register at
+ least.
+ Assember for x86. The file to replace is des_enc.c, which is replaced
+ by one of the assember files found in asm. Look at des/asm/readme
+ for more info.
+
+ /* Modification to fcrypt so it can be compiled to support
+ HPUX 10.x's long password format, define -DLONGCRYPT to use this.
+ Thanks to Jens Kupferschmidt <bt1cu@hpboot.rz.uni-leipzig.de>. */
+
+ SIGWINCH case put in des_read_passwd() so the function does not
+ 'exit' if this function is recieved.
+
+Version 3.25 17/07/96
+ Modified read_pwd.c so that stdin can be read if not a tty.
+ Thanks to Jeff Barber <jeffb@issl.atl.hp.com> for the patches.
+ des_init_random_number_generator() shortened due to VMS linker
+ limits.
+ Added RSA's DESX cbc mode. It is a form of cbc encryption, with 2
+ 8 byte quantites xored before and after encryption.
+ des_xcbc_encryption() - the name is funny to preserve the des_
+ prefix on all functions.
+
+Version 3.24 20/04/96
+ The DES_PTR macro option checked and used by SSLeay configuration
+
+Version 3.23 11/04/96
+ Added DES_LONG. If defined to 'unsigned int' on the DEC Alpha,
+ it gives a %20 speedup :-)
+ Fixed the problem with des.pl under perl5. The patches were
+ sent by Ed Kubaitis (ejk@uiuc.edu).
+ if fcrypt.c, changed values to handle illegal salt values the way
+ normal crypt() implementations do. Some programs apparently use
+ them :-(. The patch was sent by Bjorn Gronvall <bg@sics.se>
+
+Version 3.22 29/11/95
+ Bug in des(1), an error with the uuencoding stuff when the
+ 'data' is small, thanks to Geoff Keating <keagchon@mehta.anu.edu.au>
+ for the patch.
+
+Version 3.21 22/11/95
+ After some emailing back and forth with
+ Colin Plumb <colin@nyx10.cs.du.edu>, I've tweaked a few things
+ and in a future version I will probably put in some of the
+ optimisation he suggested for use with the DES_USE_PTR option.
+ Extra routines from Mark Murray <mark@grondar.za> for use in
+ freeBSD. They mostly involve random number generation for use
+ with kerberos. They involve evil machine specific system calls
+ etc so I would normally suggest pushing this stuff into the
+ application and/or using RAND_seed()/RAND_bytes() if you are
+ using this DES library as part of SSLeay.
+ Redone the read_pw() function so that it is cleaner and
+ supports termios, thanks to Sameer Parekh <sameer@c2.org>
+ for the initial patches for this.
+ Renamed 3ecb_encrypt() to ecb3_encrypt(). This has been
+ done just to make things more consistent.
+ I have also now added triple DES versions of cfb and ofb.
+
+Version 3.20
+ Damn, Damn, Damn, as pointed out by Mike_Spreitzer.PARC@xerox.com,
+ my des_random_seed() function was only copying 4 bytes of the
+ passed seed into the init structure. It is now fixed to copy 8.
+ My own suggestion is to used something like MD5 :-)
+
+Version 3.19
+ While looking at my code one day, I though, why do I keep on
+ calling des_encrypt(in,out,ks,enc) when every function that
+ calls it has in and out the same. So I dropped the 'out'
+ parameter, people should not be using this function.
+
+Version 3.18 30/08/95
+ Fixed a few bit with the distribution and the filenames.
+ 3.17 had been munged via a move to DOS and back again.
+ NO CODE CHANGES
+
+Version 3.17 14/07/95
+ Fixed ede3 cbc which I had broken in 3.16. I have also
+ removed some unneeded variables in 7-8 of the routines.
+
+Version 3.16 26/06/95
+ Added des_encrypt2() which does not use IP/FP, used by triple
+ des routines. Tweaked things a bit elsewhere. %13 speedup on
+ sparc and %6 on a R4400 for ede3 cbc mode.
+
+Version 3.15 06/06/95
+ Added des_ncbc_encrypt(), it is des_cbc mode except that it is
+ 'normal' and copies the new iv value back over the top of the
+ passed parameter.
+ CHANGED des_ede3_cbc_encrypt() so that it too now overwrites
+ the iv. THIS WILL BREAK EXISTING CODE, but since this function
+ only new, I feel I can change it, not so with des_cbc_encrypt :-(.
+ I need to update the documentation.
+
+Version 3.14 31/05/95
+ New release upon the world, as part of my SSL implementation.
+ New copyright and usage stuff. Basically free for all to use
+ as long as you say it came from me :-)
+
+Version 3.13 31/05/95
+ A fix in speed.c, if HZ is not defined, I set it to 100.0
+ which is reasonable for most unixes except SunOS 4.x.
+ I now have a #ifdef sun but timing for SunOS 4.x looked very
+ good :-(. At my last job where I used SunOS 4.x, it was
+ defined to be 60.0 (look at the old INSTALL documentation), at
+ the last release had it changed to 100.0 since I now work with
+ Solaris2 and SVR4 boxes.
+ Thanks to Rory Chisholm <rchishol@math.ethz.ch> for pointing this
+ one out.
+
+Version 3.12 08/05/95
+ As pointed out by The Crypt Keeper <tck@bend.UCSD.EDU>,
+ my D_ENCRYPT macro in crypt() had an un-necessary variable.
+ It has been removed.
+
+Version 3.11 03/05/95
+ Added des_ede3_cbc_encrypt() which is cbc mode des with 3 keys
+ and one iv. It is a standard and I needed it for my SSL code.
+ It makes more sense to use this for triple DES than
+ 3cbc_encrypt(). I have also added (or should I say tested :-)
+ cfb64_encrypt() which is cfb64 but it will encrypt a partial
+ number of bytes - 3 bytes in 3 bytes out. Again this is for
+ my SSL library, as a form of encryption to use with SSL
+ telnet.
+
+Version 3.10 22/03/95
+ Fixed a bug in 3cbc_encrypt() :-(. When making repeated calls
+ to cbc3_encrypt, the 2 iv values that were being returned to
+ be used in the next call were reversed :-(.
+ Many thanks to Bill Wade <wade@Stoner.COM> for pointing out
+ this error.
+
+Version 3.09 01/02/95
+ Fixed des_random_key to far more random, it was rather feeble
+ with regards to picking the initial seed. The problem was
+ pointed out by Olaf Kirch <okir@monad.swb.de>.
+
+Version 3.08 14/12/94
+ Added Makefile.PL so libdes can be built into perl5.
+ Changed des_locl.h so RAND is always defined.
+
+Version 3.07 05/12/94
+ Added GNUmake and stuff so the library can be build with
+ glibc.
+
+Version 3.06 30/08/94
+ Added rpc_enc.c which contains _des_crypt. This is for use in
+ secure_rpc v 4.0
+ Finally fixed the cfb_enc problems.
+ Fixed a few parameter parsing bugs in des (-3 and -b), thanks
+ to Rob McMillan <R.McMillan@its.gu.edu.au>
+
+Version 3.05 21/04/94
+ for unsigned long l; gcc does not produce ((l>>34) == 0)
+ This causes bugs in cfb_enc.
+ Thanks to Hadmut Danisch <danisch@ira.uka.de>
+
+Version 3.04 20/04/94
+ Added a version number to des.c and libdes.a
+
+Version 3.03 12/01/94
+ Fixed a bug in non zero iv in 3cbc_enc.
+
+Version 3.02 29/10/93
+ I now work in a place where there are 6+ architectures and 14+
+ OS versions :-).
+ Fixed TERMIO definition so the most sys V boxes will work :-)
+
+Release upon comp.sources.misc
+Version 3.01 08/10/93
+ Added des_3cbc_encrypt()
+
+Version 3.00 07/10/93
+ Fixed up documentation.
+ quad_cksum definitely compatible with MIT's now.
+
+Version 2.30 24/08/93
+ Triple DES now defaults to triple cbc but can do triple ecb
+ with the -b flag.
+ Fixed some MSDOS uuen/uudecoding problems, thanks to
+ Added prototypes.
+
+Version 2.22 29/06/93
+ Fixed a bug in des_is_weak_key() which stopped it working :-(
+ thanks to engineering@MorningStar.Com.
+
+Version 2.21 03/06/93
+ des(1) with no arguments gives quite a bit of help.
+ Added -c (generate ckecksum) flag to des(1).
+ Added -3 (triple DES) flag to des(1).
+ Added cfb and ofb routines to the library.
+
+Version 2.20 11/03/93
+ Added -u (uuencode) flag to des(1).
+ I have been playing with byte order in quad_cksum to make it
+ compatible with MIT's version. All I can say is avid this
+ function if possible since MIT's output is endian dependent.
+
+Version 2.12 14/10/92
+ Added MSDOS specific macro in ecb_encrypt which gives a %70
+ speed up when the code is compiled with turbo C.
+
+Version 2.11 12/10/92
+ Speedup in set_key (recoding of PC-1)
+ I now do it in 47 simple operations, down from 60.
+ Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ for motivating me to look for a faster system :-)
+ The speedup is probably less that 1% but it is still 13
+ instructions less :-).
+
+Version 2.10 06/10/92
+ The code now works on the 64bit ETA10 and CRAY without modifications or
+ #defines. I believe the code should work on any machine that
+ defines long, int or short to be 8 bytes long.
+ Thanks to Shabbir J. Safdar (shabby@mentor.cc.purdue.edu)
+ for helping me fix the code to run on 64bit machines (he had
+ access to an ETA10).
+ Thanks also to John Fletcher <john_fletcher@lccmail.ocf.llnl.gov>
+ for testing the routines on a CRAY.
+ read_password.c has been renamed to read_passwd.c
+ string_to_key.c has been renamed to string2key.c
+
+Version 2.00 14/09/92
+ Made mods so that the library should work on 64bit CPU's.
+ Removed all my uchar and ulong defs. To many different
+ versions of unix define them in their header files in too many
+ different combinations :-)
+ IRIX - Sillicon Graphics mods (mostly in read_password.c).
+ Thanks to Andrew Daviel (advax@erich.triumf.ca)
+
+Version 1.99 26/08/92
+ Fixed a bug or 2 in enc_read.c
+ Fixed a bug in enc_write.c
+ Fixed a pseudo bug in fcrypt.c (very obscure).
+
+Version 1.98 31/07/92
+ Support for the ETA10. This is a strange machine that defines
+ longs and ints as 8 bytes and shorts as 4 bytes.
+ Since I do evil things with long * that assume that they are 4
+ bytes. Look in the Makefile for the option to compile for
+ this machine. quad_cksum appears to have problems but I
+ will don't have the time to fix it right now, and this is not
+ a function that uses DES and so will not effect the main uses
+ of the library.
+
+Version 1.97 20/05/92 eay
+ Fixed the Imakefile and made some changes to des.h to fix some
+ problems when building this package with Kerberos v 4.
+
+Version 1.96 18/05/92 eay
+ Fixed a small bug in string_to_key() where problems could
+ occur if des_check_key was set to true and the string
+ generated a weak key.
+
+Patch2 posted to comp.sources.misc
+Version 1.95 13/05/92 eay
+ Added an alternative version of the D_ENCRYPT macro in
+ ecb_encrypt and fcrypt. Depending on the compiler, one version or the
+ other will be faster. This was inspired by
+ Dana How <how@isl.stanford.edu>, and her pointers about doing the
+ *(ulong *)((uchar *)ptr+(value&0xfc))
+ vs
+ ptr[value&0x3f]
+ to stop the C compiler doing a <<2 to convert the long array index.
+
+Version 1.94 05/05/92 eay
+ Fixed an incompatibility between my string_to_key and the MIT
+ version. When the key is longer than 8 chars, I was wrapping
+ with a different method. To use the old version, define
+ OLD_STR_TO_KEY in the makefile. Thanks to
+ viktor@newsu.shearson.com (Viktor Dukhovni).
+
+Version 1.93 28/04/92 eay
+ Fixed the VMS mods so that echo is now turned off in
+ read_password. Thanks again to brennan@coco.cchs.su.oz.AU.
+ MSDOS support added. The routines can be compiled with
+ Turbo C (v2.0) and MSC (v5.1). Make sure MSDOS is defined.
+
+Patch1 posted to comp.sources.misc
+Version 1.92 13/04/92 eay
+ Changed D_ENCRYPT so that the rotation of R occurs outside of
+ the loop. This required rotating all the longs in sp.h (now
+ called spr.h). Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ speed.c has been changed so it will work without SIGALRM. If
+ times(3) is not present it will try to use ftime() instead.
+
+Version 1.91 08/04/92 eay
+ Added -E/-D options to des(1) so it can use string_to_key.
+ Added SVR4 mods suggested by witr@rwwa.COM
+ Added VMS mods suggested by brennan@coco.cchs.su.oz.AU. If
+ anyone knows how to turn of tty echo in VMS please tell me or
+ implement it yourself :-).
+ Changed FILE *IN/*OUT to *DES_IN/*DES_OUT since it appears VMS
+ does not like IN/OUT being used.
+
+Libdes posted to comp.sources.misc
+Version 1.9 24/03/92 eay
+ Now contains a fast small crypt replacement.
+ Added des(1) command.
+ Added des_rw_mode so people can use cbc encryption with
+ enc_read and enc_write.
+
+Version 1.8 15/10/91 eay
+ Bug in cbc_cksum.
+ Many thanks to Keith Reynolds (keithr@sco.COM) for pointing this
+ one out.
+
+Version 1.7 24/09/91 eay
+ Fixed set_key :-)
+ set_key is 4 times faster and takes less space.
+ There are a few minor changes that could be made.
+
+Version 1.6 19/09/1991 eay
+ Finally go IP and FP finished.
+ Now I need to fix set_key.
+ This version is quite a bit faster that 1.51
+
+Version 1.52 15/06/1991 eay
+ 20% speedup in ecb_encrypt by changing the E bit selection
+ to use 2 32bit words. This also required modification of the
+ sp table. There is still a way to speedup the IP and IP-1
+ (hints from outer@sq.com) still working on this one :-(.
+
+Version 1.51 07/06/1991 eay
+ Faster des_encrypt by loop unrolling
+ Fixed bug in quad_cksum.c (thanks to hughes@logos.ucs.indiana.edu)
+
+Version 1.50 28/05/1991 eay
+ Optimised the code a bit more for the sparc. I have improved the
+ speed of the inner des_encrypt by speeding up the initial and
+ final permutations.
+
+Version 1.40 23/10/1990 eay
+ Fixed des_random_key, it did not produce a random key :-(
+
+Version 1.30 2/10/1990 eay
+ Have made des_quad_cksum the same as MIT's, the full package
+ should be compatible with MIT's
+ Have tested on a DECstation 3100
+ Still need to fix des_set_key (make it faster).
+ Does des_cbc_encrypts at 70.5k/sec on a 3100.
+
+Version 1.20 18/09/1990 eay
+ Fixed byte order dependencies.
+ Fixed (I hope) all the word alignment problems.
+ Speedup in des_ecb_encrypt.
+
+Version 1.10 11/09/1990 eay
+ Added des_enc_read and des_enc_write.
+ Still need to fix des_quad_cksum.
+ Still need to document des_enc_read and des_enc_write.
+
+Version 1.00 27/08/1990 eay
+
diff --git a/crypto/des/asm/c-win32.asm b/crypto/des/asm/c-win32.asm
new file mode 100644
index 0000000..b7460b8
--- /dev/null
+++ b/crypto/des/asm/c-win32.asm
@@ -0,0 +1,929 @@
+ ; Don't even think of reading this code
+ ; It was automatically generated by crypt.pl
+ ; Which is a perl program used to generate the x86 assember for
+ ; any of elf, a.out, Win32, or Solaris
+ ; It can be found in SSLeay 0.6.5+ or in libdes 3.26+
+ ; eric <eay@cryptsoft.com>
+ ; The inner loop instruction sequence and the IP/FP modifications
+ ; are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+ ;
+ TITLE dx86xxxx.asm
+ .386
+.model FLAT
+_TEXT SEGMENT
+PUBLIC _fcrypt_body
+EXTRN _des_SPtrans:DWORD
+_fcrypt_body PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the 2 words
+ xor edi, edi
+ xor esi, esi
+ mov ebp, DWORD PTR 24[esp]
+ mov DWORD PTR 36[esp],25
+L000start:
+ ;
+ ; Round 0
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR [ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 4[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 1
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 8[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 12[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 2
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 16[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 20[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 3
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 24[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 28[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 4
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 32[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 36[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 5
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 40[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 44[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 6
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 48[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 52[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 7
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 56[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 60[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 8
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 64[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 68[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 9
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 72[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 76[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 10
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 80[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 84[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 11
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 88[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 92[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 12
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 96[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 100[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 13
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 104[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 108[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 14
+ mov eax, DWORD PTR 28[esp]
+ mov edx, esi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, esi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 112[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 116[ebp]
+ xor eax, esi
+ xor edx, esi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 15
+ mov eax, DWORD PTR 28[esp]
+ mov edx, edi
+ shr edx, 16
+ mov ecx, DWORD PTR 32[esp]
+ xor edx, edi
+ and eax, edx
+ and edx, ecx
+ mov ebx, eax
+ shl ebx, 16
+ mov ecx, edx
+ shl ecx, 16
+ xor eax, ebx
+ xor edx, ecx
+ mov ebx, DWORD PTR 120[ebp]
+ xor eax, ebx
+ mov ecx, DWORD PTR 124[ebp]
+ xor eax, edi
+ xor edx, edi
+ xor edx, ecx
+ and eax, 0fcfcfcfch
+ xor ebx, ebx
+ and edx, 0cfcfcfcfh
+ xor ecx, ecx
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ mov eax, edi
+ dec DWORD PTR 36[esp]
+ mov edi, esi
+ mov esi, eax
+ jnz L000start
+ ;
+ ; FP
+ mov edx, DWORD PTR 20[esp]
+ ror edi, 1
+ mov eax, esi
+ xor esi, edi
+ and esi, 0aaaaaaaah
+ xor eax, esi
+ xor edi, esi
+ ;
+ rol eax, 23
+ mov esi, eax
+ xor eax, edi
+ and eax, 003fc03fch
+ xor esi, eax
+ xor edi, eax
+ ;
+ rol esi, 10
+ mov eax, esi
+ xor esi, edi
+ and esi, 033333333h
+ xor eax, esi
+ xor edi, esi
+ ;
+ rol edi, 18
+ mov esi, edi
+ xor edi, eax
+ and edi, 0fff0000fh
+ xor esi, edi
+ xor eax, edi
+ ;
+ rol esi, 12
+ mov edi, esi
+ xor esi, eax
+ and esi, 0f0f0f0f0h
+ xor edi, esi
+ xor eax, esi
+ ;
+ ror eax, 4
+ mov DWORD PTR [edx],eax
+ mov DWORD PTR 4[edx],edi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_fcrypt_body ENDP
+_TEXT ENDS
+END
diff --git a/crypto/des/asm/c-win32.uu b/crypto/des/asm/c-win32.uu
new file mode 100644
index 0000000..09d5d7d
--- /dev/null
+++ b/crypto/des/asm/c-win32.uu
@@ -0,0 +1,99 @@
+begin 640 c-win32.obj
+M3`$"`/4&DC,,$```"0`````````N=&5X=```````````````J`H``&0````,
+M"P```````(`````@`#!@+F1A=&$```"H"@`````````````,$```````````
+M````````0``PP%535E<S_S/VBVPD&,=$)"09````BT0D'(O6P>H0BTPD(#/6
+M(\(CT8O8P>,0B\K!X1`SPS/1BUT`,\.+300SQC/6,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0
+MBZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$
+M```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1
+MBUT(,\.+30PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS
+M]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P``
+M`('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6
+MP>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUT0,\.+310SQC/6,]$E_/S\
+M_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!
+M```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`
+M!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0
+MB\K!X1`SPS/1BUT8,\.+31PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$
+MBZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+
+M;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4`
+M`#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUT@,\.+320S
+MQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]
+MBL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;
+M``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7
+M(\(CT8O8P>,0B\K!X1`SPS/1BUTH,\.+32PSQS/7,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0
+MBZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$
+M```S\XN:``4``#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1
+MBUTP,\.+330SQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS
+M_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P``
+M`('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7
+MP>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1BUTX,\.+33PSQS/7,]$E_/S\
+M_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!
+M```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`
+M!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0
+MB\K!X1`SPS/1BUU`,\.+340SQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$
+MBZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+
+M;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4`
+M`#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1BUU(,\.+34PS
+MQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/U
+MBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;
+M``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6P>H0BTPD(#/6
+M(\(CT8O8P>,0B\K!X1`SPS/1BUU0,\.+350SQC/6,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0
+MBZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$
+M```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0B\K!X1`SPS/1
+MBUU8,\.+35PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS
+M]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P``
+M`('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT0D'(O6
+MP>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUU@,\.+360SQC/6,]$E_/S\
+M_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!
+M```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`
+M!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7(\(CT8O8P>,0
+MB\K!X1`SPS/1BUUH,\.+36PSQS/7,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$
+MBZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+
+M;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4`
+M`#/SBT0D'(O6P>H0BTPD(#/6(\(CT8O8P>,0B\K!X1`SPS/1BUUP,\.+370S
+MQC/6,]$E_/S\_#/;@>+/S\_/,\F*V(K,P<H$BZL`````BMHS_8NI``(``#/]
+MBL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;
+M``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT0D'(O7P>H0BTPD(#/7
+M(\(CT8O8P>,0B\K!X1`SPS/1BUUX,\.+37PSQS/7,]$E_/S\_#/;@>+/S\_/
+M,\F*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0
+MBZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$
+M```S\XN:``4``#/SB\?_3"0DB_Z+\`^%T/7__XM4)!31SXO&,_>!YJJJJJHS
+MQC/^P<`7B_`SQR7\`_P#,_`S^,'&"HO&,_>!YC,S,S,SQC/^P<<2B_<S^('G
+M#P#P_S/W,\?!Q@R+_C/P@>;P\/#P,_XSQL'(!(D"B7H$7UY;7<-;````!P``
+M``8`90````<````&`'(````'````!@!_````!P````8`F`````<````&`*``
+M```'````!@"H````!P````8`L`````<````&`/T````'````!@`'`0``!P``
+M``8`%`$```<````&`"$!```'````!@`Z`0``!P````8`0@$```<````&`$H!
+M```'````!@!2`0``!P````8`GP$```<````&`*D!```'````!@"V`0``!P``
+M``8`PP$```<````&`-P!```'````!@#D`0``!P````8`[`$```<````&`/0!
+M```'````!@!!`@``!P````8`2P(```<````&`%@"```'````!@!E`@``!P``
+M``8`?@(```<````&`(8"```'````!@".`@``!P````8`E@(```<````&`.,"
+M```'````!@#M`@``!P````8`^@(```<````&``<#```'````!@`@`P``!P``
+M``8`*`,```<````&`#`#```'````!@`X`P``!P````8`A0,```<````&`(\#
+M```'````!@"<`P``!P````8`J0,```<````&`,(#```'````!@#*`P``!P``
+M``8`T@,```<````&`-H#```'````!@`G!```!P````8`,00```<````&`#X$
+M```'````!@!+!```!P````8`9`0```<````&`&P$```'````!@!T!```!P``
+M``8`?`0```<````&`,D$```'````!@#3!```!P````8`X`0```<````&`.T$
+M```'````!@`&!0``!P````8`#@4```<````&`!8%```'````!@`>!0``!P``
+M``8`:P4```<````&`'4%```'````!@""!0``!P````8`CP4```<````&`*@%
+M```'````!@"P!0``!P````8`N`4```<````&`,`%```'````!@`-!@``!P``
+M``8`%P8```<````&`"0&```'````!@`Q!@``!P````8`2@8```<````&`%(&
+M```'````!@!:!@``!P````8`8@8```<````&`*\&```'````!@"Y!@``!P``
+M``8`Q@8```<````&`-,&```'````!@#L!@``!P````8`]`8```<````&`/P&
+M```'````!@`$!P``!P````8`40<```<````&`%L'```'````!@!H!P``!P``
+M``8`=0<```<````&`(X'```'````!@"6!P``!P````8`G@<```<````&`*8'
+M```'````!@#S!P``!P````8`_0<```<````&``H(```'````!@`7"```!P``
+M``8`,`@```<````&`#@(```'````!@!`"```!P````8`2`@```<````&`)4(
+M```'````!@"?"```!P````8`K`@```<````&`+D(```'````!@#2"```!P``
+M``8`V@@```<````&`.((```'````!@#J"```!P````8`-PD```<````&`$$)
+M```'````!@!."0``!P````8`6PD```<````&`'0)```'````!@!\"0``!P``
+M``8`A`D```<````&`(P)```'````!@#9"0``!P````8`XPD```<````&`/`)
+M```'````!@#]"0``!P````8`%@H```<````&`!X*```'````!@`F"@``!P``
+M``8`+@H```<````&`"YF:6QE`````````/[_``!G`BY<8W)Y<'1O7&1E<UQA
+M<VU<8RUW:6XS,BYA<VT``````````"YT97AT``````````$````#`:@*``"`
+M`````````````````"YD871A``````````(````#`0``````````````````
+M```````````$```````````````"```````1``````````$`(``"`!X```!?
+99&5S7U-0=')A;G,`7V9C<GEP=%]B;V1Y````
+`
+end
diff --git a/crypto/des/asm/crypt.pl b/crypto/des/asm/crypt.pl
new file mode 100644
index 0000000..0a7dce0
--- /dev/null
+++ b/crypto/des/asm/crypt.pl
@@ -0,0 +1,240 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+# I've added the stuff needed for crypt() but I've not worried about making
+# things perfect.
+#
+
+$prog="crypt.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("The inner loop instruction sequence and the IP/FP modifications");
+&comment("are from Svend Olaf Mikkelsen <svolaf\@inet.uni-c.dk>");
+
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&fcrypt_body("fcrypt_body");
+
+&file_end();
+
+sub fcrypt_body
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,3,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ $ks="ebp";
+
+ &xor( $L, $L);
+ &xor( $R, $R);
+ &mov($ks,&wparam(1));
+
+ &mov(&wtmp(1), 25);
+
+ &set_label("start");
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+ &mov("eax", $L);
+ &dec(&wtmp(1));
+ &mov($L, $R);
+ &mov($R, "eax");
+ &jnz(&label("start"));
+
+ &comment("");
+ &comment("FP");
+ &mov("edx",&wparam(0));
+
+ &FP_new($R,$L,"eax",3);
+ &mov(&DWP(0,"edx","",0),"eax");
+ &mov(&DWP(4,"edx","",0),$L);
+
+ &function_end($name);
+ }
+
+sub D_ENCRYPT
+ {
+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+ &mov( $u, &wparam(2)); # 2
+ &mov( $t, $R);
+ &shr( $t, 16); # 1
+ &mov( $tmp2, &wparam(3)); # 2
+ &xor( $t, $R); # 1
+
+ &and( $u, $t); # 2
+ &and( $t, $tmp2); # 2
+
+ &mov( $tmp1, $u);
+ &shl( $tmp1, 16); # 1
+ &mov( $tmp2, $t);
+ &shl( $tmp2, 16); # 1
+ &xor( $u, $tmp1); # 2
+ &xor( $t, $tmp2); # 2
+ &mov( $tmp1, &DWP(&n2a($S*4),$ks,"",0)); # 2
+ &xor( $u, $tmp1);
+ &mov( $tmp2, &DWP(&n2a(($S+1)*4),$ks,"",0)); # 2
+ &xor( $u, $R);
+ &xor( $t, $R);
+ &xor( $t, $tmp2);
+
+ &and( $u, "0xfcfcfcfc" ); # 2
+ &xor( $tmp1, $tmp1); # 1
+ &and( $t, "0xcfcfcfcf" ); # 2
+ &xor( $tmp2, $tmp2);
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &rotr( $t, 4 );
+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
+ &movb( &LB($tmp1), &LB($t) );
+ &xor( $L, $ks);
+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &movb( &LB($tmp2), &HB($t) );
+ &shr( $u, 16);
+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
+ &xor( $L, $ks);
+ &movb( &LB($tmp1), &HB($u) );
+ &shr( $t, 16);
+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &mov( $ks, &DWP(24,"esp","",0));
+ &movb( &LB($tmp2), &HB($t) );
+ &and( $u, "0xff" );
+ &and( $t, "0xff" );
+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
+ &xor( $L, $tmp1);
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+ &rotl( $a, $shift ) if ($shift != 0);
+ &mov( $tt, $a );
+ &xor( $a, $b );
+ &and( $a, $mask );
+ if ($notlast eq $b)
+ {
+ &xor( $b, $a );
+ &xor( $tt, $a );
+ }
+ else
+ {
+ &xor( $tt, $a );
+ &xor( $b, $a );
+ }
+ &comment("");
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+ &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+ &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotr($tt, 3-$lr); }
+ else { &rotl($tt, $lr-3); }
+ }
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotr($r, 2-$lr); }
+ else { &rotl($r, $lr-2); }
+ }
+ }
+
+sub FP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotl($r, 2-$lr); }
+ else { &rotr($r, $lr-2); }
+ }
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotl($l, 3-$lr); }
+ else { &rotr($l, $lr-3); }
+ }
+
+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+ &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+ &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+ &rotr($tt , 4);
+ }
+
diff --git a/crypto/des/asm/cx86-cpp.s b/crypto/des/asm/cx86-cpp.s
new file mode 100644
index 0000000..e5165fa
--- /dev/null
+++ b/crypto/des/asm/cx86-cpp.s
@@ -0,0 +1,932 @@
+ /* Don't even think of reading this code */
+ /* It was automatically generated by crypt.pl */
+ /* Which is a perl program used to generate the x86 assember for */
+ /* any of elf, a.out, Win32, or Solaris */
+ /* It can be found in SSLeay 0.6.5+ or in libdes 3.26+ */
+ /* eric <eay@cryptsoft.com> */
+ /* The inner loop instruction sequence and the IP/FP modifications */
+ /* are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> */
+
+ .file "dx86xxxx.s"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align ALIGN
+.globl fcrypt_body
+ TYPE(fcrypt_body,@function)
+fcrypt_body:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+
+ /* Load the 2 words */
+ xorl %edi, %edi
+ xorl %esi, %esi
+ movl 24(%esp), %ebp
+ movl $25, -8(%esp)
+.align ALIGN
+.L000start:
+
+ /* Round 0 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl (%ebp), %ebx
+ xorl %ebx, %eax
+ movl 4(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 1 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 8(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 12(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 2 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 16(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 20(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 3 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 24(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 28(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 4 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 32(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 36(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 5 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 40(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 44(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 6 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 48(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 52(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 7 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 56(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 60(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 8 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 64(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 68(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 9 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 72(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 76(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 10 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 80(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 84(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 11 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 88(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 92(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 12 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 96(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 100(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 13 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 104(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 108(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 14 */
+ movl 28(%esp), %eax
+ movl %esi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %esi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 112(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 116(%ebp), %ecx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 15 */
+ movl 28(%esp), %eax
+ movl %edi, %edx
+ shrl $16, %edx
+ movl 32(%esp), %ecx
+ xorl %edi, %edx
+ andl %edx, %eax
+ andl %ecx, %edx
+ movl %eax, %ebx
+ sall $16, %ebx
+ movl %edx, %ecx
+ sall $16, %ecx
+ xorl %ebx, %eax
+ xorl %ecx, %edx
+ movl 120(%ebp), %ebx
+ xorl %ebx, %eax
+ movl 124(%ebp), %ecx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ xorl %ecx, %edx
+ andl $0xfcfcfcfc, %eax
+ xorl %ebx, %ebx
+ andl $0xcfcfcfcf, %edx
+ xorl %ecx, %ecx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+ movl %edi, %eax
+ decl -8(%esp)
+ movl %esi, %edi
+ movl %eax, %esi
+ jnz .L000start
+
+ /* FP */
+ movl 20(%esp), %edx
+ rorl $1, %edi
+ movl %esi, %eax
+ xorl %edi, %esi
+ andl $0xaaaaaaaa, %esi
+ xorl %esi, %eax
+ xorl %esi, %edi
+
+ roll $23, %eax
+ movl %eax, %esi
+ xorl %edi, %eax
+ andl $0x03fc03fc, %eax
+ xorl %eax, %esi
+ xorl %eax, %edi
+
+ roll $10, %esi
+ movl %esi, %eax
+ xorl %edi, %esi
+ andl $0x33333333, %esi
+ xorl %esi, %eax
+ xorl %esi, %edi
+
+ roll $18, %edi
+ movl %edi, %esi
+ xorl %eax, %edi
+ andl $0xfff0000f, %edi
+ xorl %edi, %esi
+ xorl %edi, %eax
+
+ roll $12, %esi
+ movl %esi, %edi
+ xorl %eax, %esi
+ andl $0xf0f0f0f0, %esi
+ xorl %esi, %edi
+ xorl %esi, %eax
+
+ rorl $4, %eax
+ movl %eax, (%edx)
+ movl %edi, 4(%edx)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.fcrypt_body_end:
+ SIZE(fcrypt_body,.fcrypt_body_end-fcrypt_body)
+.ident "desasm.pl"
diff --git a/crypto/des/asm/cx86unix.cpp b/crypto/des/asm/cx86unix.cpp
new file mode 100644
index 0000000..90f87c9
--- /dev/null
+++ b/crypto/des/asm/cx86unix.cpp
@@ -0,0 +1,35 @@
+
+#define TYPE(a,b) .type a,b
+#define SIZE(a,b) .size a,b
+
+#ifdef OUT
+#define OK 1
+#define des_SPtrans _des_SPtrans
+#define fcrypt_body _fcrypt_body
+#define ALIGN 4
+#endif
+
+#ifdef BSDI
+#define OK 1
+#define des_SPtrans _des_SPtrans
+#define fcrypt_body _fcrypt_body
+#define ALIGN 4
+#undef SIZE
+#undef TYPE
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK 1
+#define ALIGN 16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+#include "cx86-cpp.s"
+
diff --git a/crypto/des/asm/d-win32.asm b/crypto/des/asm/d-win32.asm
new file mode 100644
index 0000000..fc62e3b
--- /dev/null
+++ b/crypto/des/asm/d-win32.asm
@@ -0,0 +1,2765 @@
+ ; Don't even think of reading this code
+ ; It was automatically generated by des-som3.pl
+ ; Which is a perl program used to generate the x86 assember for
+ ; any of elf, a.out, Win32, or Solaris
+ ; It can be found in SSLeay 0.6.5+ or in libdes 3.26+
+ ; eric <eay@cryptsoft.com>
+ ; The inner loop instruction sequence and the IP/FP modifications
+ ; are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+ ;
+ TITLE dx86xxxx.asm
+ .386
+.model FLAT
+_TEXT SEGMENT
+PUBLIC _des_encrypt
+EXTRN _des_SPtrans:DWORD
+_des_encrypt PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the 2 words
+ mov esi, DWORD PTR 20[esp]
+ xor ecx, ecx
+ mov eax, DWORD PTR [esi]
+ mov ebx, DWORD PTR 28[esp]
+ mov edi, DWORD PTR 4[esi]
+ ;
+ ; IP
+ rol eax, 4
+ mov esi, eax
+ xor eax, edi
+ and eax, 0f0f0f0f0h
+ xor esi, eax
+ xor edi, eax
+ ;
+ rol edi, 20
+ mov eax, edi
+ xor edi, esi
+ and edi, 0fff0000fh
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol eax, 14
+ mov edi, eax
+ xor eax, esi
+ and eax, 033333333h
+ xor edi, eax
+ xor esi, eax
+ ;
+ rol esi, 22
+ mov eax, esi
+ xor esi, edi
+ and esi, 003fc03fch
+ xor eax, esi
+ xor edi, esi
+ ;
+ rol eax, 9
+ mov esi, eax
+ xor eax, edi
+ and eax, 0aaaaaaaah
+ xor esi, eax
+ xor edi, eax
+ ;
+ rol edi, 1
+ cmp ebx, 0
+ mov ebp, DWORD PTR 24[esp]
+ je $L000start_decrypt
+ ;
+ ; Round 0
+ mov eax, DWORD PTR [ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 4[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 1
+ mov eax, DWORD PTR 8[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 12[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 2
+ mov eax, DWORD PTR 16[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 20[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 3
+ mov eax, DWORD PTR 24[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 28[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 4
+ mov eax, DWORD PTR 32[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 36[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 5
+ mov eax, DWORD PTR 40[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 44[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 6
+ mov eax, DWORD PTR 48[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 52[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 7
+ mov eax, DWORD PTR 56[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 60[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 8
+ mov eax, DWORD PTR 64[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 68[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 9
+ mov eax, DWORD PTR 72[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 76[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 10
+ mov eax, DWORD PTR 80[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 84[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 11
+ mov eax, DWORD PTR 88[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 92[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 12
+ mov eax, DWORD PTR 96[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 100[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 13
+ mov eax, DWORD PTR 104[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 108[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 14
+ mov eax, DWORD PTR 112[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 116[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 15
+ mov eax, DWORD PTR 120[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 124[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ jmp $L001end
+$L000start_decrypt:
+ ;
+ ; Round 15
+ mov eax, DWORD PTR 120[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 124[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 14
+ mov eax, DWORD PTR 112[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 116[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 13
+ mov eax, DWORD PTR 104[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 108[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 12
+ mov eax, DWORD PTR 96[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 100[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 11
+ mov eax, DWORD PTR 88[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 92[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 10
+ mov eax, DWORD PTR 80[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 84[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 9
+ mov eax, DWORD PTR 72[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 76[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 8
+ mov eax, DWORD PTR 64[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 68[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 7
+ mov eax, DWORD PTR 56[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 60[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 6
+ mov eax, DWORD PTR 48[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 52[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 5
+ mov eax, DWORD PTR 40[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 44[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 4
+ mov eax, DWORD PTR 32[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 36[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 3
+ mov eax, DWORD PTR 24[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 28[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 2
+ mov eax, DWORD PTR 16[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 20[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 1
+ mov eax, DWORD PTR 8[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 12[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 0
+ mov eax, DWORD PTR [ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 4[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+$L001end:
+ ;
+ ; FP
+ mov edx, DWORD PTR 20[esp]
+ ror esi, 1
+ mov eax, edi
+ xor edi, esi
+ and edi, 0aaaaaaaah
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol eax, 23
+ mov edi, eax
+ xor eax, esi
+ and eax, 003fc03fch
+ xor edi, eax
+ xor esi, eax
+ ;
+ rol edi, 10
+ mov eax, edi
+ xor edi, esi
+ and edi, 033333333h
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol esi, 18
+ mov edi, esi
+ xor esi, eax
+ and esi, 0fff0000fh
+ xor edi, esi
+ xor eax, esi
+ ;
+ rol edi, 12
+ mov esi, edi
+ xor edi, eax
+ and edi, 0f0f0f0f0h
+ xor esi, edi
+ xor eax, edi
+ ;
+ ror eax, 4
+ mov DWORD PTR [edx],eax
+ mov DWORD PTR 4[edx],esi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_des_encrypt ENDP
+_TEXT ENDS
+_TEXT SEGMENT
+PUBLIC _des_encrypt2
+EXTRN _des_SPtrans:DWORD
+_des_encrypt2 PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the 2 words
+ mov eax, DWORD PTR 20[esp]
+ xor ecx, ecx
+ mov esi, DWORD PTR [eax]
+ mov ebx, DWORD PTR 28[esp]
+ rol esi, 3
+ mov edi, DWORD PTR 4[eax]
+ rol edi, 3
+ cmp ebx, 0
+ mov ebp, DWORD PTR 24[esp]
+ je $L002start_decrypt
+ ;
+ ; Round 0
+ mov eax, DWORD PTR [ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 4[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 1
+ mov eax, DWORD PTR 8[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 12[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 2
+ mov eax, DWORD PTR 16[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 20[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 3
+ mov eax, DWORD PTR 24[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 28[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 4
+ mov eax, DWORD PTR 32[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 36[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 5
+ mov eax, DWORD PTR 40[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 44[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 6
+ mov eax, DWORD PTR 48[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 52[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 7
+ mov eax, DWORD PTR 56[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 60[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 8
+ mov eax, DWORD PTR 64[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 68[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 9
+ mov eax, DWORD PTR 72[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 76[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 10
+ mov eax, DWORD PTR 80[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 84[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 11
+ mov eax, DWORD PTR 88[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 92[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 12
+ mov eax, DWORD PTR 96[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 100[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 13
+ mov eax, DWORD PTR 104[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 108[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 14
+ mov eax, DWORD PTR 112[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 116[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 15
+ mov eax, DWORD PTR 120[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 124[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ jmp $L003end
+$L002start_decrypt:
+ ;
+ ; Round 15
+ mov eax, DWORD PTR 120[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 124[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 14
+ mov eax, DWORD PTR 112[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 116[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 13
+ mov eax, DWORD PTR 104[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 108[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 12
+ mov eax, DWORD PTR 96[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 100[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 11
+ mov eax, DWORD PTR 88[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 92[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 10
+ mov eax, DWORD PTR 80[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 84[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 9
+ mov eax, DWORD PTR 72[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 76[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 8
+ mov eax, DWORD PTR 64[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 68[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 7
+ mov eax, DWORD PTR 56[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 60[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 6
+ mov eax, DWORD PTR 48[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 52[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 5
+ mov eax, DWORD PTR 40[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 44[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 4
+ mov eax, DWORD PTR 32[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 36[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 3
+ mov eax, DWORD PTR 24[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 28[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 2
+ mov eax, DWORD PTR 16[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 20[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+ ;
+ ; Round 1
+ mov eax, DWORD PTR 8[ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 12[ebp]
+ xor eax, esi
+ xor edx, esi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor edi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor edi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor edi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor edi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor edi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor edi, ebx
+ ;
+ ; Round 0
+ mov eax, DWORD PTR [ebp]
+ xor ebx, ebx
+ mov edx, DWORD PTR 4[ebp]
+ xor eax, edi
+ xor edx, edi
+ and eax, 0fcfcfcfch
+ and edx, 0cfcfcfcfh
+ mov bl, al
+ mov cl, ah
+ ror edx, 4
+ mov ebp, DWORD PTR _des_SPtrans[ebx]
+ mov bl, dl
+ xor esi, ebp
+ mov ebp, DWORD PTR _des_SPtrans[0200h+ecx]
+ xor esi, ebp
+ mov cl, dh
+ shr eax, 16
+ mov ebp, DWORD PTR _des_SPtrans[0100h+ebx]
+ xor esi, ebp
+ mov bl, ah
+ shr edx, 16
+ mov ebp, DWORD PTR _des_SPtrans[0300h+ecx]
+ xor esi, ebp
+ mov ebp, DWORD PTR 24[esp]
+ mov cl, dh
+ and eax, 0ffh
+ and edx, 0ffh
+ mov ebx, DWORD PTR _des_SPtrans[0600h+ebx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0700h+ecx]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0400h+eax]
+ xor esi, ebx
+ mov ebx, DWORD PTR _des_SPtrans[0500h+edx]
+ xor esi, ebx
+$L003end:
+ ;
+ ; Fixup
+ ror edi, 3
+ mov eax, DWORD PTR 20[esp]
+ ror esi, 3
+ mov DWORD PTR [eax],edi
+ mov DWORD PTR 4[eax],esi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_des_encrypt2 ENDP
+_TEXT ENDS
+_TEXT SEGMENT
+PUBLIC _des_encrypt3
+EXTRN _des_SPtrans:DWORD
+_des_encrypt3 PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the data words
+ mov ebx, DWORD PTR 20[esp]
+ mov edi, DWORD PTR [ebx]
+ mov esi, DWORD PTR 4[ebx]
+ ;
+ ; IP
+ rol edi, 4
+ mov edx, edi
+ xor edi, esi
+ and edi, 0f0f0f0f0h
+ xor edx, edi
+ xor esi, edi
+ ;
+ rol esi, 20
+ mov edi, esi
+ xor esi, edx
+ and esi, 0fff0000fh
+ xor edi, esi
+ xor edx, esi
+ ;
+ rol edi, 14
+ mov esi, edi
+ xor edi, edx
+ and edi, 033333333h
+ xor esi, edi
+ xor edx, edi
+ ;
+ rol edx, 22
+ mov edi, edx
+ xor edx, esi
+ and edx, 003fc03fch
+ xor edi, edx
+ xor esi, edx
+ ;
+ rol edi, 9
+ mov edx, edi
+ xor edi, esi
+ and edi, 0aaaaaaaah
+ xor edx, edi
+ xor esi, edi
+ ;
+ ror edx, 3
+ ror esi, 2
+ mov DWORD PTR 4[ebx],esi
+ mov eax, DWORD PTR 24[esp]
+ mov DWORD PTR [ebx],edx
+ mov edi, DWORD PTR 28[esp]
+ mov esi, DWORD PTR 32[esp]
+ push 1
+ push eax
+ push ebx
+ call _des_encrypt2
+ push 0
+ push edi
+ push ebx
+ call _des_encrypt2
+ push 1
+ push esi
+ push ebx
+ call _des_encrypt2
+ mov edi, DWORD PTR [ebx]
+ add esp, 36
+ mov esi, DWORD PTR 4[ebx]
+ ;
+ ; FP
+ rol esi, 2
+ rol edi, 3
+ mov eax, edi
+ xor edi, esi
+ and edi, 0aaaaaaaah
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol eax, 23
+ mov edi, eax
+ xor eax, esi
+ and eax, 003fc03fch
+ xor edi, eax
+ xor esi, eax
+ ;
+ rol edi, 10
+ mov eax, edi
+ xor edi, esi
+ and edi, 033333333h
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol esi, 18
+ mov edi, esi
+ xor esi, eax
+ and esi, 0fff0000fh
+ xor edi, esi
+ xor eax, esi
+ ;
+ rol edi, 12
+ mov esi, edi
+ xor edi, eax
+ and edi, 0f0f0f0f0h
+ xor esi, edi
+ xor eax, edi
+ ;
+ ror eax, 4
+ mov DWORD PTR [ebx],eax
+ mov DWORD PTR 4[ebx],esi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_des_encrypt3 ENDP
+_TEXT ENDS
+_TEXT SEGMENT
+PUBLIC _des_decrypt3
+EXTRN _des_SPtrans:DWORD
+_des_decrypt3 PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+ ;
+ ; Load the data words
+ mov ebx, DWORD PTR 20[esp]
+ mov edi, DWORD PTR [ebx]
+ mov esi, DWORD PTR 4[ebx]
+ ;
+ ; IP
+ rol edi, 4
+ mov edx, edi
+ xor edi, esi
+ and edi, 0f0f0f0f0h
+ xor edx, edi
+ xor esi, edi
+ ;
+ rol esi, 20
+ mov edi, esi
+ xor esi, edx
+ and esi, 0fff0000fh
+ xor edi, esi
+ xor edx, esi
+ ;
+ rol edi, 14
+ mov esi, edi
+ xor edi, edx
+ and edi, 033333333h
+ xor esi, edi
+ xor edx, edi
+ ;
+ rol edx, 22
+ mov edi, edx
+ xor edx, esi
+ and edx, 003fc03fch
+ xor edi, edx
+ xor esi, edx
+ ;
+ rol edi, 9
+ mov edx, edi
+ xor edi, esi
+ and edi, 0aaaaaaaah
+ xor edx, edi
+ xor esi, edi
+ ;
+ ror edx, 3
+ ror esi, 2
+ mov DWORD PTR 4[ebx],esi
+ mov esi, DWORD PTR 24[esp]
+ mov DWORD PTR [ebx],edx
+ mov edi, DWORD PTR 28[esp]
+ mov eax, DWORD PTR 32[esp]
+ push 0
+ push eax
+ push ebx
+ call _des_encrypt2
+ push 1
+ push edi
+ push ebx
+ call _des_encrypt2
+ push 0
+ push esi
+ push ebx
+ call _des_encrypt2
+ mov edi, DWORD PTR [ebx]
+ add esp, 36
+ mov esi, DWORD PTR 4[ebx]
+ ;
+ ; FP
+ rol esi, 2
+ rol edi, 3
+ mov eax, edi
+ xor edi, esi
+ and edi, 0aaaaaaaah
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol eax, 23
+ mov edi, eax
+ xor eax, esi
+ and eax, 003fc03fch
+ xor edi, eax
+ xor esi, eax
+ ;
+ rol edi, 10
+ mov eax, edi
+ xor edi, esi
+ and edi, 033333333h
+ xor eax, edi
+ xor esi, edi
+ ;
+ rol esi, 18
+ mov edi, esi
+ xor esi, eax
+ and esi, 0fff0000fh
+ xor edi, esi
+ xor eax, esi
+ ;
+ rol edi, 12
+ mov esi, edi
+ xor edi, eax
+ and edi, 0f0f0f0f0h
+ xor esi, edi
+ xor eax, edi
+ ;
+ ror eax, 4
+ mov DWORD PTR [ebx],eax
+ mov DWORD PTR 4[ebx],esi
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_des_decrypt3 ENDP
+_TEXT ENDS
+END
diff --git a/crypto/des/asm/d-win32.uu b/crypto/des/asm/d-win32.uu
new file mode 100644
index 0000000..70d6383
--- /dev/null
+++ b/crypto/des/asm/d-win32.uu
@@ -0,0 +1,319 @@
+begin 640 d-win32.obj
+M3`$"`/4&DC-`-@``#``````````N=&5X=```````````````W"$``&0```!`
+M(@`````````"```@`#!@+F1A=&$```#<(0````````````!`-@``````````
+M````````0``PP%535E>+="04,\F+!HM<)!R+?@3!P`2+\#/')?#P\/`S\#/X
+MP<<4B\<S_H'G#P#P_S/',_?!P`Z+^#/&)3,S,S,S^#/PP<86B\8S]X'F_`/\
+M`S/&,_[!P`F+\#/'):JJJJHS\#/XT<>#^P"+;"08#X2U!P``BT4`,]N+500S
+MQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+
+MJP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[
+MBYD`!P``,_N+F``$```S^XN:``4``#/[BT4(,]N+50PSQS/7)?S\_/R!XL_/
+MS\^*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0
+MBZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$
+M```S\XN:``4``#/SBT40,]N+510SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`
+M````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08
+MBLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[
+MBT48,]N+51PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(`
+M`#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P``
+M`(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT4@,]N+520SQC/6
+M)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!
+M```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`
+M!P``,_N+F``$```S^XN:``4``#/[BT4H,]N+52PSQS/7)?S\_/R!XL_/S\^*
+MV(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD`
+M`P``,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S
+M\XN:``4``#/SBT4P,]N+530SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````
+MBMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE
+M_P```('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT4X
+M,]N+53PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(``#/U
+MBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;
+M``8``#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT5`,]N+540SQC/6)?S\
+M_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S
+M_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``
+M,_N+F``$```S^XN:``4``#/[BT5(,]N+54PSQS/7)?S\_/R!XL_/S\^*V(K,
+MP<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``
+M,_6+;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:
+M``4``#/SBT50,]N+550SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS
+M_8NI``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P``
+M`('B_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT58,]N+
+M55PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!
+MZ!"+JP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;``8`
+M`#/SBYD`!P``,_.+F``$```S\XN:``4``#/SBT5@,]N+560SQC/6)?S\_/R!
+MXL_/S\^*V(K,P<H$BZL`````BMHS_8NI``(``#/]BL[!Z!"+JP`!```S_8K<
+MP>H0BZD``P``,_V+;"08BLXE_P```('B_P```(N;``8``#/[BYD`!P``,_N+
+MF``$```S^XN:``4``#/[BT5H,]N+56PSQS/7)?S\_/R!XL_/S\^*V(K,P<H$
+MBZL`````BMHS]8NI``(``#/UBL[!Z!"+JP`!```S]8K<P>H0BZD``P``,_6+
+M;"08BLXE_P```('B_P```(N;``8``#/SBYD`!P``,_.+F``$```S\XN:``4`
+M`#/SBT5P,]N+570SQC/6)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS_8NI
+M``(``#/]BL[!Z!"+JP`!```S_8K<P>H0BZD``P``,_V+;"08BLXE_P```('B
+M_P```(N;``8``#/[BYD`!P``,_N+F``$```S^XN:``4``#/[BT5X,]N+57PS
+MQS/7)?S\_/R!XL_/S\^*V(K,P<H$BZL`````BMHS]8NI``(``#/UBL[!Z!"+
+MJP`!```S]8K<P>H0BZD``P``,_6+;"08BLXE_P```('B_P```(N;``8``#/S
+MBYD`!P``,_.+F``$```S\XN:``4``#/SZ;`'``"+17@SVXM5?#/&,]8E_/S\
+M_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]
+MBMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S
+M^XN8``0``#/[BYH`!0``,_N+17`SVXM5=#/',]<E_/S\_('BS\_/SXK8BLS!
+MR@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S
+M]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`
+M!0``,_.+16@SVXM5;#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]
+MBZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````
+M@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+16`SVXM5
+M9#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H
+M$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``
+M,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+15@SVXM57#/&,]8E_/S\_('B
+MS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!
+MZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8
+M``0``#/[BYH`!0``,_N+15`SVXM55#/',]<E_/S\_('BS\_/SXK8BLS!R@2+
+MJP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML
+M)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``
+M,_.+14@SVXM53#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD`
+M`@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_
+M````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+14`SVXM51#/'
+M,]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK
+M``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+
+MF0`'```S\XN8``0``#/SBYH`!0``,_.+13@SVXM5/#/&,]8E_/S\_('BS\_/
+MSXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+
+MJ0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0`
+M`#/[BYH`!0``,_N+13`SVXM5-#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP``
+M``"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*
+MSB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+
+M12@SVXM5+#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``
+M,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````
+MBYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+12`SVXM5)#/',]<E
+M_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$`
+M`#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'
+M```S\XN8``0``#/SBYH`!0``,_.+11@SVXM5'#/&,]8E_/S\_('BS\_/SXK8
+MBLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#
+M```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[
+MBYH`!0``,_N+11`SVXM5%#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*
+MVC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_
+M````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+10@S
+MVXM5##/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*
+MSL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`
+M!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+10`SVXM5!#/',]<E_/S\
+M_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/U
+MBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S
+M\XN8``0``#/SBYH`!0``,_.+5"04T<Z+QS/^@>>JJJJJ,\<S]\'`%XOX,\8E
+M_`/\`S/X,_#!QPJ+QS/^@><S,S,S,\<S]\'&$HO^,_"!Y@\`\/\S_C/&P<<,
+MB_<S^('G\/#P\#/W,\?!R`2)`HER!%]>6UW#55-65XM$)!0SR8LPBUPD','&
+M`XMX!,''`X/[`(ML)!@/A+4'``"+10`SVXM5!#/&,]8E_/S\_('BS\_/SXK8
+MBLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#
+M```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[
+MBYH`!0``,_N+10@SVXM5##/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*
+MVC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_
+M````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+11`S
+MVXM5%#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*
+MSL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`
+M!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+11@SVXM5'#/',]<E_/S\
+M_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/U
+MBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S
+M\XN8``0``#/SBYH`!0``,_.+12`SVXM5)#/&,]8E_/S\_('BS\_/SXK8BLS!
+MR@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S
+M_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`
+M!0``,_N+12@SVXM5+#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/U
+MBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````
+M@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+13`SVXM5
+M-#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H
+M$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``
+M,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+13@SVXM5/#/',]<E_/S\_('B
+MS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!
+MZA"+J0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8
+M``0``#/SBYH`!0``,_.+14`SVXM51#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+
+MJP````"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML
+M)!B*SB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``
+M,_N+14@SVXM53#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD`
+M`@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_
+M````BYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+15`SVXM55#/&
+M,]8E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK
+M``$``#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+
+MF0`'```S^XN8``0``#/[BYH`!0``,_N+15@SVXM57#/',]<E_/S\_('BS\_/
+MSXK8BLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+
+MJ0`#```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0`
+M`#/SBYH`!0``,_.+16`SVXM59#/&,]8E_/S\_('BS\_/SXK8BLS!R@2+JP``
+M``"*VC/]BZD``@``,_V*SL'H$(NK``$``#/]BMS!ZA"+J0`#```S_8ML)!B*
+MSB7_````@>+_````BYL`!@``,_N+F0`'```S^XN8``0``#/[BYH`!0``,_N+
+M16@SVXM5;#/',]<E_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/UBZD``@``
+M,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#```S]8ML)!B*SB7_````@>+_````
+MBYL`!@``,_.+F0`'```S\XN8``0``#/SBYH`!0``,_.+17`SVXM5=#/&,]8E
+M_/S\_('BS\_/SXK8BLS!R@2+JP````"*VC/]BZD``@``,_V*SL'H$(NK``$`
+M`#/]BMS!ZA"+J0`#```S_8ML)!B*SB7_````@>+_````BYL`!@``,_N+F0`'
+M```S^XN8``0``#/[BYH`!0``,_N+17@SVXM5?#/',]<E_/S\_('BS\_/SXK8
+MBLS!R@2+JP````"*VC/UBZD``@``,_6*SL'H$(NK``$``#/UBMS!ZA"+J0`#
+M```S]8ML)!B*SB7_````@>+_````BYL`!@``,_.+F0`'```S\XN8``0``#/S
+MBYH`!0``,_/IL`<``(M%>#/;BU5\,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK
+M`````(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD
+M&(K.)?\```"!XO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S
+M^XM%<#/;BU5T,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"
+M```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\`
+M``"+FP`&```S\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%:#/;BU5L,\8S
+MUB7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL`
+M`0``,_V*W,'J$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9
+M``<``#/[BY@`!```,_N+F@`%```S^XM%8#/;BU5D,\<SUR7\_/S\@>+/S\_/
+MBMB*S,'*!(NK`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI
+M``,``#/UBVPD&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```
+M,_.+F@`%```S\XM%6#/;BU5<,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK````
+M`(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD&(K.
+M)?\```"!XO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S^XM%
+M4#/;BU54,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"```S
+M]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\```"+
+MFP`&```S\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%2#/;BU5,,\8SUB7\
+M_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL``0``
+M,_V*W,'J$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9``<`
+M`#/[BY@`!```,_N+F@`%```S^XM%0#/;BU5$,\<SUR7\_/S\@>+/S\_/BMB*
+MS,'*!(NK`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,`
+M`#/UBVPD&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```,_.+
+MF@`%```S\XM%.#/;BU4\,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:
+M,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD&(K.)?\`
+M``"!XO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S^XM%,#/;
+MBU4T,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"```S]8K.
+MP>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\```"+FP`&
+M```S\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%*#/;BU4L,\8SUB7\_/S\
+M@>+/S\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*
+MW,'J$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9``<``#/[
+MBY@`!```,_N+F@`%```S^XM%(#/;BU4D,\<SUR7\_/S\@>+/S\_/BMB*S,'*
+M!(NK`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/U
+MBVPD&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```,_.+F@`%
+M```S\XM%&#/;BU4<,\8SUB7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_V+
+MJ0`"```S_8K.P>@0BZL``0``,_V*W,'J$(NI``,``#/]BVPD&(K.)?\```"!
+MXO\```"+FP`&```S^XN9``<``#/[BY@`!```,_N+F@`%```S^XM%$#/;BU44
+M,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK`````(K:,_6+J0`"```S]8K.P>@0
+MBZL``0``,_6*W,'J$(NI``,``#/UBVPD&(K.)?\```"!XO\```"+FP`&```S
+M\XN9``<``#/SBY@`!```,_.+F@`%```S\XM%"#/;BU4,,\8SUB7\_/S\@>+/
+MS\_/BMB*S,'*!(NK`````(K:,_V+J0`"```S_8K.P>@0BZL``0``,_V*W,'J
+M$(NI``,``#/]BVPD&(K.)?\```"!XO\```"+FP`&```S^XN9``<``#/[BY@`
+M!```,_N+F@`%```S^XM%`#/;BU4$,\<SUR7\_/S\@>+/S\_/BMB*S,'*!(NK
+M`````(K:,_6+J0`"```S]8K.P>@0BZL``0``,_6*W,'J$(NI``,``#/UBVPD
+M&(K.)?\```"!XO\```"+FP`&```S\XN9``<``#/SBY@`!```,_.+F@`%```S
+M\\'/`XM$)!3!S@.).(EP!%]>6UW#55-65XM<)!2+.XMS!,''!(O7,_Z!Y_#P
+M\/`SUS/WP<84B_XS\H'F#P#P_S/^,];!QPZ+]S/Z@><S,S,S,_<SU\'"%HOZ
+M,]:!XOP#_`,S^C/RP<<)B]<S_H'GJJJJJC/7,_?!R@/!S@*)<P2+1"08B1.+
+M?"0<BW0D(&H!4%/HW^___VH`5U/HUN___VH!5E/HS>___XL[@\0DBW,$P<8"
+MP<<#B\<S_H'GJJJJJC/',_?!P!>+^#/&)?P#_`,S^#/PP<<*B\<S_H'G,S,S
+M,S/',_?!QA*+_C/P@>8/`/#_,_XSQL''#(OW,_B!Y_#P\/`S]S/'P<@$B0.)
+M<P1?7EM=PU535E>+7"04BSN+<P3!QP2+US/^@>?P\/#P,]<S]\'&%(O^,_*!
+MY@\`\/\S_C/6P<<.B_<S^H'G,S,S,S/W,]?!PA:+^C/6@>+\`_P#,_HS\L''
+M"8O7,_Z!YZJJJJHSUS/WP<H#P<X"B7,$BW0D&(D3BWPD'(M$)"!J`%!3Z-_N
+M__]J`5=3Z-;N__]J`%93Z,WN__^+.X/$)(MS!,'&`L''`XO',_Z!YZJJJJHS
+MQS/WP<`7B_@SQB7\`_P#,_@S\,''"HO',_Z!YS,S,S,SQS/WP<82B_XS\('F
+M#P#P_S/^,\;!QPR+]S/X@>?P\/#P,_<SQ\'(!(D#B7,$7UY;7<.4````!P``
+M``8`G@````<````&`*L````'````!@"X````!P````8`T0````<````&`-D`
+M```'````!@#A````!P````8`Z0````<````&``\!```'````!@`9`0``!P``
+M``8`)@$```<````&`#,!```'````!@!,`0``!P````8`5`$```<````&`%P!
+M```'````!@!D`0``!P````8`B@$```<````&`)0!```'````!@"A`0``!P``
+M``8`K@$```<````&`,<!```'````!@#/`0``!P````8`UP$```<````&`-\!
+M```'````!@`%`@``!P````8`#P(```<````&`!P"```'````!@`I`@``!P``
+M``8`0@(```<````&`$H"```'````!@!2`@``!P````8`6@(```<````&`(`"
+M```'````!@"*`@``!P````8`EP(```<````&`*0"```'````!@"]`@``!P``
+M``8`Q0(```<````&`,T"```'````!@#5`@``!P````8`^P(```<````&``4#
+M```'````!@`2`P``!P````8`'P,```<````&`#@#```'````!@!``P``!P``
+M``8`2`,```<````&`%`#```'````!@!V`P``!P````8`@`,```<````&`(T#
+M```'````!@":`P``!P````8`LP,```<````&`+L#```'````!@##`P``!P``
+M``8`RP,```<````&`/$#```'````!@#[`P``!P````8`"`0```<````&`!4$
+M```'````!@`N!```!P````8`-@0```<````&`#X$```'````!@!&!```!P``
+M``8`;`0```<````&`'8$```'````!@"#!```!P````8`D`0```<````&`*D$
+M```'````!@"Q!```!P````8`N00```<````&`,$$```'````!@#G!```!P``
+M``8`\00```<````&`/X$```'````!@`+!0``!P````8`)`4```<````&`"P%
+M```'````!@`T!0``!P````8`/`4```<````&`&(%```'````!@!L!0``!P``
+M``8`>04```<````&`(8%```'````!@"?!0``!P````8`IP4```<````&`*\%
+M```'````!@"W!0``!P````8`W04```<````&`.<%```'````!@#T!0``!P``
+M``8``08```<````&`!H&```'````!@`B!@``!P````8`*@8```<````&`#(&
+M```'````!@!8!@``!P````8`8@8```<````&`&\&```'````!@!\!@``!P``
+M``8`E08```<````&`)T&```'````!@"E!@``!P````8`K08```<````&`-,&
+M```'````!@#=!@``!P````8`Z@8```<````&`/<&```'````!@`0!P``!P``
+M``8`&`<```<````&`"`'```'````!@`H!P``!P````8`3@<```<````&`%@'
+M```'````!@!E!P``!P````8`<@<```<````&`(L'```'````!@"3!P``!P``
+M``8`FP<```<````&`*,'```'````!@#)!P``!P````8`TP<```<````&`.`'
+M```'````!@#M!P``!P````8`!@@```<````&``X(```'````!@`6"```!P``
+M``8`'@@```<````&`$D(```'````!@!3"```!P````8`8`@```<````&`&T(
+M```'````!@"&"```!P````8`C@@```<````&`)8(```'````!@">"```!P``
+M``8`Q`@```<````&`,X(```'````!@#;"```!P````8`Z`@```<````&``$)
+M```'````!@`)"0``!P````8`$0D```<````&`!D)```'````!@`_"0``!P``
+M``8`20D```<````&`%8)```'````!@!C"0``!P````8`?`D```<````&`(0)
+M```'````!@","0``!P````8`E`D```<````&`+H)```'````!@#$"0``!P``
+M``8`T0D```<````&`-X)```'````!@#W"0``!P````8`_PD```<````&``<*
+M```'````!@`/"@``!P````8`-0H```<````&`#\*```'````!@!,"@``!P``
+M``8`60H```<````&`'(*```'````!@!Z"@``!P````8`@@H```<````&`(H*
+M```'````!@"P"@``!P````8`N@H```<````&`,<*```'````!@#4"@``!P``
+M``8`[0H```<````&`/4*```'````!@#]"@``!P````8`!0L```<````&`"L+
+M```'````!@`U"P``!P````8`0@L```<````&`$\+```'````!@!H"P``!P``
+M``8`<`L```<````&`'@+```'````!@"`"P``!P````8`I@L```<````&`+`+
+M```'````!@"]"P``!P````8`R@L```<````&`.,+```'````!@#K"P``!P``
+M``8`\PL```<````&`/L+```'````!@`A#```!P````8`*PP```<````&`#@,
+M```'````!@!%#```!P````8`7@P```<````&`&8,```'````!@!N#```!P``
+M``8`=@P```<````&`)P,```'````!@"F#```!P````8`LPP```<````&`,`,
+M```'````!@#9#```!P````8`X0P```<````&`.D,```'````!@#Q#```!P``
+M``8`%PT```<````&`"$-```'````!@`N#0``!P````8`.PT```<````&`%0-
+M```'````!@!<#0``!P````8`9`T```<````&`&P-```'````!@"2#0``!P``
+M``8`G`T```<````&`*D-```'````!@"V#0``!P````8`SPT```<````&`-<-
+M```'````!@#?#0``!P````8`YPT```<````&``T.```'````!@`7#@``!P``
+M``8`)`X```<````&`#$.```'````!@!*#@``!P````8`4@X```<````&`%H.
+M```'````!@!B#@``!P````8`B`X```<````&`)(.```'````!@"?#@``!P``
+M``8`K`X```<````&`,4.```'````!@#-#@``!P````8`U0X```<````&`-T.
+M```'````!@`##P``!P````8`#0\```<````&`!H/```'````!@`G#P``!P``
+M``8`0`\```<````&`$@/```'````!@!0#P``!P````8`6`\```<````&`'X/
+M```'````!@"(#P``!P````8`E0\```<````&`*(/```'````!@"[#P``!P``
+M``8`PP\```<````&`,L/```'````!@#3#P``!P````8`@Q````<````&`(T0
+M```'````!@":$```!P````8`IQ````<````&`,`0```'````!@#($```!P``
+M``8`T!````<````&`-@0```'````!@#^$```!P````8`"!$```<````&`!41
+M```'````!@`B$0``!P````8`.Q$```<````&`$,1```'````!@!+$0``!P``
+M``8`4Q$```<````&`'D1```'````!@"#$0``!P````8`D!$```<````&`)T1
+M```'````!@"V$0``!P````8`OA$```<````&`,81```'````!@#.$0``!P``
+M``8`]!$```<````&`/X1```'````!@`+$@``!P````8`&!(```<````&`#$2
+M```'````!@`Y$@``!P````8`01(```<````&`$D2```'````!@!O$@``!P``
+M``8`>1(```<````&`(82```'````!@"3$@``!P````8`K!(```<````&`+02
+M```'````!@"\$@``!P````8`Q!(```<````&`.H2```'````!@#T$@``!P``
+M``8``1,```<````&``X3```'````!@`G$P``!P````8`+Q,```<````&`#<3
+M```'````!@`_$P``!P````8`91,```<````&`&\3```'````!@!\$P``!P``
+M``8`B1,```<````&`*(3```'````!@"J$P``!P````8`LA,```<````&`+H3
+M```'````!@#@$P``!P````8`ZA,```<````&`/<3```'````!@`$%```!P``
+M``8`'10```<````&`"44```'````!@`M%```!P````8`-10```<````&`%L4
+M```'````!@!E%```!P````8`<A0```<````&`'\4```'````!@"8%```!P``
+M``8`H!0```<````&`*@4```'````!@"P%```!P````8`UA0```<````&`.`4
+M```'````!@#M%```!P````8`^A0```<````&`!,5```'````!@`;%0``!P``
+M``8`(Q4```<````&`"L5```'````!@!1%0``!P````8`6Q4```<````&`&@5
+M```'````!@!U%0``!P````8`CA4```<````&`)85```'````!@">%0``!P``
+M``8`IA4```<````&`,P5```'````!@#6%0``!P````8`XQ4```<````&`/`5
+M```'````!@`)%@``!P````8`$18```<````&`!D6```'````!@`A%@``!P``
+M``8`1Q8```<````&`%$6```'````!@!>%@``!P````8`:Q8```<````&`(06
+M```'````!@",%@``!P````8`E!8```<````&`)P6```'````!@#"%@``!P``
+M``8`S!8```<````&`-D6```'````!@#F%@``!P````8`_Q8```<````&``<7
+M```'````!@`/%P``!P````8`%Q<```<````&`#T7```'````!@!'%P``!P``
+M``8`5!<```<````&`&$7```'````!@!Z%P``!P````8`@A<```<````&`(H7
+M```'````!@"2%P``!P````8`N!<```<````&`,(7```'````!@#/%P``!P``
+M``8`W!<```<````&`/47```'````!@#]%P``!P````8`!1@```<````&``T8
+M```'````!@`X&```!P````8`0A@```<````&`$\8```'````!@!<&```!P``
+M``8`=1@```<````&`'T8```'````!@"%&```!P````8`C1@```<````&`+,8
+M```'````!@"]&```!P````8`RA@```<````&`-<8```'````!@#P&```!P``
+M``8`^!@```<````&```9```'````!@`(&0``!P````8`+AD```<````&`#@9
+M```'````!@!%&0``!P````8`4AD```<````&`&L9```'````!@!S&0``!P``
+M``8`>QD```<````&`(,9```'````!@"I&0``!P````8`LQD```<````&`,`9
+M```'````!@#-&0``!P````8`YAD```<````&`.X9```'````!@#V&0``!P``
+M``8`_AD```<````&`"0:```'````!@`N&@``!P````8`.QH```<````&`$@:
+M```'````!@!A&@``!P````8`:1H```<````&`'$:```'````!@!Y&@``!P``
+M``8`GQH```<````&`*D:```'````!@"V&@``!P````8`PQH```<````&`-P:
+M```'````!@#D&@``!P````8`[!H```<````&`/0:```'````!@`:&P``!P``
+M``8`)!L```<````&`#$;```'````!@`^&P``!P````8`5QL```<````&`%\;
+M```'````!@!G&P``!P````8`;QL```<````&`)4;```'````!@"?&P``!P``
+M``8`K!L```<````&`+D;```'````!@#2&P``!P````8`VAL```<````&`.(;
+M```'````!@#J&P``!P````8`$!P```<````&`!H<```'````!@`G'```!P``
+M``8`-!P```<````&`$T<```'````!@!5'```!P````8`71P```<````&`&4<
+M```'````!@"+'```!P````8`E1P```<````&`*(<```'````!@"O'```!P``
+M``8`R!P```<````&`-`<```'````!@#8'```!P````8`X!P```<````&``8=
+M```'````!@`0'0``!P````8`'1T```<````&`"H=```'````!@!#'0``!P``
+M``8`2QT```<````&`%,=```'````!@!;'0``!P````8`@1T```<````&`(L=
+M```'````!@"8'0``!P````8`I1T```<````&`+X=```'````!@#&'0``!P``
+M``8`SAT```<````&`-8=```'````!@#\'0``!P````8`!AX```<````&`!,>
+M```'````!@`@'@``!P````8`.1X```<````&`$$>```'````!@!)'@``!P``
+M``8`41X```<````&`'<>```'````!@"!'@``!P````8`CAX```<````&`)L>
+M```'````!@"T'@``!P````8`O!X```<````&`,0>```'````!@#,'@``!P``
+M``8`\AX```<````&`/P>```'````!@`)'P``!P````8`%A\```<````&`"\?
+M```'````!@`W'P``!P````8`/Q\```<````&`$<?```'````!@!M'P``!P``
+M``8`=Q\```<````&`(0?```'````!@"1'P``!P````8`JA\```<````&`+(?
+M```'````!@"Z'P``!P````8`PA\```<````&`"YF:6QE`````````/[_``!G
+M`BY<8W)Y<'1O7&1E<UQA<VU<9"UW:6XS,BYA<VT``````````"YT97AT````
+M``````$````#`=PA`````@```````````````"YD871A``````````(````#
+M`0`````````````````````````````$```````````````"```````1````
+M``````$`(``"```````>````/1````$`(``"```````L````W!\```$`(``"
+M```````Z````W"````$`(``"`$@```!?9&5S7U-0=')A;G,`7V1E<U]E;F-R
+M>7!T`%]D97-?96YC<GEP=#(`7V1E<U]E;F-R>7!T,P!?9&5S7V1E8W)Y<'0S
+!````
+`
+end
diff --git a/crypto/des/asm/des-som2.pl b/crypto/des/asm/des-som2.pl
new file mode 100644
index 0000000..b5dbc97
--- /dev/null
+++ b/crypto/des/asm/des-som2.pl
@@ -0,0 +1,308 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+#
+
+$prog="des-som2.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("The inner loop instruction sequence and the IP/FP modifications");
+&comment("are from Svend Olaf Mikkelsen <svolaf\@inet.uni-c.dk>");
+
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,3,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($R,&DWP(0,"eax","",0));
+ &mov($L,&DWP(4,"eax","",0));
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("IP");
+ &IP_new($R,$L,"eax",3);
+# &comment("");
+# &comment("fixup rotate");
+# &rotl($R,3);
+# &rotl($L,3);
+ }
+ else
+ {
+ &comment("");
+ &comment("fixup rotate");
+ &rotl($R,3);
+ &rotl($L,3);
+ }
+
+ &comment("");
+ &comment("load counter, key_schedule and enc flag");
+
+ # encrypting part
+
+ $ks="ebp";
+# &xor( "ebx", "ebx" );
+ &mov("eax",&wparam(2)); # get encrypt flag
+ &xor( "ecx", "ecx" );
+ &cmp("eax","0");
+ &mov( $ks, &wparam(1) );
+ &je(&label("start_decrypt"));
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+
+ &set_label("end");
+
+ if ($do_ip)
+ {
+# &comment("");
+# &comment("Fixup");
+# &rotr($L,3); # r
+# &rotr($R,3); # l
+ &comment("");
+ &comment("FP");
+ &FP_new($R,$L,"eax",3);
+ }
+ else
+ {
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &rotr($R,3); # l
+ }
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+
+ &function_end($name);
+ }
+
+sub D_ENCRYPT
+ {
+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &xor( $tmp1, $tmp1);
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &xor( $u, $R);
+ &xor( $t, $R);
+ &and( $u, "0xfcfcfcfc" );
+ &and( $t, "0xcfcfcfcf" );
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &rotr( $t, 4 );
+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
+ &movb( &LB($tmp1), &LB($t) );
+ &xor( $L, $ks);
+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
+ &xor( $L, $ks); ######
+ &movb( &LB($tmp2), &HB($t) );
+ &shr( $u, 16);
+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
+ &xor( $L, $ks); ######
+ &movb( &LB($tmp1), &HB($u) );
+ &shr( $t, 16);
+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &mov( $ks, &DWP(24,"esp","",0)); ####
+ &movb( &LB($tmp2), &HB($t) );
+ &and( $u, "0xff" );
+ &and( $t, "0xff" );
+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
+ &xor( $L, $tmp1);
+ }
+
+sub PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask)=@_;
+
+ &mov( $tt, $a );
+ &shr( $tt, $shift );
+ &xor( $tt, $b );
+ &and( $tt, $mask );
+ &xor( $b, $tt );
+ &shl( $tt, $shift );
+ &xor( $a, $tt );
+ }
+
+sub IP
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
+ }
+
+sub FP
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+ &rotl( $a, $shift ) if ($shift != 0);
+ &mov( $tt, $b );
+ &xor( $tt, $a );
+ &and( $tt, $mask );
+ if ($last eq $b)
+ {
+ &xor( $a, $tt );
+ &xor( $b, $tt );
+ }
+ else
+ {
+ &xor( $b, $tt );
+ &xor( $a, $tt );
+ }
+ &comment("");
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+ &R_PERM_OP($r,$l,$tt,20,"0xfff0000f",$l);
+ &R_PERM_OP($r,$l,$tt,14,"0x33333333",$r);
+ &R_PERM_OP($l,$r,$tt,22,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotr($l, 3-$lr); }
+ else { &rotl($l, $lr-3); }
+ }
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotr($r, 2-$lr); }
+ else { &rotl($r, $lr-2); }
+ }
+ }
+
+sub FP_new
+ {
+ local($r,$l,$tt,$lr)=@_;
+
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotl($r, 2-$lr); }
+ else { &rotr($r, $lr-2); }
+ }
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotl($l, 3-$lr); }
+ else { &rotr($l, $lr-3); }
+ }
+
+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+ &R_PERM_OP($l,$r,$tt,23,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+ &R_PERM_OP($r,$l,$tt,18,"0xfff0000f",$l);
+ &R_PERM_OP($r,$l,$tt,12,"0xf0f0f0f0",$r);
+ &rotr($l , 4);
+ }
+
diff --git a/crypto/des/asm/des-som3.pl b/crypto/des/asm/des-som3.pl
new file mode 100644
index 0000000..3f35395
--- /dev/null
+++ b/crypto/des/asm/des-som3.pl
@@ -0,0 +1,266 @@
+#!/usr/local/bin/perl
+#
+# The inner loop instruction sequence and the IP/FP modifications are from
+# Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk>
+#
+
+$prog="des-som3.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("The inner loop instruction sequence and the IP/FP modifications");
+&comment("are from Svend Olaf Mikkelsen <svolaf\@inet.uni-c.dk>");
+
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,3,EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ $ks="ebp";
+
+ if ($do_ip)
+ {
+ &mov($R,&wparam(0));
+ &xor( "ecx", "ecx" );
+ &mov("eax",&DWP(0,$R,"",0));
+ &mov("ebx",&wparam(2)); # get encrypt flag
+ &mov($L,&DWP(4,$R,"",0));
+ &comment("");
+ &comment("IP");
+ &IP_new("eax",$L,$R,3);
+ }
+ else
+ {
+ &mov("eax",&wparam(0));
+ &xor( "ecx", "ecx" );
+ &mov($R,&DWP(0,"eax","",0));
+ &mov("ebx",&wparam(2)); # get encrypt flag
+ &rotl($R,3);
+ &mov($L,&DWP(4,"eax","",0));
+ &rotl($L,3);
+ }
+
+ &cmp("ebx","0");
+ &mov( $ks, &wparam(1) );
+ &je(&label("start_decrypt"));
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+
+ &set_label("end");
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("FP");
+ &mov("edx",&wparam(0));
+ &FP_new($L,$R,"eax",3);
+
+ &mov(&DWP(0,"edx","",0),"eax");
+ &mov(&DWP(4,"edx","",0),$R);
+ }
+ else
+ {
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &mov("eax",&wparam(0));
+ &rotr($R,3); # l
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+ }
+
+
+ &function_end($name);
+ }
+
+sub D_ENCRYPT
+ {
+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &xor( $tmp1, $tmp1);
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &xor( $u, $R);
+ &xor( $t, $R);
+ &and( $u, "0xfcfcfcfc" );
+ &and( $t, "0xcfcfcfcf" );
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &rotr( $t, 4 );
+ &mov( $ks, &DWP(" $desSP",$tmp1,"",0));
+ &movb( &LB($tmp1), &LB($t) );
+ &xor( $L, $ks);
+ &mov( $ks, &DWP("0x200+$desSP",$tmp2,"",0));
+ &xor( $L, $ks); ######
+ &movb( &LB($tmp2), &HB($t) );
+ &shr( $u, 16);
+ &mov( $ks, &DWP("0x100+$desSP",$tmp1,"",0));
+ &xor( $L, $ks); ######
+ &movb( &LB($tmp1), &HB($u) );
+ &shr( $t, 16);
+ &mov( $ks, &DWP("0x300+$desSP",$tmp2,"",0));
+ &xor( $L, $ks);
+ &mov( $ks, &DWP(24,"esp","",0)); ####
+ &movb( &LB($tmp2), &HB($t) );
+ &and( $u, "0xff" );
+ &and( $t, "0xff" );
+ &mov( $tmp1, &DWP("0x600+$desSP",$tmp1,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x700+$desSP",$tmp2,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x400+$desSP",$u,"",0));
+ &xor( $L, $tmp1);
+ &mov( $tmp1, &DWP("0x500+$desSP",$t,"",0));
+ &xor( $L, $tmp1);
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
+
+# now has a side affect of rotating $a by $shift
+sub R_PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask,$last)=@_;
+
+ &rotl( $a, $shift ) if ($shift != 0);
+ &mov( $tt, $a );
+ &xor( $a, $b );
+ &and( $a, $mask );
+ if ($notlast eq $b)
+ {
+ &xor( $b, $a );
+ &xor( $tt, $a );
+ }
+ else
+ {
+ &xor( $tt, $a );
+ &xor( $b, $a );
+ }
+ &comment("");
+ }
+
+sub IP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ &R_PERM_OP($l,$r,$tt, 4,"0xf0f0f0f0",$l);
+ &R_PERM_OP($r,$tt,$l,20,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,14,"0x33333333",$r);
+ &R_PERM_OP($tt,$r,$l,22,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt, 9,"0xaaaaaaaa",$r);
+
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotr($tt, 3-$lr); }
+ else { &rotl($tt, $lr-3); }
+ }
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotr($r, 2-$lr); }
+ else { &rotl($r, $lr-2); }
+ }
+ }
+
+sub FP_new
+ {
+ local($l,$r,$tt,$lr)=@_;
+
+ if ($lr != 2)
+ {
+ if (($lr-2) < 0)
+ { &rotl($r, 2-$lr); }
+ else { &rotr($r, $lr-2); }
+ }
+ if ($lr != 3)
+ {
+ if (($lr-3) < 0)
+ { &rotl($l, 3-$lr); }
+ else { &rotr($l, $lr-3); }
+ }
+
+ &R_PERM_OP($l,$r,$tt, 0,"0xaaaaaaaa",$r);
+ &R_PERM_OP($tt,$r,$l,23,"0x03fc03fc",$r);
+ &R_PERM_OP($l,$r,$tt,10,"0x33333333",$l);
+ &R_PERM_OP($r,$tt,$l,18,"0xfff0000f",$l);
+ &R_PERM_OP($l,$tt,$r,12,"0xf0f0f0f0",$r);
+ &rotr($tt , 4);
+ }
+
diff --git a/crypto/des/asm/des586.pl b/crypto/des/asm/des586.pl
new file mode 100644
index 0000000..59c42d1
--- /dev/null
+++ b/crypto/des/asm/des586.pl
@@ -0,0 +1,210 @@
+#!/usr/local/bin/perl
+
+$prog="des586.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,3,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($R,&DWP(0,"eax","",0));
+ &mov($L,&DWP(4,"eax","",0));
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("IP");
+ &IP($R,$L,"eax");
+ }
+
+ &comment("");
+ &comment("fixup rotate");
+ &rotl($R,3);
+ &rotl($L,3);
+
+ &comment("");
+ &comment("load counter, key_schedule and enc flag");
+
+ # encrypting part
+
+ $ks="ebp";
+ &xor( "ebx", "ebx" );
+ &mov("eax",&wparam(2)); # get encrypt flag
+ &xor( "ecx", "ecx" );
+ &cmp("eax","0");
+ &mov( $ks, &wparam(1) );
+ &je(&label("start_decrypt"));
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($i+1,$R,$L,($i+1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT(15-$i,$L,$R,$i*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT(15-$i+1,$R,$L,($i-1)*2,$ks,"des_SPtrans","eax","ebx","ecx","edx");
+ }
+
+ &set_label("end");
+
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &rotr($R,3); # l
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("FP");
+ &FP($R,$L,"eax");
+ }
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+
+ &function_end($name);
+ }
+
+sub D_ENCRYPT
+ {
+ local($r,$L,$R,$S,$ks,$desSP,$u,$tmp1,$tmp2,$t)=@_;
+
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &xor( $t, $R);
+ &xor( $u, $R);
+ &rotr( $t, 4 );
+ &and( $u, "0xfcfcfcfc" );
+ &and( $t, "0xfcfcfcfc" );
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &xor( $L, &DWP(" $desSP",$tmp1,"",0));
+ &shr( $u, 16);
+ &xor( $L, &DWP("0x200+$desSP",$tmp2,"",0));
+ &movb( &LB($tmp1), &LB($u) );
+ &movb( &LB($tmp2), &HB($u) );
+ &xor( $L, &DWP("0x400+$desSP",$tmp1,"",0));
+ &mov( $u, &DWP("0x600+$desSP",$tmp2,"",0));
+
+ &movb( &LB($tmp1), &LB($t) );
+ &movb( &LB($tmp2), &HB($t) );
+ &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0));
+ &shr( $t, 16);
+ &xor( $u, &DWP("0x300+$desSP",$tmp2,"",0));
+ &movb( &LB($tmp1), &LB($t) );
+ &movb( &LB($tmp2), &HB($t) );
+ &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0));
+ &xor( $u, &DWP("0x700+$desSP",$tmp2,"",0));
+ &xor( $L, $u);
+ }
+
+sub PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask)=@_;
+
+ &mov( $tt, $a );
+ &shr( $tt, $shift );
+ &xor( $tt, $b );
+ &and( $tt, $mask );
+ &xor( $b, $tt );
+ &shl( $tt, $shift );
+ &xor( $a, $tt );
+ }
+
+sub IP
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
+ }
+
+sub FP
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
diff --git a/crypto/des/asm/des686.pl b/crypto/des/asm/des686.pl
new file mode 100644
index 0000000..efd9f59
--- /dev/null
+++ b/crypto/des/asm/des686.pl
@@ -0,0 +1,230 @@
+#!/usr/local/bin/perl
+
+$prog="des686.pl";
+
+# base code is in microsft
+# op dest, source
+# format.
+#
+
+# WILL NOT WORK ANYMORE WITH desboth.pl
+require "desboth.pl";
+
+if ( ($ARGV[0] eq "elf"))
+ { require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "a.out"))
+ { $aout=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "sol"))
+ { $sol=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "cpp"))
+ { $cpp=1; require "x86unix.pl"; }
+elsif ( ($ARGV[0] eq "win32"))
+ { require "x86ms.pl"; }
+else
+ {
+ print STDERR <<"EOF";
+Pick one target type from
+ elf - linux, FreeBSD etc
+ a.out - old linux
+ sol - x86 solaris
+ cpp - format so x86unix.cpp can be used
+ win32 - Windows 95/Windows NT
+EOF
+ exit(1);
+ }
+
+&comment("Don't even think of reading this code");
+&comment("It was automatically generated by $prog");
+&comment("Which is a perl program used to generate the x86 assember for");
+&comment("any of elf, a.out, Win32, or Solaris");
+&comment("It can be found in SSLeay 0.6.5+ or in libdes 3.26+");
+&comment("eric <eay\@cryptsoft.com>");
+&comment("");
+
+&file("dx86xxxx");
+
+$L="edi";
+$R="esi";
+
+&des_encrypt("des_encrypt",1);
+&des_encrypt("des_encrypt2",0);
+
+&des_encrypt3("des_encrypt3",1);
+&des_encrypt3("des_decrypt3",0);
+
+&file_end();
+
+sub des_encrypt
+ {
+ local($name,$do_ip)=@_;
+
+ &function_begin($name,3,"EXTRN _des_SPtrans:DWORD");
+
+ &comment("");
+ &comment("Load the 2 words");
+ &mov("eax",&wparam(0));
+ &mov($L,&DWP(0,"eax","",0));
+ &mov($R,&DWP(4,"eax","",0));
+
+ $ksp=&wparam(1);
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("IP");
+ &IP($L,$R,"eax");
+ }
+
+ &comment("");
+ &comment("fixup rotate");
+ &rotl($R,3);
+ &rotl($L,3);
+ &exch($L,$R);
+
+ &comment("");
+ &comment("load counter, key_schedule and enc flag");
+ &mov("eax",&wparam(2)); # get encrypt flag
+ &mov("ebp",&wparam(1)); # get ks
+ &cmp("eax","0");
+ &je(&label("start_decrypt"));
+
+ # encrypting part
+
+ for ($i=0; $i<16; $i+=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+
+ &comment("");
+ &comment("Round ".sprintf("%d",$i+1));
+ &D_ENCRYPT($R,$L,($i+1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ }
+ &jmp(&label("end"));
+
+ &set_label("start_decrypt");
+
+ for ($i=15; $i>0; $i-=2)
+ {
+ &comment("");
+ &comment("Round $i");
+ &D_ENCRYPT($L,$R,$i*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ &comment("");
+ &comment("Round ".sprintf("%d",$i-1));
+ &D_ENCRYPT($R,$L,($i-1)*2,"ebp","des_SPtrans","ecx","edx","eax","ebx");
+ }
+
+ &set_label("end");
+
+ &comment("");
+ &comment("Fixup");
+ &rotr($L,3); # r
+ &rotr($R,3); # l
+
+ if ($do_ip)
+ {
+ &comment("");
+ &comment("FP");
+ &FP($R,$L,"eax");
+ }
+
+ &mov("eax",&wparam(0));
+ &mov(&DWP(0,"eax","",0),$L);
+ &mov(&DWP(4,"eax","",0),$R);
+
+ &function_end($name);
+ }
+
+
+# The logic is to load R into 2 registers and operate on both at the same time.
+# We also load the 2 R's into 2 more registers so we can do the 'move word down a byte'
+# while also masking the other copy and doing a lookup. We then also accumulate the
+# L value in 2 registers then combine them at the end.
+sub D_ENCRYPT
+ {
+ local($L,$R,$S,$ks,$desSP,$u,$t,$tmp1,$tmp2,$tmp3)=@_;
+
+ &mov( $u, &DWP(&n2a($S*4),$ks,"",0));
+ &mov( $t, &DWP(&n2a(($S+1)*4),$ks,"",0));
+ &xor( $u, $R );
+ &xor( $t, $R );
+ &rotr( $t, 4 );
+
+ # the numbers at the end of the line are origional instruction order
+ &mov( $tmp2, $u ); # 1 2
+ &mov( $tmp1, $t ); # 1 1
+ &and( $tmp2, "0xfc" ); # 1 4
+ &and( $tmp1, "0xfc" ); # 1 3
+ &shr( $t, 8 ); # 1 5
+ &xor( $L, &DWP("0x100+$desSP",$tmp1,"",0)); # 1 7
+ &shr( $u, 8 ); # 1 6
+ &mov( $tmp1, &DWP(" $desSP",$tmp2,"",0)); # 1 8
+
+ &mov( $tmp2, $u ); # 2 2
+ &xor( $L, $tmp1 ); # 1 9
+ &and( $tmp2, "0xfc" ); # 2 4
+ &mov( $tmp1, $t ); # 2 1
+ &and( $tmp1, "0xfc" ); # 2 3
+ &shr( $t, 8 ); # 2 5
+ &xor( $L, &DWP("0x300+$desSP",$tmp1,"",0)); # 2 7
+ &shr( $u, 8 ); # 2 6
+ &mov( $tmp1, &DWP("0x200+$desSP",$tmp2,"",0)); # 2 8
+ &mov( $tmp2, $u ); # 3 2
+
+ &xor( $L, $tmp1 ); # 2 9
+ &and( $tmp2, "0xfc" ); # 3 4
+
+ &mov( $tmp1, $t ); # 3 1
+ &shr( $u, 8 ); # 3 6
+ &and( $tmp1, "0xfc" ); # 3 3
+ &shr( $t, 8 ); # 3 5
+ &xor( $L, &DWP("0x500+$desSP",$tmp1,"",0)); # 3 7
+ &mov( $tmp1, &DWP("0x400+$desSP",$tmp2,"",0)); # 3 8
+
+ &and( $t, "0xfc" ); # 4 1
+ &xor( $L, $tmp1 ); # 3 9
+
+ &and( $u, "0xfc" ); # 4 2
+ &xor( $L, &DWP("0x700+$desSP",$t,"",0)); # 4 3
+ &xor( $L, &DWP("0x600+$desSP",$u,"",0)); # 4 4
+ }
+
+sub PERM_OP
+ {
+ local($a,$b,$tt,$shift,$mask)=@_;
+
+ &mov( $tt, $a );
+ &shr( $tt, $shift );
+ &xor( $tt, $b );
+ &and( $tt, $mask );
+ &xor( $b, $tt );
+ &shl( $tt, $shift );
+ &xor( $a, $tt );
+ }
+
+sub IP
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($r,$l,$tt, 4,"0x0f0f0f0f");
+ &PERM_OP($l,$r,$tt,16,"0x0000ffff");
+ &PERM_OP($r,$l,$tt, 2,"0x33333333");
+ &PERM_OP($l,$r,$tt, 8,"0x00ff00ff");
+ &PERM_OP($r,$l,$tt, 1,"0x55555555");
+ }
+
+sub FP
+ {
+ local($l,$r,$tt)=@_;
+
+ &PERM_OP($l,$r,$tt, 1,"0x55555555");
+ &PERM_OP($r,$l,$tt, 8,"0x00ff00ff");
+ &PERM_OP($l,$r,$tt, 2,"0x33333333");
+ &PERM_OP($r,$l,$tt,16,"0x0000ffff");
+ &PERM_OP($l,$r,$tt, 4,"0x0f0f0f0f");
+ }
+
+sub n2a
+ {
+ sprintf("%d",$_[0]);
+ }
diff --git a/crypto/des/asm/desboth.pl b/crypto/des/asm/desboth.pl
new file mode 100644
index 0000000..b94138c
--- /dev/null
+++ b/crypto/des/asm/desboth.pl
@@ -0,0 +1,67 @@
+#!/usr/local/bin/perl
+
+$L="edi";
+$R="esi";
+
+sub des_encrypt3
+ {
+ local($name,$enc)=@_;
+
+ &function_begin($name,4,"");
+
+ &comment("");
+ &comment("Load the data words");
+ &mov("ebx",&wparam(0));
+ &mov($L,&DWP(0,"ebx","",0));
+ &mov($R,&DWP(4,"ebx","",0));
+
+ &comment("");
+ &comment("IP");
+ &IP_new($L,$R,"edx",0);
+
+ # put them back
+
+ if ($enc)
+ {
+ &mov(&DWP(4,"ebx","",0),$R);
+ &mov("eax",&wparam(1));
+ &mov(&DWP(0,"ebx","",0),"edx");
+ &mov("edi",&wparam(2));
+ &mov("esi",&wparam(3));
+ }
+ else
+ {
+ &mov(&DWP(4,"ebx","",0),$R);
+ &mov("esi",&wparam(1));
+ &mov(&DWP(0,"ebx","",0),"edx");
+ &mov("edi",&wparam(2));
+ &mov("eax",&wparam(3));
+ }
+ &push(($enc)?"1":"0");
+ &push("eax");
+ &push("ebx");
+ &call("des_encrypt2");
+ &push(($enc)?"0":"1");
+ &push("edi");
+ &push("ebx");
+ &call("des_encrypt2");
+ &push(($enc)?"1":"0");
+ &push("esi");
+ &push("ebx");
+ &call("des_encrypt2");
+
+ &mov($L,&DWP(0,"ebx","",0));
+ &add("esp",36);
+ &mov($R,&DWP(4,"ebx","",0));
+
+ &comment("");
+ &comment("FP");
+ &FP_new($L,$R,"eax",0);
+
+ &mov(&DWP(0,"ebx","",0),"eax");
+ &mov(&DWP(4,"ebx","",0),$R);
+
+ &function_end($name);
+ }
+
+
diff --git a/crypto/des/asm/dx86-cpp.s b/crypto/des/asm/dx86-cpp.s
new file mode 100644
index 0000000..675bdeb
--- /dev/null
+++ b/crypto/des/asm/dx86-cpp.s
@@ -0,0 +1,2780 @@
+ /* Don't even think of reading this code */
+ /* It was automatically generated by des-som2.pl */
+ /* Which is a perl program used to generate the x86 assember for */
+ /* any of elf, a.out, Win32, or Solaris */
+ /* It can be found in SSLeay 0.6.5+ or in libdes 3.26+ */
+ /* eric <eay@cryptsoft.com> */
+ /* The inner loop instruction sequence and the IP/FP modifications */
+ /* are from Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> */
+
+ .file "dx86xxxx.s"
+ .version "01.01"
+gcc2_compiled.:
+.text
+ .align ALIGN
+.globl des_encrypt
+ TYPE(des_encrypt,@function)
+des_encrypt:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+
+ /* Load the 2 words */
+ movl 20(%esp), %esi
+ xorl %ecx, %ecx
+ movl (%esi), %eax
+ movl 28(%esp), %ebx
+ movl 4(%esi), %edi
+
+ /* IP */
+ roll $4, %eax
+ movl %eax, %esi
+ xorl %edi, %eax
+ andl $0xf0f0f0f0, %eax
+ xorl %eax, %esi
+ xorl %eax, %edi
+
+ roll $20, %edi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0xfff0000f, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $14, %eax
+ movl %eax, %edi
+ xorl %esi, %eax
+ andl $0x33333333, %eax
+ xorl %eax, %edi
+ xorl %eax, %esi
+
+ roll $22, %esi
+ movl %esi, %eax
+ xorl %edi, %esi
+ andl $0x03fc03fc, %esi
+ xorl %esi, %eax
+ xorl %esi, %edi
+
+ roll $9, %eax
+ movl %eax, %esi
+ xorl %edi, %eax
+ andl $0xaaaaaaaa, %eax
+ xorl %eax, %esi
+ xorl %eax, %edi
+
+ roll $1, %edi
+ cmpl $0, %ebx
+ movl 24(%esp), %ebp
+ je .L000start_decrypt
+
+ /* Round 0 */
+ movl (%ebp), %eax
+ xorl %ebx, %ebx
+ movl 4(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 1 */
+ movl 8(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 12(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 2 */
+ movl 16(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 20(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 3 */
+ movl 24(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 28(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 4 */
+ movl 32(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 36(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 5 */
+ movl 40(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 44(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 6 */
+ movl 48(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 52(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 7 */
+ movl 56(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 60(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 8 */
+ movl 64(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 68(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 9 */
+ movl 72(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 76(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 10 */
+ movl 80(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 84(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 11 */
+ movl 88(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 92(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 12 */
+ movl 96(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 100(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 13 */
+ movl 104(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 108(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 14 */
+ movl 112(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 116(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 15 */
+ movl 120(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 124(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+ jmp .L001end
+.align ALIGN
+.L000start_decrypt:
+
+ /* Round 15 */
+ movl 120(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 124(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 14 */
+ movl 112(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 116(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 13 */
+ movl 104(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 108(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 12 */
+ movl 96(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 100(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 11 */
+ movl 88(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 92(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 10 */
+ movl 80(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 84(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 9 */
+ movl 72(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 76(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 8 */
+ movl 64(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 68(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 7 */
+ movl 56(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 60(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 6 */
+ movl 48(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 52(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 5 */
+ movl 40(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 44(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 4 */
+ movl 32(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 36(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 3 */
+ movl 24(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 28(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 2 */
+ movl 16(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 20(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 1 */
+ movl 8(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 12(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 0 */
+ movl (%ebp), %eax
+ xorl %ebx, %ebx
+ movl 4(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+.align ALIGN
+.L001end:
+
+ /* FP */
+ movl 20(%esp), %edx
+ rorl $1, %esi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0xaaaaaaaa, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $23, %eax
+ movl %eax, %edi
+ xorl %esi, %eax
+ andl $0x03fc03fc, %eax
+ xorl %eax, %edi
+ xorl %eax, %esi
+
+ roll $10, %edi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0x33333333, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $18, %esi
+ movl %esi, %edi
+ xorl %eax, %esi
+ andl $0xfff0000f, %esi
+ xorl %esi, %edi
+ xorl %esi, %eax
+
+ roll $12, %edi
+ movl %edi, %esi
+ xorl %eax, %edi
+ andl $0xf0f0f0f0, %edi
+ xorl %edi, %esi
+ xorl %edi, %eax
+
+ rorl $4, %eax
+ movl %eax, (%edx)
+ movl %esi, 4(%edx)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.des_encrypt_end:
+ SIZE(des_encrypt,.des_encrypt_end-des_encrypt)
+.ident "desasm.pl"
+.text
+ .align ALIGN
+.globl des_encrypt2
+ TYPE(des_encrypt2,@function)
+des_encrypt2:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+
+ /* Load the 2 words */
+ movl 20(%esp), %eax
+ xorl %ecx, %ecx
+ movl (%eax), %esi
+ movl 28(%esp), %ebx
+ roll $3, %esi
+ movl 4(%eax), %edi
+ roll $3, %edi
+ cmpl $0, %ebx
+ movl 24(%esp), %ebp
+ je .L002start_decrypt
+
+ /* Round 0 */
+ movl (%ebp), %eax
+ xorl %ebx, %ebx
+ movl 4(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 1 */
+ movl 8(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 12(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 2 */
+ movl 16(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 20(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 3 */
+ movl 24(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 28(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 4 */
+ movl 32(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 36(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 5 */
+ movl 40(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 44(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 6 */
+ movl 48(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 52(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 7 */
+ movl 56(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 60(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 8 */
+ movl 64(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 68(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 9 */
+ movl 72(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 76(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 10 */
+ movl 80(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 84(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 11 */
+ movl 88(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 92(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 12 */
+ movl 96(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 100(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 13 */
+ movl 104(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 108(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 14 */
+ movl 112(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 116(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 15 */
+ movl 120(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 124(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+ jmp .L003end
+.align ALIGN
+.L002start_decrypt:
+
+ /* Round 15 */
+ movl 120(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 124(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 14 */
+ movl 112(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 116(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 13 */
+ movl 104(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 108(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 12 */
+ movl 96(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 100(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 11 */
+ movl 88(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 92(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 10 */
+ movl 80(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 84(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 9 */
+ movl 72(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 76(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 8 */
+ movl 64(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 68(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 7 */
+ movl 56(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 60(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 6 */
+ movl 48(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 52(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 5 */
+ movl 40(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 44(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 4 */
+ movl 32(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 36(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 3 */
+ movl 24(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 28(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 2 */
+ movl 16(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 20(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+
+ /* Round 1 */
+ movl 8(%ebp), %eax
+ xorl %ebx, %ebx
+ movl 12(%ebp), %edx
+ xorl %esi, %eax
+ xorl %esi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %edi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %edi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %edi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %edi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %edi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %edi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %edi
+
+ /* Round 0 */
+ movl (%ebp), %eax
+ xorl %ebx, %ebx
+ movl 4(%ebp), %edx
+ xorl %edi, %eax
+ xorl %edi, %edx
+ andl $0xfcfcfcfc, %eax
+ andl $0xcfcfcfcf, %edx
+ movb %al, %bl
+ movb %ah, %cl
+ rorl $4, %edx
+ movl des_SPtrans(%ebx),%ebp
+ movb %dl, %bl
+ xorl %ebp, %esi
+ movl 0x200+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movb %dh, %cl
+ shrl $16, %eax
+ movl 0x100+des_SPtrans(%ebx),%ebp
+ xorl %ebp, %esi
+ movb %ah, %bl
+ shrl $16, %edx
+ movl 0x300+des_SPtrans(%ecx),%ebp
+ xorl %ebp, %esi
+ movl 24(%esp), %ebp
+ movb %dh, %cl
+ andl $0xff, %eax
+ andl $0xff, %edx
+ movl 0x600+des_SPtrans(%ebx),%ebx
+ xorl %ebx, %esi
+ movl 0x700+des_SPtrans(%ecx),%ebx
+ xorl %ebx, %esi
+ movl 0x400+des_SPtrans(%eax),%ebx
+ xorl %ebx, %esi
+ movl 0x500+des_SPtrans(%edx),%ebx
+ xorl %ebx, %esi
+.align ALIGN
+.L003end:
+
+ /* Fixup */
+ rorl $3, %edi
+ movl 20(%esp), %eax
+ rorl $3, %esi
+ movl %edi, (%eax)
+ movl %esi, 4(%eax)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.des_encrypt2_end:
+ SIZE(des_encrypt2,.des_encrypt2_end-des_encrypt2)
+.ident "desasm.pl"
+.text
+ .align ALIGN
+.globl des_encrypt3
+ TYPE(des_encrypt3,@function)
+des_encrypt3:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+
+ /* Load the data words */
+ movl 20(%esp), %ebx
+ movl (%ebx), %edi
+ movl 4(%ebx), %esi
+
+ /* IP */
+ roll $4, %edi
+ movl %edi, %edx
+ xorl %esi, %edi
+ andl $0xf0f0f0f0, %edi
+ xorl %edi, %edx
+ xorl %edi, %esi
+
+ roll $20, %esi
+ movl %esi, %edi
+ xorl %edx, %esi
+ andl $0xfff0000f, %esi
+ xorl %esi, %edi
+ xorl %esi, %edx
+
+ roll $14, %edi
+ movl %edi, %esi
+ xorl %edx, %edi
+ andl $0x33333333, %edi
+ xorl %edi, %esi
+ xorl %edi, %edx
+
+ roll $22, %edx
+ movl %edx, %edi
+ xorl %esi, %edx
+ andl $0x03fc03fc, %edx
+ xorl %edx, %edi
+ xorl %edx, %esi
+
+ roll $9, %edi
+ movl %edi, %edx
+ xorl %esi, %edi
+ andl $0xaaaaaaaa, %edi
+ xorl %edi, %edx
+ xorl %edi, %esi
+
+ rorl $3, %edx
+ rorl $2, %esi
+ movl %esi, 4(%ebx)
+ movl 24(%esp), %eax
+ movl %edx, (%ebx)
+ movl 28(%esp), %edi
+ movl 32(%esp), %esi
+ pushl $1
+ pushl %eax
+ pushl %ebx
+ call des_encrypt2
+ pushl $0
+ pushl %edi
+ pushl %ebx
+ call des_encrypt2
+ pushl $1
+ pushl %esi
+ pushl %ebx
+ call des_encrypt2
+ movl (%ebx), %edi
+ addl $36, %esp
+ movl 4(%ebx), %esi
+
+ /* FP */
+ roll $2, %esi
+ roll $3, %edi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0xaaaaaaaa, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $23, %eax
+ movl %eax, %edi
+ xorl %esi, %eax
+ andl $0x03fc03fc, %eax
+ xorl %eax, %edi
+ xorl %eax, %esi
+
+ roll $10, %edi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0x33333333, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $18, %esi
+ movl %esi, %edi
+ xorl %eax, %esi
+ andl $0xfff0000f, %esi
+ xorl %esi, %edi
+ xorl %esi, %eax
+
+ roll $12, %edi
+ movl %edi, %esi
+ xorl %eax, %edi
+ andl $0xf0f0f0f0, %edi
+ xorl %edi, %esi
+ xorl %edi, %eax
+
+ rorl $4, %eax
+ movl %eax, (%ebx)
+ movl %esi, 4(%ebx)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.des_encrypt3_end:
+ SIZE(des_encrypt3,.des_encrypt3_end-des_encrypt3)
+.ident "desasm.pl"
+.text
+ .align ALIGN
+.globl des_decrypt3
+ TYPE(des_decrypt3,@function)
+des_decrypt3:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+
+ /* Load the data words */
+ movl 20(%esp), %ebx
+ movl (%ebx), %edi
+ movl 4(%ebx), %esi
+
+ /* IP */
+ roll $4, %edi
+ movl %edi, %edx
+ xorl %esi, %edi
+ andl $0xf0f0f0f0, %edi
+ xorl %edi, %edx
+ xorl %edi, %esi
+
+ roll $20, %esi
+ movl %esi, %edi
+ xorl %edx, %esi
+ andl $0xfff0000f, %esi
+ xorl %esi, %edi
+ xorl %esi, %edx
+
+ roll $14, %edi
+ movl %edi, %esi
+ xorl %edx, %edi
+ andl $0x33333333, %edi
+ xorl %edi, %esi
+ xorl %edi, %edx
+
+ roll $22, %edx
+ movl %edx, %edi
+ xorl %esi, %edx
+ andl $0x03fc03fc, %edx
+ xorl %edx, %edi
+ xorl %edx, %esi
+
+ roll $9, %edi
+ movl %edi, %edx
+ xorl %esi, %edi
+ andl $0xaaaaaaaa, %edi
+ xorl %edi, %edx
+ xorl %edi, %esi
+
+ rorl $3, %edx
+ rorl $2, %esi
+ movl %esi, 4(%ebx)
+ movl 24(%esp), %esi
+ movl %edx, (%ebx)
+ movl 28(%esp), %edi
+ movl 32(%esp), %eax
+ pushl $0
+ pushl %eax
+ pushl %ebx
+ call des_encrypt2
+ pushl $1
+ pushl %edi
+ pushl %ebx
+ call des_encrypt2
+ pushl $0
+ pushl %esi
+ pushl %ebx
+ call des_encrypt2
+ movl (%ebx), %edi
+ addl $36, %esp
+ movl 4(%ebx), %esi
+
+ /* FP */
+ roll $2, %esi
+ roll $3, %edi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0xaaaaaaaa, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $23, %eax
+ movl %eax, %edi
+ xorl %esi, %eax
+ andl $0x03fc03fc, %eax
+ xorl %eax, %edi
+ xorl %eax, %esi
+
+ roll $10, %edi
+ movl %edi, %eax
+ xorl %esi, %edi
+ andl $0x33333333, %edi
+ xorl %edi, %eax
+ xorl %edi, %esi
+
+ roll $18, %esi
+ movl %esi, %edi
+ xorl %eax, %esi
+ andl $0xfff0000f, %esi
+ xorl %esi, %edi
+ xorl %esi, %eax
+
+ roll $12, %edi
+ movl %edi, %esi
+ xorl %eax, %edi
+ andl $0xf0f0f0f0, %edi
+ xorl %edi, %esi
+ xorl %edi, %eax
+
+ rorl $4, %eax
+ movl %eax, (%ebx)
+ movl %esi, 4(%ebx)
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.des_decrypt3_end:
+ SIZE(des_decrypt3,.des_decrypt3_end-des_decrypt3)
+.ident "desasm.pl"
diff --git a/crypto/des/asm/dx86unix.cpp b/crypto/des/asm/dx86unix.cpp
new file mode 100644
index 0000000..941cf1f
--- /dev/null
+++ b/crypto/des/asm/dx86unix.cpp
@@ -0,0 +1,41 @@
+
+#define TYPE(a,b) .type a,b
+#define SIZE(a,b) .size a,b
+
+#ifdef OUT
+#define OK 1
+#define des_SPtrans _des_SPtrans
+#define des_encrypt _des_encrypt
+#define des_encrypt2 _des_encrypt2
+#define des_encrypt3 _des_encrypt3
+#define des_decrypt3 _des_decrypt3
+#define ALIGN 4
+#endif
+
+#ifdef BSDI
+#define OK 1
+#define des_SPtrans _des_SPtrans
+#define des_encrypt _des_encrypt
+#define des_encrypt2 _des_encrypt2
+#define des_encrypt3 _des_encrypt3
+#define des_decrypt3 _des_decrypt3
+#define ALIGN 4
+#undef SIZE
+#undef TYPE
+#endif
+
+#if defined(ELF) || defined(SOL)
+#define OK 1
+#define ALIGN 16
+#endif
+
+#ifndef OK
+You need to define one of
+ELF - elf systems - linux-elf, NetBSD and DG-UX
+OUT - a.out systems - linux-a.out and FreeBSD
+SOL - solaris systems, which are elf with strange comment lines
+BSDI - a.out with a very primative version of as.
+#endif
+
+#include "dx86-cpp.s"
+
diff --git a/crypto/des/asm/readme b/crypto/des/asm/readme
new file mode 100644
index 0000000..da2561a
--- /dev/null
+++ b/crypto/des/asm/readme
@@ -0,0 +1,131 @@
+First up, let me say I don't like writing in assembler. It is not portable,
+dependant on the particular CPU architecture release and is generally a pig
+to debug and get right. Having said that, the x86 architecture is probably
+the most important for speed due to number of boxes and since
+it appears to be the worst architecture to to get
+good C compilers for. So due to this, I have lowered myself to do
+assembler for the inner DES routines in libdes :-).
+
+The file to implement in assembler is des_enc.c. Replace the following
+4 functions
+des_encrypt(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt2(DES_LONG data[2],des_key_schedule ks, int encrypt);
+des_encrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+des_decrypt3(DES_LONG data[2],des_key_schedule ks1,ks2,ks3);
+
+They encrypt/decrypt the 64 bits held in 'data' using
+the 'ks' key schedules. The only difference between the 4 functions is that
+des_encrypt2() does not perform IP() or FP() on the data (this is an
+optimization for when doing triple DES and des_encrypt3() and des_decrypt3()
+perform triple des. The triple DES routines are in here because it does
+make a big difference to have them located near the des_encrypt2 function
+at link time..
+
+Now as we all know, there are lots of different operating systems running on
+x86 boxes, and unfortunately they normally try to make sure their assembler
+formating is not the same as the other peoples.
+The 4 main formats I know of are
+Microsoft Windows 95/Windows NT
+Elf Includes Linux and FreeBSD(?).
+a.out The older Linux.
+Solaris Same as Elf but different comments :-(.
+
+Now I was not overly keen to write 4 different copies of the same code,
+so I wrote a few perl routines to output the correct assembler, given
+a target assembler type. This code is ugly and is just a hack.
+The libraries are x86unix.pl and x86ms.pl.
+des586.pl, des686.pl and des-som[23].pl are the programs to actually
+generate the assembler.
+
+So to generate elf assembler
+perl des-som3.pl elf >dx86-elf.s
+For Windows 95/NT
+perl des-som2.pl win32 >win32.asm
+
+[ update 4 Jan 1996 ]
+I have added another way to do things.
+perl des-som3.pl cpp >dx86-cpp.s
+generates a file that will be included by dx86unix.cpp when it is compiled.
+To build for elf, a.out, solaris, bsdi etc,
+cc -E -DELF asm/dx86unix.cpp | as -o asm/dx86-elf.o
+cc -E -DSOL asm/dx86unix.cpp | as -o asm/dx86-sol.o
+cc -E -DOUT asm/dx86unix.cpp | as -o asm/dx86-out.o
+cc -E -DBSDI asm/dx86unix.cpp | as -o asm/dx86bsdi.o
+This was done to cut down the number of files in the distribution.
+
+Now the ugly part. I acquired my copy of Intels
+"Optimization's For Intel's 32-Bit Processors" and found a few interesting
+things. First, the aim of the exersize is to 'extract' one byte at a time
+from a word and do an array lookup. This involves getting the byte from
+the 4 locations in the word and moving it to a new word and doing the lookup.
+The most obvious way to do this is
+xor eax, eax # clear word
+movb al, cl # get low byte
+xor edi DWORD PTR 0x100+des_SP[eax] # xor in word
+movb al, ch # get next byte
+xor edi DWORD PTR 0x300+des_SP[eax] # xor in word
+shr ecx 16
+which seems ok. For the pentium, this system appears to be the best.
+One has to do instruction interleaving to keep both functional units
+operating, but it is basically very efficient.
+
+Now the crunch. When a full register is used after a partial write, eg.
+mov al, cl
+xor edi, DWORD PTR 0x100+des_SP[eax]
+386 - 1 cycle stall
+486 - 1 cycle stall
+586 - 0 cycle stall
+686 - at least 7 cycle stall (page 22 of the above mentioned document).
+
+So the technique that produces the best results on a pentium, according to
+the documentation, will produce hideous results on a pentium pro.
+
+To get around this, des686.pl will generate code that is not as fast on
+a pentium, should be very good on a pentium pro.
+mov eax, ecx # copy word
+shr ecx, 8 # line up next byte
+and eax, 0fch # mask byte
+xor edi DWORD PTR 0x100+des_SP[eax] # xor in array lookup
+mov eax, ecx # get word
+shr ecx 8 # line up next byte
+and eax, 0fch # mask byte
+xor edi DWORD PTR 0x300+des_SP[eax] # xor in array lookup
+
+Due to the execution units in the pentium, this actually works quite well.
+For a pentium pro it should be very good. This is the type of output
+Visual C++ generates.
+
+There is a third option. instead of using
+mov al, ch
+which is bad on the pentium pro, one may be able to use
+movzx eax, ch
+which may not incur the partial write penalty. On the pentium,
+this instruction takes 4 cycles so is not worth using but on the
+pentium pro it appears it may be worth while. I need access to one to
+experiment :-).
+
+eric (20 Oct 1996)
+
+22 Nov 1996 - I have asked people to run the 2 different version on pentium
+pros and it appears that the intel documentation is wrong. The
+mov al,bh is still faster on a pentium pro, so just use the des586.pl
+install des686.pl
+
+3 Dec 1996 - I added des_encrypt3/des_decrypt3 because I have moved these
+functions into des_enc.c because it does make a massive performance
+difference on some boxes to have the functions code located close to
+the des_encrypt2() function.
+
+9 Jan 1997 - des-som2.pl is now the correct perl script to use for
+pentiums. It contains an inner loop from
+Svend Olaf Mikkelsen <svolaf@inet.uni-c.dk> which does raw ecb DES calls at
+273,000 per second. He had a previous version at 250,000 and the best
+I was able to get was 203,000. The content has not changed, this is all
+due to instruction sequencing (and actual instructions choice) which is able
+to keep both functional units of the pentium going.
+We may have lost the ugly register usage restrictions when x86 went 32 bit
+but for the pentium it has been replaced by evil instruction ordering tricks.
+
+13 Jan 1997 - des-som3.pl, more optimizations from Svend Olaf.
+raw DES at 281,000 per second on a pentium 100.
+
diff --git a/crypto/des/cbc3_enc.c b/crypto/des/cbc3_enc.c
new file mode 100644
index 0000000..e9bf500
--- /dev/null
+++ b/crypto/des/cbc3_enc.c
@@ -0,0 +1,99 @@
+/* crypto/des/cbc3_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* HAS BUGS? DON'T USE */
+void des_3cbc_encrypt(input, output, length, ks1, ks2, iv1, iv2, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_cblock (*iv1);
+des_cblock (*iv2);
+int enc;
+ {
+ int off=((int)length-1)/8;
+ long l8=((length+7)/8)*8;
+ des_cblock niv1,niv2;
+
+ if (enc == DES_ENCRYPT)
+ {
+ des_cbc_encrypt(input,output,length,ks1,iv1,enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv1,output[off],sizeof(des_cblock));
+ des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+ des_cbc_encrypt(output,output,l8,ks1,iv2, enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv2,output[off],sizeof(des_cblock));
+ }
+ else
+ {
+ if (length >= sizeof(des_cblock))
+ memcpy(niv2,input[off],sizeof(des_cblock));
+ des_cbc_encrypt(input,output,l8,ks1,iv2,enc);
+ des_cbc_encrypt(output,output,l8,ks2,iv1,!enc);
+ if (length >= sizeof(des_cblock))
+ memcpy(niv1,output[off],sizeof(des_cblock));
+ des_cbc_encrypt(output,output,length,ks1,iv1, enc);
+ }
+ memcpy(*iv1,niv1,sizeof(des_cblock));
+ memcpy(*iv2,niv2,sizeof(des_cblock));
+ }
+
diff --git a/crypto/des/cbc_cksm.c b/crypto/des/cbc_cksm.c
new file mode 100644
index 0000000..f6b3274
--- /dev/null
+++ b/crypto/des/cbc_cksm.c
@@ -0,0 +1,103 @@
+/* crypto/des/cbc_cksm.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+DES_LONG des_cbc_cksum(input, output, length, schedule, ivec)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+ {
+ register DES_LONG tout0,tout1,tin0,tin1;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *in,*out,*iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (; l>0; l-=8)
+ {
+ if (l >= 8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ }
+ else
+ c2ln(in,tin0,tin1,l);
+
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ /* fix 15/10/91 eay - thanks to keithr@sco.COM */
+ tout0=tin[0];
+ tout1=tin[1];
+ }
+ if (out != NULL)
+ {
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ tout0=tin0=tin1=tin[0]=tin[1]=0;
+ return(tout1);
+ }
diff --git a/crypto/des/cbc_enc.c b/crypto/des/cbc_enc.c
new file mode 100644
index 0000000..a06f9f9
--- /dev/null
+++ b/crypto/des/cbc_enc.c
@@ -0,0 +1,135 @@
+/* crypto/des/cbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_cbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ /* xor0=tin0;
+ xor1=tin1; */
+ }
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/crypto/des/cfb64ede.c b/crypto/des/cfb64ede.c
new file mode 100644
index 0000000..f623737
--- /dev/null
+++ b/crypto/des/cfb64ede.c
@@ -0,0 +1,151 @@
+/* crypto/des/cfb64ede.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void des_ede3_cfb64_encrypt(in, out, length, ks1,ks2,ks3, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule ks1,ks2,ks3;
+des_cblock (*ivec);
+int *num;
+int enc;
+ {
+ register DES_LONG v0,v1;
+ register long l=length;
+ register int n= *num;
+ DES_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (enc)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0);
+ c2l(iv,v1);
+
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3);
+ v0=ti[0];
+ v1=ti[1];
+
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0);
+ c2l(iv,v1);
+
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt3((DES_LONG *)ti,ks1,ks2,ks3);
+ v0=ti[0];
+ v1=ti[1];
+
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=c=cc=0;
+ *num=n;
+ }
+
+#ifdef undef /* MACRO */
+void des_ede2_cfb64_encrypt(in, out, length, ks1,ks2, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule ks1,ks2;
+des_cblock (*ivec);
+int *num;
+int enc;
+ {
+ des_ede3_cfb64_encrypt(in,out,length,ks1,ks2,ks1,ivec,num,enc);
+ }
+#endif
diff --git a/crypto/des/cfb64enc.c b/crypto/des/cfb64enc.c
new file mode 100644
index 0000000..327e489
--- /dev/null
+++ b/crypto/des/cfb64enc.c
@@ -0,0 +1,128 @@
+/* crypto/des/cfb64enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void des_cfb64_encrypt(in, out, length, schedule, ivec, num, enc)
+unsigned char *in;
+unsigned char *out;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int *num;
+int enc;
+ {
+ register DES_LONG v0,v1;
+ register long l=length;
+ register int n= *num;
+ DES_LONG ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (enc)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,
+ schedule,DES_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ v0=ti[0]; l2c(v0,iv);
+ v0=ti[1]; l2c(v0,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,
+ schedule,DES_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ v0=ti[0]; l2c(v0,iv);
+ v0=ti[1]; l2c(v0,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=c=cc=0;
+ *num=n;
+ }
+
diff --git a/crypto/des/cfb_enc.c b/crypto/des/cfb_enc.c
new file mode 100644
index 0000000..fb32832
--- /dev/null
+++ b/crypto/des/cfb_enc.c
@@ -0,0 +1,171 @@
+/* crypto/des/cfb_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second. The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void des_cfb_encrypt(in, out, numbits, length, schedule, ivec, enc)
+unsigned char *in;
+unsigned char *out;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
+ register DES_LONG mask0,mask1;
+ register unsigned long l=length;
+ register int num=numbits;
+ DES_LONG ti[2];
+ unsigned char *iv;
+
+ if (num > 64) return;
+ if (num > 32)
+ {
+ mask0=0xffffffffL;
+ if (num == 64)
+ mask1=mask0;
+ else mask1=(1L<<(num-32))-1;
+ }
+ else
+ {
+ if (num == 32)
+ mask0=0xffffffffL;
+ else mask0=(1L<<num)-1;
+ mask1=0x00000000;
+ }
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ if (enc)
+ {
+ while (l >= n)
+ {
+ l-=n;
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ c2ln(in,d0,d1,n);
+ in+=n;
+ d0=(d0^ti[0])&mask0;
+ d1=(d1^ti[1])&mask1;
+ l2cn(d0,d1,out,n);
+ out+=n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (num == 32)
+ { v0=v1; v1=d0; }
+ else if (num == 64)
+ { v0=d0; v1=d1; }
+ else if (num > 32) /* && num != 64 */
+ {
+ v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
+ v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+ }
+ else /* num < 32 */
+ {
+ v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+ v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+ }
+ }
+ }
+ else
+ {
+ while (l >= n)
+ {
+ l-=n;
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ c2ln(in,d0,d1,n);
+ in+=n;
+ /* 30-08-94 - eay - changed because l>>32 and
+ * l<<32 are bad under gcc :-( */
+ if (num == 32)
+ { v0=v1; v1=d0; }
+ else if (num == 64)
+ { v0=d0; v1=d1; }
+ else if (num > 32) /* && num != 64 */
+ {
+ v0=((v1>>(num-32))|(d0<<(64-num)))&0xffffffffL;
+ v1=((d0>>(num-32))|(d1<<(64-num)))&0xffffffffL;
+ }
+ else /* num < 32 */
+ {
+ v0=((v0>>num)|(v1<<(32-num)))&0xffffffffL;
+ v1=((v1>>num)|(d0<<(32-num)))&0xffffffffL;
+ }
+ d0=(d0^ti[0])&mask0;
+ d1=(d1^ti[1])&mask1;
+ l2cn(d0,d1,out,n);
+ out+=n;
+ }
+ }
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ v0=v1=d0=d1=ti[0]=ti[1]=0;
+ }
+
diff --git a/crypto/des/des b/crypto/des/des
new file mode 100644
index 0000000..7ec53b8
--- /dev/null
+++ b/crypto/des/des
@@ -0,0 +1,305 @@
+/* crypto/des/des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@mincom.oz.au).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@mincom.oz.au).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@mincom.oz.au)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@mincom.oz.au)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des.org since des.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+ {
+ union {
+ des_cblock _;
+ /* make sure things are correct size on machines with
+ * 8 byte longs */
+ DES_LONG pad[2];
+ } ks;
+#undef _
+#define _ ks._
+ } des_key_schedule[16];
+
+#define DES_KEY_SZ (sizeof(des_cblock))
+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define DES_ENCRYPT 1
+#define DES_DECRYPT 0
+
+#define DES_CBC_MODE 0
+#define DES_PCBC_MODE 1
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#endif
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define set_key des_set_key
+#define key_sched des_key_sched
+#define ecb_encrypt des_ecb_encrypt
+#define cbc_encrypt des_cbc_encrypt
+#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
+
+extern int des_check_key; /* defaults to false */
+extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+ des_key_schedule ks1,des_key_schedule ks2,
+ des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+ long length,des_key_schedule schedule,des_cblock *ivec);
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,
+ des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule sk1,des_key_schedule sk2,
+ des_cblock *ivec1,des_cblock *ivec2,int enc);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+ long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+ des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int *num);
+
+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
+ des_cblock (*out_white));
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+ des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+ des_cblock *iv);
+char *des_fcrypt(const char *buf,const char *salt, char *ret);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#ifdef HEADER_DES_LOCL_H
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+ int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+ long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+ char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ des_key_schedule schedule, des_cblock *ivec, int *num);
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+/* The following functions are not in the normal unix build or the
+ * SSLeay build. When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_encrypt3();
+void des_decrypt3();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+char *des_fcrypt();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+int des_read_pw();
+void des_xwhite_in2out();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build. When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/des/des.c b/crypto/des/des.c
new file mode 100644
index 0000000..0376163
--- /dev/null
+++ b/crypto/des/des.c
@@ -0,0 +1,960 @@
+/* crypto/des/des.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#define RAND
+#endif
+
+#include <time.h>
+#include "des_ver.h"
+
+#ifdef VMS
+#include <types.h>
+#include <stat.h>
+#else
+#ifndef _IRIX
+#include <sys/types.h>
+#endif
+#include <sys/stat.h>
+#endif
+#if defined(NOCONST)
+#define const
+#endif
+#include "des.h"
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifdef RAND
+#define random rand
+#define srandom(s) srand(s)
+#endif
+
+#ifndef NOPROTO
+void usage(void);
+void doencryption(void);
+int uufwrite(unsigned char *data, int size, unsigned int num, FILE *fp);
+void uufwriteEnd(FILE *fp);
+int uufread(unsigned char *out,int size,unsigned int num,FILE *fp);
+int uuencode(unsigned char *in,int num,unsigned char *out);
+int uudecode(unsigned char *in,int num,unsigned char *out);
+#else
+void usage();
+void doencryption();
+int uufwrite();
+void uufwriteEnd();
+int uufread();
+int uuencode();
+int uudecode();
+#endif
+
+#ifdef VMS
+#define EXIT(a) exit(a&0x10000000)
+#else
+#define EXIT(a) exit(a)
+#endif
+
+#define BUFSIZE (8*1024)
+#define VERIFY 1
+#define KEYSIZ 8
+#define KEYSIZB 1024 /* should hit tty line limit first :-) */
+char key[KEYSIZB+1];
+int do_encrypt,longk=0;
+FILE *DES_IN,*DES_OUT,*CKSUM_OUT;
+char uuname[200];
+unsigned char uubuf[50];
+int uubufnum=0;
+#define INUUBUFN (45*100)
+#define OUTUUBUF (65*100)
+unsigned char b[OUTUUBUF];
+unsigned char bb[300];
+des_cblock cksum={0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};
+char cksumname[200]="";
+
+int vflag,cflag,eflag,dflag,kflag,bflag,fflag,sflag,uflag,flag3,hflag,error;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i;
+ struct stat ins,outs;
+ char *p;
+ char *in=NULL,*out=NULL;
+
+ vflag=cflag=eflag=dflag=kflag=hflag=bflag=fflag=sflag=uflag=flag3=0;
+ error=0;
+ memset(key,0,sizeof(key));
+
+ for (i=1; i<argc; i++)
+ {
+ p=argv[i];
+ if ((p[0] == '-') && (p[1] != '\0'))
+ {
+ p++;
+ while (*p)
+ {
+ switch (*(p++))
+ {
+ case '3':
+ flag3=1;
+ longk=1;
+ break;
+ case 'c':
+ cflag=1;
+ strncpy(cksumname,p,200);
+ p+=strlen(cksumname);
+ break;
+ case 'C':
+ cflag=1;
+ longk=1;
+ strncpy(cksumname,p,200);
+ p+=strlen(cksumname);
+ break;
+ case 'e':
+ eflag=1;
+ break;
+ case 'v':
+ vflag=1;
+ break;
+ case 'E':
+ eflag=1;
+ longk=1;
+ break;
+ case 'd':
+ dflag=1;
+ break;
+ case 'D':
+ dflag=1;
+ longk=1;
+ break;
+ case 'b':
+ bflag=1;
+ break;
+ case 'f':
+ fflag=1;
+ break;
+ case 's':
+ sflag=1;
+ break;
+ case 'u':
+ uflag=1;
+ strncpy(uuname,p,200);
+ p+=strlen(uuname);
+ break;
+ case 'h':
+ hflag=1;
+ break;
+ case 'k':
+ kflag=1;
+ if ((i+1) == argc)
+ {
+ fputs("must have a key with the -k option\n",stderr);
+ error=1;
+ }
+ else
+ {
+ int j;
+
+ i++;
+ strncpy(key,argv[i],KEYSIZB);
+ for (j=strlen(argv[i])-1; j>=0; j--)
+ argv[i][j]='\0';
+ }
+ break;
+ default:
+ fprintf(stderr,"'%c' unknown flag\n",p[-1]);
+ error=1;
+ break;
+ }
+ }
+ }
+ else
+ {
+ if (in == NULL)
+ in=argv[i];
+ else if (out == NULL)
+ out=argv[i];
+ else
+ error=1;
+ }
+ }
+ if (error) usage();
+ /* We either
+ * do checksum or
+ * do encrypt or
+ * do decrypt or
+ * do decrypt then ckecksum or
+ * do checksum then encrypt
+ */
+ if (((eflag+dflag) == 1) || cflag)
+ {
+ if (eflag) do_encrypt=DES_ENCRYPT;
+ if (dflag) do_encrypt=DES_DECRYPT;
+ }
+ else
+ {
+ if (vflag)
+ {
+#ifndef _Windows
+ fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif
+ EXIT(1);
+ }
+ else usage();
+ }
+
+#ifndef _Windows
+ if (vflag) fprintf(stderr,"des(1) built with %s\n",libdes_version);
+#endif
+ if ( (in != NULL) &&
+ (out != NULL) &&
+#ifndef MSDOS
+ (stat(in,&ins) != -1) &&
+ (stat(out,&outs) != -1) &&
+ (ins.st_dev == outs.st_dev) &&
+ (ins.st_ino == outs.st_ino))
+#else /* MSDOS */
+ (strcmp(in,out) == 0))
+#endif
+ {
+ fputs("input and output file are the same\n",stderr);
+ EXIT(3);
+ }
+
+ if (!kflag)
+ if (des_read_pw_string(key,KEYSIZB+1,"Enter key:",eflag?VERIFY:0))
+ {
+ fputs("password error\n",stderr);
+ EXIT(2);
+ }
+
+ if (in == NULL)
+ DES_IN=stdin;
+ else if ((DES_IN=fopen(in,"r")) == NULL)
+ {
+ perror("opening input file");
+ EXIT(4);
+ }
+
+ CKSUM_OUT=stdout;
+ if (out == NULL)
+ {
+ DES_OUT=stdout;
+ CKSUM_OUT=stderr;
+ }
+ else if ((DES_OUT=fopen(out,"w")) == NULL)
+ {
+ perror("opening output file");
+ EXIT(5);
+ }
+
+#ifdef MSDOS
+ /* This should set the file to binary mode. */
+ {
+#include <fcntl.h>
+ if (!(uflag && dflag))
+ setmode(fileno(DES_IN),O_BINARY);
+ if (!(uflag && eflag))
+ setmode(fileno(DES_OUT),O_BINARY);
+ }
+#endif
+
+ doencryption();
+ fclose(DES_IN);
+ fclose(DES_OUT);
+ EXIT(0);
+ }
+
+void usage()
+ {
+ char **u;
+ static const char *Usage[]={
+"des <options> [input-file [output-file]]",
+"options:",
+"-v : des(1) version number",
+"-e : encrypt using sunOS compatible user key to DES key conversion.",
+"-E : encrypt ",
+"-d : decrypt using sunOS compatible user key to DES key conversion.",
+"-D : decrypt ",
+"-c[ckname] : generate a cbc_cksum using sunOS compatible user key to",
+" DES key conversion and output to ckname (stdout default,",
+" stderr if data being output on stdout). The checksum is",
+" generated before encryption and after decryption if used",
+" in conjunction with -[eEdD].",
+"-C[ckname] : generate a cbc_cksum as for -c but compatible with -[ED].",
+"-k key : use key 'key'",
+"-h : the key that is entered will be a hexidecimal number",
+" that is used directly as the des key",
+"-u[uuname] : input file is uudecoded if -[dD] or output uuencoded data if -[eE]",
+" (uuname is the filename to put in the uuencode header).",
+"-b : encrypt using DES in ecb encryption mode, the defaut is cbc mode.",
+"-3 : encrypt using tripple DES encryption. This uses 2 keys",
+" generated from the input key. If the input key is less",
+" than 8 characters long, this is equivelent to normal",
+" encryption. Default is tripple cbc, -b makes it tripple ecb.",
+NULL
+};
+ for (u=(char **)Usage; *u; u++)
+ {
+ fputs(*u,stderr);
+ fputc('\n',stderr);
+ }
+
+ EXIT(1);
+ }
+
+void doencryption()
+ {
+#ifdef _LIBC
+ extern int srandom();
+ extern int random();
+ extern unsigned long time();
+#endif
+
+ register int i;
+ des_key_schedule ks,ks2;
+ unsigned char iv[8],iv2[8];
+ char *p;
+ int num=0,j,k,l,rem,ll,len,last,ex=0;
+ des_cblock kk,k2;
+ FILE *O;
+ int Exit=0;
+#ifndef MSDOS
+ static unsigned char buf[BUFSIZE+8],obuf[BUFSIZE+8];
+#else
+ static unsigned char *buf=NULL,*obuf=NULL;
+
+ if (buf == NULL)
+ {
+ if ( (( buf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL) ||
+ ((obuf=(unsigned char *)Malloc(BUFSIZE+8)) == NULL))
+ {
+ fputs("Not enough memory\n",stderr);
+ Exit=10;
+ goto problems;
+ }
+ }
+#endif
+
+ if (hflag)
+ {
+ j=(flag3?16:8);
+ p=key;
+ for (i=0; i<j; i++)
+ {
+ k=0;
+ if ((*p <= '9') && (*p >= '0'))
+ k=(*p-'0')<<4;
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k=(*p-'a'+10)<<4;
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k=(*p-'A'+10)<<4;
+ else
+ {
+ fputs("Bad hex key\n",stderr);
+ Exit=9;
+ goto problems;
+ }
+ p++;
+ if ((*p <= '9') && (*p >= '0'))
+ k|=(*p-'0');
+ else if ((*p <= 'f') && (*p >= 'a'))
+ k|=(*p-'a'+10);
+ else if ((*p <= 'F') && (*p >= 'A'))
+ k|=(*p-'A'+10);
+ else
+ {
+ fputs("Bad hex key\n",stderr);
+ Exit=9;
+ goto problems;
+ }
+ p++;
+ if (i < 8)
+ kk[i]=k;
+ else
+ k2[i-8]=k;
+ }
+ des_set_key((C_Block *)k2,ks2);
+ memset(k2,0,sizeof(k2));
+ }
+ else if (longk || flag3)
+ {
+ if (flag3)
+ {
+ des_string_to_2keys(key,(C_Block *)kk,(C_Block *)k2);
+ des_set_key((C_Block *)k2,ks2);
+ memset(k2,0,sizeof(k2));
+ }
+ else
+ des_string_to_key(key,(C_Block *)kk);
+ }
+ else
+ for (i=0; i<KEYSIZ; i++)
+ {
+ l=0;
+ k=key[i];
+ for (j=0; j<8; j++)
+ {
+ if (k&1) l++;
+ k>>=1;
+ }
+ if (l & 1)
+ kk[i]=key[i]&0x7f;
+ else
+ kk[i]=key[i]|0x80;
+ }
+
+ des_set_key((C_Block *)kk,ks);
+ memset(key,0,sizeof(key));
+ memset(kk,0,sizeof(kk));
+ /* woops - A bug that does not showup under unix :-( */
+ memset(iv,0,sizeof(iv));
+ memset(iv2,0,sizeof(iv2));
+
+ l=1;
+ rem=0;
+ /* first read */
+ if (eflag || (!dflag && cflag))
+ {
+ for (;;)
+ {
+ num=l=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ l+=rem;
+ num+=rem;
+ if (l < 0)
+ {
+ perror("read error");
+ Exit=6;
+ goto problems;
+ }
+
+ rem=l%8;
+ len=l-rem;
+ if (feof(DES_IN))
+ {
+ srandom((unsigned int)time(NULL));
+ for (i=7-rem; i>0; i--)
+ buf[l++]=random()&0xff;
+ buf[l++]=rem;
+ ex=1;
+ len+=rem;
+ }
+ else
+ l-=rem;
+
+ if (cflag)
+ {
+ des_cbc_cksum((C_Block *)buf,(C_Block *)cksum,
+ (long)len,ks,(C_Block *)cksum);
+ if (!eflag)
+ {
+ if (feof(DES_IN)) break;
+ else continue;
+ }
+ }
+
+ if (bflag && !flag3)
+ for (i=0; i<l; i+=8)
+ des_ecb_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,do_encrypt);
+ else if (flag3 && bflag)
+ for (i=0; i<l; i+=8)
+ des_ecb2_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,ks2,do_encrypt);
+ else if (flag3 && !bflag)
+ {
+ char tmpbuf[8];
+
+ if (rem) memcpy(tmpbuf,&(buf[l]),
+ (unsigned int)rem);
+ des_3cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,ks2,(des_cblock *)iv,
+ (des_cblock *)iv2,do_encrypt);
+ if (rem) memcpy(&(buf[l]),tmpbuf,
+ (unsigned int)rem);
+ }
+ else
+ {
+ des_cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,(des_cblock *)iv,do_encrypt);
+ if (l >= 8) memcpy(iv,&(obuf[l-8]),8);
+ }
+ if (rem) memcpy(buf,&(buf[l]),(unsigned int)rem);
+
+ i=0;
+ while (i < l)
+ {
+ if (uflag)
+ j=uufwrite(obuf,1,(unsigned int)l-i,
+ DES_OUT);
+ else
+ j=fwrite(obuf,1,(unsigned int)l-i,
+ DES_OUT);
+ if (j == -1)
+ {
+ perror("Write error");
+ Exit=7;
+ goto problems;
+ }
+ i+=j;
+ }
+ if (feof(DES_IN))
+ {
+ if (uflag) uufwriteEnd(DES_OUT);
+ break;
+ }
+ }
+ }
+ else /* decrypt */
+ {
+ ex=1;
+ for (;;)
+ {
+ if (ex) {
+ if (uflag)
+ l=uufread(buf,1,BUFSIZE,DES_IN);
+ else
+ l=fread(buf,1,BUFSIZE,DES_IN);
+ ex=0;
+ rem=l%8;
+ l-=rem;
+ }
+ if (l < 0)
+ {
+ perror("read error");
+ Exit=6;
+ goto problems;
+ }
+
+ if (bflag && !flag3)
+ for (i=0; i<l; i+=8)
+ des_ecb_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,do_encrypt);
+ else if (flag3 && bflag)
+ for (i=0; i<l; i+=8)
+ des_ecb2_encrypt(
+ (des_cblock *)&(buf[i]),
+ (des_cblock *)&(obuf[i]),
+ ks,ks2,do_encrypt);
+ else if (flag3 && !bflag)
+ {
+ des_3cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,ks2,(des_cblock *)iv,
+ (des_cblock *)iv2,do_encrypt);
+ }
+ else
+ {
+ des_cbc_encrypt(
+ (des_cblock *)buf,(des_cblock *)obuf,
+ (long)l,ks,(des_cblock *)iv,do_encrypt);
+ if (l >= 8) memcpy(iv,&(buf[l-8]),8);
+ }
+
+ if (uflag)
+ ll=uufread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ else
+ ll=fread(&(buf[rem]),1,BUFSIZE,DES_IN);
+ ll+=rem;
+ rem=ll%8;
+ ll-=rem;
+ if (feof(DES_IN) && (ll == 0))
+ {
+ last=obuf[l-1];
+
+ if ((last > 7) || (last < 0))
+ {
+ fputs("The file was not decrypted correctly.\n",
+ stderr);
+ Exit=8;
+ last=0;
+ }
+ l=l-8+last;
+ }
+ i=0;
+ if (cflag) des_cbc_cksum((C_Block *)obuf,
+ (C_Block *)cksum,(long)l/8*8,ks,
+ (C_Block *)cksum);
+ while (i != l)
+ {
+ j=fwrite(obuf,1,(unsigned int)l-i,DES_OUT);
+ if (j == -1)
+ {
+ perror("Write error");
+ Exit=7;
+ goto problems;
+ }
+ i+=j;
+ }
+ l=ll;
+ if ((l == 0) && feof(DES_IN)) break;
+ }
+ }
+ if (cflag)
+ {
+ l=0;
+ if (cksumname[0] != '\0')
+ {
+ if ((O=fopen(cksumname,"w")) != NULL)
+ {
+ CKSUM_OUT=O;
+ l=1;
+ }
+ }
+ for (i=0; i<8; i++)
+ fprintf(CKSUM_OUT,"%02X",cksum[i]);
+ fprintf(CKSUM_OUT,"\n");
+ if (l) fclose(CKSUM_OUT);
+ }
+problems:
+ memset(buf,0,sizeof(buf));
+ memset(obuf,0,sizeof(obuf));
+ memset(ks,0,sizeof(ks));
+ memset(ks2,0,sizeof(ks2));
+ memset(iv,0,sizeof(iv));
+ memset(iv2,0,sizeof(iv2));
+ memset(kk,0,sizeof(kk));
+ memset(k2,0,sizeof(k2));
+ memset(uubuf,0,sizeof(uubuf));
+ memset(b,0,sizeof(b));
+ memset(bb,0,sizeof(bb));
+ memset(cksum,0,sizeof(cksum));
+ if (Exit) EXIT(Exit);
+ }
+
+int uufwrite(data, size, num, fp)
+unsigned char *data;
+int size;
+unsigned int num;
+FILE *fp;
+
+ /* We ignore this parameter but it should be > ~50 I believe */
+
+
+ {
+ int i,j,left,rem,ret=num;
+ static int start=1;
+
+ if (start)
+ {
+ fprintf(fp,"begin 600 %s\n",
+ (uuname[0] == '\0')?"text.d":uuname);
+ start=0;
+ }
+
+ if (uubufnum)
+ {
+ if (uubufnum+num < 45)
+ {
+ memcpy(&(uubuf[uubufnum]),data,(unsigned int)num);
+ uubufnum+=num;
+ return(num);
+ }
+ else
+ {
+ i=45-uubufnum;
+ memcpy(&(uubuf[uubufnum]),data,(unsigned int)i);
+ j=uuencode((unsigned char *)uubuf,45,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ uubufnum=0;
+ data+=i;
+ num-=i;
+ }
+ }
+
+ for (i=0; i<(((int)num)-INUUBUFN); i+=INUUBUFN)
+ {
+ j=uuencode(&(data[i]),INUUBUFN,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ }
+ rem=(num-i)%45;
+ left=(num-i-rem);
+ if (left)
+ {
+ j=uuencode(&(data[i]),left,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ i+=left;
+ }
+ if (i != num)
+ {
+ memcpy(uubuf,&(data[i]),(unsigned int)rem);
+ uubufnum=rem;
+ }
+ return(ret);
+ }
+
+void uufwriteEnd(fp)
+FILE *fp;
+ {
+ int j;
+ static const char *end=" \nend\n";
+
+ if (uubufnum != 0)
+ {
+ uubuf[uubufnum]='\0';
+ uubuf[uubufnum+1]='\0';
+ uubuf[uubufnum+2]='\0';
+ j=uuencode(uubuf,uubufnum,b);
+ fwrite(b,1,(unsigned int)j,fp);
+ }
+ fwrite(end,1,strlen(end),fp);
+ }
+
+int uufread(out, size, num, fp)
+unsigned char *out;
+int size; /* should always be > ~ 60; I actually ignore this parameter :-) */
+unsigned int num;
+FILE *fp;
+ {
+ int i,j,tot;
+ static int done=0;
+ static int valid=0;
+ static int start=1;
+
+ if (start)
+ {
+ for (;;)
+ {
+ b[0]='\0';
+ fgets((char *)b,300,fp);
+ if (b[0] == '\0')
+ {
+ fprintf(stderr,"no 'begin' found in uuencoded input\n");
+ return(-1);
+ }
+ if (strncmp((char *)b,"begin ",6) == 0) break;
+ }
+ start=0;
+ }
+ if (done) return(0);
+ tot=0;
+ if (valid)
+ {
+ memcpy(out,bb,(unsigned int)valid);
+ tot=valid;
+ valid=0;
+ }
+ for (;;)
+ {
+ b[0]='\0';
+ fgets((char *)b,300,fp);
+ if (b[0] == '\0') break;
+ i=strlen((char *)b);
+ if ((b[0] == 'e') && (b[1] == 'n') && (b[2] == 'd'))
+ {
+ done=1;
+ while (!feof(fp))
+ {
+ fgets((char *)b,300,fp);
+ }
+ break;
+ }
+ i=uudecode(b,i,bb);
+ if (i < 0) break;
+ if ((i+tot+8) > num)
+ {
+ /* num to copy to make it a multiple of 8 */
+ j=(num/8*8)-tot-8;
+ memcpy(&(out[tot]),bb,(unsigned int)j);
+ tot+=j;
+ memcpy(bb,&(bb[j]),(unsigned int)i-j);
+ valid=i-j;
+ break;
+ }
+ memcpy(&(out[tot]),bb,(unsigned int)i);
+ tot+=i;
+ }
+ return(tot);
+ }
+
+#define ccc2l(c,l) (l =((DES_LONG)(*((c)++)))<<16, \
+ l|=((DES_LONG)(*((c)++)))<< 8, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2ccc(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+
+int uuencode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+ {
+ int j,i,n,tot=0;
+ DES_LONG l;
+ register unsigned char *p;
+ p=out;
+
+ for (j=0; j<num; j+=45)
+ {
+ if (j+45 > num)
+ i=(num-j);
+ else i=45;
+ *(p++)=i+' ';
+ for (n=0; n<i; n+=3)
+ {
+ ccc2l(in,l);
+ *(p++)=((l>>18)&0x3f)+' ';
+ *(p++)=((l>>12)&0x3f)+' ';
+ *(p++)=((l>> 6)&0x3f)+' ';
+ *(p++)=((l )&0x3f)+' ';
+ tot+=4;
+ }
+ *(p++)='\n';
+ tot+=2;
+ }
+ *p='\0';
+ l=0;
+ return(tot);
+ }
+
+int uudecode(in, num, out)
+unsigned char *in;
+int num;
+unsigned char *out;
+ {
+ int j,i,k;
+ unsigned int n=0,space=0;
+ DES_LONG l;
+ DES_LONG w,x,y,z;
+ unsigned int blank=(unsigned int)'\n'-' ';
+
+ for (j=0; j<num; )
+ {
+ n= *(in++)-' ';
+ if (n == blank)
+ {
+ n=0;
+ in--;
+ }
+ if (n > 60)
+ {
+ fprintf(stderr,"uuencoded line length too long\n");
+ return(-1);
+ }
+ j++;
+
+ for (i=0; i<n; j+=4,i+=3)
+ {
+ /* the following is for cases where spaces are
+ * removed from lines.
+ */
+ if (space)
+ {
+ w=x=y=z=0;
+ }
+ else
+ {
+ w= *(in++)-' ';
+ x= *(in++)-' ';
+ y= *(in++)-' ';
+ z= *(in++)-' ';
+ }
+ if ((w > 63) || (x > 63) || (y > 63) || (z > 63))
+ {
+ k=0;
+ if (w == blank) k=1;
+ if (x == blank) k=2;
+ if (y == blank) k=3;
+ if (z == blank) k=4;
+ space=1;
+ switch (k) {
+ case 1: w=0; in--;
+ case 2: x=0; in--;
+ case 3: y=0; in--;
+ case 4: z=0; in--;
+ break;
+ case 0:
+ space=0;
+ fprintf(stderr,"bad uuencoded data values\n");
+ w=x=y=z=0;
+ return(-1);
+ break;
+ }
+ }
+ l=(w<<18)|(x<<12)|(y<< 6)|(z );
+ l2ccc(l,out);
+ }
+ if (*(in++) != '\n')
+ {
+ fprintf(stderr,"missing nl in uuencoded line\n");
+ w=x=y=z=0;
+ return(-1);
+ }
+ j++;
+ }
+ *out='\0';
+ w=x=y=z=0;
+ return(n);
+ }
diff --git a/crypto/des/des.h b/crypto/des/des.h
new file mode 100644
index 0000000..1728fe8
--- /dev/null
+++ b/crypto/des/des.h
@@ -0,0 +1,305 @@
+/* crypto/des/des.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des.org since des.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+ {
+ union {
+ des_cblock _;
+ /* make sure things are correct size on machines with
+ * 8 byte longs */
+ DES_LONG pad[2];
+ } ks;
+#undef _
+#define _ ks._
+ } des_key_schedule[16];
+
+#define DES_KEY_SZ (sizeof(des_cblock))
+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define DES_ENCRYPT 1
+#define DES_DECRYPT 0
+
+#define DES_CBC_MODE 0
+#define DES_PCBC_MODE 1
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#endif
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define set_key des_set_key
+#define key_sched des_key_sched
+#define ecb_encrypt des_ecb_encrypt
+#define cbc_encrypt des_cbc_encrypt
+#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
+
+extern int des_check_key; /* defaults to false */
+extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+ des_key_schedule ks1,des_key_schedule ks2,
+ des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+ long length,des_key_schedule schedule,des_cblock *ivec);
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,
+ des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule sk1,des_key_schedule sk2,
+ des_cblock *ivec1,des_cblock *ivec2,int enc);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+ long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+ des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int *num);
+
+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
+ des_cblock (*out_white));
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+ des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+ des_cblock *iv);
+char *des_fcrypt(const char *buf,const char *salt, char *ret);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#ifdef HEADER_DES_LOCL_H
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+ int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+ long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+ char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ des_key_schedule schedule, des_cblock *ivec, int *num);
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+/* The following functions are not in the normal unix build or the
+ * SSLeay build. When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_encrypt3();
+void des_decrypt3();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+char *des_fcrypt();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+int des_read_pw();
+void des_xwhite_in2out();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build. When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/des/des.man b/crypto/des/des.man
new file mode 100644
index 0000000..7e06a18
--- /dev/null
+++ b/crypto/des/des.man
@@ -0,0 +1,186 @@
+.TH DES 1
+.SH NAME
+des - encrypt or decrypt data using Data Encryption Standard
+.SH SYNOPSIS
+.B des
+(
+.B \-e
+|
+.B \-E
+) | (
+.B \-d
+|
+.B \-D
+) | (
+.B \-\fR[\fPcC\fR][\fPckname\fR]\fP
+) |
+[
+.B \-b3hfs
+] [
+.B \-k
+.I key
+]
+] [
+.B \-u\fR[\fIuuname\fR]
+[
+.I input-file
+[
+.I output-file
+] ]
+.SH DESCRIPTION
+.B des
+encrypts and decrypts data using the
+Data Encryption Standard algorithm.
+One of
+.B \-e, \-E
+(for encrypt) or
+.B \-d, \-D
+(for decrypt) must be specified.
+It is also possible to use
+.B \-c
+or
+.B \-C
+in conjunction or instead of the a encrypt/decrypt option to generate
+a 16 character hexadecimal checksum, generated via the
+.I des_cbc_cksum.
+.LP
+Two standard encryption modes are supported by the
+.B des
+program, Cipher Block Chaining (the default) and Electronic Code Book
+(specified with
+.B \-b
+).
+.LP
+The key used for the DES
+algorithm is obtained by prompting the user unless the
+.B `\-k
+.I key'
+option is given.
+If the key is an argument to the
+.B des
+command, it is potentially visible to users executing
+.BR ps (1)
+or a derivative. To minimise this possibility,
+.B des
+takes care to destroy the key argument immediately upon entry.
+If your shell keeps a history file be careful to make sure it is not
+world readable.
+.LP
+Since this program attempts to maintain compatability with sunOS's
+des(1) command, there are 2 different methods used to convert the user
+supplied key to a des key.
+Whenever and one or more of
+.B \-E, \-D, \-C
+or
+.B \-3
+options are used, the key conversion procedure will not be compatible
+with the sunOS des(1) version but will use all the user supplied
+character to generate the des key.
+.B des
+command reads from standard input unless
+.I input-file
+is specified and writes to standard output unless
+.I output-file
+is given.
+.SH OPTIONS
+.TP
+.B \-b
+Select ECB
+(eight bytes at a time) encryption mode.
+.TP
+.B \-3
+Encrypt using triple encryption.
+By default triple cbc encryption is used but if the
+.B \-b
+option is used then triple ecb encryption is performed.
+If the key is less than 8 characters long, the flag has no effect.
+.TP
+.B \-e
+Encrypt data using an 8 byte key in a manner compatible with sunOS
+des(1).
+.TP
+.B \-E
+Encrypt data using a key of nearly unlimited length (1024 bytes).
+This will product a more secure encryption.
+.TP
+.B \-d
+Decrypt data that was encrypted with the \-e option.
+.TP
+.B \-D
+Decrypt data that was encrypted with the \-E option.
+.TP
+.B \-c
+Generate a 16 character hexadecimal cbc checksum and output this to
+stderr.
+If a filename was specified after the
+.B \-c
+option, the checksum is output to that file.
+The checksum is generated using a key generated in a sunOS compatible
+manner.
+.TP
+.B \-C
+A cbc checksum is generated in the same manner as described for the
+.B \-c
+option but the DES key is generated in the same manner as used for the
+.B \-E
+and
+.B \-D
+options
+.TP
+.B \-f
+Does nothing - allowed for compatibility with sunOS des(1) command.
+.TP
+.B \-s
+Does nothing - allowed for compatibility with sunOS des(1) command.
+.TP
+.B "\-k \fIkey\fP"
+Use the encryption
+.I key
+specified.
+.TP
+.B "\-h"
+The
+.I key
+is assumed to be a 16 character hexadecimal number.
+If the
+.B "\-3"
+option is used the key is assumed to be a 32 character hexadecimal
+number.
+.TP
+.B \-u
+This flag is used to read and write uuencoded files. If decrypting,
+the input file is assumed to contain uuencoded, DES encrypted data.
+If encrypting, the characters following the -u are used as the name of
+the uuencoded file to embed in the begin line of the uuencoded
+output. If there is no name specified after the -u, the name text.des
+will be embedded in the header.
+.SH SEE ALSO
+.B ps (1)
+.B des_crypt(3)
+.SH BUGS
+.LP
+The problem with using the
+.B -e
+option is the short key length.
+It would be better to use a real 56-bit key rather than an
+ASCII-based 56-bit pattern. Knowing that the key was derived from ASCII
+radically reduces the time necessary for a brute-force cryptographic attack.
+My attempt to remove this problem is to add an alternative text-key to
+DES-key function. This alternative function (accessed via
+.B -E, -D, -S
+and
+.B -3
+)
+uses DES to help generate the key.
+.LP
+Be carefully when using the -u option. Doing des -ud <filename> will
+not decrypt filename (the -u option will gobble the d option).
+.LP
+The VMS operating system operates in a world where files are always a
+multiple of 512 bytes. This causes problems when encrypted data is
+send from unix to VMS since a 88 byte file will suddenly be padded
+with 424 null bytes. To get around this problem, use the -u option
+to uuencode the data before it is send to the VMS system.
+.SH AUTHOR
+.LP
+Eric Young (eay@cryptsoft.com)
diff --git a/crypto/des/des.org b/crypto/des/des.org
new file mode 100644
index 0000000..1728fe8
--- /dev/null
+++ b/crypto/des/des.org
@@ -0,0 +1,305 @@
+/* crypto/des/des.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des.org since des.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_H
+#define HEADER_DES_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <stdio.h>
+
+/* If this is set to 'unsigned int' on a DEC Alpha, this gives about a
+ * %20 speed up (longs are 8 bytes, int's are 4). */
+#ifndef DES_LONG
+#define DES_LONG unsigned long
+#endif
+
+typedef unsigned char des_cblock[8];
+typedef struct des_ks_struct
+ {
+ union {
+ des_cblock _;
+ /* make sure things are correct size on machines with
+ * 8 byte longs */
+ DES_LONG pad[2];
+ } ks;
+#undef _
+#define _ ks._
+ } des_key_schedule[16];
+
+#define DES_KEY_SZ (sizeof(des_cblock))
+#define DES_SCHEDULE_SZ (sizeof(des_key_schedule))
+
+#define DES_ENCRYPT 1
+#define DES_DECRYPT 0
+
+#define DES_CBC_MODE 0
+#define DES_PCBC_MODE 1
+
+#define des_ecb2_encrypt(i,o,k1,k2,e) \
+ des_ecb3_encrypt((i),(o),(k1),(k2),(k1),(e))
+
+#define des_ede2_cbc_encrypt(i,o,l,k1,k2,iv,e) \
+ des_ede3_cbc_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(e))
+
+#define des_ede2_cfb64_encrypt(i,o,l,k1,k2,iv,n,e) \
+ des_ede3_cfb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n),(e))
+
+#define des_ede2_ofb64_encrypt(i,o,l,k1,k2,iv,n) \
+ des_ede3_ofb64_encrypt((i),(o),(l),(k1),(k2),(k1),(iv),(n))
+
+#define C_Block des_cblock
+#define Key_schedule des_key_schedule
+#ifdef KERBEROS
+#define ENCRYPT DES_ENCRYPT
+#define DECRYPT DES_DECRYPT
+#endif
+#define KEY_SZ DES_KEY_SZ
+#define string_to_key des_string_to_key
+#define read_pw_string des_read_pw_string
+#define random_key des_random_key
+#define pcbc_encrypt des_pcbc_encrypt
+#define set_key des_set_key
+#define key_sched des_key_sched
+#define ecb_encrypt des_ecb_encrypt
+#define cbc_encrypt des_cbc_encrypt
+#define ncbc_encrypt des_ncbc_encrypt
+#define xcbc_encrypt des_xcbc_encrypt
+#define cbc_cksum des_cbc_cksum
+#define quad_cksum des_quad_cksum
+
+/* For compatibility with the MIT lib - eay 20/05/92 */
+typedef des_key_schedule bit_64;
+#define des_fixup_key_parity des_set_odd_parity
+#define des_check_key_parity check_parity
+
+extern int des_check_key; /* defaults to false */
+extern int des_rw_mode; /* defaults to DES_PCBC_MODE */
+
+/* The next line is used to disable full ANSI prototypes, if your
+ * compiler has problems with the prototypes, make sure this line always
+ * evaluates to true :-) */
+#if defined(MSDOS) || defined(__STDC__)
+#undef NOPROTO
+#endif
+#ifndef NOPROTO
+char *des_options(void);
+void des_ecb3_encrypt(des_cblock *input,des_cblock *output,
+ des_key_schedule ks1,des_key_schedule ks2,
+ des_key_schedule ks3, int enc);
+DES_LONG des_cbc_cksum(des_cblock *input,des_cblock *output,
+ long length,des_key_schedule schedule,des_cblock *ivec);
+void des_cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ncbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_xcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,
+ des_cblock *inw,des_cblock *outw,int enc);
+void des_3cbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule sk1,des_key_schedule sk2,
+ des_cblock *ivec1,des_cblock *ivec2,int enc);
+void des_cfb_encrypt(unsigned char *in,unsigned char *out,int numbits,
+ long length,des_key_schedule schedule,des_cblock *ivec,int enc);
+void des_ecb_encrypt(des_cblock *input,des_cblock *output,
+ des_key_schedule ks,int enc);
+void des_encrypt(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt2(DES_LONG *data,des_key_schedule ks, int enc);
+void des_encrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3);
+void des_decrypt3(DES_LONG *data, des_key_schedule ks1,
+ des_key_schedule ks2, des_key_schedule ks3);
+void des_ede3_cbc_encrypt(des_cblock *input, des_cblock *output,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int enc);
+void des_ede3_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int *num, int enc);
+void des_ede3_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, des_key_schedule ks1, des_key_schedule ks2,
+ des_key_schedule ks3, des_cblock *ivec, int *num);
+
+void des_xwhite_in2out(des_cblock (*des_key), des_cblock (*in_white),
+ des_cblock (*out_white));
+
+int des_enc_read(int fd,char *buf,int len,des_key_schedule sched,
+ des_cblock *iv);
+int des_enc_write(int fd,char *buf,int len,des_key_schedule sched,
+ des_cblock *iv);
+char *des_fcrypt(const char *buf,const char *salt, char *ret);
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+/* some stupid compilers complain because I have declared char instead
+ * of const char */
+#ifdef HEADER_DES_LOCL_H
+char *crypt(const char *buf,const char *salt);
+#else
+char *crypt();
+#endif
+#endif
+void des_ofb_encrypt(unsigned char *in,unsigned char *out,
+ int numbits,long length,des_key_schedule schedule,des_cblock *ivec);
+void des_pcbc_encrypt(des_cblock *input,des_cblock *output,long length,
+ des_key_schedule schedule,des_cblock *ivec,int enc);
+DES_LONG des_quad_cksum(des_cblock *input,des_cblock *output,
+ long length,int out_count,des_cblock *seed);
+void des_random_seed(des_cblock key);
+void des_random_key(des_cblock ret);
+int des_read_password(des_cblock *key,char *prompt,int verify);
+int des_read_2passwords(des_cblock *key1,des_cblock *key2,
+ char *prompt,int verify);
+int des_read_pw_string(char *buf,int length,char *prompt,int verify);
+void des_set_odd_parity(des_cblock *key);
+int des_is_weak_key(des_cblock *key);
+int des_set_key(des_cblock *key,des_key_schedule schedule);
+int des_key_sched(des_cblock *key,des_key_schedule schedule);
+void des_string_to_key(char *str,des_cblock *key);
+void des_string_to_2keys(char *str,des_cblock *key1,des_cblock *key2);
+void des_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ des_key_schedule schedule, des_cblock *ivec, int *num, int enc);
+void des_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ des_key_schedule schedule, des_cblock *ivec, int *num);
+int des_read_pw(char *buf, char *buff, int size, char *prompt, int verify);
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file(des_cblock *cb, FILE *fp);
+/* The following functions are not in the normal unix build or the
+ * SSLeay build. When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+int des_new_random_key(des_cblock *key);
+void des_init_random_number_generator(des_cblock *key);
+void des_set_random_generator_seed(des_cblock *key);
+void des_set_sequence_number(des_cblock new_sequence_number);
+void des_generate_random_block(des_cblock *block);
+
+#else
+
+char *des_options();
+void des_ecb3_encrypt();
+DES_LONG des_cbc_cksum();
+void des_cbc_encrypt();
+void des_ncbc_encrypt();
+void des_xcbc_encrypt();
+void des_3cbc_encrypt();
+void des_cfb_encrypt();
+void des_ede3_cfb64_encrypt();
+void des_ede3_ofb64_encrypt();
+void des_ecb_encrypt();
+void des_encrypt();
+void des_encrypt2();
+void des_encrypt3();
+void des_decrypt3();
+void des_ede3_cbc_encrypt();
+int des_enc_read();
+int des_enc_write();
+char *des_fcrypt();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+void des_ofb_encrypt();
+void des_pcbc_encrypt();
+DES_LONG des_quad_cksum();
+void des_random_seed();
+void des_random_key();
+int des_read_password();
+int des_read_2passwords();
+int des_read_pw_string();
+void des_set_odd_parity();
+int des_is_weak_key();
+int des_set_key();
+int des_key_sched();
+void des_string_to_key();
+void des_string_to_2keys();
+void des_cfb64_encrypt();
+void des_ofb64_encrypt();
+int des_read_pw();
+void des_xwhite_in2out();
+
+/* Extra functions from Mark Murray <mark@grondar.za> */
+void des_cblock_print_file();
+/* The following functions are not in the normal unix build or the
+ * SSLeay build. When using the SSLeay build, use RAND_seed()
+ * and RAND_bytes() instead. */
+#ifdef FreeBSD
+int des_new_random_key();
+void des_init_random_number_generator();
+void des_set_random_generator_seed();
+void des_set_sequence_number();
+void des_generate_random_block();
+#endif
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/des/des.pl b/crypto/des/des.pl
new file mode 100644
index 0000000..8a3f7e3
--- /dev/null
+++ b/crypto/des/des.pl
@@ -0,0 +1,552 @@
+#!/usr/local/bin/perl
+# des.pl - eric young 22/11/1991 eay@cryptsoft.com
+#
+# Copyright (C) 1993 Eric Young
+#
+# 11 April 1996 - patched to circumvent Perl 5 (through 5.002) problem
+# with sign-extension on right shift operations.
+# Ed Kubaitis - ejk@uiuc.edu
+#
+# eay - 92/08/31 - I think I have fixed all problems for 64bit
+# versions of perl but I could be wrong since I have not tested it yet :-).
+#
+# This is an implementation of DES in perl.
+# The two routines (des_set_key and des_ecb_encrypt)
+# take 8 byte objects as arguments.
+#
+# des_set_key takes an 8 byte string as a key and returns a key schedule
+# for use in calls to des_ecb_encrypt.
+# des_ecb_encrypt takes three arguments, the first is a key schedule
+# (make sure to pass it by reference with the *), the second is 1
+# to encrypt, 0 to decrypt. The third argument is an 8 byte object
+# to encrypt. The function returns an 8 byte object that has been
+# DES encrypted.
+#
+# example:
+# require 'des.pl'
+#
+# $key =pack("C8",0x12,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
+# @ks= &des_set_key($key);
+#
+# $outbytes= &des_ecb_encrypt(*ks,1,$data);
+# @enc =unpack("C8",$outbytes);
+#
+
+package des;
+
+eval("use integer;") if (int($]) > 4);
+
+# The following 8 arrays are used in des_set_key
+@skb0=(
+# for C bits (numbered as per FIPS 46) 1 2 3 4 5 6
+0x00000000,0x00000010,0x20000000,0x20000010,
+0x00010000,0x00010010,0x20010000,0x20010010,
+0x00000800,0x00000810,0x20000800,0x20000810,
+0x00010800,0x00010810,0x20010800,0x20010810,
+0x00000020,0x00000030,0x20000020,0x20000030,
+0x00010020,0x00010030,0x20010020,0x20010030,
+0x00000820,0x00000830,0x20000820,0x20000830,
+0x00010820,0x00010830,0x20010820,0x20010830,
+0x00080000,0x00080010,0x20080000,0x20080010,
+0x00090000,0x00090010,0x20090000,0x20090010,
+0x00080800,0x00080810,0x20080800,0x20080810,
+0x00090800,0x00090810,0x20090800,0x20090810,
+0x00080020,0x00080030,0x20080020,0x20080030,
+0x00090020,0x00090030,0x20090020,0x20090030,
+0x00080820,0x00080830,0x20080820,0x20080830,
+0x00090820,0x00090830,0x20090820,0x20090830,
+);
+@skb1=(
+# for C bits (numbered as per FIPS 46) 7 8 10 11 12 13
+0x00000000,0x02000000,0x00002000,0x02002000,
+0x00200000,0x02200000,0x00202000,0x02202000,
+0x00000004,0x02000004,0x00002004,0x02002004,
+0x00200004,0x02200004,0x00202004,0x02202004,
+0x00000400,0x02000400,0x00002400,0x02002400,
+0x00200400,0x02200400,0x00202400,0x02202400,
+0x00000404,0x02000404,0x00002404,0x02002404,
+0x00200404,0x02200404,0x00202404,0x02202404,
+0x10000000,0x12000000,0x10002000,0x12002000,
+0x10200000,0x12200000,0x10202000,0x12202000,
+0x10000004,0x12000004,0x10002004,0x12002004,
+0x10200004,0x12200004,0x10202004,0x12202004,
+0x10000400,0x12000400,0x10002400,0x12002400,
+0x10200400,0x12200400,0x10202400,0x12202400,
+0x10000404,0x12000404,0x10002404,0x12002404,
+0x10200404,0x12200404,0x10202404,0x12202404,
+);
+@skb2=(
+# for C bits (numbered as per FIPS 46) 14 15 16 17 19 20
+0x00000000,0x00000001,0x00040000,0x00040001,
+0x01000000,0x01000001,0x01040000,0x01040001,
+0x00000002,0x00000003,0x00040002,0x00040003,
+0x01000002,0x01000003,0x01040002,0x01040003,
+0x00000200,0x00000201,0x00040200,0x00040201,
+0x01000200,0x01000201,0x01040200,0x01040201,
+0x00000202,0x00000203,0x00040202,0x00040203,
+0x01000202,0x01000203,0x01040202,0x01040203,
+0x08000000,0x08000001,0x08040000,0x08040001,
+0x09000000,0x09000001,0x09040000,0x09040001,
+0x08000002,0x08000003,0x08040002,0x08040003,
+0x09000002,0x09000003,0x09040002,0x09040003,
+0x08000200,0x08000201,0x08040200,0x08040201,
+0x09000200,0x09000201,0x09040200,0x09040201,
+0x08000202,0x08000203,0x08040202,0x08040203,
+0x09000202,0x09000203,0x09040202,0x09040203,
+);
+@skb3=(
+# for C bits (numbered as per FIPS 46) 21 23 24 26 27 28
+0x00000000,0x00100000,0x00000100,0x00100100,
+0x00000008,0x00100008,0x00000108,0x00100108,
+0x00001000,0x00101000,0x00001100,0x00101100,
+0x00001008,0x00101008,0x00001108,0x00101108,
+0x04000000,0x04100000,0x04000100,0x04100100,
+0x04000008,0x04100008,0x04000108,0x04100108,
+0x04001000,0x04101000,0x04001100,0x04101100,
+0x04001008,0x04101008,0x04001108,0x04101108,
+0x00020000,0x00120000,0x00020100,0x00120100,
+0x00020008,0x00120008,0x00020108,0x00120108,
+0x00021000,0x00121000,0x00021100,0x00121100,
+0x00021008,0x00121008,0x00021108,0x00121108,
+0x04020000,0x04120000,0x04020100,0x04120100,
+0x04020008,0x04120008,0x04020108,0x04120108,
+0x04021000,0x04121000,0x04021100,0x04121100,
+0x04021008,0x04121008,0x04021108,0x04121108,
+);
+@skb4=(
+# for D bits (numbered as per FIPS 46) 1 2 3 4 5 6
+0x00000000,0x10000000,0x00010000,0x10010000,
+0x00000004,0x10000004,0x00010004,0x10010004,
+0x20000000,0x30000000,0x20010000,0x30010000,
+0x20000004,0x30000004,0x20010004,0x30010004,
+0x00100000,0x10100000,0x00110000,0x10110000,
+0x00100004,0x10100004,0x00110004,0x10110004,
+0x20100000,0x30100000,0x20110000,0x30110000,
+0x20100004,0x30100004,0x20110004,0x30110004,
+0x00001000,0x10001000,0x00011000,0x10011000,
+0x00001004,0x10001004,0x00011004,0x10011004,
+0x20001000,0x30001000,0x20011000,0x30011000,
+0x20001004,0x30001004,0x20011004,0x30011004,
+0x00101000,0x10101000,0x00111000,0x10111000,
+0x00101004,0x10101004,0x00111004,0x10111004,
+0x20101000,0x30101000,0x20111000,0x30111000,
+0x20101004,0x30101004,0x20111004,0x30111004,
+);
+@skb5=(
+# for D bits (numbered as per FIPS 46) 8 9 11 12 13 14
+0x00000000,0x08000000,0x00000008,0x08000008,
+0x00000400,0x08000400,0x00000408,0x08000408,
+0x00020000,0x08020000,0x00020008,0x08020008,
+0x00020400,0x08020400,0x00020408,0x08020408,
+0x00000001,0x08000001,0x00000009,0x08000009,
+0x00000401,0x08000401,0x00000409,0x08000409,
+0x00020001,0x08020001,0x00020009,0x08020009,
+0x00020401,0x08020401,0x00020409,0x08020409,
+0x02000000,0x0A000000,0x02000008,0x0A000008,
+0x02000400,0x0A000400,0x02000408,0x0A000408,
+0x02020000,0x0A020000,0x02020008,0x0A020008,
+0x02020400,0x0A020400,0x02020408,0x0A020408,
+0x02000001,0x0A000001,0x02000009,0x0A000009,
+0x02000401,0x0A000401,0x02000409,0x0A000409,
+0x02020001,0x0A020001,0x02020009,0x0A020009,
+0x02020401,0x0A020401,0x02020409,0x0A020409,
+);
+@skb6=(
+# for D bits (numbered as per FIPS 46) 16 17 18 19 20 21
+0x00000000,0x00000100,0x00080000,0x00080100,
+0x01000000,0x01000100,0x01080000,0x01080100,
+0x00000010,0x00000110,0x00080010,0x00080110,
+0x01000010,0x01000110,0x01080010,0x01080110,
+0x00200000,0x00200100,0x00280000,0x00280100,
+0x01200000,0x01200100,0x01280000,0x01280100,
+0x00200010,0x00200110,0x00280010,0x00280110,
+0x01200010,0x01200110,0x01280010,0x01280110,
+0x00000200,0x00000300,0x00080200,0x00080300,
+0x01000200,0x01000300,0x01080200,0x01080300,
+0x00000210,0x00000310,0x00080210,0x00080310,
+0x01000210,0x01000310,0x01080210,0x01080310,
+0x00200200,0x00200300,0x00280200,0x00280300,
+0x01200200,0x01200300,0x01280200,0x01280300,
+0x00200210,0x00200310,0x00280210,0x00280310,
+0x01200210,0x01200310,0x01280210,0x01280310,
+);
+@skb7=(
+# for D bits (numbered as per FIPS 46) 22 23 24 25 27 28
+0x00000000,0x04000000,0x00040000,0x04040000,
+0x00000002,0x04000002,0x00040002,0x04040002,
+0x00002000,0x04002000,0x00042000,0x04042000,
+0x00002002,0x04002002,0x00042002,0x04042002,
+0x00000020,0x04000020,0x00040020,0x04040020,
+0x00000022,0x04000022,0x00040022,0x04040022,
+0x00002020,0x04002020,0x00042020,0x04042020,
+0x00002022,0x04002022,0x00042022,0x04042022,
+0x00000800,0x04000800,0x00040800,0x04040800,
+0x00000802,0x04000802,0x00040802,0x04040802,
+0x00002800,0x04002800,0x00042800,0x04042800,
+0x00002802,0x04002802,0x00042802,0x04042802,
+0x00000820,0x04000820,0x00040820,0x04040820,
+0x00000822,0x04000822,0x00040822,0x04040822,
+0x00002820,0x04002820,0x00042820,0x04042820,
+0x00002822,0x04002822,0x00042822,0x04042822,
+);
+
+@shifts2=(0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0);
+
+# used in ecb_encrypt
+@SP0=(
+0x00410100, 0x00010000, 0x40400000, 0x40410100,
+0x00400000, 0x40010100, 0x40010000, 0x40400000,
+0x40010100, 0x00410100, 0x00410000, 0x40000100,
+0x40400100, 0x00400000, 0x00000000, 0x40010000,
+0x00010000, 0x40000000, 0x00400100, 0x00010100,
+0x40410100, 0x00410000, 0x40000100, 0x00400100,
+0x40000000, 0x00000100, 0x00010100, 0x40410000,
+0x00000100, 0x40400100, 0x40410000, 0x00000000,
+0x00000000, 0x40410100, 0x00400100, 0x40010000,
+0x00410100, 0x00010000, 0x40000100, 0x00400100,
+0x40410000, 0x00000100, 0x00010100, 0x40400000,
+0x40010100, 0x40000000, 0x40400000, 0x00410000,
+0x40410100, 0x00010100, 0x00410000, 0x40400100,
+0x00400000, 0x40000100, 0x40010000, 0x00000000,
+0x00010000, 0x00400000, 0x40400100, 0x00410100,
+0x40000000, 0x40410000, 0x00000100, 0x40010100,
+);
+@SP1=(
+0x08021002, 0x00000000, 0x00021000, 0x08020000,
+0x08000002, 0x00001002, 0x08001000, 0x00021000,
+0x00001000, 0x08020002, 0x00000002, 0x08001000,
+0x00020002, 0x08021000, 0x08020000, 0x00000002,
+0x00020000, 0x08001002, 0x08020002, 0x00001000,
+0x00021002, 0x08000000, 0x00000000, 0x00020002,
+0x08001002, 0x00021002, 0x08021000, 0x08000002,
+0x08000000, 0x00020000, 0x00001002, 0x08021002,
+0x00020002, 0x08021000, 0x08001000, 0x00021002,
+0x08021002, 0x00020002, 0x08000002, 0x00000000,
+0x08000000, 0x00001002, 0x00020000, 0x08020002,
+0x00001000, 0x08000000, 0x00021002, 0x08001002,
+0x08021000, 0x00001000, 0x00000000, 0x08000002,
+0x00000002, 0x08021002, 0x00021000, 0x08020000,
+0x08020002, 0x00020000, 0x00001002, 0x08001000,
+0x08001002, 0x00000002, 0x08020000, 0x00021000,
+);
+@SP2=(
+0x20800000, 0x00808020, 0x00000020, 0x20800020,
+0x20008000, 0x00800000, 0x20800020, 0x00008020,
+0x00800020, 0x00008000, 0x00808000, 0x20000000,
+0x20808020, 0x20000020, 0x20000000, 0x20808000,
+0x00000000, 0x20008000, 0x00808020, 0x00000020,
+0x20000020, 0x20808020, 0x00008000, 0x20800000,
+0x20808000, 0x00800020, 0x20008020, 0x00808000,
+0x00008020, 0x00000000, 0x00800000, 0x20008020,
+0x00808020, 0x00000020, 0x20000000, 0x00008000,
+0x20000020, 0x20008000, 0x00808000, 0x20800020,
+0x00000000, 0x00808020, 0x00008020, 0x20808000,
+0x20008000, 0x00800000, 0x20808020, 0x20000000,
+0x20008020, 0x20800000, 0x00800000, 0x20808020,
+0x00008000, 0x00800020, 0x20800020, 0x00008020,
+0x00800020, 0x00000000, 0x20808000, 0x20000020,
+0x20800000, 0x20008020, 0x00000020, 0x00808000,
+);
+@SP3=(
+0x00080201, 0x02000200, 0x00000001, 0x02080201,
+0x00000000, 0x02080000, 0x02000201, 0x00080001,
+0x02080200, 0x02000001, 0x02000000, 0x00000201,
+0x02000001, 0x00080201, 0x00080000, 0x02000000,
+0x02080001, 0x00080200, 0x00000200, 0x00000001,
+0x00080200, 0x02000201, 0x02080000, 0x00000200,
+0x00000201, 0x00000000, 0x00080001, 0x02080200,
+0x02000200, 0x02080001, 0x02080201, 0x00080000,
+0x02080001, 0x00000201, 0x00080000, 0x02000001,
+0x00080200, 0x02000200, 0x00000001, 0x02080000,
+0x02000201, 0x00000000, 0x00000200, 0x00080001,
+0x00000000, 0x02080001, 0x02080200, 0x00000200,
+0x02000000, 0x02080201, 0x00080201, 0x00080000,
+0x02080201, 0x00000001, 0x02000200, 0x00080201,
+0x00080001, 0x00080200, 0x02080000, 0x02000201,
+0x00000201, 0x02000000, 0x02000001, 0x02080200,
+);
+@SP4=(
+0x01000000, 0x00002000, 0x00000080, 0x01002084,
+0x01002004, 0x01000080, 0x00002084, 0x01002000,
+0x00002000, 0x00000004, 0x01000004, 0x00002080,
+0x01000084, 0x01002004, 0x01002080, 0x00000000,
+0x00002080, 0x01000000, 0x00002004, 0x00000084,
+0x01000080, 0x00002084, 0x00000000, 0x01000004,
+0x00000004, 0x01000084, 0x01002084, 0x00002004,
+0x01002000, 0x00000080, 0x00000084, 0x01002080,
+0x01002080, 0x01000084, 0x00002004, 0x01002000,
+0x00002000, 0x00000004, 0x01000004, 0x01000080,
+0x01000000, 0x00002080, 0x01002084, 0x00000000,
+0x00002084, 0x01000000, 0x00000080, 0x00002004,
+0x01000084, 0x00000080, 0x00000000, 0x01002084,
+0x01002004, 0x01002080, 0x00000084, 0x00002000,
+0x00002080, 0x01002004, 0x01000080, 0x00000084,
+0x00000004, 0x00002084, 0x01002000, 0x01000004,
+);
+@SP5=(
+0x10000008, 0x00040008, 0x00000000, 0x10040400,
+0x00040008, 0x00000400, 0x10000408, 0x00040000,
+0x00000408, 0x10040408, 0x00040400, 0x10000000,
+0x10000400, 0x10000008, 0x10040000, 0x00040408,
+0x00040000, 0x10000408, 0x10040008, 0x00000000,
+0x00000400, 0x00000008, 0x10040400, 0x10040008,
+0x10040408, 0x10040000, 0x10000000, 0x00000408,
+0x00000008, 0x00040400, 0x00040408, 0x10000400,
+0x00000408, 0x10000000, 0x10000400, 0x00040408,
+0x10040400, 0x00040008, 0x00000000, 0x10000400,
+0x10000000, 0x00000400, 0x10040008, 0x00040000,
+0x00040008, 0x10040408, 0x00040400, 0x00000008,
+0x10040408, 0x00040400, 0x00040000, 0x10000408,
+0x10000008, 0x10040000, 0x00040408, 0x00000000,
+0x00000400, 0x10000008, 0x10000408, 0x10040400,
+0x10040000, 0x00000408, 0x00000008, 0x10040008,
+);
+@SP6=(
+0x00000800, 0x00000040, 0x00200040, 0x80200000,
+0x80200840, 0x80000800, 0x00000840, 0x00000000,
+0x00200000, 0x80200040, 0x80000040, 0x00200800,
+0x80000000, 0x00200840, 0x00200800, 0x80000040,
+0x80200040, 0x00000800, 0x80000800, 0x80200840,
+0x00000000, 0x00200040, 0x80200000, 0x00000840,
+0x80200800, 0x80000840, 0x00200840, 0x80000000,
+0x80000840, 0x80200800, 0x00000040, 0x00200000,
+0x80000840, 0x00200800, 0x80200800, 0x80000040,
+0x00000800, 0x00000040, 0x00200000, 0x80200800,
+0x80200040, 0x80000840, 0x00000840, 0x00000000,
+0x00000040, 0x80200000, 0x80000000, 0x00200040,
+0x00000000, 0x80200040, 0x00200040, 0x00000840,
+0x80000040, 0x00000800, 0x80200840, 0x00200000,
+0x00200840, 0x80000000, 0x80000800, 0x80200840,
+0x80200000, 0x00200840, 0x00200800, 0x80000800,
+);
+@SP7=(
+0x04100010, 0x04104000, 0x00004010, 0x00000000,
+0x04004000, 0x00100010, 0x04100000, 0x04104010,
+0x00000010, 0x04000000, 0x00104000, 0x00004010,
+0x00104010, 0x04004010, 0x04000010, 0x04100000,
+0x00004000, 0x00104010, 0x00100010, 0x04004000,
+0x04104010, 0x04000010, 0x00000000, 0x00104000,
+0x04000000, 0x00100000, 0x04004010, 0x04100010,
+0x00100000, 0x00004000, 0x04104000, 0x00000010,
+0x00100000, 0x00004000, 0x04000010, 0x04104010,
+0x00004010, 0x04000000, 0x00000000, 0x00104000,
+0x04100010, 0x04004010, 0x04004000, 0x00100010,
+0x04104000, 0x00000010, 0x00100010, 0x04004000,
+0x04104010, 0x00100000, 0x04100000, 0x04000010,
+0x00104000, 0x00004010, 0x04004010, 0x04100000,
+0x00000010, 0x04104000, 0x00104010, 0x00000000,
+0x04000000, 0x04100010, 0x00004000, 0x00104010,
+);
+
+sub main'des_set_key
+ {
+ local($param)=@_;
+ local(@key);
+ local($c,$d,$i,$s,$t);
+ local(@ks)=();
+
+ # Get the bytes in the order we want.
+ @key=unpack("C8",$param);
+
+ $c= ($key[0] )|
+ ($key[1]<< 8)|
+ ($key[2]<<16)|
+ ($key[3]<<24);
+ $d= ($key[4] )|
+ ($key[5]<< 8)|
+ ($key[6]<<16)|
+ ($key[7]<<24);
+
+ &doPC1(*c,*d);
+
+ for $i (@shifts2)
+ {
+ if ($i)
+ {
+ $c=($c>>2)|($c<<26);
+ $d=($d>>2)|($d<<26);
+ }
+ else
+ {
+ $c=($c>>1)|($c<<27);
+ $d=($d>>1)|($d<<27);
+ }
+ $c&=0x0fffffff;
+ $d&=0x0fffffff;
+ $s= $skb0[ ($c )&0x3f ]|
+ $skb1[(($c>> 6)&0x03)|(($c>> 7)&0x3c)]|
+ $skb2[(($c>>13)&0x0f)|(($c>>14)&0x30)]|
+ $skb3[(($c>>20)&0x01)|(($c>>21)&0x06) |
+ (($c>>22)&0x38)];
+ $t= $skb4[ ($d )&0x3f ]|
+ $skb5[(($d>> 7)&0x03)|(($d>> 8)&0x3c)]|
+ $skb6[ ($d>>15)&0x3f ]|
+ $skb7[(($d>>21)&0x0f)|(($d>>22)&0x30)];
+ push(@ks,(($t<<16)|($s&0x0000ffff))&0xffffffff);
+ $s= (($s>>16)&0x0000ffff)|($t&0xffff0000) ;
+ push(@ks,(($s<<4)|(($s>>28)&0xf))&0xffffffff);
+ }
+ @ks;
+ }
+
+sub doPC1
+ {
+ local(*a,*b)=@_;
+ local($t);
+
+ $t=(($b>>4)^$a)&0x0f0f0f0f;
+ $b^=($t<<4); $a^=$t;
+ # do $a first
+ $t=(($a<<18)^$a)&0xcccc0000;
+ $a=$a^$t^(($t>>18)&0x00003fff);
+ $t=(($a<<17)^$a)&0xaaaa0000;
+ $a=$a^$t^(($t>>17)&0x00007fff);
+ $t=(($a<< 8)^$a)&0x00ff0000;
+ $a=$a^$t^(($t>> 8)&0x00ffffff);
+ $t=(($a<<17)^$a)&0xaaaa0000;
+ $a=$a^$t^(($t>>17)&0x00007fff);
+
+ # now do $b
+ $t=(($b<<24)^$b)&0xff000000;
+ $b=$b^$t^(($t>>24)&0x000000ff);
+ $t=(($b<< 8)^$b)&0x00ff0000;
+ $b=$b^$t^(($t>> 8)&0x00ffffff);
+ $t=(($b<<14)^$b)&0x33330000;
+ $b=$b^$t^(($t>>14)&0x0003ffff);
+ $b=(($b&0x00aa00aa)<<7)|(($b&0x55005500)>>7)|($b&0xaa55aa55);
+ $b=(($b>>8)&0x00ffffff)|((($a&0xf0000000)>>4)&0x0fffffff);
+ $a&=0x0fffffff;
+ }
+
+sub doIP
+ {
+ local(*a,*b)=@_;
+ local($t);
+
+ $t=(($b>> 4)^$a)&0x0f0f0f0f;
+ $b^=($t<< 4); $a^=$t;
+ $t=(($a>>16)^$b)&0x0000ffff;
+ $a^=($t<<16); $b^=$t;
+ $t=(($b>> 2)^$a)&0x33333333;
+ $b^=($t<< 2); $a^=$t;
+ $t=(($a>> 8)^$b)&0x00ff00ff;
+ $a^=($t<< 8); $b^=$t;
+ $t=(($b>> 1)^$a)&0x55555555;
+ $b^=($t<< 1); $a^=$t;
+ $t=$a;
+ $a=$b&0xffffffff;
+ $b=$t&0xffffffff;
+ }
+
+sub doFP
+ {
+ local(*a,*b)=@_;
+ local($t);
+
+ $t=(($b>> 1)^$a)&0x55555555;
+ $b^=($t<< 1); $a^=$t;
+ $t=(($a>> 8)^$b)&0x00ff00ff;
+ $a^=($t<< 8); $b^=$t;
+ $t=(($b>> 2)^$a)&0x33333333;
+ $b^=($t<< 2); $a^=$t;
+ $t=(($a>>16)^$b)&0x0000ffff;
+ $a^=($t<<16); $b^=$t;
+ $t=(($b>> 4)^$a)&0x0f0f0f0f;
+ $b^=($t<< 4); $a^=$t;
+ $a&=0xffffffff;
+ $b&=0xffffffff;
+ }
+
+sub main'des_ecb_encrypt
+ {
+ local(*ks,$encrypt,$in)=@_;
+ local($l,$r,$i,$t,$u,@input);
+
+ @input=unpack("C8",$in);
+ # Get the bytes in the order we want.
+ $l= ($input[0] )|
+ ($input[1]<< 8)|
+ ($input[2]<<16)|
+ ($input[3]<<24);
+ $r= ($input[4] )|
+ ($input[5]<< 8)|
+ ($input[6]<<16)|
+ ($input[7]<<24);
+
+ $l&=0xffffffff;
+ $r&=0xffffffff;
+ &doIP(*l,*r);
+ if ($encrypt)
+ {
+ for ($i=0; $i<32; $i+=4)
+ {
+ $t=((($r&0x7fffffff)<<1)|(($r>>31)&0x00000001));
+ $u=$t^$ks[$i ];
+ $t=$t^$ks[$i+1];
+ $t2=(($t&0x0000000f)<<28);
+
+ $t=((($t>>4)&0x0fffffff)|(($t&0x0000000f)<<28));
+ $l^= $SP1[ $t &0x3f]|
+ $SP3[($t>> 8)&0x3f]|
+ $SP5[($t>>16)&0x3f]|
+ $SP7[($t>>24)&0x3f]|
+ $SP0[ $u &0x3f]|
+ $SP2[($u>> 8)&0x3f]|
+ $SP4[($u>>16)&0x3f]|
+ $SP6[($u>>24)&0x3f];
+
+ $t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
+ $u=$t^$ks[$i+2];
+ $t=$t^$ks[$i+3];
+ $t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+ $r^= $SP1[ $t &0x3f]|
+ $SP3[($t>> 8)&0x3f]|
+ $SP5[($t>>16)&0x3f]|
+ $SP7[($t>>24)&0x3f]|
+ $SP0[ $u &0x3f]|
+ $SP2[($u>> 8)&0x3f]|
+ $SP4[($u>>16)&0x3f]|
+ $SP6[($u>>24)&0x3f];
+ }
+ }
+ else
+ {
+ for ($i=30; $i>0; $i-=4)
+ {
+ $t=(($r<<1)|(($r>>31)&0x1))&0xffffffff;
+ $u=$t^$ks[$i ];
+ $t=$t^$ks[$i+1];
+ $t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+ $l^= $SP1[ $t &0x3f]|
+ $SP3[($t>> 8)&0x3f]|
+ $SP5[($t>>16)&0x3f]|
+ $SP7[($t>>24)&0x3f]|
+ $SP0[ $u &0x3f]|
+ $SP2[($u>> 8)&0x3f]|
+ $SP4[($u>>16)&0x3f]|
+ $SP6[($u>>24)&0x3f];
+
+ $t=(($l<<1)|(($l>>31)&0x1))&0xffffffff;
+ $u=$t^$ks[$i-2];
+ $t=$t^$ks[$i-1];
+ $t=((($t>>4)&0x0fffffff)|($t<<28))&0xffffffff;
+ $r^= $SP1[ $t &0x3f]|
+ $SP3[($t>> 8)&0x3f]|
+ $SP5[($t>>16)&0x3f]|
+ $SP7[($t>>24)&0x3f]|
+ $SP0[ $u &0x3f]|
+ $SP2[($u>> 8)&0x3f]|
+ $SP4[($u>>16)&0x3f]|
+ $SP6[($u>>24)&0x3f];
+ }
+ }
+ &doFP(*l,*r);
+ pack("C8",$l&0xff,
+ ($l>> 8)&0x00ffffff,
+ ($l>>16)&0x0000ffff,
+ ($l>>24)&0x000000ff,
+ $r&0xff,
+ ($r>> 8)&0x00ffffff,
+ ($r>>16)&0x0000ffff,
+ ($r>>24)&0x000000ff);
+ }
diff --git a/crypto/des/des_crypt.man b/crypto/des/des_crypt.man
new file mode 100644
index 0000000..0ecc416
--- /dev/null
+++ b/crypto/des/des_crypt.man
@@ -0,0 +1,508 @@
+.TH DES_CRYPT 3
+.SH NAME
+des_read_password, des_read_2password,
+des_string_to_key, des_string_to_2key, des_read_pw_string,
+des_random_key, des_set_key,
+des_key_sched, des_ecb_encrypt, des_ecb3_encrypt, des_cbc_encrypt,
+des_3cbc_encrypt,
+des_pcbc_encrypt, des_cfb_encrypt, des_ofb_encrypt,
+des_cbc_cksum, des_quad_cksum,
+des_enc_read, des_enc_write, des_set_odd_parity,
+des_is_weak_key, crypt \- (non USA) DES encryption
+.SH SYNOPSIS
+.nf
+.nj
+.ft B
+#include <des.h>
+.PP
+.B int des_read_password(key,prompt,verify)
+des_cblock *key;
+char *prompt;
+int verify;
+.PP
+.B int des_read_2password(key1,key2,prompt,verify)
+des_cblock *key1,*key2;
+char *prompt;
+int verify;
+.PP
+.B int des_string_to_key(str,key)
+char *str;
+des_cblock *key;
+.PP
+.B int des_string_to_2keys(str,key1,key2)
+char *str;
+des_cblock *key1,*key2;
+.PP
+.B int des_read_pw_string(buf,length,prompt,verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+.PP
+.B int des_random_key(key)
+des_cblock *key;
+.PP
+.B int des_set_key(key,schedule)
+des_cblock *key;
+des_key_schedule schedule;
+.PP
+.B int des_key_sched(key,schedule)
+des_cblock *key;
+des_key_schedule schedule;
+.PP
+.B int des_ecb_encrypt(input,output,schedule,encrypt)
+des_cblock *input;
+des_cblock *output;
+des_key_schedule schedule;
+int encrypt;
+.PP
+.B int des_ecb3_encrypt(input,output,ks1,ks2,encrypt)
+des_cblock *input;
+des_cblock *output;
+des_key_schedule ks1,ks2;
+int encrypt;
+.PP
+.B int des_cbc_encrypt(input,output,length,schedule,ivec,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_3cbc_encrypt(input,output,length,sk1,sk2,ivec1,ivec2,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule sk1;
+des_key_schedule sk2;
+des_cblock *ivec1;
+des_cblock *ivec2;
+int encrypt;
+.PP
+.B int des_pcbc_encrypt(input,output,length,schedule,ivec,encrypt)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_cfb_encrypt(input,output,numbits,length,schedule,ivec,encrypt)
+unsigned char *input;
+unsigned char *output;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+int encrypt;
+.PP
+.B int des_ofb_encrypt(input,output,numbits,length,schedule,ivec)
+unsigned char *input,*output;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+.PP
+.B unsigned long des_cbc_cksum(input,output,length,schedule,ivec)
+des_cblock *input;
+des_cblock *output;
+long length;
+des_key_schedule schedule;
+des_cblock *ivec;
+.PP
+.B unsigned long des_quad_cksum(input,output,length,out_count,seed)
+des_cblock *input;
+des_cblock *output;
+long length;
+int out_count;
+des_cblock *seed;
+.PP
+.B int des_check_key;
+.PP
+.B int des_enc_read(fd,buf,len,sched,iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock *iv;
+.PP
+.B int des_enc_write(fd,buf,len,sched,iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock *iv;
+.PP
+.B extern int des_rw_mode;
+.PP
+.B void des_set_odd_parity(key)
+des_cblock *key;
+.PP
+.B int des_is_weak_key(key)
+des_cblock *key;
+.PP
+.B char *crypt(passwd,salt)
+char *passwd;
+char *salt;
+.PP
+.fi
+.SH DESCRIPTION
+This library contains a fast implementation of the DES encryption
+algorithm.
+.PP
+There are two phases to the use of DES encryption.
+The first is the generation of a
+.I des_key_schedule
+from a key,
+the second is the actual encryption.
+A des key is of type
+.I des_cblock.
+This type is made from 8 characters with odd parity.
+The least significant bit in the character is the parity bit.
+The key schedule is an expanded form of the key; it is used to speed the
+encryption process.
+.PP
+.I des_read_password
+writes the string specified by prompt to the standard output,
+turns off echo and reads an input string from standard input
+until terminated with a newline.
+If verify is non-zero, it prompts and reads the input again and verifies
+that both entered passwords are the same.
+The entered string is converted into a des key by using the
+.I des_string_to_key
+routine.
+The new key is placed in the
+.I des_cblock
+that was passed (by reference) to the routine.
+If there were no errors,
+.I des_read_password
+returns 0,
+-1 is returned if there was a terminal error and 1 is returned for
+any other error.
+.PP
+.I des_read_2password
+operates in the same way as
+.I des_read_password
+except that it generates 2 keys by using the
+.I des_string_to_2key
+function.
+.PP
+.I des_read_pw_string
+is called by
+.I des_read_password
+to read and verify a string from a terminal device.
+The string is returned in
+.I buf.
+The size of
+.I buf
+is passed to the routine via the
+.I length
+parameter.
+.PP
+.I des_string_to_key
+converts a string into a valid des key.
+.PP
+.I des_string_to_2key
+converts a string into 2 valid des keys.
+This routine is best suited for used to generate keys for use with
+.I des_ecb3_encrypt.
+.PP
+.I des_random_key
+returns a random key that is made of a combination of process id,
+time and an increasing counter.
+.PP
+Before a des key can be used it is converted into a
+.I des_key_schedule
+via the
+.I des_set_key
+routine.
+If the
+.I des_check_key
+flag is non-zero,
+.I des_set_key
+will check that the key passed is of odd parity and is not a week or
+semi-weak key.
+If the parity is wrong,
+then -1 is returned.
+If the key is a weak key,
+then -2 is returned.
+If an error is returned,
+the key schedule is not generated.
+.PP
+.I des_key_sched
+is another name for the
+.I des_set_key
+function.
+.PP
+The following routines mostly operate on an input and output stream of
+.I des_cblock's.
+.PP
+.I des_ecb_encrypt
+is the basic DES encryption routine that encrypts or decrypts a single 8-byte
+.I des_cblock
+in
+.I electronic code book
+mode.
+It always transforms the input data, pointed to by
+.I input,
+into the output data,
+pointed to by the
+.I output
+argument.
+If the
+.I encrypt
+argument is non-zero (DES_ENCRYPT),
+the
+.I input
+(cleartext) is encrypted in to the
+.I output
+(ciphertext) using the key_schedule specified by the
+.I schedule
+argument,
+previously set via
+.I des_set_key.
+If
+.I encrypt
+is zero (DES_DECRYPT),
+the
+.I input
+(now ciphertext)
+is decrypted into the
+.I output
+(now cleartext).
+Input and output may overlap.
+No meaningful value is returned.
+.PP
+.I des_ecb3_encrypt
+encrypts/decrypts the
+.I input
+block by using triple ecb DES encryption.
+This involves encrypting the input with
+.I ks1,
+decryption with the key schedule
+.I ks2,
+and then encryption with the first again.
+This routine greatly reduces the chances of brute force breaking of
+DES and has the advantage of if
+.I ks1
+and
+.I ks2
+are the same, it is equivalent to just encryption using ecb mode and
+.I ks1
+as the key.
+.PP
+.I des_cbc_encrypt
+encrypts/decrypts using the
+.I cipher-block-chaining
+mode of DES.
+If the
+.I encrypt
+argument is non-zero,
+the routine cipher-block-chain encrypts the cleartext data pointed to by the
+.I input
+argument into the ciphertext pointed to by the
+.I output
+argument,
+using the key schedule provided by the
+.I schedule
+argument,
+and initialisation vector provided by the
+.I ivec
+argument.
+If the
+.I length
+argument is not an integral multiple of eight bytes,
+the last block is copied to a temporary area and zero filled.
+The output is always
+an integral multiple of eight bytes.
+To make multiple cbc encrypt calls on a large amount of data appear to
+be one
+.I des_cbc_encrypt
+call, the
+.I ivec
+of subsequent calls should be the last 8 bytes of the output.
+.PP
+.I des_3cbc_encrypt
+encrypts/decrypts the
+.I input
+block by using triple cbc DES encryption.
+This involves encrypting the input with key schedule
+.I ks1,
+decryption with the key schedule
+.I ks2,
+and then encryption with the first again.
+2 initialisation vectors are required,
+.I ivec1
+and
+.I ivec2.
+Unlike
+.I des_cbc_encrypt,
+these initialisation vectors are modified by the subroutine.
+This routine greatly reduces the chances of brute force breaking of
+DES and has the advantage of if
+.I ks1
+and
+.I ks2
+are the same, it is equivalent to just encryption using cbc mode and
+.I ks1
+as the key.
+.PP
+.I des_pcbc_encrypt
+encrypt/decrypts using a modified block chaining mode.
+It provides better error propagation characteristics than cbc
+encryption.
+.PP
+.I des_cfb_encrypt
+encrypt/decrypts using cipher feedback mode. This method takes an
+array of characters as input and outputs and array of characters. It
+does not require any padding to 8 character groups. Note: the ivec
+variable is changed and the new changed value needs to be passed to
+the next call to this function. Since this function runs a complete
+DES ecb encryption per numbits, this function is only suggested for
+use when sending small numbers of characters.
+.PP
+.I des_ofb_encrypt
+encrypt using output feedback mode. This method takes an
+array of characters as input and outputs and array of characters. It
+does not require any padding to 8 character groups. Note: the ivec
+variable is changed and the new changed value needs to be passed to
+the next call to this function. Since this function runs a complete
+DES ecb encryption per numbits, this function is only suggested for
+use when sending small numbers of characters.
+.PP
+.I des_cbc_cksum
+produces an 8 byte checksum based on the input stream (via cbc encryption).
+The last 4 bytes of the checksum is returned and the complete 8 bytes is
+placed in
+.I output.
+.PP
+.I des_quad_cksum
+returns a 4 byte checksum from the input bytes.
+The algorithm can be iterated over the input,
+depending on
+.I out_count,
+1, 2, 3 or 4 times.
+If
+.I output
+is non-NULL,
+the 8 bytes generated by each pass are written into
+.I output.
+.PP
+.I des_enc_write
+is used to write
+.I len
+bytes
+to file descriptor
+.I fd
+from buffer
+.I buf.
+The data is encrypted via
+.I pcbc_encrypt
+(default) using
+.I sched
+for the key and
+.I iv
+as a starting vector.
+The actual data send down
+.I fd
+consists of 4 bytes (in network byte order) containing the length of the
+following encrypted data. The encrypted data then follows, padded with random
+data out to a multiple of 8 bytes.
+.PP
+.I des_enc_read
+is used to read
+.I len
+bytes
+from file descriptor
+.I fd
+into buffer
+.I buf.
+The data being read from
+.I fd
+is assumed to have come from
+.I des_enc_write
+and is decrypted using
+.I sched
+for the key schedule and
+.I iv
+for the initial vector.
+The
+.I des_enc_read/des_enc_write
+pair can be used to read/write to files, pipes and sockets.
+I have used them in implementing a version of rlogin in which all
+data is encrypted.
+.PP
+.I des_rw_mode
+is used to specify the encryption mode to use with
+.I des_enc_read
+and
+.I des_end_write.
+If set to
+.I DES_PCBC_MODE
+(the default), des_pcbc_encrypt is used.
+If set to
+.I DES_CBC_MODE
+des_cbc_encrypt is used.
+These two routines and the variable are not part of the normal MIT library.
+.PP
+.I des_set_odd_parity
+sets the parity of the passed
+.I key
+to odd. This routine is not part of the standard MIT library.
+.PP
+.I des_is_weak_key
+returns 1 is the passed key is a weak key (pick again :-),
+0 if it is ok.
+This routine is not part of the standard MIT library.
+.PP
+.I crypt
+is a replacement for the normal system crypt.
+It is much faster than the system crypt.
+.PP
+.SH FILES
+/usr/include/des.h
+.br
+/usr/lib/libdes.a
+.PP
+The encryption routines have been tested on 16bit, 32bit and 64bit
+machines of various endian and even works under VMS.
+.PP
+.SH BUGS
+.PP
+If you think this manual is sparse,
+read the des_crypt(3) manual from the MIT kerberos (or bones outside
+of the USA) distribution.
+.PP
+.I des_cfb_encrypt
+and
+.I des_ofb_encrypt
+operates on input of 8 bits. What this means is that if you set
+numbits to 12, and length to 2, the first 12 bits will come from the 1st
+input byte and the low half of the second input byte. The second 12
+bits will have the low 8 bits taken from the 3rd input byte and the
+top 4 bits taken from the 4th input byte. The same holds for output.
+This function has been implemented this way because most people will
+be using a multiple of 8 and because once you get into pulling bytes input
+bytes apart things get ugly!
+.PP
+.I des_read_pw_string
+is the most machine/OS dependent function and normally generates the
+most problems when porting this code.
+.PP
+.I des_string_to_key
+is probably different from the MIT version since there are lots
+of fun ways to implement one-way encryption of a text string.
+.PP
+The routines are optimised for 32 bit machines and so are not efficient
+on IBM PCs.
+.PP
+NOTE: extensive work has been done on this library since this document
+was origionally written. Please try to read des.doc from the libdes
+distribution since it is far more upto date and documents more of the
+functions. Libdes is now also being shipped as part of SSLeay, a
+general cryptographic library that amonst other things implements
+netscapes SSL protocoll. The most recent version can be found in
+SSLeay distributions.
+.SH AUTHOR
+Eric Young (eay@cryptsoft.com)
diff --git a/crypto/des/des_enc.c b/crypto/des/des_enc.c
new file mode 100644
index 0000000..b04e12d
--- /dev/null
+++ b/crypto/des/des_enc.c
@@ -0,0 +1,301 @@
+/* crypto/des/des_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_encrypt(data, ks, enc)
+DES_LONG *data;
+des_key_schedule ks;
+int enc;
+ {
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+ register int i;
+#endif
+ register DES_LONG *s;
+
+ r=data[0];
+ l=data[1];
+
+ IP(r,l);
+ /* Things have been modified so that the initial rotate is
+ * done outside the loop. This required the
+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+ * One perl script later and things have a 5% speed up on a sparc2.
+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ * for pointing this out. */
+ /* clear the top bits on machines with 8byte longs */
+ /* shift left by 2 */
+ r=ROTATE(r,29)&0xffffffffL;
+ l=ROTATE(l,29)&0xffffffffL;
+
+ s=(DES_LONG *)ks;
+ /* I don't know if it is worth the effort of loop unrolling the
+ * inner loop */
+ if (enc)
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#else
+ for (i=0; i<32; i+=8)
+ {
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 3 */
+ D_ENCRYPT(r,l,i+6); /* 4 */
+ }
+#endif
+ }
+ else
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r,30); /* 16 */
+ D_ENCRYPT(r,l,28); /* 15 */
+ D_ENCRYPT(l,r,26); /* 14 */
+ D_ENCRYPT(r,l,24); /* 13 */
+ D_ENCRYPT(l,r,22); /* 12 */
+ D_ENCRYPT(r,l,20); /* 11 */
+ D_ENCRYPT(l,r,18); /* 10 */
+ D_ENCRYPT(r,l,16); /* 9 */
+ D_ENCRYPT(l,r,14); /* 8 */
+ D_ENCRYPT(r,l,12); /* 7 */
+ D_ENCRYPT(l,r,10); /* 6 */
+ D_ENCRYPT(r,l, 8); /* 5 */
+ D_ENCRYPT(l,r, 6); /* 4 */
+ D_ENCRYPT(r,l, 4); /* 3 */
+ D_ENCRYPT(l,r, 2); /* 2 */
+ D_ENCRYPT(r,l, 0); /* 1 */
+#else
+ for (i=30; i>0; i-=8)
+ {
+ D_ENCRYPT(l,r,i-0); /* 16 */
+ D_ENCRYPT(r,l,i-2); /* 15 */
+ D_ENCRYPT(l,r,i-4); /* 14 */
+ D_ENCRYPT(r,l,i-6); /* 13 */
+ }
+#endif
+ }
+
+ /* rotate and clear the top bits on machines with 8byte longs */
+ l=ROTATE(l,3)&0xffffffffL;
+ r=ROTATE(r,3)&0xffffffffL;
+
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ l=r=t=u=0;
+ }
+
+void des_encrypt2(data, ks, enc)
+DES_LONG *data;
+des_key_schedule ks;
+int enc;
+ {
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+#ifndef DES_UNROLL
+ register int i;
+#endif
+ register DES_LONG *s;
+
+ r=data[0];
+ l=data[1];
+
+ /* Things have been modified so that the initial rotate is
+ * done outside the loop. This required the
+ * des_SPtrans values in sp.h to be rotated 1 bit to the right.
+ * One perl script later and things have a 5% speed up on a sparc2.
+ * Thanks to Richard Outerbridge <71755.204@CompuServe.COM>
+ * for pointing this out. */
+ /* clear the top bits on machines with 8byte longs */
+ r=ROTATE(r,29)&0xffffffff;
+ l=ROTATE(l,29)&0xffffffff;
+
+ s=(DES_LONG *)ks;
+ /* I don't know if it is worth the effort of loop unrolling the
+ * inner loop */
+ if (enc)
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#else
+ for (i=0; i<32; i+=8)
+ {
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 3 */
+ D_ENCRYPT(r,l,i+6); /* 4 */
+ }
+#endif
+ }
+ else
+ {
+#ifdef DES_UNROLL
+ D_ENCRYPT(l,r,30); /* 16 */
+ D_ENCRYPT(r,l,28); /* 15 */
+ D_ENCRYPT(l,r,26); /* 14 */
+ D_ENCRYPT(r,l,24); /* 13 */
+ D_ENCRYPT(l,r,22); /* 12 */
+ D_ENCRYPT(r,l,20); /* 11 */
+ D_ENCRYPT(l,r,18); /* 10 */
+ D_ENCRYPT(r,l,16); /* 9 */
+ D_ENCRYPT(l,r,14); /* 8 */
+ D_ENCRYPT(r,l,12); /* 7 */
+ D_ENCRYPT(l,r,10); /* 6 */
+ D_ENCRYPT(r,l, 8); /* 5 */
+ D_ENCRYPT(l,r, 6); /* 4 */
+ D_ENCRYPT(r,l, 4); /* 3 */
+ D_ENCRYPT(l,r, 2); /* 2 */
+ D_ENCRYPT(r,l, 0); /* 1 */
+#else
+ for (i=30; i>0; i-=8)
+ {
+ D_ENCRYPT(l,r,i-0); /* 16 */
+ D_ENCRYPT(r,l,i-2); /* 15 */
+ D_ENCRYPT(l,r,i-4); /* 14 */
+ D_ENCRYPT(r,l,i-6); /* 13 */
+ }
+#endif
+ }
+ /* rotate and clear the top bits on machines with 8byte longs */
+ data[0]=ROTATE(l,3)&0xffffffff;
+ data[1]=ROTATE(r,3)&0xffffffff;
+ l=r=t=u=0;
+ }
+
+void des_encrypt3(data,ks1,ks2,ks3)
+DES_LONG *data;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+ {
+ register DES_LONG l,r;
+
+ l=data[0];
+ r=data[1];
+ IP(l,r);
+ data[0]=l;
+ data[1]=r;
+ des_encrypt2((DES_LONG *)data,ks1,DES_ENCRYPT);
+ des_encrypt2((DES_LONG *)data,ks2,DES_DECRYPT);
+ des_encrypt2((DES_LONG *)data,ks3,DES_ENCRYPT);
+ l=data[0];
+ r=data[1];
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ }
+
+void des_decrypt3(data,ks1,ks2,ks3)
+DES_LONG *data;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+ {
+ register DES_LONG l,r;
+
+ l=data[0];
+ r=data[1];
+ IP(l,r);
+ data[0]=l;
+ data[1]=r;
+ des_encrypt2((DES_LONG *)data,ks3,DES_DECRYPT);
+ des_encrypt2((DES_LONG *)data,ks2,DES_ENCRYPT);
+ des_encrypt2((DES_LONG *)data,ks1,DES_DECRYPT);
+ l=data[0];
+ r=data[1];
+ FP(r,l);
+ data[0]=l;
+ data[1]=r;
+ }
+
diff --git a/crypto/des/des_locl.h b/crypto/des/des_locl.h
new file mode 100644
index 0000000..e2e503c
--- /dev/null
+++ b/crypto/des/des_locl.h
@@ -0,0 +1,516 @@
+/* crypto/des/des_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des_locl.org since des_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#if defined(WIN32) || defined(WIN16)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#endif
+#include "des.h"
+
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun ) /* Newer Sparc's */
+ #define DES_PTR
+ #define DES_RISC1
+ #define DES_UNROLL
+#elif defined( __ultrix ) /* Older MIPS */
+ #define DES_PTR
+ #define DES_RISC2
+ #define DES_UNROLL
+#elif defined( __osf1__ ) /* Alpha */
+ #define DES_PTR
+ #define DES_RISC2
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* Unknown */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+ #define DES_UNROLL
+#elif defined( __sgi ) /* Newer MIPS */
+ #define DES_PTR
+ #define DES_RISC2
+ #define DES_UNROLL
+#elif defined( i386 ) /* x86 boxes, should be gcc */
+ #define DES_PTR
+ #define DES_RISC1
+ #define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+
+#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#ifndef RAND
+#define RAND
+#endif
+#undef NOPROTO
+#endif
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifndef RAND
+#define RAND
+#endif
+
+#ifdef linux
+#undef RAND
+#endif
+
+#ifdef MSDOS
+#define getpid() 2
+#define RAND
+#undef NOPROTO
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#ifdef __STDC__
+#undef NOPROTO
+#endif
+
+#ifdef RAND
+#define srandom(s) srand(s)
+#define random rand
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE (1024*16)
+#define BSIZE (MAXWRITE+4)
+
+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+ case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+ case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 5: l2|=((DES_LONG)(*(--(c)))); \
+ case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+ case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+ case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 1: l1|=((DES_LONG)(*(--(c)))); \
+ } \
+ }
+
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+#if defined(WIN32)
+#define ROTATE(a,n) (_lrotr(a,n))
+#else
+#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+ { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ t=R^(R>>16L); \
+ u=t&E0; t&=E1; \
+ tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
+ tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ u=R^s[S ]; \
+ t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the achitecture. gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together. This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ u>>=16L; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+ u3=(int)(u>>8L); \
+ u1=(int)u&0xfc; \
+ u3&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ t>>=16L; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+ u3=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u3&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+ s1=(int)(u>>16L); \
+ s2=(int)(u>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+ s1=(int)(t>>16L); \
+ s2=(int)(t>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^= \
+ *(DES_LONG *)((unsigned char *)des_SP +((u )&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x100+((t )&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ u>>=16L; \
+ LL^=des_SPtrans[0][u1]; \
+ LL^=des_SPtrans[2][u2]; \
+ u3=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u3&=0x3f; \
+ LL^=des_SPtrans[4][u1]; \
+ LL^=des_SPtrans[6][u3]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ t>>=16L; \
+ LL^=des_SPtrans[1][u1]; \
+ LL^=des_SPtrans[3][u2]; \
+ u3=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u3&=0x3f; \
+ LL^=des_SPtrans[5][u1]; \
+ LL^=des_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ LL^=des_SPtrans[0][u1]; \
+ LL^=des_SPtrans[2][u2]; \
+ s1=(int)u>>16L; \
+ s2=(int)u>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=des_SPtrans[4][s1]; \
+ LL^=des_SPtrans[6][s2]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ LL^=des_SPtrans[1][u1]; \
+ LL^=des_SPtrans[3][u2]; \
+ s1=(int)t>>16; \
+ s2=(int)t>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=des_SPtrans[5][s1]; \
+ LL^=des_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^=\
+ des_SPtrans[0][(u>> 2L)&0x3f]^ \
+ des_SPtrans[2][(u>>10L)&0x3f]^ \
+ des_SPtrans[4][(u>>18L)&0x3f]^ \
+ des_SPtrans[6][(u>>26L)&0x3f]^ \
+ des_SPtrans[1][(t>> 2L)&0x3f]^ \
+ des_SPtrans[3][(t>>10L)&0x3f]^ \
+ des_SPtrans[5][(t>>18L)&0x3f]^ \
+ des_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+ /* IP and FP
+ * The problem is more of a geometric problem that random bit fiddling.
+ 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
+ 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
+ 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
+ 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
+
+ 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
+ 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
+ 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
+ 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
+
+ The output has been subject to swaps of the form
+ 0 1 -> 3 1 but the odd and even bits have been put into
+ 2 3 2 0
+ different words. The main trick is to remember that
+ t=((l>>size)^r)&(mask);
+ r^=t;
+ l^=(t<<size);
+ can be used to swap and move bits between words.
+
+ So l = 0 1 2 3 r = 16 17 18 19
+ 4 5 6 7 20 21 22 23
+ 8 9 10 11 24 25 26 27
+ 12 13 14 15 28 29 30 31
+ becomes (for size == 2 and mask == 0x3333)
+ t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
+ 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
+ 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
+ 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
+
+ Thanks for hints from Richard Outerbridge - he told me IP&FP
+ could be done in 15 xor, 10 shifts and 5 ands.
+ When I finally started to think of the problem in 2D
+ I first got ~42 operations without xors. When I remembered
+ how to use xors :-) I got it to its final state.
+ */
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ (b)^=(t),\
+ (a)^=((t)<<(n)))
+
+#define IP(l,r) \
+ { \
+ register DES_LONG tt; \
+ PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+ PERM_OP(l,r,tt,16,0x0000ffffL); \
+ PERM_OP(r,l,tt, 2,0x33333333L); \
+ PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+ PERM_OP(r,l,tt, 1,0x55555555L); \
+ }
+
+#define FP(l,r) \
+ { \
+ register DES_LONG tt; \
+ PERM_OP(l,r,tt, 1,0x55555555L); \
+ PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+ PERM_OP(l,r,tt, 2,0x33333333L); \
+ PERM_OP(r,l,tt,16,0x0000ffffL); \
+ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+ }
+
+extern const DES_LONG des_SPtrans[8][64];
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+ DES_LONG Eswap0, DES_LONG Eswap1);
+#else
+void fcrypt_body();
+#endif
+
+#endif
diff --git a/crypto/des/des_locl.org b/crypto/des/des_locl.org
new file mode 100644
index 0000000..e2e503c
--- /dev/null
+++ b/crypto/des/des_locl.org
@@ -0,0 +1,516 @@
+/* crypto/des/des_locl.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify des_locl.org since des_locl.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_DES_LOCL_H
+#define HEADER_DES_LOCL_H
+
+#if defined(WIN32) || defined(WIN16)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#endif
+#include "des.h"
+
+#ifndef DES_DEFAULT_OPTIONS
+/* the following is tweaked from a config script, that is why it is a
+ * protected undef/define */
+#ifndef DES_PTR
+#undef DES_PTR
+#endif
+
+/* This helps C compiler generate the correct code for multiple functional
+ * units. It reduces register dependancies at the expense of 2 more
+ * registers */
+#ifndef DES_RISC1
+#undef DES_RISC1
+#endif
+
+#ifndef DES_RISC2
+#undef DES_RISC2
+#endif
+
+#if defined(DES_RISC1) && defined(DES_RISC2)
+YOU SHOULD NOT HAVE BOTH DES_RISC1 AND DES_RISC2 DEFINED!!!!!
+#endif
+
+/* Unroll the inner loop, this sometimes helps, sometimes hinders.
+ * Very mucy CPU dependant */
+#ifndef DES_UNROLL
+#undef DES_UNROLL
+#endif
+
+/* These default values were supplied by
+ * Peter Gutman <pgut001@cs.auckland.ac.nz>
+ * They are only used if nothing else has been defined */
+#if !defined(DES_PTR) && !defined(DES_RISC1) && !defined(DES_RISC2) && !defined(DES_UNROLL)
+/* Special defines which change the way the code is built depending on the
+ CPU and OS. For SGI machines you can use _MIPS_SZLONG (32 or 64) to find
+ even newer MIPS CPU's, but at the moment one size fits all for
+ optimization options. Older Sparc's work better with only UNROLL, but
+ there's no way to tell at compile time what it is you're running on */
+
+#if defined( sun ) /* Newer Sparc's */
+ #define DES_PTR
+ #define DES_RISC1
+ #define DES_UNROLL
+#elif defined( __ultrix ) /* Older MIPS */
+ #define DES_PTR
+ #define DES_RISC2
+ #define DES_UNROLL
+#elif defined( __osf1__ ) /* Alpha */
+ #define DES_PTR
+ #define DES_RISC2
+#elif defined ( _AIX ) /* RS6000 */
+ /* Unknown */
+#elif defined( __hpux ) /* HP-PA */
+ /* Unknown */
+#elif defined( __aux ) /* 68K */
+ /* Unknown */
+#elif defined( __dgux ) /* 88K (but P6 in latest boxes) */
+ #define DES_UNROLL
+#elif defined( __sgi ) /* Newer MIPS */
+ #define DES_PTR
+ #define DES_RISC2
+ #define DES_UNROLL
+#elif defined( i386 ) /* x86 boxes, should be gcc */
+ #define DES_PTR
+ #define DES_RISC1
+ #define DES_UNROLL
+#endif /* Systems-specific speed defines */
+#endif
+
+#endif /* DES_DEFAULT_OPTIONS */
+
+#ifdef MSDOS /* Visual C++ 2.1 (Windows NT/95) */
+#include <stdlib.h>
+#include <errno.h>
+#include <time.h>
+#include <io.h>
+#ifndef RAND
+#define RAND
+#endif
+#undef NOPROTO
+#endif
+
+#if defined(__STDC__) || defined(VMS) || defined(M_XENIX) || defined(MSDOS)
+#include <string.h>
+#endif
+
+#ifndef RAND
+#define RAND
+#endif
+
+#ifdef linux
+#undef RAND
+#endif
+
+#ifdef MSDOS
+#define getpid() 2
+#define RAND
+#undef NOPROTO
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#ifdef __STDC__
+#undef NOPROTO
+#endif
+
+#ifdef RAND
+#define srandom(s) srand(s)
+#define random rand
+#endif
+
+#define ITERATIONS 16
+#define HALF_ITERATIONS 8
+
+/* used in des_read and des_write */
+#define MAXWRITE (1024*16)
+#define BSIZE (MAXWRITE+4)
+
+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((DES_LONG)(*(--(c))))<<24L; \
+ case 7: l2|=((DES_LONG)(*(--(c))))<<16L; \
+ case 6: l2|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 5: l2|=((DES_LONG)(*(--(c)))); \
+ case 4: l1 =((DES_LONG)(*(--(c))))<<24L; \
+ case 3: l1|=((DES_LONG)(*(--(c))))<<16L; \
+ case 2: l1|=((DES_LONG)(*(--(c))))<< 8L; \
+ case 1: l1|=((DES_LONG)(*(--(c)))); \
+ } \
+ }
+
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* replacements for htonl and ntohl since I have no idea what to do
+ * when faced with machines with 8 byte longs. */
+#define HDRSIZE 4
+
+#define n2l(c,l) (l =((DES_LONG)(*((c)++)))<<24L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++))))
+
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+#if defined(WIN32)
+#define ROTATE(a,n) (_lrotr(a,n))
+#else
+#define ROTATE(a,n) (((a)>>(n))+((a)<<(32-(n))))
+#endif
+
+/* Don't worry about the LOAD_DATA() stuff, that is used by
+ * fcrypt() to add it's little bit to the front */
+
+#ifdef DES_FCRYPT
+
+#define LOAD_DATA_tmp(R,S,u,t,E0,E1) \
+ { DES_LONG tmp; LOAD_DATA(R,S,u,t,E0,E1,tmp); }
+
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ t=R^(R>>16L); \
+ u=t&E0; t&=E1; \
+ tmp=(u<<16); u^=R^s[S ]; u^=tmp; \
+ tmp=(t<<16); t^=R^s[S+1]; t^=tmp
+#else
+#define LOAD_DATA_tmp(a,b,c,d,e,f) LOAD_DATA(a,b,c,d,e,f,g)
+#define LOAD_DATA(R,S,u,t,E0,E1,tmp) \
+ u=R^s[S ]; \
+ t=R^s[S+1]
+#endif
+
+/* The changes to this macro may help or hinder, depending on the
+ * compiler and the achitecture. gcc2 always seems to do well :-).
+ * Inspired by Dana How <how@isl.stanford.edu>
+ * DO NOT use the alternative version on machines with 8 byte longs.
+ * It does not seem to work on the Alpha, even when DES_LONG is 4
+ * bytes, probably an issue of accessing non-word aligned objects :-( */
+#ifdef DES_PTR
+
+/* It recently occured to me that 0^0^0^0^0^0^0 == 0, so there
+ * is no reason to not xor all the sub items together. This potentially
+ * saves a register since things can be xored directly into L */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ u>>=16L; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+ u3=(int)(u>>8L); \
+ u1=(int)u&0xfc; \
+ u3&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+u3); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ t>>=16L; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+ u3=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u3&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+u3); }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) { \
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0xfc; \
+ u2&=0xfc; \
+ t=ROTATE(t,4); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP +u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x200+u2); \
+ s1=(int)(u>>16L); \
+ s2=(int)(u>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x400+s1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x600+s2); \
+ u2=(int)t>>8L; \
+ u1=(int)t&0xfc; \
+ u2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x100+u1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x300+u2); \
+ s1=(int)(t>>16L); \
+ s2=(int)(t>>24L); \
+ s1&=0xfc; \
+ s2&=0xfc; \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x500+s1); \
+ LL^= *(DES_LONG *)((unsigned char *)des_SP+0x700+s2); }
+#endif
+#else
+#define D_ENCRYPT(LL,R,S) { \
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^= \
+ *(DES_LONG *)((unsigned char *)des_SP +((u )&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x200+((u>> 8L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x400+((u>>16L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x600+((u>>24L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x100+((t )&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x300+((t>> 8L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x500+((t>>16L)&0xfc))^ \
+ *(DES_LONG *)((unsigned char *)des_SP+0x700+((t>>24L)&0xfc)); }
+#endif
+
+#else /* original version */
+
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,u3; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ u>>=16L; \
+ LL^=des_SPtrans[0][u1]; \
+ LL^=des_SPtrans[2][u2]; \
+ u3=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u3&=0x3f; \
+ LL^=des_SPtrans[4][u1]; \
+ LL^=des_SPtrans[6][u3]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ t>>=16L; \
+ LL^=des_SPtrans[1][u1]; \
+ LL^=des_SPtrans[3][u2]; \
+ u3=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u3&=0x3f; \
+ LL^=des_SPtrans[5][u1]; \
+ LL^=des_SPtrans[7][u3]; }
+#endif
+#ifdef DES_RISC2
+#define D_ENCRYPT(LL,R,S) {\
+ unsigned int u1,u2,s1,s2; \
+ LOAD_DATA(R,S,u,t,E0,E1,u1); \
+ u>>=2L; \
+ t=ROTATE(t,6); \
+ u2=(int)u>>8L; \
+ u1=(int)u&0x3f; \
+ u2&=0x3f; \
+ LL^=des_SPtrans[0][u1]; \
+ LL^=des_SPtrans[2][u2]; \
+ s1=(int)u>>16L; \
+ s2=(int)u>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=des_SPtrans[4][s1]; \
+ LL^=des_SPtrans[6][s2]; \
+ u2=(int)t>>8L; \
+ u1=(int)t&0x3f; \
+ u2&=0x3f; \
+ LL^=des_SPtrans[1][u1]; \
+ LL^=des_SPtrans[3][u2]; \
+ s1=(int)t>>16; \
+ s2=(int)t>>24L; \
+ s1&=0x3f; \
+ s2&=0x3f; \
+ LL^=des_SPtrans[5][s1]; \
+ LL^=des_SPtrans[7][s2]; }
+#endif
+
+#else
+
+#define D_ENCRYPT(LL,R,S) {\
+ LOAD_DATA_tmp(R,S,u,t,E0,E1); \
+ t=ROTATE(t,4); \
+ LL^=\
+ des_SPtrans[0][(u>> 2L)&0x3f]^ \
+ des_SPtrans[2][(u>>10L)&0x3f]^ \
+ des_SPtrans[4][(u>>18L)&0x3f]^ \
+ des_SPtrans[6][(u>>26L)&0x3f]^ \
+ des_SPtrans[1][(t>> 2L)&0x3f]^ \
+ des_SPtrans[3][(t>>10L)&0x3f]^ \
+ des_SPtrans[5][(t>>18L)&0x3f]^ \
+ des_SPtrans[7][(t>>26L)&0x3f]; }
+#endif
+#endif
+
+ /* IP and FP
+ * The problem is more of a geometric problem that random bit fiddling.
+ 0 1 2 3 4 5 6 7 62 54 46 38 30 22 14 6
+ 8 9 10 11 12 13 14 15 60 52 44 36 28 20 12 4
+ 16 17 18 19 20 21 22 23 58 50 42 34 26 18 10 2
+ 24 25 26 27 28 29 30 31 to 56 48 40 32 24 16 8 0
+
+ 32 33 34 35 36 37 38 39 63 55 47 39 31 23 15 7
+ 40 41 42 43 44 45 46 47 61 53 45 37 29 21 13 5
+ 48 49 50 51 52 53 54 55 59 51 43 35 27 19 11 3
+ 56 57 58 59 60 61 62 63 57 49 41 33 25 17 9 1
+
+ The output has been subject to swaps of the form
+ 0 1 -> 3 1 but the odd and even bits have been put into
+ 2 3 2 0
+ different words. The main trick is to remember that
+ t=((l>>size)^r)&(mask);
+ r^=t;
+ l^=(t<<size);
+ can be used to swap and move bits between words.
+
+ So l = 0 1 2 3 r = 16 17 18 19
+ 4 5 6 7 20 21 22 23
+ 8 9 10 11 24 25 26 27
+ 12 13 14 15 28 29 30 31
+ becomes (for size == 2 and mask == 0x3333)
+ t = 2^16 3^17 -- -- l = 0 1 16 17 r = 2 3 18 19
+ 6^20 7^21 -- -- 4 5 20 21 6 7 22 23
+ 10^24 11^25 -- -- 8 9 24 25 10 11 24 25
+ 14^28 15^29 -- -- 12 13 28 29 14 15 28 29
+
+ Thanks for hints from Richard Outerbridge - he told me IP&FP
+ could be done in 15 xor, 10 shifts and 5 ands.
+ When I finally started to think of the problem in 2D
+ I first got ~42 operations without xors. When I remembered
+ how to use xors :-) I got it to its final state.
+ */
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ (b)^=(t),\
+ (a)^=((t)<<(n)))
+
+#define IP(l,r) \
+ { \
+ register DES_LONG tt; \
+ PERM_OP(r,l,tt, 4,0x0f0f0f0fL); \
+ PERM_OP(l,r,tt,16,0x0000ffffL); \
+ PERM_OP(r,l,tt, 2,0x33333333L); \
+ PERM_OP(l,r,tt, 8,0x00ff00ffL); \
+ PERM_OP(r,l,tt, 1,0x55555555L); \
+ }
+
+#define FP(l,r) \
+ { \
+ register DES_LONG tt; \
+ PERM_OP(l,r,tt, 1,0x55555555L); \
+ PERM_OP(r,l,tt, 8,0x00ff00ffL); \
+ PERM_OP(l,r,tt, 2,0x33333333L); \
+ PERM_OP(r,l,tt,16,0x0000ffffL); \
+ PERM_OP(l,r,tt, 4,0x0f0f0f0fL); \
+ }
+
+extern const DES_LONG des_SPtrans[8][64];
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+ DES_LONG Eswap0, DES_LONG Eswap1);
+#else
+void fcrypt_body();
+#endif
+
+#endif
diff --git a/crypto/des/des_opts.c b/crypto/des/des_opts.c
new file mode 100644
index 0000000..8522c28
--- /dev/null
+++ b/crypto/des/des_opts.c
@@ -0,0 +1,620 @@
+/* crypto/des/des_opts.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* define PART1, PART2, PART3 or PART4 to build only with a few of the options.
+ * This is for machines with 64k code segment size restrictions. */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern void exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+#include "spr.h"
+
+#define DES_DEFAULT_OPTIONS
+
+#if !defined(PART1) && !defined(PART2) && !defined(PART3) && !defined(PART4)
+#define PART1
+#define PART2
+#define PART3
+#define PART4
+#endif
+
+#ifdef PART1
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#define des_encrypt des_encrypt_u4_cisc_idx
+#define des_encrypt2 des_encrypt2_u4_cisc_idx
+#define des_encrypt3 des_encrypt3_u4_cisc_idx
+#define des_decrypt3 des_decrypt3_u4_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_cisc_idx
+#define des_encrypt2 des_encrypt2_u16_cisc_idx
+#define des_encrypt3 des_encrypt3_u16_cisc_idx
+#define des_decrypt3 des_decrypt3_u16_cisc_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc1_idx
+#define des_encrypt2 des_encrypt2_u4_risc1_idx
+#define des_encrypt3 des_encrypt3_u4_risc1_idx
+#define des_decrypt3 des_decrypt3_u4_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART2
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc2_idx
+#define des_encrypt2 des_encrypt2_u4_risc2_idx
+#define des_encrypt3 des_encrypt3_u4_risc2_idx
+#define des_decrypt3 des_decrypt3_u4_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc1_idx
+#define des_encrypt2 des_encrypt2_u16_risc1_idx
+#define des_encrypt3 des_encrypt3_u16_risc1_idx
+#define des_decrypt3 des_decrypt3_u16_risc1_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#undef DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc2_idx
+#define des_encrypt2 des_encrypt2_u16_risc2_idx
+#define des_encrypt3 des_encrypt3_u16_risc2_idx
+#define des_decrypt3 des_decrypt3_u16_risc2_idx
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART3
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_cisc_ptr
+#define des_encrypt2 des_encrypt2_u4_cisc_ptr
+#define des_encrypt3 des_encrypt3_u4_cisc_ptr
+#define des_decrypt3 des_decrypt3_u4_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_cisc_ptr
+#define des_encrypt2 des_encrypt2_u16_cisc_ptr
+#define des_encrypt3 des_encrypt3_u16_cisc_ptr
+#define des_decrypt3 des_decrypt3_u16_cisc_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#undef DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc1_ptr
+#define des_encrypt2 des_encrypt2_u4_risc1_ptr
+#define des_encrypt3 des_encrypt3_u4_risc1_ptr
+#define des_decrypt3 des_decrypt3_u4_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+#ifdef PART4
+
+#undef DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u4_risc2_ptr
+#define des_encrypt2 des_encrypt2_u4_risc2_ptr
+#define des_encrypt3 des_encrypt3_u4_risc2_ptr
+#define des_decrypt3 des_decrypt3_u4_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#define DES_RISC1
+#undef DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc1_ptr
+#define des_encrypt2 des_encrypt2_u16_risc1_ptr
+#define des_encrypt3 des_encrypt3_u16_risc1_ptr
+#define des_decrypt3 des_decrypt3_u16_risc1_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#define DES_UNROLL
+#undef DES_RISC1
+#define DES_RISC2
+#define DES_PTR
+#undef D_ENCRYPT
+#undef des_encrypt
+#undef des_encrypt2
+#undef des_encrypt3
+#undef des_decrypt3
+#define des_encrypt des_encrypt_u16_risc2_ptr
+#define des_encrypt2 des_encrypt2_u16_risc2_ptr
+#define des_encrypt3 des_encrypt3_u16_risc2_ptr
+#define des_decrypt3 des_decrypt3_u16_risc2_ptr
+#undef HEADER_DES_LOCL_H
+#include "des_enc.c"
+
+#endif
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1000.0;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+#ifdef SIGALRM
+#define print_name(name) fprintf(stderr,"Doing %s's for 10 seconds\n",name); alarm(10);
+#else
+#define print_name(name) fprintf(stderr,"Doing %s %ld times\n",name,cb);
+#endif
+
+#define time_it(func,name,index) \
+ print_name(name); \
+ Time_F(START); \
+ for (count=0,run=1; COND(cb); count++) \
+ { \
+ unsigned long d[2]; \
+ func(d,&(sch[0]),DES_ENCRYPT); \
+ } \
+ tm[index]=Time_F(STOP); \
+ fprintf(stderr,"%ld %s's in %.2f second\n",count,name,tm[index]); \
+ tm[index]=((double)COUNT(cb))/tm[index];
+
+#define print_it(name,index) \
+ fprintf(stderr,"%s bytes per sec = %12.2f (%5.1fuS)\n",name, \
+ tm[index]*8,1.0e6/tm[index]);
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+ double d,tm[16],max=0;
+ int rank[16];
+ char *str[16];
+ int max_idx=0,i,num=0,j;
+#ifndef SIGALARM
+ long ca,cb,cc,cd,ce;
+#endif
+
+ for (i=0; i<12; i++)
+ {
+ tm[i]=0.0;
+ rank[i]=0;
+ }
+
+#ifndef TIMES
+ fprintf(stderr,"To get the most acurate results, try to run this\n");
+ fprintf(stderr,"program when this computer is idle.\n");
+#endif
+
+ des_set_key((C_Block *)key,sch);
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+ fprintf(stderr,"First we calculate the approximate speed ...\n");
+ des_set_key((C_Block *)key,sch);
+ count=10;
+ do {
+ long i;
+ unsigned long data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+
+ ce=count/20+1;
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ alarm(10);
+#endif
+
+#ifdef PART1
+ time_it(des_encrypt_u4_cisc_idx, "des_encrypt_u4_cisc_idx ", 0);
+ time_it(des_encrypt_u16_cisc_idx, "des_encrypt_u16_cisc_idx ", 1);
+ time_it(des_encrypt_u4_risc1_idx, "des_encrypt_u4_risc1_idx ", 2);
+ num+=3;
+#endif
+#ifdef PART2
+ time_it(des_encrypt_u16_risc1_idx,"des_encrypt_u16_risc1_idx", 3);
+ time_it(des_encrypt_u4_risc2_idx, "des_encrypt_u4_risc2_idx ", 4);
+ time_it(des_encrypt_u16_risc2_idx,"des_encrypt_u16_risc2_idx", 5);
+ num+=3;
+#endif
+#ifdef PART3
+ time_it(des_encrypt_u4_cisc_ptr, "des_encrypt_u4_cisc_ptr ", 6);
+ time_it(des_encrypt_u16_cisc_ptr, "des_encrypt_u16_cisc_ptr ", 7);
+ time_it(des_encrypt_u4_risc1_ptr, "des_encrypt_u4_risc1_ptr ", 8);
+ num+=3;
+#endif
+#ifdef PART4
+ time_it(des_encrypt_u16_risc1_ptr,"des_encrypt_u16_risc1_ptr", 9);
+ time_it(des_encrypt_u4_risc2_ptr, "des_encrypt_u4_risc2_ptr ",10);
+ time_it(des_encrypt_u16_risc2_ptr,"des_encrypt_u16_risc2_ptr",11);
+ num+=3;
+#endif
+
+#ifdef PART1
+ str[0]=" 4 c i";
+ print_it("des_encrypt_u4_cisc_idx ",0);
+ max=tm[0];
+ max_idx=0;
+ str[1]="16 c i";
+ print_it("des_encrypt_u16_cisc_idx ",1);
+ if (max < tm[1]) { max=tm[1]; max_idx=1; }
+ str[2]=" 4 r1 i";
+ print_it("des_encrypt_u4_risc1_idx ",2);
+ if (max < tm[2]) { max=tm[2]; max_idx=2; }
+#endif
+#ifdef PART2
+ str[3]="16 r1 i";
+ print_it("des_encrypt_u16_risc1_idx",3);
+ if (max < tm[3]) { max=tm[3]; max_idx=3; }
+ str[4]=" 4 r2 i";
+ print_it("des_encrypt_u4_risc2_idx ",4);
+ if (max < tm[4]) { max=tm[4]; max_idx=4; }
+ str[5]="16 r2 i";
+ print_it("des_encrypt_u16_risc2_idx",5);
+ if (max < tm[5]) { max=tm[5]; max_idx=5; }
+#endif
+#ifdef PART3
+ str[6]=" 4 c p";
+ print_it("des_encrypt_u4_cisc_ptr ",6);
+ if (max < tm[6]) { max=tm[6]; max_idx=6; }
+ str[7]="16 c p";
+ print_it("des_encrypt_u16_cisc_ptr ",7);
+ if (max < tm[7]) { max=tm[7]; max_idx=7; }
+ str[8]=" 4 r1 p";
+ print_it("des_encrypt_u4_risc1_ptr ",8);
+ if (max < tm[8]) { max=tm[8]; max_idx=8; }
+#endif
+#ifdef PART4
+ str[9]="16 r1 p";
+ print_it("des_encrypt_u16_risc1_ptr",9);
+ if (max < tm[9]) { max=tm[9]; max_idx=9; }
+ str[10]=" 4 r2 p";
+ print_it("des_encrypt_u4_risc2_ptr ",10);
+ if (max < tm[10]) { max=tm[10]; max_idx=10; }
+ str[11]="16 r2 p";
+ print_it("des_encrypt_u16_risc2_ptr",11);
+ if (max < tm[11]) { max=tm[11]; max_idx=11; }
+#endif
+ printf("options des ecb/s\n");
+ printf("%s %12.2f 100.0%%\n",str[max_idx],tm[max_idx]);
+ d=tm[max_idx];
+ tm[max_idx]= -2.0;
+ max= -1.0;
+ for (;;)
+ {
+ for (i=0; i<12; i++)
+ {
+ if (max < tm[i]) { max=tm[i]; j=i; }
+ }
+ if (max < 0.0) break;
+ printf("%s %12.2f %4.1f%%\n",str[j],tm[j],tm[j]/d*100.0);
+ tm[j]= -2.0;
+ max= -1.0;
+ }
+
+ switch (max_idx)
+ {
+ case 0:
+ printf("-DDES_DEFAULT_OPTIONS\n");
+ break;
+ case 1:
+ printf("-DDES_UNROLL\n");
+ break;
+ case 2:
+ printf("-DDES_RISC1\n");
+ break;
+ case 3:
+ printf("-DDES_UNROLL -DDES_RISC1\n");
+ break;
+ case 4:
+ printf("-DDES_RISC2\n");
+ break;
+ case 5:
+ printf("-DDES_UNROLL -DDES_RISC2\n");
+ break;
+ case 6:
+ printf("-DDES_PTR\n");
+ break;
+ case 7:
+ printf("-DDES_UNROLL -DDES_PTR\n");
+ break;
+ case 8:
+ printf("-DDES_RISC1 -DDES_PTR\n");
+ break;
+ case 9:
+ printf("-DDES_UNROLL -DDES_RISC1 -DDES_PTR\n");
+ break;
+ case 10:
+ printf("-DDES_RISC2 -DDES_PTR\n");
+ break;
+ case 11:
+ printf("-DDES_UNROLL -DDES_RISC2 -DDES_PTR\n");
+ break;
+ }
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/crypto/des/des_ver.h b/crypto/des/des_ver.h
new file mode 100644
index 0000000..98352bc
--- /dev/null
+++ b/crypto/des/des_ver.h
@@ -0,0 +1,60 @@
+/* crypto/des/des_ver.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+extern char *DES_version; /* SSLeay version string */
+extern char *libdes_version; /* old libdes version string */
diff --git a/crypto/des/destest.c b/crypto/des/destest.c
new file mode 100644
index 0000000..6aa582b
--- /dev/null
+++ b/crypto/des/destest.c
@@ -0,0 +1,856 @@
+/* crypto/des/destest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#if defined(WIN32) || defined(WIN16) || defined(WINDOWS)
+#ifndef MSDOS
+#define MSDOS
+#endif
+#endif
+
+#include <stdio.h>
+#include <stdlib.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+#endif
+#include <string.h>
+#include "des.h"
+
+/* tisk tisk - the test keys don't all have odd parity :-( */
+/* test data */
+#define NUM_TESTS 34
+static unsigned char key_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10},
+ {0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57},
+ {0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E},
+ {0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86},
+ {0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E},
+ {0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6},
+ {0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE},
+ {0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6},
+ {0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE},
+ {0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16},
+ {0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F},
+ {0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46},
+ {0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E},
+ {0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76},
+ {0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07},
+ {0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F},
+ {0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7},
+ {0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF},
+ {0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6},
+ {0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF},
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10}};
+
+static unsigned char plain_data[NUM_TESTS][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42},
+ {0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA},
+ {0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72},
+ {0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A},
+ {0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2},
+ {0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A},
+ {0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2},
+ {0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A},
+ {0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02},
+ {0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A},
+ {0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32},
+ {0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA},
+ {0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62},
+ {0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2},
+ {0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA},
+ {0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92},
+ {0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A},
+ {0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2},
+ {0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF}};
+
+static unsigned char cipher_data[NUM_TESTS][8]={
+ {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+ {0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58},
+ {0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B},
+ {0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33},
+ {0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D},
+ {0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD},
+ {0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7},
+ {0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4},
+ {0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B},
+ {0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71},
+ {0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A},
+ {0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A},
+ {0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95},
+ {0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B},
+ {0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09},
+ {0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A},
+ {0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F},
+ {0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88},
+ {0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77},
+ {0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A},
+ {0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56},
+ {0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56},
+ {0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56},
+ {0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC},
+ {0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A},
+ {0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41},
+ {0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93},
+ {0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00},
+ {0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06},
+ {0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7},
+ {0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51},
+ {0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE},
+ {0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D},
+ {0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2}};
+
+static unsigned char cipher_ecb2[NUM_TESTS-1][8]={
+ {0x92,0x95,0xB5,0x9B,0xB3,0x84,0x73,0x6E},
+ {0x19,0x9E,0x9D,0x6D,0xF3,0x9A,0xA8,0x16},
+ {0x2A,0x4B,0x4D,0x24,0x52,0x43,0x84,0x27},
+ {0x35,0x84,0x3C,0x01,0x9D,0x18,0xC5,0xB6},
+ {0x4A,0x5B,0x2F,0x42,0xAA,0x77,0x19,0x25},
+ {0xA0,0x6B,0xA9,0xB8,0xCA,0x5B,0x17,0x8A},
+ {0xAB,0x9D,0xB7,0xFB,0xED,0x95,0xF2,0x74},
+ {0x3D,0x25,0x6C,0x23,0xA7,0x25,0x2F,0xD6},
+ {0xB7,0x6F,0xAB,0x4F,0xBD,0xBD,0xB7,0x67},
+ {0x8F,0x68,0x27,0xD6,0x9C,0xF4,0x1A,0x10},
+ {0x82,0x57,0xA1,0xD6,0x50,0x5E,0x81,0x85},
+ {0xA2,0x0F,0x0A,0xCD,0x80,0x89,0x7D,0xFA},
+ {0xCD,0x2A,0x53,0x3A,0xDB,0x0D,0x7E,0xF3},
+ {0xD2,0xC2,0xBE,0x27,0xE8,0x1B,0x68,0xE3},
+ {0xE9,0x24,0xCF,0x4F,0x89,0x3C,0x5B,0x0A},
+ {0xA7,0x18,0xC3,0x9F,0xFA,0x9F,0xD7,0x69},
+ {0x77,0x2C,0x79,0xB1,0xD2,0x31,0x7E,0xB1},
+ {0x49,0xAB,0x92,0x7F,0xD0,0x22,0x00,0xB7},
+ {0xCE,0x1C,0x6C,0x7D,0x85,0xE3,0x4A,0x6F},
+ {0xBE,0x91,0xD6,0xE1,0x27,0xB2,0xE9,0x87},
+ {0x70,0x28,0xAE,0x8F,0xD1,0xF5,0x74,0x1A},
+ {0xAA,0x37,0x80,0xBB,0xF3,0x22,0x1D,0xDE},
+ {0xA6,0xC4,0xD2,0x5E,0x28,0x93,0xAC,0xB3},
+ {0x22,0x07,0x81,0x5A,0xE4,0xB7,0x1A,0xAD},
+ {0xDC,0xCE,0x05,0xE7,0x07,0xBD,0xF5,0x84},
+ {0x26,0x1D,0x39,0x2C,0xB3,0xBA,0xA5,0x85},
+ {0xB4,0xF7,0x0F,0x72,0xFB,0x04,0xF0,0xDC},
+ {0x95,0xBA,0xA9,0x4E,0x87,0x36,0xF2,0x89},
+ {0xD4,0x07,0x3A,0xF1,0x5A,0x17,0x82,0x0E},
+ {0xEF,0x6F,0xAF,0xA7,0x66,0x1A,0x7E,0x89},
+ {0xC1,0x97,0xF5,0x58,0x74,0x8A,0x20,0xE7},
+ {0x43,0x34,0xCF,0xDA,0x22,0xC4,0x86,0xC8},
+ {0x08,0xD7,0xB4,0xFB,0x62,0x9D,0x08,0x85}};
+
+static unsigned char cbc_key [8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cbc2_key[8]={0xf0,0xe1,0xd2,0xc3,0xb4,0xa5,0x96,0x87};
+static unsigned char cbc3_key[8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static unsigned char cbc_iv [8]={0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10};
+static char cbc_data[40]="7654321 Now is the time for ";
+
+static unsigned char cbc_ok[32]={
+ 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+ 0xac,0xd8,0xae,0xfd,0xdf,0xd8,0xa1,0xeb,
+ 0x46,0x8e,0x91,0x15,0x78,0x88,0xba,0x68,
+ 0x1d,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+static unsigned char xcbc_ok[32]={
+ 0x86,0x74,0x81,0x0D,0x61,0xA4,0xA5,0x48,
+ 0xB9,0x93,0x03,0xE1,0xB8,0xBB,0xBD,0xBD,
+ 0x64,0x30,0x0B,0xB9,0x06,0x65,0x81,0x76,
+ 0x04,0x1D,0x77,0x62,0x17,0xCA,0x2B,0xD2,
+ };
+
+static unsigned char cbc3_ok[32]={
+ 0x3F,0xE3,0x01,0xC9,0x62,0xAC,0x01,0xD0,
+ 0x22,0x13,0x76,0x3C,0x1C,0xBD,0x4C,0xDC,
+ 0x79,0x96,0x57,0xC0,0x64,0xEC,0xF5,0xD4,
+ 0x1C,0x67,0x38,0x12,0xCF,0xDE,0x96,0x75};
+
+static unsigned char pcbc_ok[32]={
+ 0xcc,0xd1,0x73,0xff,0xab,0x20,0x39,0xf4,
+ 0x6d,0xec,0xb4,0x70,0xa0,0xe5,0x6b,0x15,
+ 0xae,0xa6,0xbf,0x61,0xed,0x7d,0x9c,0x9f,
+ 0xf7,0x17,0x46,0x3b,0x8a,0xb3,0xcc,0x88};
+
+static unsigned char cfb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char cfb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+static unsigned char plain[24]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher8[24]= {
+ 0xf3,0x1f,0xda,0x07,0x01,0x14, 0x62,0xee,0x18,0x7f,0x43,0xd8,
+ 0x0a,0x7c,0xd9,0xb5,0xb0,0xd2, 0x90,0xda,0x6e,0x5b,0x9a,0x87 };
+static unsigned char cfb_cipher16[24]={
+ 0xF3,0x09,0x87,0x87,0x7F,0x57, 0xF7,0x3C,0x36,0xB6,0xDB,0x70,
+ 0xD8,0xD5,0x34,0x19,0xD3,0x86, 0xB2,0x23,0xB7,0xB2,0xAD,0x1B };
+static unsigned char cfb_cipher32[24]={
+ 0xF3,0x09,0x62,0x49,0xA4,0xDF, 0xA4,0x9F,0x33,0xDC,0x7B,0xAD,
+ 0x4C,0xC8,0x9F,0x64,0xE4,0x53, 0xE5,0xEC,0x67,0x20,0xDA,0xB6 };
+static unsigned char cfb_cipher48[24]={
+ 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x30,0xB5,0x15,0xEC,0xBB,0x85,
+ 0x97,0x5A,0x13,0x8C,0x68,0x60, 0xE2,0x38,0x34,0x3C,0xDC,0x1F };
+static unsigned char cfb_cipher64[24]={
+ 0xF3,0x09,0x62,0x49,0xC7,0xF4, 0x6E,0x51,0xA6,0x9E,0x83,0x9B,
+ 0x1A,0x92,0xF7,0x84,0x03,0x46, 0x71,0x33,0x89,0x8E,0xA6,0x22 };
+
+static unsigned char ofb_key[8]={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+static unsigned char ofb_iv[8]={0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef};
+static unsigned char ofb_buf1[24],ofb_buf2[24],ofb_tmp[8];
+static unsigned char ofb_cipher[24]=
+ {
+ 0xf3,0x09,0x62,0x49,0xc7,0xf4,0x6e,0x51,
+ 0x35,0xf2,0x4a,0x24,0x2e,0xeb,0x3d,0x3f,
+ 0x3d,0x6d,0x5b,0xe3,0x25,0x5a,0xf8,0xc3
+ };
+
+DES_LONG cbc_cksum_ret=0xB462FEF7L;
+unsigned char cbc_cksum_data[8]={0x1D,0x26,0x93,0x97,0xf7,0xfe,0x62,0xb4};
+
+#ifndef NOPROTO
+static char *pt(unsigned char *p);
+static int cfb_test(int bits, unsigned char *cfb_cipher);
+static int cfb64_test(unsigned char *cfb_cipher);
+static int ede_cfb64_test(unsigned char *cfb_cipher);
+#else
+static char *pt();
+static int cfb_test();
+static int cfb64_test();
+static int ede_cfb64_test();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,j,err=0;
+ des_cblock in,out,outin,iv3;
+ des_key_schedule ks,ks2,ks3;
+ unsigned char cbc_in[40];
+ unsigned char cbc_out[40];
+ DES_LONG cs;
+ unsigned char qret[4][4],cret[8];
+ DES_LONG lqret[4];
+ int num;
+ char *str;
+
+ printf("Doing ecb\n");
+ for (i=0; i<NUM_TESTS; i++)
+ {
+ if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+1,j);
+ err=1;
+ }
+ memcpy(in,plain_data[i],8);
+ memset(out,0,8);
+ memset(outin,0,8);
+ des_ecb_encrypt((C_Block *)in,(C_Block *)out,ks,DES_ENCRYPT);
+ des_ecb_encrypt((C_Block *)out,(C_Block *)outin,ks,DES_DECRYPT);
+
+ if (memcmp(out,cipher_data[i],8) != 0)
+ {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(in),pt(cipher_data[i]),
+ pt(out));
+ err=1;
+ }
+ if (memcmp(in,outin,8) != 0)
+ {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+ err=1;
+ }
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing ede ecb\n");
+ for (i=0; i<(NUM_TESTS-1); i++)
+ {
+ if ((j=des_key_sched((C_Block *)(key_data[i]),ks)) != 0)
+ {
+ err=1;
+ printf("Key error %2d:%d\n",i+1,j);
+ }
+ if ((j=des_key_sched((C_Block *)(key_data[i+1]),ks2)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+2,j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)(key_data[i+2]),ks3)) != 0)
+ {
+ printf("Key error %2d:%d\n",i+3,j);
+ err=1;
+ }
+ memcpy(in,plain_data[i],8);
+ memset(out,0,8);
+ memset(outin,0,8);
+ des_ecb2_encrypt((C_Block *)in,(C_Block *)out,ks,ks2,
+ DES_ENCRYPT);
+ des_ecb2_encrypt((C_Block *)out,(C_Block *)outin,ks,ks2,
+ DES_DECRYPT);
+
+ if (memcmp(out,cipher_ecb2[i],8) != 0)
+ {
+ printf("Encryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(in),pt(cipher_ecb2[i]),
+ pt(out));
+ err=1;
+ }
+ if (memcmp(in,outin,8) != 0)
+ {
+ printf("Decryption error %2d\nk=%s p=%s o=%s act=%s\n",
+ i+1,pt(key_data[i]),pt(out),pt(in),pt(outin));
+ err=1;
+ }
+ }
+#endif
+
+ printf("Doing cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ des_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)cbc_iv,DES_ENCRYPT);
+ if (memcmp(cbc_out,cbc_ok,32) != 0)
+ printf("cbc_encrypt encrypt error\n");
+ des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)cbc_iv,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen((char *)cbc_data)) != 0)
+ {
+ printf("cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing desx cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_ENCRYPT);
+ if (memcmp(cbc_out,xcbc_ok,32) != 0)
+ {
+ printf("des_xcbc_encrypt encrypt error\n");
+ }
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_xcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen((char *)cbc_data)+1,ks,
+ (C_Block *)iv3,
+ (C_Block *)cbc2_key, (C_Block *)cbc3_key, DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,32) != 0)
+ {
+ printf("des_xcbc_encrypt decrypt error\n");
+ err=1;
+ }
+#endif
+
+ printf("Doing ede cbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc2_key,ks2)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ if ((j=des_key_sched((C_Block *)cbc3_key,ks3)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ i=strlen((char *)cbc_data)+1;
+ i=((i+7)/8)*8;
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+
+ des_ede3_cbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ 16L,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+ des_ede3_cbc_encrypt((C_Block *)&(cbc_data[16]),
+ (C_Block *)&(cbc_out[16]),
+ (long)i-16,ks,ks2,ks3,(C_Block *)iv3,DES_ENCRYPT);
+ if (memcmp(cbc_out,cbc3_ok,
+ (unsigned int)(strlen((char *)cbc_data)+1+7)/8*8) != 0)
+ {
+ printf("des_ede3_cbc_encrypt encrypt error\n");
+ err=1;
+ }
+
+ memcpy(iv3,cbc_iv,sizeof(cbc_iv));
+ des_ede3_cbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)i,ks,ks2,ks3,(C_Block *)iv3,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,strlen(cbc_data)+1) != 0)
+ {
+ printf("des_ede3_cbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+#ifndef LIBDES_LIT
+ printf("Doing pcbc\n");
+ if ((j=des_key_sched((C_Block *)cbc_key,ks)) != 0)
+ {
+ printf("Key error %d\n",j);
+ err=1;
+ }
+ memset(cbc_out,0,40);
+ memset(cbc_in,0,40);
+ des_pcbc_encrypt((C_Block *)cbc_data,(C_Block *)cbc_out,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_ENCRYPT);
+ if (memcmp(cbc_out,pcbc_ok,32) != 0)
+ {
+ printf("pcbc_encrypt encrypt error\n");
+ err=1;
+ }
+ des_pcbc_encrypt((C_Block *)cbc_out,(C_Block *)cbc_in,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,DES_DECRYPT);
+ if (memcmp(cbc_in,cbc_data,32) != 0)
+ {
+ printf("pcbc_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ");
+ printf("cfb8 ");
+ err+=cfb_test(8,cfb_cipher8);
+ printf("cfb16 ");
+ err+=cfb_test(16,cfb_cipher16);
+ printf("cfb32 ");
+ err+=cfb_test(32,cfb_cipher32);
+ printf("cfb48 ");
+ err+=cfb_test(48,cfb_cipher48);
+ printf("cfb64 ");
+ err+=cfb_test(64,cfb_cipher64);
+
+ printf("cfb64() ");
+ err+=cfb64_test(cfb_cipher64);
+
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ for (i=0; i<sizeof(plain); i++)
+ des_cfb_encrypt(&(plain[i]),&(cfb_buf1[i]),
+ 8,(long)1,ks,(C_Block *)cfb_tmp,DES_ENCRYPT);
+ if (memcmp(cfb_cipher8,cfb_buf1,sizeof(plain)) != 0)
+ {
+ printf("cfb_encrypt small encrypt error\n");
+ err=1;
+ }
+
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ for (i=0; i<sizeof(plain); i++)
+ des_cfb_encrypt(&(cfb_buf1[i]),&(cfb_buf2[i]),
+ 8,(long)1,ks,(C_Block *)cfb_tmp,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ printf("cfb_encrypt small decrypt error\n");
+ err=1;
+ }
+
+ printf("ede_cfb64() ");
+ err+=ede_cfb64_test(cfb_cipher64);
+
+ printf("done\n");
+
+ printf("Doing ofb\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ des_ofb_encrypt(plain,ofb_buf1,64,(long)sizeof(plain)/8,ks,
+ (C_Block *)ofb_tmp);
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ofb_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ des_ofb_encrypt(ofb_buf1,ofb_buf2,64,(long)sizeof(ofb_buf1)/8,ks,
+ (C_Block *)ofb_tmp);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ofb_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ofb64\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ memset(ofb_buf1,0,sizeof(ofb_buf1));
+ memset(ofb_buf2,0,sizeof(ofb_buf1));
+ num=0;
+ for (i=0; i<sizeof(plain); i++)
+ {
+ des_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,
+ (C_Block *)ofb_tmp,&num);
+ }
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ofb64_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ num=0;
+ des_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+ (C_Block *)ofb_tmp,&num);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing ede_ofb64\n");
+ des_key_sched((C_Block *)ofb_key,ks);
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ memset(ofb_buf1,0,sizeof(ofb_buf1));
+ memset(ofb_buf2,0,sizeof(ofb_buf1));
+ num=0;
+ for (i=0; i<sizeof(plain); i++)
+ {
+ des_ede3_ofb64_encrypt(&(plain[i]),&(ofb_buf1[i]),1,ks,ks,ks,
+ (C_Block *)ofb_tmp,&num);
+ }
+ if (memcmp(ofb_cipher,ofb_buf1,sizeof(ofb_buf1)) != 0)
+ {
+ printf("ede_ofb64_encrypt encrypt error\n");
+ err=1;
+ }
+ memcpy(ofb_tmp,ofb_iv,sizeof(ofb_iv));
+ num=0;
+ des_ede3_ofb64_encrypt(ofb_buf1,ofb_buf2,(long)sizeof(ofb_buf1),ks,
+ ks,ks,(C_Block *)ofb_tmp,&num);
+ if (memcmp(plain,ofb_buf2,sizeof(ofb_buf2)) != 0)
+ {
+ printf("ede_ofb64_encrypt decrypt error\n");
+ err=1;
+ }
+
+ printf("Doing cbc_cksum\n");
+ des_key_sched((C_Block *)cbc_key,ks);
+ cs=des_cbc_cksum((C_Block *)cbc_data,(C_Block *)cret,
+ (long)strlen(cbc_data),ks,(C_Block *)cbc_iv);
+ if (cs != cbc_cksum_ret)
+ {
+ printf("bad return value (%08lX), should be %08lX\n",
+ (unsigned long)cs,(unsigned long)cbc_cksum_ret);
+ err=1;
+ }
+ if (memcmp(cret,cbc_cksum_data,8) != 0)
+ {
+ printf("bad cbc_cksum block returned\n");
+ err=1;
+ }
+
+ printf("Doing quad_cksum\n");
+ cs=quad_cksum((C_Block *)cbc_data,(C_Block *)qret,
+ (long)strlen(cbc_data),2,(C_Block *)cbc_iv);
+ for (i=0; i<4; i++)
+ {
+ lqret[i]=0;
+ memcpy(&(lqret[i]),&(qret[i][0]),4);
+ }
+ { /* Big-endian fix */
+ static DES_LONG l=1;
+ static unsigned char *c=(unsigned char *)&l;
+ DES_LONG ll;
+
+ if (!c[0])
+ {
+ ll=lqret[0]^lqret[3];
+ lqret[0]^=ll;
+ lqret[3]^=ll;
+ ll=lqret[1]^lqret[2];
+ lqret[1]^=ll;
+ lqret[2]^=ll;
+ }
+ }
+ if (cs != 0x70d7a63aL)
+ {
+ printf("quad_cksum error, ret %08lx should be 70d7a63a\n",
+ (unsigned long)cs);
+ err=1;
+ }
+ if (lqret[0] != 0x327eba8dL)
+ {
+ printf("quad_cksum error, out[0] %08lx is not %08lx\n",
+ (unsigned long)lqret[0],0x327eba8dL);
+ err=1;
+ }
+ if (lqret[1] != 0x201a49ccL)
+ {
+ printf("quad_cksum error, out[1] %08lx is not %08lx\n",
+ (unsigned long)lqret[1],0x201a49ccL);
+ err=1;
+ }
+ if (lqret[2] != 0x70d7a63aL)
+ {
+ printf("quad_cksum error, out[2] %08lx is not %08lx\n",
+ (unsigned long)lqret[2],0x70d7a63aL);
+ err=1;
+ }
+ if (lqret[3] != 0x501c2c26L)
+ {
+ printf("quad_cksum error, out[3] %08lx is not %08lx\n",
+ (unsigned long)lqret[3],0x501c2c26L);
+ err=1;
+ }
+#endif
+
+ printf("input word alignment test");
+ for (i=0; i<4; i++)
+ {
+ printf(" %d",i);
+ des_cbc_encrypt((C_Block *)&(cbc_out[i]),(C_Block *)cbc_in,
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+ DES_ENCRYPT);
+ }
+ printf("\noutput word alignment test");
+ for (i=0; i<4; i++)
+ {
+ printf(" %d",i);
+ des_cbc_encrypt((C_Block *)cbc_out,(C_Block *)&(cbc_in[i]),
+ (long)strlen(cbc_data)+1,ks,(C_Block *)cbc_iv,
+ DES_ENCRYPT);
+ }
+ printf("\n");
+ printf("fast crypt test ");
+ str=crypt("testing","ef");
+ if (strcmp("efGnQx2725bI2",str) != 0)
+ {
+ printf("fast crypt error, %s should be efGnQx2725bI2\n",str);
+ err=1;
+ }
+ str=crypt("bca76;23","yA");
+ if (strcmp("yA1Rp/1hZXIJk",str) != 0)
+ {
+ printf("fast crypt error, %s should be yA1Rp/1hZXIJk\n",str);
+ err=1;
+ }
+ printf("\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
+#ifndef LIBDES_LIT
+
+static int cfb_test(bits, cfb_cipher)
+int bits;
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int i,err=0;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ des_cfb_encrypt(plain,cfb_buf1,bits,(long)sizeof(plain),ks,
+ (C_Block *)cfb_tmp,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ des_cfb_encrypt(cfb_buf1,cfb_buf2,bits,(long)sizeof(plain),ks,
+ (C_Block *)cfb_tmp,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ return(err);
+ }
+
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int err=0,i,n;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ des_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)sizeof(plain)-12,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ des_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)sizeof(plain)-17,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static int ede_cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ des_key_schedule ks;
+ int err=0,i,n;
+
+ des_key_sched((C_Block *)cfb_key,ks);
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_ede3_cfb64_encrypt(plain,cfb_buf1,(long)12,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ des_ede3_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)sizeof(plain)-12,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("ede_cfb_encrypt encrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,sizeof(cfb_iv));
+ n=0;
+ des_ede3_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ des_ede3_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)sizeof(plain)-17,ks,ks,ks,
+ (C_Block *)cfb_tmp,&n,DES_DECRYPT);
+ if (memcmp(plain,cfb_buf2,sizeof(plain)) != 0)
+ {
+ err=1;
+ printf("ede_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+#endif
+
diff --git a/crypto/des/doIP b/crypto/des/doIP
new file mode 100644
index 0000000..18cf231
--- /dev/null
+++ b/crypto/des/doIP
@@ -0,0 +1,46 @@
+#!/usr/local/bin/perl
+
+@l=(
+ 0, 1, 2, 3, 4, 5, 6, 7,
+ 8, 9,10,11,12,13,14,15,
+ 16,17,18,19,20,21,22,23,
+ 24,25,26,27,28,29,30,31
+ );
+@r=(
+ 32,33,34,35,36,37,38,39,
+ 40,41,42,43,44,45,46,47,
+ 48,49,50,51,52,53,54,55,
+ 56,57,58,59,60,61,62,63
+ );
+
+require 'shifts.pl';
+
+sub PERM_OP
+ {
+ local(*a,*b,*t,$n,$m)=@_;
+
+ @z=&shift(*a,-$n);
+ @z=&xor(*b,*z);
+ @z=&and(*z,$m);
+ @b=&xor(*b,*z);
+ @z=&shift(*z,$n);
+ @a=&xor(*a,*z);
+ }
+
+
+@L=@l;
+@R=@r;
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+&PERM_OP(*L,*R,*T,16,0x0000ffff);
+&PERM_OP(*R,*L,*T,2,0x33333333);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+ &printit(@L);
+ &printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+&PERM_OP(*R,*L,*T,2,0x33333333);
+&PERM_OP(*L,*R,*T,16,0x0000ffff);
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+ &printit(@L);
+ &printit(@R);
diff --git a/crypto/des/doPC1 b/crypto/des/doPC1
new file mode 100644
index 0000000..096afd8
--- /dev/null
+++ b/crypto/des/doPC1
@@ -0,0 +1,110 @@
+#!/usr/local/bin/perl
+
+@l=(
+ 0, 1, 2, 3, 4, 5, 6, 7,
+ 8, 9,10,11,12,13,14,15,
+ 16,17,18,19,20,21,22,23,
+ 24,25,26,27,28,29,30,31
+ );
+@r=(
+ 32,33,34,35,36,37,38,39,
+ 40,41,42,43,44,45,46,47,
+ 48,49,50,51,52,53,54,55,
+ 56,57,58,59,60,61,62,63
+ );
+
+require 'shifts.pl';
+
+sub PERM_OP
+ {
+ local(*a,*b,*t,$n,$m)=@_;
+
+ @z=&shift(*a,-$n);
+ @z=&xor(*b,*z);
+ @z=&and(*z,$m);
+ @b=&xor(*b,*z);
+ @z=&shift(*z,$n);
+ @a=&xor(*a,*z);
+ }
+
+sub HPERM_OP2
+ {
+ local(*a,*t,$n,$m)=@_;
+ local(@x,@y,$i);
+
+ @z=&shift(*a,16-$n);
+ @z=&xor(*a,*z);
+ @z=&and(*z,$m);
+ @a=&xor(*a,*z);
+ @z=&shift(*z,$n-16);
+ @a=&xor(*a,*z);
+ }
+
+sub HPERM_OP
+ {
+ local(*a,*t,$n,$m)=@_;
+ local(@x,@y,$i);
+
+ for ($i=0; $i<16; $i++)
+ {
+ $x[$i]=$a[$i];
+ $y[$i]=$a[16+$i];
+ }
+ @z=&shift(*x,-$n);
+ @z=&xor(*y,*z);
+ @z=&and(*z,$m);
+ @y=&xor(*y,*z);
+ @z=&shift(*z,$n);
+ @x=&xor(*x,*z);
+ for ($i=0; $i<16; $i++)
+ {
+ $a[$i]=$x[$i];
+ $a[16+$i]=$y[$i];
+ }
+ }
+
+@L=@l;
+@R=@r;
+
+ print "---\n"; &printit(@R);
+&PERM_OP(*R,*L,*T,4,0x0f0f0f0f);
+ print "---\n"; &printit(@R);
+&HPERM_OP2(*L,*T,-2,0xcccc0000);
+&HPERM_OP2(*R,*T,-2,0xcccc0000);
+ print "---\n"; &printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+ print "---\n"; &printit(@R);
+&PERM_OP(*L,*R,*T,8,0x00ff00ff);
+ print "---\n"; &printit(@R);
+&PERM_OP(*R,*L,*T,1,0x55555555);
+ print "---\n"; &printit(@R);
+# &printit(@L);
+ &printit(@R);
+print <<"EOF";
+==============================
+63 55 47 39 31 23 15 7
+62 54 46 38 30 22 14 6
+61 53 45 37 29 21 13 5
+60 52 44 36 -- -- -- --
+
+57 49 41 33 25 17 9 1
+58 50 42 34 26 18 10 2
+59 51 43 35 27 19 11 3
+28 20 12 4 -- -- -- --
+EOF
+exit(1);
+@A=&and(*R,0x000000ff);
+@A=&shift(*A,16);
+@B=&and(*R,0x0000ff00);
+@C=&and(*R,0x00ff0000);
+@C=&shift(*C,-16);
+@D=&and(*L,0xf0000000);
+@D=&shift(*D,-4);
+@A=&or(*A,*B);
+@B=&or(*D,*C);
+@R=&or(*A,*B);
+@L=&and(*L,0x0fffffff);
+
+ &printit(@L);
+ &printit(@R);
+
diff --git a/crypto/des/doPC2 b/crypto/des/doPC2
new file mode 100644
index 0000000..fa5cf74
--- /dev/null
+++ b/crypto/des/doPC2
@@ -0,0 +1,94 @@
+#!/usr/local/bin/perl
+
+@PC2_C=(14,17,11,24, 1, 5,
+ 3,28,15, 6,21,10,
+ 23,19,12, 4,26, 8,
+ 16, 7,27,20,13, 2,
+ );
+
+@PC2_D=(41,52,31,37,47,55,
+ 30,40,51,45,33,48,
+ 44,49,39,56,34,53,
+ 46,42,50,36,29,32,
+ );
+
+$i=0;
+foreach (@PC2_C) {
+ $_--;
+# printf "%2d,",$_;
+ $C{$_}=$i;
+ ++$i;
+# print "\n" if ((($i) % 8) == 0);
+ }
+$i=0;
+#print "\n";
+foreach (@PC2_D) {
+ $_-=28;
+ $_--;
+# printf "%2d,",$_;
+ $D{$_}=$i;
+ $i++;
+# print "\n" if ((($i) % 8) == 0);
+ }
+
+#print "\n";
+foreach $i (0 .. 27)
+ {
+ $_=$C{$i};
+# printf "%2d,",$_;
+ $i++;
+# print "\n" if ((($i) % 8) == 0);
+ }
+#print "\n";
+
+#print "\n";
+foreach $i (0 .. 27)
+ {
+ $_=$D{$i};
+# printf "%2d,",$_;
+ $i++;
+# print "\n" if ((($i) % 8) == 0);
+ }
+#print "\n";
+
+print "static ulong skb[8][64]={\n";
+&doit("C",*C, 0, 1, 2, 3, 4, 5);
+&doit("C",*C, 6, 7, 9,10,11,12);
+&doit("C",*C,13,14,15,16,18,19);
+&doit("C",*C,20,22,23,25,26,27);
+
+&doit("D",*D, 0, 1, 2, 3, 4, 5);
+&doit("D",*D, 7, 8,10,11,12,13);
+&doit("D",*D,15,16,17,18,19,20);
+&doit("D",*D,21,22,23,24,26,27);
+print "};\n";
+
+sub doit
+ {
+ local($l,*A,@b)=@_;
+ local(@out);
+
+ printf("/* for $l bits (numbered as per FIPS 46) %d %d %d %d %d %d */\n",
+ $b[0]+1, $b[1]+1, $b[2]+1, $b[3]+1, $b[4]+1, $b[5]+1);
+ for ($i=0; $i<64; $i++)
+ {
+ $out[$i]=0;
+ $j=1;
+#print "\n";
+ for ($k=0; $k<6; $k++)
+ {
+ $l=$A{$b[$k]};
+#print"$l - ";
+ if ((1<<$k) & $i)
+ {
+ $ll=int($l/6)*8+($l%6);
+ $out[$i]|=1<<($ll);
+ }
+ }
+ $pp=$out[$i];
+ $pp=($pp&0xff0000ff)| (($pp&0x00ff0000)>>8)|
+ (($pp&0x0000ff00)<<8);
+ printf("0x%08X,",$pp);
+ print "\n" if (($i+1) % 4 == 0);
+ }
+ }
diff --git a/crypto/des/ecb3_enc.c b/crypto/des/ecb3_enc.c
new file mode 100644
index 0000000..28c0d88
--- /dev/null
+++ b/crypto/des/ecb3_enc.c
@@ -0,0 +1,87 @@
+/* crypto/des/ecb3_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ecb3_encrypt(input, output, ks1, ks2, ks3, enc)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+int enc;
+ {
+ register DES_LONG l0,l1;
+ register unsigned char *in,*out;
+ DES_LONG ll[2];
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ c2l(in,l0);
+ c2l(in,l1);
+ ll[0]=l0;
+ ll[1]=l1;
+ if (enc)
+ des_encrypt3(ll,ks1,ks2,ks3);
+ else
+ des_decrypt3(ll,ks1,ks2,ks3);
+ l0=ll[0];
+ l1=ll[1];
+ l2c(l0,out);
+ l2c(l1,out);
+ }
diff --git a/crypto/des/ecb_enc.c b/crypto/des/ecb_enc.c
new file mode 100644
index 0000000..fac4b41
--- /dev/null
+++ b/crypto/des/ecb_enc.c
@@ -0,0 +1,124 @@
+/* crypto/des/ecb_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include "spr.h"
+
+char *libdes_version="libdes v 3.24 - 20-Apr-1996 - eay";
+char *DES_version="DES part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *des_options()
+ {
+ static int init=1;
+ static char buf[32];
+
+ if (init)
+ {
+ char *ptr,*unroll,*risc,*size;
+
+ init=0;
+#ifdef DES_PTR
+ ptr="ptr";
+#else
+ ptr="idx";
+#endif
+#if defined(DES_RISC1) || defined(DES_RISC2)
+#ifdef DES_RISC1
+ risc="risc1";
+#endif
+#ifdef DES_RISC2
+ risc="risc2";
+#endif
+#else
+ risc="cisc";
+#endif
+#ifdef DES_UNROLL
+ unroll="16";
+#else
+ unroll="4";
+#endif
+ if (sizeof(DES_LONG) != sizeof(long))
+ size="int";
+ else
+ size="long";
+ sprintf(buf,"des(%s,%s,%s,%s)",ptr,risc,unroll,size);
+ }
+ return(buf);
+ }
+
+
+void des_ecb_encrypt(input, output, ks, enc)
+des_cblock (*input);
+des_cblock (*output);
+des_key_schedule ks;
+int enc;
+ {
+ register DES_LONG l;
+ register unsigned char *in,*out;
+ DES_LONG ll[2];
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ c2l(in,l); ll[0]=l;
+ c2l(in,l); ll[1]=l;
+ des_encrypt(ll,ks,enc);
+ l=ll[0]; l2c(l,out);
+ l=ll[1]; l2c(l,out);
+ l=ll[0]=ll[1]=0;
+ }
+
diff --git a/crypto/des/ede_enc.c b/crypto/des/ede_enc.c
new file mode 100644
index 0000000..20c3cf3
--- /dev/null
+++ b/crypto/des/ede_enc.c
@@ -0,0 +1,189 @@
+/* crypto/des/ede_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ede3_cbc_encrypt(input, output, length, ks1, ks2, ks3, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_key_schedule ks3;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_encrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ register DES_LONG t0,t1;
+
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=t0;
+ xor1=t1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+
+ t0=tin0;
+ t1=tin1;
+
+ tin[0]=tin0;
+ tin[1]=tin1;
+ des_decrypt3((DES_LONG *)tin,ks1,ks2,ks3);
+ tout0=tin[0];
+ tout1=tin[1];
+
+ tout0^=xor0;
+ tout1^=xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=t0;
+ xor1=t1;
+ }
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
+#ifdef undef /* MACRO */
+void des_ede2_cbc_encrypt(input, output, length, ks1, ks2, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule ks1;
+des_key_schedule ks2;
+des_cblock (*ivec);
+int enc;
+ {
+ des_ede3_cbc_encrypt(input,output,length,ks1,ks2,ks1,ivec,enc);
+ }
+#endif
+
diff --git a/crypto/des/enc_read.c b/crypto/des/enc_read.c
new file mode 100644
index 0000000..3b254d0
--- /dev/null
+++ b/crypto/des/enc_read.c
@@ -0,0 +1,214 @@
+/* crypto/des/enc_read.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "des_locl.h"
+
+/* This has some uglies in it but it works - even over sockets. */
+/*extern int errno;*/
+int des_rw_mode=DES_PCBC_MODE;
+
+int des_enc_read(fd, buf, len, sched, iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock (*iv);
+ {
+ /* data to be unencrypted */
+ int net_num=0;
+ static unsigned char *net=NULL;
+ /* extra unencrypted data
+ * for when a block of 100 comes in but is des_read one byte at
+ * a time. */
+ static char *unnet=NULL;
+ static int unnet_start=0;
+ static int unnet_left=0;
+ static char *tmpbuf=NULL;
+ int i;
+ long num=0,rnum;
+ unsigned char *p;
+
+ if (tmpbuf == NULL)
+ {
+ tmpbuf=(char *)malloc(BSIZE);
+ if (tmpbuf == NULL) return(-1);
+ }
+ if (net == NULL)
+ {
+ net=(unsigned char *)malloc(BSIZE);
+ if (net == NULL) return(-1);
+ }
+ if (unnet == NULL)
+ {
+ unnet=(char *)malloc(BSIZE);
+ if (unnet == NULL) return(-1);
+ }
+ /* left over data from last decrypt */
+ if (unnet_left != 0)
+ {
+ if (unnet_left < len)
+ {
+ /* we still still need more data but will return
+ * with the number of bytes we have - should always
+ * check the return value */
+ memcpy(buf,&(unnet[unnet_start]),
+ (unsigned int)unnet_left);
+ /* eay 26/08/92 I had the next 2 lines
+ * reversed :-( */
+ i=unnet_left;
+ unnet_start=unnet_left=0;
+ }
+ else
+ {
+ memcpy(buf,&(unnet[unnet_start]),(unsigned int)len);
+ unnet_start+=len;
+ unnet_left-=len;
+ i=len;
+ }
+ return(i);
+ }
+
+ /* We need to get more data. */
+ if (len > MAXWRITE) len=MAXWRITE;
+
+ /* first - get the length */
+ while (net_num < HDRSIZE)
+ {
+ i=read(fd,&(net[net_num]),(unsigned int)HDRSIZE-net_num);
+ if ((i == -1) && (errno == EINTR)) continue;
+ if (i <= 0) return(0);
+ net_num+=i;
+ }
+
+ /* we now have at net_num bytes in net */
+ p=net;
+ /* num=0; */
+ n2l(p,num);
+ /* num should be rounded up to the next group of eight
+ * we make sure that we have read a multiple of 8 bytes from the net.
+ */
+ if ((num > MAXWRITE) || (num < 0)) /* error */
+ return(-1);
+ rnum=(num < 8)?8:((num+7)/8*8);
+
+ net_num=0;
+ while (net_num < rnum)
+ {
+ i=read(fd,&(net[net_num]),(unsigned int)rnum-net_num);
+ if ((i == -1) && (errno == EINTR)) continue;
+ if (i <= 0) return(0);
+ net_num+=i;
+ }
+
+ /* Check if there will be data left over. */
+ if (len < num)
+ {
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
+ num,sched,iv,DES_DECRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)net,(des_cblock *)unnet,
+ num,sched,iv,DES_DECRYPT);
+ memcpy(buf,unnet,(unsigned int)len);
+ unnet_start=len;
+ unnet_left=(int)num-len;
+
+ /* The following line is done because we return num
+ * as the number of bytes read. */
+ num=len;
+ }
+ else
+ {
+ /* >output is a multiple of 8 byes, if len < rnum
+ * >we must be careful. The user must be aware that this
+ * >routine will write more bytes than he asked for.
+ * >The length of the buffer must be correct.
+ * FIXED - Should be ok now 18-9-90 - eay */
+ if (len < rnum)
+ {
+
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)net,
+ (des_cblock *)tmpbuf,
+ num,sched,iv,DES_DECRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)net,
+ (des_cblock *)tmpbuf,
+ num,sched,iv,DES_DECRYPT);
+
+ /* eay 26/08/92 fix a bug that returned more
+ * bytes than you asked for (returned len bytes :-( */
+ memcpy(buf,tmpbuf,(unsigned int)num);
+ }
+ else
+ {
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)net,
+ (des_cblock *)buf,num,sched,iv,
+ DES_DECRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)net,
+ (des_cblock *)buf,num,sched,iv,
+ DES_DECRYPT);
+ }
+ }
+ return((int)num);
+ }
+
diff --git a/crypto/des/enc_writ.c b/crypto/des/enc_writ.c
new file mode 100644
index 0000000..672c745
--- /dev/null
+++ b/crypto/des/enc_writ.c
@@ -0,0 +1,160 @@
+/* crypto/des/enc_writ.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <errno.h>
+#include <time.h>
+#include "des_locl.h"
+
+int des_enc_write(fd, buf, len, sched, iv)
+int fd;
+char *buf;
+int len;
+des_key_schedule sched;
+des_cblock (*iv);
+ {
+#ifdef _LIBC
+ extern int srandom();
+ extern unsigned long time();
+ extern int random();
+ extern int write();
+#endif
+
+ long rnum;
+ int i,j,k,outnum;
+ char *outbuf=NULL;
+ char shortbuf[8];
+ char *p;
+ static int start=1;
+
+ if (outbuf == NULL)
+ {
+ outbuf=(char *)malloc(BSIZE+HDRSIZE);
+ if (outbuf == NULL) return(-1);
+ }
+ /* If we are sending less than 8 bytes, the same char will look
+ * the same if we don't pad it out with random bytes */
+ if (start)
+ {
+ start=0;
+ srandom((unsigned int)time(NULL));
+ }
+
+ /* lets recurse if we want to send the data in small chunks */
+ if (len > MAXWRITE)
+ {
+ j=0;
+ for (i=0; i<len; i+=k)
+ {
+ k=des_enc_write(fd,&(buf[i]),
+ ((len-i) > MAXWRITE)?MAXWRITE:(len-i),sched,iv);
+ if (k < 0)
+ return(k);
+ else
+ j+=k;
+ }
+ return(j);
+ }
+
+ /* write length first */
+ p=outbuf;
+ l2n(len,p);
+
+ /* pad short strings */
+ if (len < 8)
+ {
+ p=shortbuf;
+ memcpy(shortbuf,buf,(unsigned int)len);
+ for (i=len; i<8; i++)
+ shortbuf[i]=random();
+ rnum=8;
+ }
+ else
+ {
+ p=buf;
+ rnum=((len+7)/8*8); /* round up to nearest eight */
+ }
+
+ if (des_rw_mode & DES_PCBC_MODE)
+ des_pcbc_encrypt((des_cblock *)p,
+ (des_cblock *)&(outbuf[HDRSIZE]),
+ (long)((len<8)?8:len),sched,iv,DES_ENCRYPT);
+ else
+ des_cbc_encrypt((des_cblock *)p,
+ (des_cblock *)&(outbuf[HDRSIZE]),
+ (long)((len<8)?8:len),sched,iv,DES_ENCRYPT);
+
+ /* output */
+ outnum=(int)rnum+HDRSIZE;
+
+ for (j=0; j<outnum; j+=i)
+ {
+ /* eay 26/08/92 I was not doing writing from where we
+ * got upto. */
+ i=write(fd,&(outbuf[j]),(unsigned int)(outnum-j));
+ if (i == -1)
+ {
+ if (errno == EINTR)
+ i=0;
+ else /* This is really a bad error - very bad
+ * It will stuff-up both ends. */
+ return(-1);
+ }
+ }
+
+ return(len);
+ }
diff --git a/crypto/des/fcrypt.c b/crypto/des/fcrypt.c
new file mode 100644
index 0000000..db9ad65
--- /dev/null
+++ b/crypto/des/fcrypt.c
@@ -0,0 +1,153 @@
+/* NOCW */
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatable
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+/* Modification by Jens Kupferschmidt (Cu)
+ * I have included directive PARA for shared memory computers.
+ * I have included a directive LONGCRYPT to using this routine to cipher
+ * passwords with more then 8 bytes like HP-UX 10.x it used. The MAXPLEN
+ * definition is the maximum of lenght of password and can changed. I have
+ * defined 24.
+ */
+
+#include "des_locl.h"
+
+/* Added more values to handle illegal salt values the way normal
+ * crypt() implementations do. The patch was sent by
+ * Bjorn Gronvall <bg@sics.se>
+ */
+static unsigned const char con_salt[128]={
+0xD2,0xD3,0xD4,0xD5,0xD6,0xD7,0xD8,0xD9,
+0xDA,0xDB,0xDC,0xDD,0xDE,0xDF,0xE0,0xE1,
+0xE2,0xE3,0xE4,0xE5,0xE6,0xE7,0xE8,0xE9,
+0xEA,0xEB,0xEC,0xED,0xEE,0xEF,0xF0,0xF1,
+0xF2,0xF3,0xF4,0xF5,0xF6,0xF7,0xF8,0xF9,
+0xFA,0xFB,0xFC,0xFD,0xFE,0xFF,0x00,0x01,
+0x02,0x03,0x04,0x05,0x06,0x07,0x08,0x09,
+0x0A,0x0B,0x05,0x06,0x07,0x08,0x09,0x0A,
+0x0B,0x0C,0x0D,0x0E,0x0F,0x10,0x11,0x12,
+0x13,0x14,0x15,0x16,0x17,0x18,0x19,0x1A,
+0x1B,0x1C,0x1D,0x1E,0x1F,0x20,0x21,0x22,
+0x23,0x24,0x25,0x20,0x21,0x22,0x23,0x24,
+0x25,0x26,0x27,0x28,0x29,0x2A,0x2B,0x2C,
+0x2D,0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,
+0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,0x3C,
+0x3D,0x3E,0x3F,0x40,0x41,0x42,0x43,0x44,
+};
+
+static unsigned const char cov_2char[64]={
+0x2E,0x2F,0x30,0x31,0x32,0x33,0x34,0x35,
+0x36,0x37,0x38,0x39,0x41,0x42,0x43,0x44,
+0x45,0x46,0x47,0x48,0x49,0x4A,0x4B,0x4C,
+0x4D,0x4E,0x4F,0x50,0x51,0x52,0x53,0x54,
+0x55,0x56,0x57,0x58,0x59,0x5A,0x61,0x62,
+0x63,0x64,0x65,0x66,0x67,0x68,0x69,0x6A,
+0x6B,0x6C,0x6D,0x6E,0x6F,0x70,0x71,0x72,
+0x73,0x74,0x75,0x76,0x77,0x78,0x79,0x7A
+};
+
+#ifndef NOPROTO
+void fcrypt_body(DES_LONG *out,des_key_schedule ks,
+ DES_LONG Eswap0, DES_LONG Eswap1);
+
+#ifdef PERL5
+char *des_crypt(const char *buf,const char *salt);
+#else
+char *crypt(const char *buf,const char *salt);
+#endif
+#else
+void fcrypt_body();
+#ifdef PERL5
+char *des_crypt();
+#else
+char *crypt();
+#endif
+#endif
+
+#ifdef PERL5
+char *des_crypt(buf,salt)
+#else
+char *crypt(buf,salt)
+#endif
+const char *buf;
+const char *salt;
+ {
+ static char buff[14];
+
+ return(des_fcrypt(buf,salt,buff));
+ }
+
+
+char *des_fcrypt(buf,salt,ret)
+const char *buf;
+const char *salt;
+char *ret;
+ {
+ unsigned int i,j,x,y;
+ DES_LONG Eswap0,Eswap1;
+ DES_LONG out[2],ll;
+ des_cblock key;
+ des_key_schedule ks;
+ unsigned char bb[9];
+ unsigned char *b=bb;
+ unsigned char c,u;
+
+ /* eay 25/08/92
+ * If you call crypt("pwd","*") as often happens when you
+ * have * as the pwd field in /etc/passwd, the function
+ * returns *\0XXXXXXXXX
+ * The \0 makes the string look like * so the pwd "*" would
+ * crypt to "*". This was found when replacing the crypt in
+ * our shared libraries. People found that the disbled
+ * accounts effectivly had no passwd :-(. */
+ x=ret[0]=((salt[0] == '\0')?'A':salt[0]);
+ Eswap0=con_salt[x]<<2;
+ x=ret[1]=((salt[1] == '\0')?'A':salt[1]);
+ Eswap1=con_salt[x]<<6;
+
+/* EAY
+r=strlen(buf);
+r=(r+7)/8;
+*/
+ for (i=0; i<8; i++)
+ {
+ c= *(buf++);
+ if (!c) break;
+ key[i]=(c<<1);
+ }
+ for (; i<8; i++)
+ key[i]=0;
+
+ des_set_key((des_cblock *)(key),ks);
+ fcrypt_body(&(out[0]),ks,Eswap0,Eswap1);
+
+ ll=out[0]; l2c(ll,b);
+ ll=out[1]; l2c(ll,b);
+ y=0;
+ u=0x80;
+ bb[8]=0;
+ for (i=2; i<13; i++)
+ {
+ c=0;
+ for (j=0; j<6; j++)
+ {
+ c<<=1;
+ if (bb[y] & u) c|=1;
+ u>>=1;
+ if (!u)
+ {
+ y++;
+ u=0x80;
+ }
+ }
+ ret[i]=cov_2char[c];
+ }
+ ret[13]='\0';
+ return(ret);
+ }
+
diff --git a/crypto/des/fcrypt_b.c b/crypto/des/fcrypt_b.c
new file mode 100644
index 0000000..f929b66
--- /dev/null
+++ b/crypto/des/fcrypt_b.c
@@ -0,0 +1,148 @@
+/* crypto/des/fcrypt_b.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+
+/* This version of crypt has been developed from my MIT compatable
+ * DES library.
+ * The library is available at pub/Crypto/DES at ftp.psy.uq.oz.au
+ * Eric Young (eay@cryptsoft.com)
+ */
+
+#define DES_FCRYPT
+#include "des_locl.h"
+#undef DES_FCRYPT
+
+#undef PERM_OP
+#define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ (b)^=(t),\
+ (a)^=((t)<<(n)))
+
+#undef HPERM_OP
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+ (a)=(a)^(t)^(t>>(16-(n))))\
+
+void fcrypt_body(out, ks, Eswap0, Eswap1)
+DES_LONG *out;
+des_key_schedule ks;
+DES_LONG Eswap0;
+DES_LONG Eswap1;
+ {
+ register DES_LONG l,r,t,u;
+#ifdef DES_PTR
+ register unsigned char *des_SP=(unsigned char *)des_SPtrans;
+#endif
+ register DES_LONG *s;
+ register int j;
+ register DES_LONG E0,E1;
+
+ l=0;
+ r=0;
+
+ s=(DES_LONG *)ks;
+ E0=Eswap0;
+ E1=Eswap1;
+
+ for (j=0; j<25; j++)
+ {
+#ifdef DES_UNROLL
+ register int i;
+
+ for (i=0; i<32; i+=8)
+ {
+ D_ENCRYPT(l,r,i+0); /* 1 */
+ D_ENCRYPT(r,l,i+2); /* 2 */
+ D_ENCRYPT(l,r,i+4); /* 1 */
+ D_ENCRYPT(r,l,i+6); /* 2 */
+ }
+#else
+ D_ENCRYPT(l,r, 0); /* 1 */
+ D_ENCRYPT(r,l, 2); /* 2 */
+ D_ENCRYPT(l,r, 4); /* 3 */
+ D_ENCRYPT(r,l, 6); /* 4 */
+ D_ENCRYPT(l,r, 8); /* 5 */
+ D_ENCRYPT(r,l,10); /* 6 */
+ D_ENCRYPT(l,r,12); /* 7 */
+ D_ENCRYPT(r,l,14); /* 8 */
+ D_ENCRYPT(l,r,16); /* 9 */
+ D_ENCRYPT(r,l,18); /* 10 */
+ D_ENCRYPT(l,r,20); /* 11 */
+ D_ENCRYPT(r,l,22); /* 12 */
+ D_ENCRYPT(l,r,24); /* 13 */
+ D_ENCRYPT(r,l,26); /* 14 */
+ D_ENCRYPT(l,r,28); /* 15 */
+ D_ENCRYPT(r,l,30); /* 16 */
+#endif
+
+ t=l;
+ l=r;
+ r=t;
+ }
+ l=ROTATE(l,3)&0xffffffffL;
+ r=ROTATE(r,3)&0xffffffffL;
+
+ PERM_OP(l,r,t, 1,0x55555555L);
+ PERM_OP(r,l,t, 8,0x00ff00ffL);
+ PERM_OP(l,r,t, 2,0x33333333L);
+ PERM_OP(r,l,t,16,0x0000ffffL);
+ PERM_OP(l,r,t, 4,0x0f0f0f0fL);
+
+ out[0]=r;
+ out[1]=l;
+ }
+
diff --git a/crypto/des/makefile.bc b/crypto/des/makefile.bc
new file mode 100644
index 0000000..1fe6d49
--- /dev/null
+++ b/crypto/des/makefile.bc
@@ -0,0 +1,50 @@
+#
+# Origional BC Makefile from Teun <Teun.Nijssen@kub.nl>
+#
+#
+CC = bcc
+TLIB = tlib /0 /C
+# note: the -3 flag produces code for 386, 486, Pentium etc; omit it for 286s
+OPTIMIZE= -3 -O2
+#WINDOWS= -W
+CFLAGS = -c -ml -d $(OPTIMIZE) $(WINDOWS) -DMSDOS
+LFLAGS = -ml $(WINDOWS)
+
+.c.obj:
+ $(CC) $(CFLAGS) $*.c
+
+.obj.exe:
+ $(CC) $(LFLAGS) -e$*.exe $*.obj libdes.lib
+
+all: $(LIB) destest.exe rpw.exe des.exe speed.exe
+
+# "make clean": use a directory containing only libdes .exe and .obj files...
+clean:
+ del *.exe
+ del *.obj
+ del libdes.lib
+ del libdes.rsp
+
+OBJS= cbc_cksm.obj cbc_enc.obj ecb_enc.obj pcbc_enc.obj \
+ qud_cksm.obj rand_key.obj set_key.obj str2key.obj \
+ enc_read.obj enc_writ.obj fcrypt.obj cfb_enc.obj \
+ ecb3_enc.obj ofb_enc.obj cbc3_enc.obj read_pwd.obj\
+ cfb64enc.obj ofb64enc.obj ede_enc.obj cfb64ede.obj\
+ ofb64ede.obj supp.obj
+
+LIB= libdes.lib
+
+$(LIB): $(OBJS)
+ del $(LIB)
+ makersp "+%s &\n" &&|
+ $(OBJS)
+| >libdes.rsp
+ $(TLIB) libdes.lib @libdes.rsp,nul
+ del libdes.rsp
+
+destest.exe: destest.obj libdes.lib
+rpw.exe: rpw.obj libdes.lib
+speed.exe: speed.obj libdes.lib
+des.exe: des.obj libdes.lib
+
+
diff --git a/crypto/des/ncbc_enc.c b/crypto/des/ncbc_enc.c
new file mode 100644
index 0000000..b79d965
--- /dev/null
+++ b/crypto/des/ncbc_enc.c
@@ -0,0 +1,141 @@
+/* crypto/des/ncbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_ncbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0; tin[0]=tin0;
+ tin1^=tout1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/crypto/des/ofb64ede.c b/crypto/des/ofb64ede.c
new file mode 100644
index 0000000..6a6b95c
--- /dev/null
+++ b/crypto/des/ofb64ede.c
@@ -0,0 +1,131 @@
+/* crypto/des/ofb64ede.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void des_ede3_ofb64_encrypt(in, out, length, k1,k2,k3, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule k1,k2,k3;
+des_cblock (*ivec);
+int *num;
+ {
+ register DES_LONG v0,v1;
+ register int n= *num;
+ register long l=length;
+ des_cblock d;
+ register char *dp;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ ti[0]=v0;
+ ti[1]=v1;
+ des_encrypt3((DES_LONG *)ti,k1,k2,k3);
+ v0=ti[0];
+ v1=ti[1];
+
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+/* v0=ti[0];
+ v1=ti[1];*/
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ }
+ v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
+#ifdef undef /* MACRO */
+void des_ede2_ofb64_encrypt(in, out, length, k1,k2, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule k1,k2;
+des_cblock (*ivec);
+int *num;
+ {
+ des_ede3_ofb64_encrypt(in, out, length, k1,k2,k1, ivec, num);
+ }
+#endif
diff --git a/crypto/des/ofb64enc.c b/crypto/des/ofb64enc.c
new file mode 100644
index 0000000..fe40739
--- /dev/null
+++ b/crypto/des/ofb64enc.c
@@ -0,0 +1,114 @@
+/* crypto/des/ofb64enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void des_ofb64_encrypt(in, out, length, schedule, ivec, num)
+register unsigned char *in;
+register unsigned char *out;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int *num;
+ {
+ register DES_LONG v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ des_cblock d;
+ register char *dp;
+ DES_LONG ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ dp=(char *)d;
+ t=ti[0]; l2c(t,dp);
+ t=ti[1]; l2c(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/crypto/des/ofb_enc.c b/crypto/des/ofb_enc.c
new file mode 100644
index 0000000..9b2ecb6
--- /dev/null
+++ b/crypto/des/ofb_enc.c
@@ -0,0 +1,122 @@
+/* crypto/des/ofb_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* The input and output are loaded in multiples of 8 bits.
+ * What this means is that if you hame numbits=12 and length=2
+ * the first 12 bits will be retrieved from the first byte and half
+ * the second. The second 12 bits will come from the 3rd and half the 4th
+ * byte.
+ */
+void des_ofb_encrypt(in, out, numbits, length, schedule, ivec)
+unsigned char *in;
+unsigned char *out;
+int numbits;
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+ {
+ register DES_LONG d0,d1,v0,v1,n=(numbits+7)/8;
+ register DES_LONG mask0,mask1;
+ register long l=length;
+ register int num=numbits;
+ DES_LONG ti[2];
+ unsigned char *iv;
+
+ if (num > 64) return;
+ if (num > 32)
+ {
+ mask0=0xffffffffL;
+ if (num >= 64)
+ mask1=mask0;
+ else
+ mask1=(1L<<(num-32))-1;
+ }
+ else
+ {
+ if (num == 32)
+ mask0=0xffffffffL;
+ else
+ mask0=(1L<<num)-1;
+ mask1=0x00000000;
+ }
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ while (l-- > 0)
+ {
+ des_encrypt((DES_LONG *)ti,schedule,DES_ENCRYPT);
+ c2ln(in,d0,d1,n);
+ in+=n;
+ d0=(d0^ti[0])&mask0;
+ d1=(d1^ti[1])&mask1;
+ l2cn(d0,d1,out,n);
+ out+=n;
+ }
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ v0=v1=d0=d1=ti[0]=ti[1]=0;
+ }
+
diff --git a/crypto/des/options.txt b/crypto/des/options.txt
new file mode 100644
index 0000000..9fe6488
--- /dev/null
+++ b/crypto/des/options.txt
@@ -0,0 +1,39 @@
+Note that the UNROLL option makes the 'inner' des loop unroll all 16 rounds
+instead of the default 4.
+RISC1 and RISC2 are 2 alternatives for the inner loop and
+PTR means to use pointers arithmatic instead of arrays.
+
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - assember 577,000 4620k/s
+IRIX 6.2 - R10000 195mhz - cc (-O3 -n32) - UNROLL RISC2 PTR 496,000 3968k/s
+solaris 2.5.1 usparc 167mhz?? - SC4.0 - UNROLL RISC1 PTR [1] 459,400 3672k/s
+FreeBSD - Pentium Pro 200mhz - gcc 2.7.2.2 - UNROLL RISC1 433,000 3468k/s
+solaris 2.5.1 usparc 167mhz?? - gcc 2.7.2 - UNROLL 380,000 3041k/s
+linux - pentium 100mhz - gcc 2.7.0 - assember 281,000 2250k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - assember 281,000 2250k/s
+AIX 4.1? - PPC604 100mhz - cc - UNROLL 275,000 2200k/s
+IRIX 5.3 - R4400 200mhz - gcc 2.6.3 - UNROLL RISC2 PTR 235,300 1882k/s
+IRIX 5.3 - R4400 200mhz - cc - UNROLL RISC2 PTR 233,700 1869k/s
+NT 4.0 - pentium 100mhz - VC 4.2 - UNROLL RISC1 PTR 191,000 1528k/s
+DEC Alpha 165mhz?? - cc - RISC2 PTR [2] 181,000 1448k/s
+linux - pentium 100mhz - gcc 2.7.0 - UNROLL RISC1 PTR 158,500 1268k/s
+HPUX 10 - 9000/887 - cc - UNROLL [3] 148,000 1190k/s
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2 - UNROLL 123,600 989k/s
+IRIX 5.3 - R4000 100mhz - cc - UNROLL RISC2 PTR 101,000 808k/s
+DGUX - 88100 50mhz(?) - gcc 2.6.3 - UNROLL 81,000 648k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - assember 65,000 522k/s
+HPUX 10 - 9000/887 - k&r cc (default compiler) - UNROLL PTR 76,000 608k/s
+solaris 2.4 486 50mhz - gcc 2.6.3 - UNROLL RISC2 43,500 344k/s
+AIX - old slow one :-) - cc - 39,000 312k/s
+
+Notes.
+[1] For the ultra sparc, SunC 4.0
+ cc -xtarget=ultra -xarch=v8plus -Xa -xO5, running 'des_opts'
+ gives a speed of 344,000 des/s while 'speed' gives 459,000 des/s.
+ I'll record the higher since it is coming from the library but it
+ is all rather weird.
+[2] Similar to the ultra sparc ([1]), 181,000 for 'des_opts' vs 175,000.
+[3] I was unable to get access to this machine when it was not heavily loaded.
+ As such, my timing program was never able to get more that %30 of the CPU.
+ This would cause the program to give much lower speed numbers because
+ it would be 'fighting' to stay in the cache with the other CPU burning
+ processes.
diff --git a/crypto/des/pcbc_enc.c b/crypto/des/pcbc_enc.c
new file mode 100644
index 0000000..8adba1a
--- /dev/null
+++ b/crypto/des/pcbc_enc.c
@@ -0,0 +1,126 @@
+/* crypto/des/pcbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+void des_pcbc_encrypt(input, output, length, schedule, ivec, enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+int enc;
+ {
+ register DES_LONG sin0,sin1,xor0,xor1,tout0,tout1;
+ DES_LONG tin[2];
+ unsigned char *in,*out,*iv;
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (; length>0; length-=8)
+ {
+ if (length >= 8)
+ {
+ c2l(in,sin0);
+ c2l(in,sin1);
+ }
+ else
+ c2ln(in,sin0,sin1,length);
+ tin[0]=sin0^xor0;
+ tin[1]=sin1^xor1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0];
+ tout1=tin[1];
+ xor0=sin0^tout0;
+ xor1=sin1^tout1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ }
+ else
+ {
+ c2l(iv,xor0); c2l(iv,xor1);
+ for (; length>0; length-=8)
+ {
+ c2l(in,sin0);
+ c2l(in,sin1);
+ tin[0]=sin0;
+ tin[1]=sin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ if (length >= 8)
+ {
+ l2c(tout0,out);
+ l2c(tout1,out);
+ }
+ else
+ l2cn(tout0,tout1,out,length);
+ xor0=tout0^sin0;
+ xor1=tout1^sin1;
+ }
+ }
+ tin[0]=tin[1]=0;
+ sin0=sin1=xor0=xor1=tout0=tout1=0;
+ }
diff --git a/crypto/des/podd.h b/crypto/des/podd.h
new file mode 100644
index 0000000..c00cd6b
--- /dev/null
+++ b/crypto/des/podd.h
@@ -0,0 +1,75 @@
+/* crypto/des/podd.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static const unsigned char odd_parity[256]={
+ 1, 1, 2, 2, 4, 4, 7, 7, 8, 8, 11, 11, 13, 13, 14, 14,
+ 16, 16, 19, 19, 21, 21, 22, 22, 25, 25, 26, 26, 28, 28, 31, 31,
+ 32, 32, 35, 35, 37, 37, 38, 38, 41, 41, 42, 42, 44, 44, 47, 47,
+ 49, 49, 50, 50, 52, 52, 55, 55, 56, 56, 59, 59, 61, 61, 62, 62,
+ 64, 64, 67, 67, 69, 69, 70, 70, 73, 73, 74, 74, 76, 76, 79, 79,
+ 81, 81, 82, 82, 84, 84, 87, 87, 88, 88, 91, 91, 93, 93, 94, 94,
+ 97, 97, 98, 98,100,100,103,103,104,104,107,107,109,109,110,110,
+112,112,115,115,117,117,118,118,121,121,122,122,124,124,127,127,
+128,128,131,131,133,133,134,134,137,137,138,138,140,140,143,143,
+145,145,146,146,148,148,151,151,152,152,155,155,157,157,158,158,
+161,161,162,162,164,164,167,167,168,168,171,171,173,173,174,174,
+176,176,179,179,181,181,182,182,185,185,186,186,188,188,191,191,
+193,193,194,194,196,196,199,199,200,200,203,203,205,205,206,206,
+208,208,211,211,213,213,214,214,217,217,218,218,220,220,223,223,
+224,224,227,227,229,229,230,230,233,233,234,234,236,236,239,239,
+241,241,242,242,244,244,247,247,248,248,251,251,253,253,254,254};
diff --git a/crypto/des/qud_cksm.c b/crypto/des/qud_cksm.c
new file mode 100644
index 0000000..39e8f40
--- /dev/null
+++ b/crypto/des/qud_cksm.c
@@ -0,0 +1,144 @@
+/* crypto/des/qud_cksm.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* From "Message Authentication" R.R. Jueneman, S.M. Matyas, C.H. Meyer
+ * IEEE Communications Magazine Sept 1985 Vol. 23 No. 9 p 29-40
+ * This module in only based on the code in this paper and is
+ * almost definitely not the same as the MIT implementation.
+ */
+#include "des_locl.h"
+
+/* bug fix for dos - 7/6/91 - Larry hughes@logos.ucs.indiana.edu */
+#define Q_B0(a) (((DES_LONG)(a)))
+#define Q_B1(a) (((DES_LONG)(a))<<8)
+#define Q_B2(a) (((DES_LONG)(a))<<16)
+#define Q_B3(a) (((DES_LONG)(a))<<24)
+
+/* used to scramble things a bit */
+/* Got the value MIT uses via brute force :-) 2/10/90 eay */
+#define NOISE ((DES_LONG)83653421L)
+
+DES_LONG des_quad_cksum(input, output, length, out_count, seed)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+int out_count;
+des_cblock (*seed);
+ {
+ DES_LONG z0,z1,t0,t1;
+ int i;
+ long l;
+ unsigned char *cp;
+ unsigned char *lp;
+
+ if (out_count < 1) out_count=1;
+ lp=(unsigned char *)output;
+
+ z0=Q_B0((*seed)[0])|Q_B1((*seed)[1])|Q_B2((*seed)[2])|Q_B3((*seed)[3]);
+ z1=Q_B0((*seed)[4])|Q_B1((*seed)[5])|Q_B2((*seed)[6])|Q_B3((*seed)[7]);
+
+ for (i=0; ((i<4)&&(i<out_count)); i++)
+ {
+ cp=(unsigned char *)input;
+ l=length;
+ while (l > 0)
+ {
+ if (l > 1)
+ {
+ t0= (DES_LONG)(*(cp++));
+ t0|=(DES_LONG)Q_B1(*(cp++));
+ l--;
+ }
+ else
+ t0= (DES_LONG)(*(cp++));
+ l--;
+ /* add */
+ t0+=z0;
+ t0&=0xffffffffL;
+ t1=z1;
+ /* square, well sort of square */
+ z0=((((t0*t0)&0xffffffffL)+((t1*t1)&0xffffffffL))
+ &0xffffffffL)%0x7fffffffL;
+ z1=((t0*((t1+NOISE)&0xffffffffL))&0xffffffffL)%0x7fffffffL;
+ }
+ if (lp != NULL)
+ {
+ /* I believe I finally have things worked out.
+ * The MIT library assumes that the checksum
+ * is one huge number and it is returned in a
+ * host dependant byte order.
+ */
+ static DES_LONG ltmp=1;
+ static unsigned char *c=(unsigned char *)<mp;
+
+ if (c[0])
+ {
+ l2c(z0,lp);
+ l2c(z1,lp);
+ }
+ else
+ {
+ lp=output[out_count-i-1];
+ l2n(z1,lp);
+ l2n(z0,lp);
+ }
+ }
+ }
+ return(z0);
+ }
+
diff --git a/crypto/des/rand_key.c b/crypto/des/rand_key.c
new file mode 100644
index 0000000..feb7ba7
--- /dev/null
+++ b/crypto/des/rand_key.c
@@ -0,0 +1,118 @@
+/* crypto/des/rand_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+#include <time.h>
+
+static int seed=0;
+static des_cblock init;
+
+void des_random_seed(key)
+des_cblock key;
+ {
+ memcpy(init,key,sizeof(des_cblock));
+ seed=1;
+ }
+
+void des_random_key(ret)
+unsigned char *ret;
+ {
+ des_key_schedule ks;
+ static DES_LONG c=0;
+ static unsigned short pid=0;
+ static des_cblock data={0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef};
+ des_cblock key;
+ unsigned char *p;
+ DES_LONG t;
+ int i;
+
+#ifdef MSDOS
+ pid=1;
+#else
+ if (!pid) pid=getpid();
+#endif
+ p=key;
+ if (seed)
+ {
+ for (i=0; i<8; i++)
+ {
+ data[i] ^= init[i];
+ init[i]=0;
+ }
+ seed=0;
+ }
+ t=(DES_LONG)time(NULL);
+ l2c(t,p);
+ t=(DES_LONG)((pid)|((c++)<<16));
+ l2c(t,p);
+
+ des_set_odd_parity((des_cblock *)data);
+ des_set_key((des_cblock *)data,ks);
+ des_cbc_cksum((des_cblock *)key,(des_cblock *)key,
+ (long)sizeof(key),ks,(des_cblock *)data);
+
+ des_set_odd_parity((des_cblock *)key);
+ des_set_key((des_cblock *)key,ks);
+ des_cbc_cksum((des_cblock *)key,(des_cblock *)data,
+ (long)sizeof(key),ks,(des_cblock *)key);
+
+ memcpy(ret,data,sizeof(key));
+ memset(key,0,sizeof(key));
+ memset(ks,0,sizeof(ks));
+ t=0;
+ }
diff --git a/crypto/des/read2pwd.c b/crypto/des/read2pwd.c
new file mode 100644
index 0000000..84136b9
--- /dev/null
+++ b/crypto/des/read2pwd.c
@@ -0,0 +1,90 @@
+/* crypto/des/read2pwd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+int des_read_password(key, prompt, verify)
+des_cblock (*key);
+char *prompt;
+int verify;
+ {
+ int ok;
+ char buf[BUFSIZ],buff[BUFSIZ];
+
+ if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+ des_string_to_key(buf,key);
+ memset(buf,0,BUFSIZ);
+ memset(buff,0,BUFSIZ);
+ return(ok);
+ }
+
+int des_read_2passwords(key1, key2, prompt, verify)
+des_cblock (*key1);
+des_cblock (*key2);
+char *prompt;
+int verify;
+ {
+ int ok;
+ char buf[BUFSIZ],buff[BUFSIZ];
+
+ if ((ok=des_read_pw(buf,buff,BUFSIZ,prompt,verify)) == 0)
+ des_string_to_2keys(buf,key1,key2);
+ memset(buf,0,BUFSIZ);
+ memset(buff,0,BUFSIZ);
+ return(ok);
+ }
diff --git a/crypto/des/read_pwd.c b/crypto/des/read_pwd.c
new file mode 100644
index 0000000..75d035c
--- /dev/null
+++ b/crypto/des/read_pwd.c
@@ -0,0 +1,419 @@
+/* crypto/des/read_pwd.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifdef WIN16TTY
+#undef WIN16
+#undef _WINDOWS
+#include <graph.h>
+#endif
+
+/* 06-Apr-92 Luke Brennan Support for VMS */
+#include "des_locl.h"
+#include <signal.h>
+#include <string.h>
+#include <setjmp.h>
+#include <errno.h>
+
+/* There are 5 types of terminal interface supported,
+ * TERMIO, TERMIOS, VMS, MSDOS and SGTTY
+ */
+
+#if defined(__sgi) && !defined(TERMIOS)
+#define TERMIOS
+#undef TERMIO
+#undef SGTTY
+#endif
+
+#if defined(linux) && !defined(TERMIO)
+#undef TERMIOS
+#define TERMIO
+#undef SGTTY
+#endif
+
+#ifdef _LIBC
+#undef TERMIOS
+#define TERMIO
+#undef SGTTY
+#endif
+
+#if !defined(TERMIO) && !defined(TERMIOS) && !defined(VMS) && !defined(MSDOS)
+#undef TERMIOS
+#undef TERMIO
+#define SGTTY
+#endif
+
+#ifdef TERMIOS
+#include <termios.h>
+#define TTY_STRUCT struct termios
+#define TTY_FLAGS c_lflag
+#define TTY_get(tty,data) tcgetattr(tty,data)
+#define TTY_set(tty,data) tcsetattr(tty,TCSANOW,data)
+#endif
+
+#ifdef TERMIO
+#include <termio.h>
+#define TTY_STRUCT struct termio
+#define TTY_FLAGS c_lflag
+#define TTY_get(tty,data) ioctl(tty,TCGETA,data)
+#define TTY_set(tty,data) ioctl(tty,TCSETA,data)
+#endif
+
+#ifdef SGTTY
+#include <sgtty.h>
+#define TTY_STRUCT struct sgttyb
+#define TTY_FLAGS sg_flags
+#define TTY_get(tty,data) ioctl(tty,TIOCGETP,data)
+#define TTY_set(tty,data) ioctl(tty,TIOCSETP,data)
+#endif
+
+#if !defined(_LIBC) && !defined(MSDOS) && !defined(VMS)
+#include <sys/ioctl.h>
+#endif
+
+#ifdef MSDOS
+#include <conio.h>
+#define fgets(a,b,c) noecho_fgets(a,b,c)
+#endif
+
+#ifdef VMS
+#include <ssdef.h>
+#include <iodef.h>
+#include <ttdef.h>
+#include <descrip.h>
+struct IOSB {
+ short iosb$w_value;
+ short iosb$w_count;
+ long iosb$l_info;
+ };
+#endif
+
+#ifndef NX509_SIG
+#define NX509_SIG 32
+#endif
+
+#ifndef NOPROTO
+static void read_till_nl(FILE *);
+static void recsig(int);
+static void pushsig(void);
+static void popsig(void);
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(char *buf, int size, FILE *tty);
+#endif
+#else
+static void read_till_nl();
+static void recsig();
+static void pushsig();
+static void popsig();
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets();
+#endif
+#endif
+
+#ifndef NOPROTO
+static void (*savsig[NX509_SIG])(int );
+#else
+static void (*savsig[NX509_SIG])();
+#endif
+static jmp_buf save;
+
+int des_read_pw_string(buf, length, prompt, verify)
+char *buf;
+int length;
+char *prompt;
+int verify;
+ {
+ char buff[BUFSIZ];
+ int ret;
+
+ ret=des_read_pw(buf,buff,(length>BUFSIZ)?BUFSIZ:length,prompt,verify);
+ memset(buff,0,BUFSIZ);
+ return(ret);
+ }
+
+#ifndef WIN16
+
+static void read_till_nl(in)
+FILE *in;
+ {
+#define SIZE 4
+ char buf[SIZE+1];
+
+ do {
+ fgets(buf,SIZE,in);
+ } while (strchr(buf,'\n') == NULL);
+ }
+
+
+/* return 0 if ok, 1 (or -1) otherwise */
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+ {
+#ifdef VMS
+ struct IOSB iosb;
+ $DESCRIPTOR(terminal,"TT");
+ long tty_orig[3], tty_new[3];
+ long status;
+ unsigned short channel = 0;
+#else
+#ifndef MSDOS
+ TTY_STRUCT tty_orig,tty_new;
+#endif
+#endif
+ int number=5;
+ int ok=0;
+ int ps=0;
+ int is_a_tty=1;
+
+ FILE *tty=NULL;
+ char *p;
+
+#ifndef MSDOS
+ if ((tty=fopen("/dev/tty","r")) == NULL)
+ tty=stdin;
+#else /* MSDOS */
+ if ((tty=fopen("con","r")) == NULL)
+ tty=stdin;
+#endif /* MSDOS */
+
+#if defined(TTY_get) && !defined(VMS)
+ if (TTY_get(fileno(tty),&tty_orig) == -1)
+ {
+#ifdef ENOTTY
+ if (errno == ENOTTY)
+ is_a_tty=0;
+ else
+#endif
+ return(-1);
+ }
+ memcpy(&(tty_new),&(tty_orig),sizeof(tty_orig));
+#endif
+#ifdef VMS
+ status = SYS$ASSIGN(&terminal,&channel,0,0);
+ if (status != SS$_NORMAL)
+ return(-1);
+ status=SYS$QIOW(0,channel,IO$_SENSEMODE,&iosb,0,0,tty_orig,12,0,0,0,0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return(-1);
+#endif
+
+ if (setjmp(save))
+ {
+ ok=0;
+ goto error;
+ }
+ pushsig();
+ ps=1;
+
+#ifdef TTY_FLAGS
+ tty_new.TTY_FLAGS &= ~ECHO;
+#endif
+
+#if defined(TTY_set) && !defined(VMS)
+ if (is_a_tty && (TTY_set(fileno(tty),&tty_new) == -1))
+ return(-1);
+#endif
+#ifdef VMS
+ tty_new[0] = tty_orig[0];
+ tty_new[1] = tty_orig[1] | TT$M_NOECHO;
+ tty_new[2] = tty_orig[2];
+ status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0,tty_new,12,0,0,0,0);
+ if ((status != SS$_NORMAL) || (iosb.iosb$w_value != SS$_NORMAL))
+ return(-1);
+#endif
+ ps=2;
+
+ while ((!ok) && (number--))
+ {
+ fputs(prompt,stderr);
+ fflush(stderr);
+
+ buf[0]='\0';
+ fgets(buf,size,tty);
+ if (feof(tty)) goto error;
+ if (ferror(tty)) goto error;
+ if ((p=(char *)strchr(buf,'\n')) != NULL)
+ *p='\0';
+ else read_till_nl(tty);
+ if (verify)
+ {
+ fprintf(stderr,"\nVerifying password - %s",prompt);
+ fflush(stderr);
+ buff[0]='\0';
+ fgets(buff,size,tty);
+ if (feof(tty)) goto error;
+ if ((p=(char *)strchr(buff,'\n')) != NULL)
+ *p='\0';
+ else read_till_nl(tty);
+
+ if (strcmp(buf,buff) != 0)
+ {
+ fprintf(stderr,"\nVerify failure");
+ fflush(stderr);
+ break;
+ /* continue; */
+ }
+ }
+ ok=1;
+ }
+
+error:
+ fprintf(stderr,"\n");
+#ifdef DEBUG
+ perror("fgets(tty)");
+#endif
+ /* What can we do if there is an error? */
+#if defined(TTY_set) && !defined(VMS)
+ if (ps >= 2) TTY_set(fileno(tty),&tty_orig);
+#endif
+#ifdef VMS
+ if (ps >= 2)
+ status = SYS$QIOW(0,channel,IO$_SETMODE,&iosb,0,0
+ ,tty_orig,12,0,0,0,0);
+#endif
+
+ if (ps >= 1) popsig();
+ if (stdin != tty) fclose(tty);
+#ifdef VMS
+ status = SYS$DASSGN(channel);
+#endif
+ return(!ok);
+ }
+
+#else /* WIN16 */
+
+int des_read_pw(buf, buff, size, prompt, verify)
+char *buf;
+char *buff;
+int size;
+char *prompt;
+int verify;
+ {
+ memset(buf,0,size);
+ memset(buff,0,size);
+ return(0);
+ }
+
+#endif
+
+static void pushsig()
+ {
+ int i;
+
+ for (i=1; i<NX509_SIG; i++)
+ savsig[i]=signal(i,recsig);
+
+#ifdef SIGWINCH
+ signal(SIGWINCH,SIG_DFL);
+#endif
+ }
+
+static void popsig()
+ {
+ int i;
+
+ for (i=1; i<NX509_SIG; i++)
+ signal(i,savsig[i]);
+ }
+
+static void recsig(i)
+int i;
+ {
+ longjmp(save,1);
+#ifdef LINT
+ i=i;
+#endif
+ }
+
+#if defined(MSDOS) && !defined(WIN16)
+static int noecho_fgets(buf,size,tty)
+char *buf;
+int size;
+FILE *tty;
+ {
+ int i;
+ char *p;
+
+ p=buf;
+ for (;;)
+ {
+ if (size == 0)
+ {
+ *p='\0';
+ break;
+ }
+ size--;
+#ifdef WIN16TTY
+ i=_inchar();
+#else
+ i=getch();
+#endif
+ if (i == '\r') i='\n';
+ *(p++)=i;
+ if (i == '\n')
+ {
+ *p='\0';
+ break;
+ }
+ }
+ return(strlen(buf));
+ }
+#endif
diff --git a/crypto/des/rpc_des.h b/crypto/des/rpc_des.h
new file mode 100644
index 0000000..4d53eea
--- /dev/null
+++ b/crypto/des/rpc_des.h
@@ -0,0 +1,131 @@
+/* crypto/des/rpc_des.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* @(#)des.h 2.2 88/08/10 4.0 RPCSRC; from 2.7 88/02/08 SMI */
+/*
+ * Sun RPC is a product of Sun Microsystems, Inc. and is provided for
+ * unrestricted use provided that this legend is included on all tape
+ * media and as a part of the software program in whole or part. Users
+ * may copy or modify Sun RPC without charge, but are not authorized
+ * to license or distribute it to anyone else except as part of a product or
+ * program developed by the user.
+ *
+ * SUN RPC IS PROVIDED AS IS WITH NO WARRANTIES OF ANY KIND INCLUDING THE
+ * WARRANTIES OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE, OR ARISING FROM A COURSE OF DEALING, USAGE OR TRADE PRACTICE.
+ *
+ * Sun RPC is provided with no support and without any obligation on the
+ * part of Sun Microsystems, Inc. to assist in its use, correction,
+ * modification or enhancement.
+ *
+ * SUN MICROSYSTEMS, INC. SHALL HAVE NO LIABILITY WITH RESPECT TO THE
+ * INFRINGEMENT OF COPYRIGHTS, TRADE SECRETS OR ANY PATENTS BY SUN RPC
+ * OR ANY PART THEREOF.
+ *
+ * In no event will Sun Microsystems, Inc. be liable for any lost revenue
+ * or profits or other special, indirect and consequential damages, even if
+ * Sun has been advised of the possibility of such damages.
+ *
+ * Sun Microsystems, Inc.
+ * 2550 Garcia Avenue
+ * Mountain View, California 94043
+ */
+/*
+ * Generic DES driver interface
+ * Keep this file hardware independent!
+ * Copyright (c) 1986 by Sun Microsystems, Inc.
+ */
+
+#define DES_MAXLEN 65536 /* maximum # of bytes to encrypt */
+#define DES_QUICKLEN 16 /* maximum # of bytes to encrypt quickly */
+
+#ifdef HEADER_DES_H
+#undef ENCRYPT
+#undef DECRYPT
+#endif
+
+enum desdir { ENCRYPT, DECRYPT };
+enum desmode { CBC, ECB };
+
+/*
+ * parameters to ioctl call
+ */
+struct desparams {
+ unsigned char des_key[8]; /* key (with low bit parity) */
+ enum desdir des_dir; /* direction */
+ enum desmode des_mode; /* mode */
+ unsigned char des_ivec[8]; /* input vector */
+ unsigned des_len; /* number of bytes to crypt */
+ union {
+ unsigned char UDES_data[DES_QUICKLEN];
+ unsigned char *UDES_buf;
+ } UDES;
+# define des_data UDES.UDES_data /* direct data here if quick */
+# define des_buf UDES.UDES_buf /* otherwise, pointer to data */
+};
+
+/*
+ * Encrypt an arbitrary sized buffer
+ */
+#define DESIOCBLOCK _IOWR(d, 6, struct desparams)
+
+/*
+ * Encrypt of small amount of data, quickly
+ */
+#define DESIOCQUICK _IOWR(d, 7, struct desparams)
+
diff --git a/crypto/des/rpc_enc.c b/crypto/des/rpc_enc.c
new file mode 100644
index 0000000..b7eeb09
--- /dev/null
+++ b/crypto/des/rpc_enc.c
@@ -0,0 +1,107 @@
+/* crypto/des/rpc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rpc_des.h"
+#include "des_locl.h"
+#include "des_ver.h"
+
+#ifndef NOPROTO
+int _des_crypt(char *buf,int len,struct desparams *desp);
+#else
+int _des_crypt();
+#endif
+
+int _des_crypt(buf, len, desp)
+char *buf;
+int len;
+struct desparams *desp;
+ {
+ des_key_schedule ks;
+ int enc;
+
+ des_set_key((des_cblock *)desp->des_key,ks);
+ enc=(desp->des_dir == ENCRYPT)?DES_ENCRYPT:DES_DECRYPT;
+
+ if (desp->des_mode == CBC)
+ des_ecb_encrypt((des_cblock *)desp->UDES.UDES_buf,
+ (des_cblock *)desp->UDES.UDES_buf,ks,enc);
+ else
+ {
+ des_ncbc_encrypt((des_cblock *)desp->UDES.UDES_buf,
+ (des_cblock *)desp->UDES.UDES_buf,
+ (long)len,ks,
+ (des_cblock *)desp->des_ivec,enc);
+#ifdef undef
+ /* len will always be %8 if called from common_crypt
+ * in secure_rpc.
+ * Libdes's cbc encrypt does not copy back the iv,
+ * so we have to do it here. */
+ /* It does now :-) eay 20/09/95 */
+
+ a=(char *)&(desp->UDES.UDES_buf[len-8]);
+ b=(char *)&(desp->des_ivec[0]);
+
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+ *(a++)= *(b++); *(a++)= *(b++);
+#endif
+ }
+ return(1);
+ }
+
diff --git a/crypto/des/rpw.c b/crypto/des/rpw.c
new file mode 100644
index 0000000..93793c6
--- /dev/null
+++ b/crypto/des/rpw.c
@@ -0,0 +1,101 @@
+/* crypto/des/rpw.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "des.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ des_cblock k,k1;
+ int i;
+
+ printf("read passwd\n");
+ if ((i=des_read_password((C_Block *)k,"Enter password:",0)) == 0)
+ {
+ printf("password = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k[i]);
+ }
+ else
+ printf("error %d\n",i);
+ printf("\n");
+ printf("read 2passwds and verify\n");
+ if ((i=des_read_2passwords((C_Block *)k,(C_Block *)k1,
+ "Enter verified password:",1)) == 0)
+ {
+ printf("password1 = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k[i]);
+ printf("\n");
+ printf("password2 = ");
+ for (i=0; i<8; i++)
+ printf("%02x ",k1[i]);
+ printf("\n");
+ exit(1);
+ }
+ else
+ {
+ printf("error %d\n",i);
+ exit(0);
+ }
+#ifdef LINT
+ return(0);
+#endif
+ }
diff --git a/crypto/des/set_key.c b/crypto/des/set_key.c
new file mode 100644
index 0000000..99ac273
--- /dev/null
+++ b/crypto/des/set_key.c
@@ -0,0 +1,246 @@
+/* crypto/des/set_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* set_key.c v 1.4 eay 24/9/91
+ * 1.4 Speed up by 400% :-)
+ * 1.3 added register declarations.
+ * 1.2 unrolled make_key_sched a bit more
+ * 1.1 added norm_expand_bits
+ * 1.0 First working version
+ */
+#include "des_locl.h"
+#include "podd.h"
+#include "sk.h"
+
+#ifndef NOPROTO
+static int check_parity(des_cblock (*key));
+#else
+static int check_parity();
+#endif
+
+int des_check_key=0;
+
+void des_set_odd_parity(key)
+des_cblock (*key);
+ {
+ int i;
+
+ for (i=0; i<DES_KEY_SZ; i++)
+ (*key)[i]=odd_parity[(*key)[i]];
+ }
+
+static int check_parity(key)
+des_cblock (*key);
+ {
+ int i;
+
+ for (i=0; i<DES_KEY_SZ; i++)
+ {
+ if ((*key)[i] != odd_parity[(*key)[i]])
+ return(0);
+ }
+ return(1);
+ }
+
+/* Weak and semi week keys as take from
+ * %A D.W. Davies
+ * %A W.L. Price
+ * %T Security for Computer Networks
+ * %I John Wiley & Sons
+ * %D 1984
+ * Many thanks to smb@ulysses.att.com (Steven Bellovin) for the reference
+ * (and actual cblock values).
+ */
+#define NUM_WEAK_KEY 16
+static des_cblock weak_keys[NUM_WEAK_KEY]={
+ /* weak keys */
+ {0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01},
+ {0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE,0xFE},
+ {0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F,0x1F},
+ {0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0,0xE0},
+ /* semi-weak keys */
+ {0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE},
+ {0xFE,0x01,0xFE,0x01,0xFE,0x01,0xFE,0x01},
+ {0x1F,0xE0,0x1F,0xE0,0x0E,0xF1,0x0E,0xF1},
+ {0xE0,0x1F,0xE0,0x1F,0xF1,0x0E,0xF1,0x0E},
+ {0x01,0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1},
+ {0xE0,0x01,0xE0,0x01,0xF1,0x01,0xF1,0x01},
+ {0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E,0xFE},
+ {0xFE,0x1F,0xFE,0x1F,0xFE,0x0E,0xFE,0x0E},
+ {0x01,0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E},
+ {0x1F,0x01,0x1F,0x01,0x0E,0x01,0x0E,0x01},
+ {0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE},
+ {0xFE,0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1}};
+
+int des_is_weak_key(key)
+des_cblock (*key);
+ {
+ int i;
+
+ for (i=0; i<NUM_WEAK_KEY; i++)
+ /* Added == 0 to comparision, I obviously don't run
+ * this section very often :-(, thanks to
+ * engineering@MorningStar.Com for the fix
+ * eay 93/06/29
+ * Another problem, I was comparing only the first 4
+ * bytes, 97/03/18 */
+ if (memcmp(weak_keys[i],key,sizeof(des_cblock)) == 0) return(1);
+ return(0);
+ }
+
+/* NOW DEFINED IN des_local.h
+ * See ecb_encrypt.c for a pseudo description of these macros.
+ * #define PERM_OP(a,b,t,n,m) ((t)=((((a)>>(n))^(b))&(m)),\
+ * (b)^=(t),\
+ * (a)=((a)^((t)<<(n))))
+ */
+
+#define HPERM_OP(a,t,n,m) ((t)=((((a)<<(16-(n)))^(a))&(m)),\
+ (a)=(a)^(t)^(t>>(16-(n))))
+
+/* return 0 if key parity is odd (correct),
+ * return -1 if key parity error,
+ * return -2 if illegal weak key.
+ */
+int des_set_key(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+ {
+ static int shifts2[16]={0,0,1,1,1,1,1,1,0,1,1,1,1,1,1,0};
+ register DES_LONG c,d,t,s,t2;
+ register unsigned char *in;
+ register DES_LONG *k;
+ register int i;
+
+ if (des_check_key)
+ {
+ if (!check_parity(key))
+ return(-1);
+
+ if (des_is_weak_key(key))
+ return(-2);
+ }
+
+ k=(DES_LONG *)schedule;
+ in=(unsigned char *)key;
+
+ c2l(in,c);
+ c2l(in,d);
+
+ /* do PC1 in 60 simple operations */
+/* PERM_OP(d,c,t,4,0x0f0f0f0fL);
+ HPERM_OP(c,t,-2, 0xcccc0000L);
+ HPERM_OP(c,t,-1, 0xaaaa0000L);
+ HPERM_OP(c,t, 8, 0x00ff0000L);
+ HPERM_OP(c,t,-1, 0xaaaa0000L);
+ HPERM_OP(d,t,-8, 0xff000000L);
+ HPERM_OP(d,t, 8, 0x00ff0000L);
+ HPERM_OP(d,t, 2, 0x33330000L);
+ d=((d&0x00aa00aaL)<<7L)|((d&0x55005500L)>>7L)|(d&0xaa55aa55L);
+ d=(d>>8)|((c&0xf0000000L)>>4);
+ c&=0x0fffffffL; */
+
+ /* I now do it in 47 simple operations :-)
+ * Thanks to John Fletcher (john_fletcher@lccmail.ocf.llnl.gov)
+ * for the inspiration. :-) */
+ PERM_OP (d,c,t,4,0x0f0f0f0fL);
+ HPERM_OP(c,t,-2,0xcccc0000L);
+ HPERM_OP(d,t,-2,0xcccc0000L);
+ PERM_OP (d,c,t,1,0x55555555L);
+ PERM_OP (c,d,t,8,0x00ff00ffL);
+ PERM_OP (d,c,t,1,0x55555555L);
+ d= (((d&0x000000ffL)<<16L)| (d&0x0000ff00L) |
+ ((d&0x00ff0000L)>>16L)|((c&0xf0000000L)>>4L));
+ c&=0x0fffffffL;
+
+ for (i=0; i<ITERATIONS; i++)
+ {
+ if (shifts2[i])
+ { c=((c>>2L)|(c<<26L)); d=((d>>2L)|(d<<26L)); }
+ else
+ { c=((c>>1L)|(c<<27L)); d=((d>>1L)|(d<<27L)); }
+ c&=0x0fffffffL;
+ d&=0x0fffffffL;
+ /* could be a few less shifts but I am to lazy at this
+ * point in time to investigate */
+ s= des_skb[0][ (c )&0x3f ]|
+ des_skb[1][((c>> 6)&0x03)|((c>> 7L)&0x3c)]|
+ des_skb[2][((c>>13)&0x0f)|((c>>14L)&0x30)]|
+ des_skb[3][((c>>20)&0x01)|((c>>21L)&0x06) |
+ ((c>>22L)&0x38)];
+ t= des_skb[4][ (d )&0x3f ]|
+ des_skb[5][((d>> 7L)&0x03)|((d>> 8L)&0x3c)]|
+ des_skb[6][ (d>>15L)&0x3f ]|
+ des_skb[7][((d>>21L)&0x0f)|((d>>22L)&0x30)];
+
+ /* table contained 0213 4657 */
+ t2=((t<<16L)|(s&0x0000ffffL))&0xffffffffL;
+ *(k++)=ROTATE(t2,30)&0xffffffffL;
+
+ t2=((s>>16L)|(t&0xffff0000L));
+ *(k++)=ROTATE(t2,26)&0xffffffffL;
+ }
+ return(0);
+ }
+
+int des_key_sched(key, schedule)
+des_cblock (*key);
+des_key_schedule schedule;
+ {
+ return(des_set_key(key,schedule));
+ }
diff --git a/crypto/des/shifts.pl b/crypto/des/shifts.pl
new file mode 100644
index 0000000..ba686d8
--- /dev/null
+++ b/crypto/des/shifts.pl
@@ -0,0 +1,198 @@
+#!/usr/local/bin/perl
+
+sub lab_shift
+ {
+ local(*a,$n)=@_;
+ local(@r,$i,$j,$k,$d,@z);
+
+ @r=&shift(*a,$n);
+ foreach $i (0 .. 31)
+ {
+ @z=split(/\^/,$r[$i]);
+ for ($j=0; $j <= $#z; $j++)
+ {
+ ($d)=($z[$j] =~ /^(..)/);
+ ($k)=($z[$j] =~ /\[(.*)\]$/);
+ $k.=",$n" if ($k ne "");
+ $k="$n" if ($k eq "");
+ $d="$d[$k]";
+ $z[$j]=$d;
+ }
+ $r[$i]=join('^',@z);
+ }
+ return(@r);
+ }
+
+sub shift
+ {
+ local(*a,$n)=@_;
+ local(@f);
+
+ if ($n > 0)
+ {
+ @f=&shiftl(*a,$n);
+ }
+ else
+ {
+ @f=&shiftr(*a,-$n);
+ }
+ return(@f);
+ }
+
+sub rotate
+ {
+ local(*a,$n)=@_;
+ local(@f);
+
+ if ($n > 0)
+ { @f=&rotatel(*a,$n); }
+ else
+ { @f=&rotater(*a,-$n); }
+ return(@f);
+ }
+
+sub rotater
+ {
+ local(*a,$n)=@_;
+ local(@f,@g);
+
+ @f=&shiftr(*a,$n);
+ @g=&shiftl(*a,32-$n);
+ $#f=31;
+ $#g=31;
+ return(&or(*f,*g));
+ }
+
+sub rotatel
+ {
+ local(*a,$n)=@_;
+ local(@f,@g);
+
+ @f=&shiftl(*a,$n);
+ @g=&shiftr(*a,32-$n);
+ $#f=31;
+ $#g=31;
+ return(&or(*f,*g));
+ }
+
+sub shiftr
+ {
+ local(*a,$n)=@_;
+ local(@r,$i);
+
+ $#r=31;
+ foreach $i (0 .. 31)
+ {
+ if (($i+$n) > 31)
+ {
+ $r[$i]="--";
+ }
+ else
+ {
+ $r[$i]=$a[$i+$n];
+ }
+ }
+ return(@r);
+ }
+
+sub shiftl
+ {
+ local(*a,$n)=@_;
+ local(@r,$i);
+
+ $#r=31;
+ foreach $i (0 .. 31)
+ {
+ if ($i < $n)
+ {
+ $r[$i]="--";
+ }
+ else
+ {
+ $r[$i]=$a[$i-$n];
+ }
+ }
+ return(@r);
+ }
+
+sub printit
+ {
+ local(@a)=@_;
+ local($i);
+
+ foreach $i (0 .. 31)
+ {
+ printf "%2s ",$a[$i];
+ print "\n" if (($i%8) == 7);
+ }
+ print "\n";
+ }
+
+sub xor
+ {
+ local(*a,*b)=@_;
+ local(@r,$i);
+
+ $#r=31;
+ foreach $i (0 .. 31)
+ {
+ $r[$i]=&compress($a[$i].'^'.$b[$i]);
+# $r[$i]=$a[$i]."^".$b[$i];
+ }
+ return(@r);
+ }
+
+sub and
+ {
+ local(*a,$m)=@_;
+ local(@r,$i);
+
+ $#r=31;
+ foreach $i (0 .. 31)
+ {
+ $r[$i]=(($m & (1<<$i))?($a[$i]):('--'));
+ }
+ return(@r);
+ }
+
+sub or
+ {
+ local(*a,*b)=@_;
+ local(@r,$i);
+
+ $#r=31;
+ foreach $i (0 .. 31)
+ {
+ $r[$i]='--' if (($a[$i] eq '--') && ($b[$i] eq '--'));
+ $r[$i]=$a[$i] if (($a[$i] ne '--') && ($b[$i] eq '--'));
+ $r[$i]=$b[$i] if (($a[$i] eq '--') && ($b[$i] ne '--'));
+ $r[$i]='++' if (($a[$i] ne '--') && ($b[$i] ne '--'));
+ }
+ return(@r);
+ }
+
+sub compress
+ {
+ local($s)=@_;
+ local($_,$i,@a,%a,$r);
+
+ $s =~ s/\^\^/\^/g;
+ $s =~ s/^\^//;
+ $s =~ s/\^$//;
+ @a=split(/\^/,$s);
+
+ while ($#a >= 0)
+ {
+ $_=shift(@a);
+ next unless /\d/;
+ $a{$_}++;
+ }
+ foreach $i (sort keys %a)
+ {
+ next if ($a{$i}%2 == 0);
+ $r.="$i^";
+ }
+ chop($r);
+ return($r);
+ }
+1;
diff --git a/crypto/des/sk.h b/crypto/des/sk.h
new file mode 100644
index 0000000..2407030
--- /dev/null
+++ b/crypto/des/sk.h
@@ -0,0 +1,204 @@
+/* crypto/des/sk.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+static const DES_LONG des_skb[8][64]={
+{
+/* for C bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+0x00000000L,0x00000010L,0x20000000L,0x20000010L,
+0x00010000L,0x00010010L,0x20010000L,0x20010010L,
+0x00000800L,0x00000810L,0x20000800L,0x20000810L,
+0x00010800L,0x00010810L,0x20010800L,0x20010810L,
+0x00000020L,0x00000030L,0x20000020L,0x20000030L,
+0x00010020L,0x00010030L,0x20010020L,0x20010030L,
+0x00000820L,0x00000830L,0x20000820L,0x20000830L,
+0x00010820L,0x00010830L,0x20010820L,0x20010830L,
+0x00080000L,0x00080010L,0x20080000L,0x20080010L,
+0x00090000L,0x00090010L,0x20090000L,0x20090010L,
+0x00080800L,0x00080810L,0x20080800L,0x20080810L,
+0x00090800L,0x00090810L,0x20090800L,0x20090810L,
+0x00080020L,0x00080030L,0x20080020L,0x20080030L,
+0x00090020L,0x00090030L,0x20090020L,0x20090030L,
+0x00080820L,0x00080830L,0x20080820L,0x20080830L,
+0x00090820L,0x00090830L,0x20090820L,0x20090830L,
+},{
+/* for C bits (numbered as per FIPS 46) 7 8 10 11 12 13 */
+0x00000000L,0x02000000L,0x00002000L,0x02002000L,
+0x00200000L,0x02200000L,0x00202000L,0x02202000L,
+0x00000004L,0x02000004L,0x00002004L,0x02002004L,
+0x00200004L,0x02200004L,0x00202004L,0x02202004L,
+0x00000400L,0x02000400L,0x00002400L,0x02002400L,
+0x00200400L,0x02200400L,0x00202400L,0x02202400L,
+0x00000404L,0x02000404L,0x00002404L,0x02002404L,
+0x00200404L,0x02200404L,0x00202404L,0x02202404L,
+0x10000000L,0x12000000L,0x10002000L,0x12002000L,
+0x10200000L,0x12200000L,0x10202000L,0x12202000L,
+0x10000004L,0x12000004L,0x10002004L,0x12002004L,
+0x10200004L,0x12200004L,0x10202004L,0x12202004L,
+0x10000400L,0x12000400L,0x10002400L,0x12002400L,
+0x10200400L,0x12200400L,0x10202400L,0x12202400L,
+0x10000404L,0x12000404L,0x10002404L,0x12002404L,
+0x10200404L,0x12200404L,0x10202404L,0x12202404L,
+},{
+/* for C bits (numbered as per FIPS 46) 14 15 16 17 19 20 */
+0x00000000L,0x00000001L,0x00040000L,0x00040001L,
+0x01000000L,0x01000001L,0x01040000L,0x01040001L,
+0x00000002L,0x00000003L,0x00040002L,0x00040003L,
+0x01000002L,0x01000003L,0x01040002L,0x01040003L,
+0x00000200L,0x00000201L,0x00040200L,0x00040201L,
+0x01000200L,0x01000201L,0x01040200L,0x01040201L,
+0x00000202L,0x00000203L,0x00040202L,0x00040203L,
+0x01000202L,0x01000203L,0x01040202L,0x01040203L,
+0x08000000L,0x08000001L,0x08040000L,0x08040001L,
+0x09000000L,0x09000001L,0x09040000L,0x09040001L,
+0x08000002L,0x08000003L,0x08040002L,0x08040003L,
+0x09000002L,0x09000003L,0x09040002L,0x09040003L,
+0x08000200L,0x08000201L,0x08040200L,0x08040201L,
+0x09000200L,0x09000201L,0x09040200L,0x09040201L,
+0x08000202L,0x08000203L,0x08040202L,0x08040203L,
+0x09000202L,0x09000203L,0x09040202L,0x09040203L,
+},{
+/* for C bits (numbered as per FIPS 46) 21 23 24 26 27 28 */
+0x00000000L,0x00100000L,0x00000100L,0x00100100L,
+0x00000008L,0x00100008L,0x00000108L,0x00100108L,
+0x00001000L,0x00101000L,0x00001100L,0x00101100L,
+0x00001008L,0x00101008L,0x00001108L,0x00101108L,
+0x04000000L,0x04100000L,0x04000100L,0x04100100L,
+0x04000008L,0x04100008L,0x04000108L,0x04100108L,
+0x04001000L,0x04101000L,0x04001100L,0x04101100L,
+0x04001008L,0x04101008L,0x04001108L,0x04101108L,
+0x00020000L,0x00120000L,0x00020100L,0x00120100L,
+0x00020008L,0x00120008L,0x00020108L,0x00120108L,
+0x00021000L,0x00121000L,0x00021100L,0x00121100L,
+0x00021008L,0x00121008L,0x00021108L,0x00121108L,
+0x04020000L,0x04120000L,0x04020100L,0x04120100L,
+0x04020008L,0x04120008L,0x04020108L,0x04120108L,
+0x04021000L,0x04121000L,0x04021100L,0x04121100L,
+0x04021008L,0x04121008L,0x04021108L,0x04121108L,
+},{
+/* for D bits (numbered as per FIPS 46) 1 2 3 4 5 6 */
+0x00000000L,0x10000000L,0x00010000L,0x10010000L,
+0x00000004L,0x10000004L,0x00010004L,0x10010004L,
+0x20000000L,0x30000000L,0x20010000L,0x30010000L,
+0x20000004L,0x30000004L,0x20010004L,0x30010004L,
+0x00100000L,0x10100000L,0x00110000L,0x10110000L,
+0x00100004L,0x10100004L,0x00110004L,0x10110004L,
+0x20100000L,0x30100000L,0x20110000L,0x30110000L,
+0x20100004L,0x30100004L,0x20110004L,0x30110004L,
+0x00001000L,0x10001000L,0x00011000L,0x10011000L,
+0x00001004L,0x10001004L,0x00011004L,0x10011004L,
+0x20001000L,0x30001000L,0x20011000L,0x30011000L,
+0x20001004L,0x30001004L,0x20011004L,0x30011004L,
+0x00101000L,0x10101000L,0x00111000L,0x10111000L,
+0x00101004L,0x10101004L,0x00111004L,0x10111004L,
+0x20101000L,0x30101000L,0x20111000L,0x30111000L,
+0x20101004L,0x30101004L,0x20111004L,0x30111004L,
+},{
+/* for D bits (numbered as per FIPS 46) 8 9 11 12 13 14 */
+0x00000000L,0x08000000L,0x00000008L,0x08000008L,
+0x00000400L,0x08000400L,0x00000408L,0x08000408L,
+0x00020000L,0x08020000L,0x00020008L,0x08020008L,
+0x00020400L,0x08020400L,0x00020408L,0x08020408L,
+0x00000001L,0x08000001L,0x00000009L,0x08000009L,
+0x00000401L,0x08000401L,0x00000409L,0x08000409L,
+0x00020001L,0x08020001L,0x00020009L,0x08020009L,
+0x00020401L,0x08020401L,0x00020409L,0x08020409L,
+0x02000000L,0x0A000000L,0x02000008L,0x0A000008L,
+0x02000400L,0x0A000400L,0x02000408L,0x0A000408L,
+0x02020000L,0x0A020000L,0x02020008L,0x0A020008L,
+0x02020400L,0x0A020400L,0x02020408L,0x0A020408L,
+0x02000001L,0x0A000001L,0x02000009L,0x0A000009L,
+0x02000401L,0x0A000401L,0x02000409L,0x0A000409L,
+0x02020001L,0x0A020001L,0x02020009L,0x0A020009L,
+0x02020401L,0x0A020401L,0x02020409L,0x0A020409L,
+},{
+/* for D bits (numbered as per FIPS 46) 16 17 18 19 20 21 */
+0x00000000L,0x00000100L,0x00080000L,0x00080100L,
+0x01000000L,0x01000100L,0x01080000L,0x01080100L,
+0x00000010L,0x00000110L,0x00080010L,0x00080110L,
+0x01000010L,0x01000110L,0x01080010L,0x01080110L,
+0x00200000L,0x00200100L,0x00280000L,0x00280100L,
+0x01200000L,0x01200100L,0x01280000L,0x01280100L,
+0x00200010L,0x00200110L,0x00280010L,0x00280110L,
+0x01200010L,0x01200110L,0x01280010L,0x01280110L,
+0x00000200L,0x00000300L,0x00080200L,0x00080300L,
+0x01000200L,0x01000300L,0x01080200L,0x01080300L,
+0x00000210L,0x00000310L,0x00080210L,0x00080310L,
+0x01000210L,0x01000310L,0x01080210L,0x01080310L,
+0x00200200L,0x00200300L,0x00280200L,0x00280300L,
+0x01200200L,0x01200300L,0x01280200L,0x01280300L,
+0x00200210L,0x00200310L,0x00280210L,0x00280310L,
+0x01200210L,0x01200310L,0x01280210L,0x01280310L,
+},{
+/* for D bits (numbered as per FIPS 46) 22 23 24 25 27 28 */
+0x00000000L,0x04000000L,0x00040000L,0x04040000L,
+0x00000002L,0x04000002L,0x00040002L,0x04040002L,
+0x00002000L,0x04002000L,0x00042000L,0x04042000L,
+0x00002002L,0x04002002L,0x00042002L,0x04042002L,
+0x00000020L,0x04000020L,0x00040020L,0x04040020L,
+0x00000022L,0x04000022L,0x00040022L,0x04040022L,
+0x00002020L,0x04002020L,0x00042020L,0x04042020L,
+0x00002022L,0x04002022L,0x00042022L,0x04042022L,
+0x00000800L,0x04000800L,0x00040800L,0x04040800L,
+0x00000802L,0x04000802L,0x00040802L,0x04040802L,
+0x00002800L,0x04002800L,0x00042800L,0x04042800L,
+0x00002802L,0x04002802L,0x00042802L,0x04042802L,
+0x00000820L,0x04000820L,0x00040820L,0x04040820L,
+0x00000822L,0x04000822L,0x00040822L,0x04040822L,
+0x00002820L,0x04002820L,0x00042820L,0x04042820L,
+0x00002822L,0x04002822L,0x00042822L,0x04042822L,
+}};
diff --git a/crypto/des/speed.c b/crypto/des/speed.c
new file mode 100644
index 0000000..250b697
--- /dev/null
+++ b/crypto/des/speed.c
@@ -0,0 +1,329 @@
+/* crypto/des/speed.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* 11-Sep-92 Andrew Daviel Support for Silicon Graphics IRIX added */
+/* 06-Apr-92 Luke Brennan Support for VMS and add extra signal calls */
+
+#ifndef MSDOS
+#define TIMES
+#endif
+
+#include <stdio.h>
+#ifndef MSDOS
+#include <unistd.h>
+#else
+#include <io.h>
+extern int exit();
+#endif
+#include <signal.h>
+#ifndef VMS
+#ifndef _IRIX
+#include <time.h>
+#endif
+#ifdef TIMES
+#include <sys/types.h>
+#include <sys/times.h>
+#endif
+#else /* VMS */
+#include <types.h>
+struct tms {
+ time_t tms_utime;
+ time_t tms_stime;
+ time_t tms_uchild; /* I dunno... */
+ time_t tms_uchildsys; /* so these names are a guess :-) */
+ }
+#endif
+#ifndef TIMES
+#include <sys/timeb.h>
+#endif
+
+#ifdef sun
+#include <limits.h>
+#include <sys/param.h>
+#endif
+
+#include "des.h"
+
+/* The following if from times(3) man page. It may need to be changed */
+#ifndef HZ
+# ifndef CLK_TCK
+# ifndef _BSD_CLK_TCK_ /* FreeBSD fix */
+# ifndef VMS
+# define HZ 100.0
+# else /* VMS */
+# define HZ 100.0
+# endif
+# else /* _BSD_CLK_TCK_ */
+# define HZ ((double)_BSD_CLK_TCK_)
+# endif
+# else /* CLK_TCK */
+# define HZ ((double)CLK_TCK)
+# endif
+#endif
+
+#define BUFSIZE ((long)1024)
+long run=0;
+
+#ifndef NOPROTO
+double Time_F(int s);
+#else
+double Time_F();
+#endif
+
+#ifdef SIGALRM
+#if defined(__STDC__) || defined(sgi) || defined(_AIX)
+#define SIGRETTYPE void
+#else
+#define SIGRETTYPE int
+#endif
+
+#ifndef NOPROTO
+SIGRETTYPE sig_done(int sig);
+#else
+SIGRETTYPE sig_done();
+#endif
+
+SIGRETTYPE sig_done(sig)
+int sig;
+ {
+ signal(SIGALRM,sig_done);
+ run=0;
+#ifdef LINT
+ sig=sig;
+#endif
+ }
+#endif
+
+#define START 0
+#define STOP 1
+
+double Time_F(s)
+int s;
+ {
+ double ret;
+#ifdef TIMES
+ static struct tms tstart,tend;
+
+ if (s == START)
+ {
+ times(&tstart);
+ return(0);
+ }
+ else
+ {
+ times(&tend);
+ ret=((double)(tend.tms_utime-tstart.tms_utime))/HZ;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#else /* !times() */
+ static struct timeb tstart,tend;
+ long i;
+
+ if (s == START)
+ {
+ ftime(&tstart);
+ return(0);
+ }
+ else
+ {
+ ftime(&tend);
+ i=(long)tend.millitm-(long)tstart.millitm;
+ ret=((double)(tend.time-tstart.time))+((double)i)/1e3;
+ return((ret == 0.0)?1e-6:ret);
+ }
+#endif
+ }
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ long count;
+ static unsigned char buf[BUFSIZE];
+ static des_cblock key ={0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0};
+ static des_cblock key2={0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12};
+ static des_cblock key3={0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34};
+ des_key_schedule sch,sch2,sch3;
+ double a,b,c,d,e;
+#ifndef SIGALRM
+ long ca,cb,cc,cd,ce;
+#endif
+
+#ifndef TIMES
+ printf("To get the most acurate results, try to run this\n");
+ printf("program when this computer is idle.\n");
+#endif
+
+ des_set_key((C_Block *)key2,sch2);
+ des_set_key((C_Block *)key3,sch3);
+
+#ifndef SIGALRM
+ printf("First we calculate the approximate speed ...\n");
+ des_set_key((C_Block *)key,sch);
+ count=10;
+ do {
+ long i;
+ DES_LONG data[2];
+
+ count*=2;
+ Time_F(START);
+ for (i=count; i; i--)
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ } while (d < 3.0);
+ ca=count;
+ cb=count*3;
+ cc=count*3*8/BUFSIZE+1;
+ cd=count*8/BUFSIZE+1;
+ ce=count/20+1;
+ printf("Doing set_key %ld times\n",ca);
+#define COND(d) (count != (d))
+#define COUNT(d) (d)
+#else
+#define COND(c) (run)
+#define COUNT(d) (count)
+ signal(SIGALRM,sig_done);
+ printf("Doing set_key for 10 seconds\n");
+ alarm(10);
+#endif
+
+ Time_F(START);
+ for (count=0,run=1; COND(ca); count++)
+ des_set_key((C_Block *)key,sch);
+ d=Time_F(STOP);
+ printf("%ld set_key's in %.2f seconds\n",count,d);
+ a=((double)COUNT(ca))/d;
+
+#ifdef SIGALRM
+ printf("Doing des_encrypt's for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing des_encrypt %ld times\n",cb);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cb); count++)
+ {
+ DES_LONG data[2];
+
+ des_encrypt(data,&(sch[0]),DES_ENCRYPT);
+ }
+ d=Time_F(STOP);
+ printf("%ld des_encrypt's in %.2f second\n",count,d);
+ b=((double)COUNT(cb)*8)/d;
+
+#ifdef SIGALRM
+ printf("Doing des_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing des_cbc_encrypt %ld times on %ld byte blocks\n",cc,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cc); count++)
+ des_ncbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,&(sch[0]),
+ (C_Block *)&(key[0]),DES_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld des_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ c=((double)COUNT(cc)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+ printf("Doing des_ede_cbc_encrypt on %ld byte blocks for 10 seconds\n",
+ BUFSIZE);
+ alarm(10);
+#else
+ printf("Doing des_ede_cbc_encrypt %ld times on %ld byte blocks\n",cd,
+ BUFSIZE);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(cd); count++)
+ des_ede3_cbc_encrypt((C_Block *)buf,(C_Block *)buf,BUFSIZE,
+ &(sch[0]),
+ &(sch2[0]),
+ &(sch3[0]),
+ (C_Block *)&(key[0]),
+ DES_ENCRYPT);
+ d=Time_F(STOP);
+ printf("%ld des_ede_cbc_encrypt's of %ld byte blocks in %.2f second\n",
+ count,BUFSIZE,d);
+ d=((double)COUNT(cd)*BUFSIZE)/d;
+
+#ifdef SIGALRM
+ printf("Doing crypt for 10 seconds\n");
+ alarm(10);
+#else
+ printf("Doing crypt %ld times\n",ce);
+#endif
+ Time_F(START);
+ for (count=0,run=1; COND(ce); count++)
+ crypt("testing1","ef");
+ e=Time_F(STOP);
+ printf("%ld crypts in %.2f second\n",count,e);
+ e=((double)COUNT(ce))/e;
+
+ printf("set_key per sec = %12.2f (%5.1fuS)\n",a,1.0e6/a);
+ printf("DES raw ecb bytes per sec = %12.2f (%5.1fuS)\n",b,8.0e6/b);
+ printf("DES cbc bytes per sec = %12.2f (%5.1fuS)\n",c,8.0e6/c);
+ printf("DES ede cbc bytes per sec = %12.2f (%5.1fuS)\n",d,8.0e6/d);
+ printf("crypt per sec = %12.2f (%5.1fuS)\n",e,1.0e6/e);
+ exit(0);
+#if defined(LINT) || defined(MSDOS)
+ return(0);
+#endif
+ }
diff --git a/crypto/des/spr.h b/crypto/des/spr.h
new file mode 100644
index 0000000..a84d6a7
--- /dev/null
+++ b/crypto/des/spr.h
@@ -0,0 +1,204 @@
+/* crypto/des/spr.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+const DES_LONG des_SPtrans[8][64]={
+{
+/* nibble 0 */
+0x02080800L, 0x00080000L, 0x02000002L, 0x02080802L,
+0x02000000L, 0x00080802L, 0x00080002L, 0x02000002L,
+0x00080802L, 0x02080800L, 0x02080000L, 0x00000802L,
+0x02000802L, 0x02000000L, 0x00000000L, 0x00080002L,
+0x00080000L, 0x00000002L, 0x02000800L, 0x00080800L,
+0x02080802L, 0x02080000L, 0x00000802L, 0x02000800L,
+0x00000002L, 0x00000800L, 0x00080800L, 0x02080002L,
+0x00000800L, 0x02000802L, 0x02080002L, 0x00000000L,
+0x00000000L, 0x02080802L, 0x02000800L, 0x00080002L,
+0x02080800L, 0x00080000L, 0x00000802L, 0x02000800L,
+0x02080002L, 0x00000800L, 0x00080800L, 0x02000002L,
+0x00080802L, 0x00000002L, 0x02000002L, 0x02080000L,
+0x02080802L, 0x00080800L, 0x02080000L, 0x02000802L,
+0x02000000L, 0x00000802L, 0x00080002L, 0x00000000L,
+0x00080000L, 0x02000000L, 0x02000802L, 0x02080800L,
+0x00000002L, 0x02080002L, 0x00000800L, 0x00080802L,
+},{
+/* nibble 1 */
+0x40108010L, 0x00000000L, 0x00108000L, 0x40100000L,
+0x40000010L, 0x00008010L, 0x40008000L, 0x00108000L,
+0x00008000L, 0x40100010L, 0x00000010L, 0x40008000L,
+0x00100010L, 0x40108000L, 0x40100000L, 0x00000010L,
+0x00100000L, 0x40008010L, 0x40100010L, 0x00008000L,
+0x00108010L, 0x40000000L, 0x00000000L, 0x00100010L,
+0x40008010L, 0x00108010L, 0x40108000L, 0x40000010L,
+0x40000000L, 0x00100000L, 0x00008010L, 0x40108010L,
+0x00100010L, 0x40108000L, 0x40008000L, 0x00108010L,
+0x40108010L, 0x00100010L, 0x40000010L, 0x00000000L,
+0x40000000L, 0x00008010L, 0x00100000L, 0x40100010L,
+0x00008000L, 0x40000000L, 0x00108010L, 0x40008010L,
+0x40108000L, 0x00008000L, 0x00000000L, 0x40000010L,
+0x00000010L, 0x40108010L, 0x00108000L, 0x40100000L,
+0x40100010L, 0x00100000L, 0x00008010L, 0x40008000L,
+0x40008010L, 0x00000010L, 0x40100000L, 0x00108000L,
+},{
+/* nibble 2 */
+0x04000001L, 0x04040100L, 0x00000100L, 0x04000101L,
+0x00040001L, 0x04000000L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00040000L, 0x04040000L, 0x00000001L,
+0x04040101L, 0x00000101L, 0x00000001L, 0x04040001L,
+0x00000000L, 0x00040001L, 0x04040100L, 0x00000100L,
+0x00000101L, 0x04040101L, 0x00040000L, 0x04000001L,
+0x04040001L, 0x04000100L, 0x00040101L, 0x04040000L,
+0x00040100L, 0x00000000L, 0x04000000L, 0x00040101L,
+0x04040100L, 0x00000100L, 0x00000001L, 0x00040000L,
+0x00000101L, 0x00040001L, 0x04040000L, 0x04000101L,
+0x00000000L, 0x04040100L, 0x00040100L, 0x04040001L,
+0x00040001L, 0x04000000L, 0x04040101L, 0x00000001L,
+0x00040101L, 0x04000001L, 0x04000000L, 0x04040101L,
+0x00040000L, 0x04000100L, 0x04000101L, 0x00040100L,
+0x04000100L, 0x00000000L, 0x04040001L, 0x00000101L,
+0x04000001L, 0x00040101L, 0x00000100L, 0x04040000L,
+},{
+/* nibble 3 */
+0x00401008L, 0x10001000L, 0x00000008L, 0x10401008L,
+0x00000000L, 0x10400000L, 0x10001008L, 0x00400008L,
+0x10401000L, 0x10000008L, 0x10000000L, 0x00001008L,
+0x10000008L, 0x00401008L, 0x00400000L, 0x10000000L,
+0x10400008L, 0x00401000L, 0x00001000L, 0x00000008L,
+0x00401000L, 0x10001008L, 0x10400000L, 0x00001000L,
+0x00001008L, 0x00000000L, 0x00400008L, 0x10401000L,
+0x10001000L, 0x10400008L, 0x10401008L, 0x00400000L,
+0x10400008L, 0x00001008L, 0x00400000L, 0x10000008L,
+0x00401000L, 0x10001000L, 0x00000008L, 0x10400000L,
+0x10001008L, 0x00000000L, 0x00001000L, 0x00400008L,
+0x00000000L, 0x10400008L, 0x10401000L, 0x00001000L,
+0x10000000L, 0x10401008L, 0x00401008L, 0x00400000L,
+0x10401008L, 0x00000008L, 0x10001000L, 0x00401008L,
+0x00400008L, 0x00401000L, 0x10400000L, 0x10001008L,
+0x00001008L, 0x10000000L, 0x10000008L, 0x10401000L,
+},{
+/* nibble 4 */
+0x08000000L, 0x00010000L, 0x00000400L, 0x08010420L,
+0x08010020L, 0x08000400L, 0x00010420L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x00010400L,
+0x08000420L, 0x08010020L, 0x08010400L, 0x00000000L,
+0x00010400L, 0x08000000L, 0x00010020L, 0x00000420L,
+0x08000400L, 0x00010420L, 0x00000000L, 0x08000020L,
+0x00000020L, 0x08000420L, 0x08010420L, 0x00010020L,
+0x08010000L, 0x00000400L, 0x00000420L, 0x08010400L,
+0x08010400L, 0x08000420L, 0x00010020L, 0x08010000L,
+0x00010000L, 0x00000020L, 0x08000020L, 0x08000400L,
+0x08000000L, 0x00010400L, 0x08010420L, 0x00000000L,
+0x00010420L, 0x08000000L, 0x00000400L, 0x00010020L,
+0x08000420L, 0x00000400L, 0x00000000L, 0x08010420L,
+0x08010020L, 0x08010400L, 0x00000420L, 0x00010000L,
+0x00010400L, 0x08010020L, 0x08000400L, 0x00000420L,
+0x00000020L, 0x00010420L, 0x08010000L, 0x08000020L,
+},{
+/* nibble 5 */
+0x80000040L, 0x00200040L, 0x00000000L, 0x80202000L,
+0x00200040L, 0x00002000L, 0x80002040L, 0x00200000L,
+0x00002040L, 0x80202040L, 0x00202000L, 0x80000000L,
+0x80002000L, 0x80000040L, 0x80200000L, 0x00202040L,
+0x00200000L, 0x80002040L, 0x80200040L, 0x00000000L,
+0x00002000L, 0x00000040L, 0x80202000L, 0x80200040L,
+0x80202040L, 0x80200000L, 0x80000000L, 0x00002040L,
+0x00000040L, 0x00202000L, 0x00202040L, 0x80002000L,
+0x00002040L, 0x80000000L, 0x80002000L, 0x00202040L,
+0x80202000L, 0x00200040L, 0x00000000L, 0x80002000L,
+0x80000000L, 0x00002000L, 0x80200040L, 0x00200000L,
+0x00200040L, 0x80202040L, 0x00202000L, 0x00000040L,
+0x80202040L, 0x00202000L, 0x00200000L, 0x80002040L,
+0x80000040L, 0x80200000L, 0x00202040L, 0x00000000L,
+0x00002000L, 0x80000040L, 0x80002040L, 0x80202000L,
+0x80200000L, 0x00002040L, 0x00000040L, 0x80200040L,
+},{
+/* nibble 6 */
+0x00004000L, 0x00000200L, 0x01000200L, 0x01000004L,
+0x01004204L, 0x00004004L, 0x00004200L, 0x00000000L,
+0x01000000L, 0x01000204L, 0x00000204L, 0x01004000L,
+0x00000004L, 0x01004200L, 0x01004000L, 0x00000204L,
+0x01000204L, 0x00004000L, 0x00004004L, 0x01004204L,
+0x00000000L, 0x01000200L, 0x01000004L, 0x00004200L,
+0x01004004L, 0x00004204L, 0x01004200L, 0x00000004L,
+0x00004204L, 0x01004004L, 0x00000200L, 0x01000000L,
+0x00004204L, 0x01004000L, 0x01004004L, 0x00000204L,
+0x00004000L, 0x00000200L, 0x01000000L, 0x01004004L,
+0x01000204L, 0x00004204L, 0x00004200L, 0x00000000L,
+0x00000200L, 0x01000004L, 0x00000004L, 0x01000200L,
+0x00000000L, 0x01000204L, 0x01000200L, 0x00004200L,
+0x00000204L, 0x00004000L, 0x01004204L, 0x01000000L,
+0x01004200L, 0x00000004L, 0x00004004L, 0x01004204L,
+0x01000004L, 0x01004200L, 0x01004000L, 0x00004004L,
+},{
+/* nibble 7 */
+0x20800080L, 0x20820000L, 0x00020080L, 0x00000000L,
+0x20020000L, 0x00800080L, 0x20800000L, 0x20820080L,
+0x00000080L, 0x20000000L, 0x00820000L, 0x00020080L,
+0x00820080L, 0x20020080L, 0x20000080L, 0x20800000L,
+0x00020000L, 0x00820080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x20000080L, 0x00000000L, 0x00820000L,
+0x20000000L, 0x00800000L, 0x20020080L, 0x20800080L,
+0x00800000L, 0x00020000L, 0x20820000L, 0x00000080L,
+0x00800000L, 0x00020000L, 0x20000080L, 0x20820080L,
+0x00020080L, 0x20000000L, 0x00000000L, 0x00820000L,
+0x20800080L, 0x20020080L, 0x20020000L, 0x00800080L,
+0x20820000L, 0x00000080L, 0x00800080L, 0x20020000L,
+0x20820080L, 0x00800000L, 0x20800000L, 0x20000080L,
+0x00820000L, 0x00020080L, 0x20020080L, 0x20800000L,
+0x00000080L, 0x20820000L, 0x00820080L, 0x00000000L,
+0x20000000L, 0x20800080L, 0x00020000L, 0x00820080L,
+}};
diff --git a/crypto/des/str2key.c b/crypto/des/str2key.c
new file mode 100644
index 0000000..65a1184
--- /dev/null
+++ b/crypto/des/str2key.c
@@ -0,0 +1,171 @@
+/* crypto/des/str2key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+extern int des_check_key;
+
+void des_string_to_key(str, key)
+char *str;
+des_cblock (*key);
+ {
+ des_key_schedule ks;
+ int i,length;
+ register unsigned char j;
+
+ memset(key,0,8);
+ length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+ for (i=0; i<length; i++)
+ (*key)[i%8]^=(str[i]<<1);
+#else /* MIT COMPATIBLE */
+ for (i=0; i<length; i++)
+ {
+ j=str[i];
+ if ((i%16) < 8)
+ (*key)[i%8]^=(j<<1);
+ else
+ {
+ /* Reverse the bit order 05/05/92 eay */
+ j=((j<<4)&0xf0)|((j>>4)&0x0f);
+ j=((j<<2)&0xcc)|((j>>2)&0x33);
+ j=((j<<1)&0xaa)|((j>>1)&0x55);
+ (*key)[7-(i%8)]^=j;
+ }
+ }
+#endif
+ des_set_odd_parity((des_cblock *)key);
+ i=des_check_key;
+ des_check_key=0;
+ des_set_key((des_cblock *)key,ks);
+ des_check_key=i;
+ des_cbc_cksum((des_cblock *)str,(des_cblock *)key,(long)length,ks,
+ (des_cblock *)key);
+ memset(ks,0,sizeof(ks));
+ des_set_odd_parity((des_cblock *)key);
+ }
+
+void des_string_to_2keys(str, key1, key2)
+char *str;
+des_cblock (*key1);
+des_cblock (*key2);
+ {
+ des_key_schedule ks;
+ int i,length;
+ register unsigned char j;
+
+ memset(key1,0,8);
+ memset(key2,0,8);
+ length=strlen(str);
+#ifdef OLD_STR_TO_KEY
+ if (length <= 8)
+ {
+ for (i=0; i<length; i++)
+ {
+ (*key2)[i]=(*key1)[i]=(str[i]<<1);
+ }
+ }
+ else
+ {
+ for (i=0; i<length; i++)
+ {
+ if ((i/8)&1)
+ (*key2)[i%8]^=(str[i]<<1);
+ else
+ (*key1)[i%8]^=(str[i]<<1);
+ }
+ }
+#else /* MIT COMPATIBLE */
+ for (i=0; i<length; i++)
+ {
+ j=str[i];
+ if ((i%32) < 16)
+ {
+ if ((i%16) < 8)
+ (*key1)[i%8]^=(j<<1);
+ else
+ (*key2)[i%8]^=(j<<1);
+ }
+ else
+ {
+ j=((j<<4)&0xf0)|((j>>4)&0x0f);
+ j=((j<<2)&0xcc)|((j>>2)&0x33);
+ j=((j<<1)&0xaa)|((j>>1)&0x55);
+ if ((i%16) < 8)
+ (*key1)[7-(i%8)]^=j;
+ else
+ (*key2)[7-(i%8)]^=j;
+ }
+ }
+ if (length <= 8) memcpy(key2,key1,8);
+#endif
+ des_set_odd_parity((des_cblock *)key1);
+ des_set_odd_parity((des_cblock *)key2);
+ i=des_check_key;
+ des_check_key=0;
+ des_set_key((des_cblock *)key1,ks);
+ des_cbc_cksum((des_cblock *)str,(des_cblock *)key1,(long)length,ks,
+ (des_cblock *)key1);
+ des_set_key((des_cblock *)key2,ks);
+ des_cbc_cksum((des_cblock *)str,(des_cblock *)key2,(long)length,ks,
+ (des_cblock *)key2);
+ des_check_key=i;
+ memset(ks,0,sizeof(ks));
+ des_set_odd_parity(key1);
+ des_set_odd_parity(key2);
+ }
diff --git a/crypto/des/supp.c b/crypto/des/supp.c
new file mode 100644
index 0000000..56bd85b
--- /dev/null
+++ b/crypto/des/supp.c
@@ -0,0 +1,109 @@
+/* crypto/des/supp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * Copyright (c) 1995
+ * Mark Murray. All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * This product includes software developed by Mark Murray
+ * 4. Neither the name of the author nor the names of any co-contributors
+ * may be used to endorse or promote products derived from this software
+ * without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY MARK MURRAY AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * $Id: supp.c,v 1.1 1998/12/21 10:52:29 rse Exp $
+ */
+
+#include <stdio.h>
+#include "des_locl.h"
+
+void des_cblock_print_file(cb, fp)
+ des_cblock *cb;
+ FILE *fp;
+{
+ int i;
+ unsigned int *p = (unsigned int *)cb;
+
+ fprintf(fp, " 0x { ");
+ for (i = 0; i < 8; i++) {
+ fprintf(fp, "%x", p[i]);
+ if (i != 7) fprintf(fp, ", ");
+ }
+ fprintf(fp, " }");
+}
diff --git a/crypto/des/t/test b/crypto/des/t/test
new file mode 100644
index 0000000..97acd05
--- /dev/null
+++ b/crypto/des/t/test
@@ -0,0 +1,27 @@
+#!./perl
+
+BEGIN { push(@INC, qw(../../../lib ../../lib ../lib lib)); }
+
+use DES;
+
+$key='00000000';
+$ks=DES::set_key($key);
+@a=split(//,$ks);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
+
+$key=DES::random_key();
+print "($_)\n";
+@a=split(//,$key);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+$str="this is and again into the breach";
+($k1,$k2)=DES::string_to_2keys($str);
+@a=split(//,$k1);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+@a=split(//,$k2);
+foreach (@a) { printf "%02x-",ord($_); }
+print "\n";
+
diff --git a/crypto/des/testdes.pl b/crypto/des/testdes.pl
new file mode 100644
index 0000000..01a165a
--- /dev/null
+++ b/crypto/des/testdes.pl
@@ -0,0 +1,167 @@
+#!/usr/local/bin/perl
+
+# des.pl tesing code
+
+require 'des.pl';
+
+$num_tests=34;
+@key_data=(
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0x30,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
+ 0x7C,0xA1,0x10,0x45,0x4A,0x1A,0x6E,0x57,
+ 0x01,0x31,0xD9,0x61,0x9D,0xC1,0x37,0x6E,
+ 0x07,0xA1,0x13,0x3E,0x4A,0x0B,0x26,0x86,
+ 0x38,0x49,0x67,0x4C,0x26,0x02,0x31,0x9E,
+ 0x04,0xB9,0x15,0xBA,0x43,0xFE,0xB5,0xB6,
+ 0x01,0x13,0xB9,0x70,0xFD,0x34,0xF2,0xCE,
+ 0x01,0x70,0xF1,0x75,0x46,0x8F,0xB5,0xE6,
+ 0x43,0x29,0x7F,0xAD,0x38,0xE3,0x73,0xFE,
+ 0x07,0xA7,0x13,0x70,0x45,0xDA,0x2A,0x16,
+ 0x04,0x68,0x91,0x04,0xC2,0xFD,0x3B,0x2F,
+ 0x37,0xD0,0x6B,0xB5,0x16,0xCB,0x75,0x46,
+ 0x1F,0x08,0x26,0x0D,0x1A,0xC2,0x46,0x5E,
+ 0x58,0x40,0x23,0x64,0x1A,0xBA,0x61,0x76,
+ 0x02,0x58,0x16,0x16,0x46,0x29,0xB0,0x07,
+ 0x49,0x79,0x3E,0xBC,0x79,0xB3,0x25,0x8F,
+ 0x4F,0xB0,0x5E,0x15,0x15,0xAB,0x73,0xA7,
+ 0x49,0xE9,0x5D,0x6D,0x4C,0xA2,0x29,0xBF,
+ 0x01,0x83,0x10,0xDC,0x40,0x9B,0x26,0xD6,
+ 0x1C,0x58,0x7F,0x1C,0x13,0x92,0x4F,0xEF,
+ 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+ 0x1F,0x1F,0x1F,0x1F,0x0E,0x0E,0x0E,0x0E,
+ 0xE0,0xFE,0xE0,0xFE,0xF1,0xFE,0xF1,0xFE,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0xFE,0xDC,0xBA,0x98,0x76,0x54,0x32,0x10,
+ );
+
+@plain_data=(
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0x10,0x00,0x00,0x00,0x00,0x00,0x00,0x01,
+ 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+ 0x11,0x11,0x11,0x11,0x11,0x11,0x11,0x11,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0x01,0xA1,0xD6,0xD0,0x39,0x77,0x67,0x42,
+ 0x5C,0xD5,0x4C,0xA8,0x3D,0xEF,0x57,0xDA,
+ 0x02,0x48,0xD4,0x38,0x06,0xF6,0x71,0x72,
+ 0x51,0x45,0x4B,0x58,0x2D,0xDF,0x44,0x0A,
+ 0x42,0xFD,0x44,0x30,0x59,0x57,0x7F,0xA2,
+ 0x05,0x9B,0x5E,0x08,0x51,0xCF,0x14,0x3A,
+ 0x07,0x56,0xD8,0xE0,0x77,0x47,0x61,0xD2,
+ 0x76,0x25,0x14,0xB8,0x29,0xBF,0x48,0x6A,
+ 0x3B,0xDD,0x11,0x90,0x49,0x37,0x28,0x02,
+ 0x26,0x95,0x5F,0x68,0x35,0xAF,0x60,0x9A,
+ 0x16,0x4D,0x5E,0x40,0x4F,0x27,0x52,0x32,
+ 0x6B,0x05,0x6E,0x18,0x75,0x9F,0x5C,0xCA,
+ 0x00,0x4B,0xD6,0xEF,0x09,0x17,0x60,0x62,
+ 0x48,0x0D,0x39,0x00,0x6E,0xE7,0x62,0xF2,
+ 0x43,0x75,0x40,0xC8,0x69,0x8F,0x3C,0xFA,
+ 0x07,0x2D,0x43,0xA0,0x77,0x07,0x52,0x92,
+ 0x02,0xFE,0x55,0x77,0x81,0x17,0xF1,0x2A,
+ 0x1D,0x9D,0x5C,0x50,0x18,0xF7,0x28,0xC2,
+ 0x30,0x55,0x32,0x28,0x6D,0x6F,0x29,0x5A,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0x01,0x23,0x45,0x67,0x89,0xAB,0xCD,0xEF,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF);
+
+@cipher_data=(
+ 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
+ 0x73,0x59,0xB2,0x16,0x3E,0x4E,0xDC,0x58,
+ 0x95,0x8E,0x6E,0x62,0x7A,0x05,0x55,0x7B,
+ 0xF4,0x03,0x79,0xAB,0x9E,0x0E,0xC5,0x33,
+ 0x17,0x66,0x8D,0xFC,0x72,0x92,0x53,0x2D,
+ 0x8A,0x5A,0xE1,0xF8,0x1A,0xB8,0xF2,0xDD,
+ 0x8C,0xA6,0x4D,0xE9,0xC1,0xB1,0x23,0xA7,
+ 0xED,0x39,0xD9,0x50,0xFA,0x74,0xBC,0xC4,
+ 0x69,0x0F,0x5B,0x0D,0x9A,0x26,0x93,0x9B,
+ 0x7A,0x38,0x9D,0x10,0x35,0x4B,0xD2,0x71,
+ 0x86,0x8E,0xBB,0x51,0xCA,0xB4,0x59,0x9A,
+ 0x71,0x78,0x87,0x6E,0x01,0xF1,0x9B,0x2A,
+ 0xAF,0x37,0xFB,0x42,0x1F,0x8C,0x40,0x95,
+ 0x86,0xA5,0x60,0xF1,0x0E,0xC6,0xD8,0x5B,
+ 0x0C,0xD3,0xDA,0x02,0x00,0x21,0xDC,0x09,
+ 0xEA,0x67,0x6B,0x2C,0xB7,0xDB,0x2B,0x7A,
+ 0xDF,0xD6,0x4A,0x81,0x5C,0xAF,0x1A,0x0F,
+ 0x5C,0x51,0x3C,0x9C,0x48,0x86,0xC0,0x88,
+ 0x0A,0x2A,0xEE,0xAE,0x3F,0xF4,0xAB,0x77,
+ 0xEF,0x1B,0xF0,0x3E,0x5D,0xFA,0x57,0x5A,
+ 0x88,0xBF,0x0D,0xB6,0xD7,0x0D,0xEE,0x56,
+ 0xA1,0xF9,0x91,0x55,0x41,0x02,0x0B,0x56,
+ 0x6F,0xBF,0x1C,0xAF,0xCF,0xFD,0x05,0x56,
+ 0x2F,0x22,0xE4,0x9B,0xAB,0x7C,0xA1,0xAC,
+ 0x5A,0x6B,0x61,0x2C,0xC2,0x6C,0xCE,0x4A,
+ 0x5F,0x4C,0x03,0x8E,0xD1,0x2B,0x2E,0x41,
+ 0x63,0xFA,0xC0,0xD0,0x34,0xD9,0xF7,0x93,
+ 0x61,0x7B,0x3A,0x0C,0xE8,0xF0,0x71,0x00,
+ 0xDB,0x95,0x86,0x05,0xF8,0xC8,0xC6,0x06,
+ 0xED,0xBF,0xD1,0xC6,0x6C,0x29,0xCC,0xC7,
+ 0x35,0x55,0x50,0xB2,0x15,0x0E,0x24,0x51,
+ 0xCA,0xAA,0xAF,0x4D,0xEA,0xF1,0xDB,0xAE,
+ 0xD5,0xD4,0x4F,0xF7,0x20,0x68,0x3D,0x0D,
+ 0x2A,0x2B,0xB0,0x08,0xDF,0x97,0xC2,0xF2);
+
+print "Doing ecb tests\n";
+for ($i=0; $i<$num_tests; $i++)
+ {
+ printf "Doing test $i\n";
+ $key =pack("C8",splice(@key_data ,0,8));
+ $data=pack("C8",splice(@plain_data ,0,8));
+ $res =pack("C8",splice(@cipher_data,0,8));
+
+ @ks= &des_set_key($key);
+ $out1= &des_ecb_encrypt(*ks,1,$data);
+ $out2= &des_ecb_encrypt(*ks,0,$out1);
+ $out3= &des_ecb_encrypt(*ks,0,$res);
+ &eprint("encryption failure",$res,$out1)
+ if ($out1 ne $res);
+ &eprint("encryption/decryption failure",$data,$out2)
+ if ($out2 ne $data);
+ &eprint("decryption failure",$data,$out3)
+ if ($data ne $out3);
+ }
+print "Done\n";
+
+print "doing speed test over 30 seconds\n";
+$SIG{'ALRM'}='done';
+sub done {$done=1;}
+$done=0;
+
+$count=0;
+$d=pack("C8",0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef);
+@ks= &des_set_key($d);
+alarm(30);
+$start=(times)[0];
+while (!$done)
+ {
+ $count++;
+ $d=&des_ecb_encrypt(*ks,1,$d);
+ }
+$end=(times)[0];
+$t=$end-$start;
+printf "$count DESs in %.2f seconds is %.2f DESs/sec or %.2f bytes/sec\n",
+ 1.0*$t,1.0*$count/$t,$count*8.0/$t;
+
+sub eprint
+ {
+ local($s,$c,$e)=@_;
+ local(@k);
+
+ @k=unpack("C8",$c);
+ printf "%02x%02x%02x%02x %02x%02x%02x%02x - ",unpack("C8",$c);
+ printf "%02x%02x%02x%02x %02x%02x%02x%02x :",unpack("C8",$e);
+ print " $s\n";
+ }
diff --git a/crypto/des/times/486-50.sol b/crypto/des/times/486-50.sol
new file mode 100644
index 0000000..0de62d6
--- /dev/null
+++ b/crypto/des/times/486-50.sol
@@ -0,0 +1,16 @@
+Solaris 2.4, 486 50mhz, gcc 2.6.3
+options des ecb/s
+16 r2 i 43552.51 100.0%
+16 r1 i 43487.45 99.9%
+16 c p 43003.23 98.7%
+16 r2 p 42339.00 97.2%
+16 c i 41900.91 96.2%
+16 r1 p 41360.64 95.0%
+ 4 c i 38728.48 88.9%
+ 4 c p 38225.63 87.8%
+ 4 r1 i 38085.79 87.4%
+ 4 r2 i 37825.64 86.9%
+ 4 r2 p 34611.00 79.5%
+ 4 r1 p 31802.00 73.0%
+-DDES_UNROLL -DDES_RISC2
+
diff --git a/crypto/des/times/586-100.lnx b/crypto/des/times/586-100.lnx
new file mode 100644
index 0000000..4323914
--- /dev/null
+++ b/crypto/des/times/586-100.lnx
@@ -0,0 +1,20 @@
+Pentium 100
+Linux 2 kernel
+gcc 2.7.0 -O3 -fomit-frame-pointer
+No X server running, just a console, it makes the top speed jump from 151,000
+to 158,000 :-).
+options des ecb/s
+assember 281000.00 177.1%
+16 r1 p 158667.40 100.0%
+16 r1 i 148471.70 93.6%
+16 r2 p 143961.80 90.7%
+16 r2 i 141689.20 89.3%
+ 4 r1 i 140100.00 88.3%
+ 4 r2 i 134049.40 84.5%
+16 c i 124145.20 78.2%
+16 c p 121584.20 76.6%
+ 4 c i 118116.00 74.4%
+ 4 r2 p 117977.90 74.4%
+ 4 c p 114971.40 72.5%
+ 4 r1 p 114578.40 72.2%
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
diff --git a/crypto/des/times/686-200.fre b/crypto/des/times/686-200.fre
new file mode 100644
index 0000000..7d83f6a
--- /dev/null
+++ b/crypto/des/times/686-200.fre
@@ -0,0 +1,18 @@
+Pentium 100
+Free BSD 2.1.5 kernel
+gcc 2.7.2.2 -O3 -fomit-frame-pointer
+options des ecb/s
+assember 578000.00 133.1%
+16 r2 i 434454.80 100.0%
+16 r1 i 433621.43 99.8%
+16 r2 p 431375.69 99.3%
+ 4 r1 i 423722.30 97.5%
+ 4 r2 i 422399.40 97.2%
+16 r1 p 421739.40 97.1%
+16 c i 399027.94 91.8%
+16 c p 372251.70 85.7%
+ 4 c i 365118.35 84.0%
+ 4 c p 352880.51 81.2%
+ 4 r2 p 255104.90 58.7%
+ 4 r1 p 251289.18 57.8%
+-DDES_UNROLL -DDES_RISC2
diff --git a/crypto/des/times/aix.cc b/crypto/des/times/aix.cc
new file mode 100644
index 0000000..d96b74e
--- /dev/null
+++ b/crypto/des/times/aix.cc
@@ -0,0 +1,26 @@
+From: Paco Garcia <pgarcia@cam.es>
+
+This machine is a Bull Estrella Minitower Model MT604-100
+Processor : PPC604
+P.Speed : 100Mhz
+Data/Instr Cache : 16 K
+L2 Cache : 256 K
+PCI BUS Speed : 33 Mhz
+TransfRate PCI : 132 MB/s
+Memory : 96 MB
+
+options des ecb/s
+ 4 c p 275118.61 100.0%
+ 4 c i 273545.07 99.4%
+ 4 r2 p 270441.02 98.3%
+ 4 r1 p 253052.15 92.0%
+ 4 r2 i 240842.97 87.5%
+ 4 r1 i 240556.66 87.4%
+16 c i 224603.99 81.6%
+16 c p 224483.98 81.6%
+16 r2 p 215691.19 78.4%
+16 r1 p 208332.83 75.7%
+16 r1 i 199206.50 72.4%
+16 r2 i 198963.70 72.3%
+-DDES_PTR
+
diff --git a/crypto/des/times/alpha.cc b/crypto/des/times/alpha.cc
new file mode 100644
index 0000000..95c17ef
--- /dev/null
+++ b/crypto/des/times/alpha.cc
@@ -0,0 +1,18 @@
+cc -O2
+DES_LONG is 'unsigned int'
+
+options des ecb/s
+ 4 r2 p 181146.14 100.0%
+16 r2 p 172102.94 95.0%
+ 4 r2 i 165424.11 91.3%
+16 c p 160468.64 88.6%
+ 4 c p 156653.59 86.5%
+ 4 c i 155245.18 85.7%
+ 4 r1 p 154729.68 85.4%
+16 r2 i 154137.69 85.1%
+16 r1 p 152357.96 84.1%
+16 c i 148743.91 82.1%
+ 4 r1 i 146695.59 81.0%
+16 r1 i 144961.00 80.0%
+-DDES_RISC2 -DDES_PTR
+
diff --git a/crypto/des/times/hpux.cc b/crypto/des/times/hpux.cc
new file mode 100644
index 0000000..3de856d
--- /dev/null
+++ b/crypto/des/times/hpux.cc
@@ -0,0 +1,17 @@
+HPUX 10 - 9000/887 - cc -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+
+options des ecb/s
+16 c i 149448.90 100.0%
+ 4 c i 145861.79 97.6%
+16 r2 i 141710.96 94.8%
+16 r1 i 139455.33 93.3%
+ 4 r2 i 138800.00 92.9%
+ 4 r1 i 136692.65 91.5%
+16 r2 p 110228.17 73.8%
+16 r1 p 109397.07 73.2%
+16 c p 109209.89 73.1%
+ 4 c p 108014.71 72.3%
+ 4 r2 p 107873.88 72.2%
+ 4 r1 p 107685.83 72.1%
+-DDES_UNROLL
+
diff --git a/crypto/des/times/sparc.gcc b/crypto/des/times/sparc.gcc
new file mode 100644
index 0000000..8eaa042
--- /dev/null
+++ b/crypto/des/times/sparc.gcc
@@ -0,0 +1,17 @@
+solaris 2.5.1 - sparc 10 50mhz - gcc 2.7.2
+
+options des ecb/s
+16 c i 124382.70 100.0%
+ 4 c i 118884.68 95.6%
+16 c p 112261.20 90.3%
+16 r2 i 111777.10 89.9%
+16 r2 p 108896.30 87.5%
+16 r1 p 108791.59 87.5%
+ 4 c p 107290.10 86.3%
+ 4 r1 p 104583.80 84.1%
+16 r1 i 104206.20 83.8%
+ 4 r2 p 103709.80 83.4%
+ 4 r2 i 98306.43 79.0%
+ 4 r1 i 91525.80 73.6%
+-DDES_UNROLL
+
diff --git a/crypto/des/times/usparc.cc b/crypto/des/times/usparc.cc
new file mode 100644
index 0000000..f6ec8e8
--- /dev/null
+++ b/crypto/des/times/usparc.cc
@@ -0,0 +1,31 @@
+solaris 2.5.1 usparc 167mhz?? - SC4.0 cc -fast -Xa -xO5
+
+For the ultra sparc, SunC 4.0 cc -fast -Xa -xO5, running 'des_opts'
+gives a speed of 475,000 des/s while 'speed' gives 417,000 des/s.
+I belive the difference is tied up in optimisation that the compiler
+is able to perform when the code is 'inlined'. For 'speed', the DES
+routines are being linked from a library. I'll record the higher
+speed since if performance is everything, you can always inline
+'des_enc.c'.
+
+[ 16-Jan-06 - I've been playing with the
+ '-xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa'
+ and while it makes the des_opts numbers much slower, it makes the
+ actual 'speed' numbers look better which is a realistic version of
+ using the libraries. ]
+
+options des ecb/s
+16 r1 p 475516.90 100.0%
+16 r2 p 439388.10 92.4%
+16 c i 427001.40 89.8%
+16 c p 419516.50 88.2%
+ 4 r2 p 409491.70 86.1%
+ 4 r1 p 404266.90 85.0%
+ 4 c p 398121.00 83.7%
+ 4 c i 370588.40 77.9%
+ 4 r1 i 362742.20 76.3%
+16 r2 i 331275.50 69.7%
+16 r1 i 324730.60 68.3%
+ 4 r2 i 63535.10 13.4% <-- very very weird, must be cache problems.
+-DDES_UNROLL -DDES_RISC1 -DDES_PTR
+
diff --git a/crypto/des/typemap b/crypto/des/typemap
new file mode 100644
index 0000000..a524f53
--- /dev/null
+++ b/crypto/des/typemap
@@ -0,0 +1,34 @@
+#
+# DES SECTION
+#
+deschar * T_DESCHARP
+des_cblock * T_CBLOCK
+des_cblock T_CBLOCK
+des_key_schedule T_SCHEDULE
+des_key_schedule * T_SCHEDULE
+
+INPUT
+T_CBLOCK
+ $var=(des_cblock *)SvPV($arg,len);
+ if (len < DES_KEY_SZ)
+ {
+ croak(\"$var needs to be at least %u bytes long\",DES_KEY_SZ);
+ }
+
+T_SCHEDULE
+ $var=(des_key_schedule *)SvPV($arg,len);
+ if (len < DES_SCHEDULE_SZ)
+ {
+ croak(\"$var needs to be at least %u bytes long\",
+ DES_SCHEDULE_SZ);
+ }
+
+OUTPUT
+T_CBLOCK
+ sv_setpvn($arg,(char *)$var,DES_KEY_SZ);
+
+T_SCHEDULE
+ sv_setpvn($arg,(char *)$var,DES_SCHEDULE_SZ);
+
+T_DESCHARP
+ sv_setpvn($arg,(char *)$var,len);
diff --git a/crypto/des/vms.com b/crypto/des/vms.com
new file mode 100755
index 0000000..62ca1fb
--- /dev/null
+++ b/crypto/des/vms.com
@@ -0,0 +1,90 @@
+$! --- VMS.com ---
+$!
+$ GoSub defines
+$ GoSub linker_options
+$ If (P1 .nes. "")
+$ Then
+$ GoSub 'P1'
+$ Else
+$ GoSub lib
+$ GoSub destest
+$ GoSub rpw
+$ GoSub speed
+$ GoSub des
+$ EndIF
+$!
+$ Exit
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$DEFINES:
+$ OPT_FILE := "VAX_LINKER_OPTIONS.OPT"
+$!
+$ CC_OPTS := "/NODebug/OPTimize/NOWarn"
+$!
+$ LINK_OPTS := "/NODebug/NOTraceback/Contiguous"
+$!
+$ OBJS = "cbc_cksm.obj,cbc_enc.obj,ecb_enc.obj,pcbc_enc.obj," + -
+ "qud_cksm.obj,rand_key.obj,read_pwd.obj,set_key.obj," + -
+ "str2key.obj,enc_read.obj,enc_writ.obj,fcrypt.obj," + -
+ "cfb_enc.obj,ecb3_enc.obj,ofb_enc.obj"
+
+
+$!
+$ LIBDES = "cbc_cksm.c,cbc_enc.c,ecb_enc.c,enc_read.c," + -
+ "enc_writ.c,pcbc_enc.c,qud_cksm.c,rand_key.c," + -
+ "read_pwd.c,set_key.c,str2key.c,fcrypt.c," + -
+ "cfb_enc.c,ecb3_enc.c,ofb_enc.c"
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$LINKER_OPTIONS:
+$ If (f$search(OPT_FILE) .eqs. "")
+$ Then
+$ Create 'OPT_FILE'
+$DECK
+! Default system options file to link against the sharable C runtime library
+!
+Sys$Share:VAXcRTL.exe/Share
+$EOD
+$ EndIF
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$LIB:
+$ CC 'CC_OPTS' 'LIBDES'
+$ If (f$search("LIBDES.OLB") .nes. "")
+$ Then Library /Object /Replace libdes 'OBJS'
+$ Else Library /Create /Object libdes 'OBJS'
+$ EndIF
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$DESTEST:
+$ CC 'CC_OPTS' destest
+$ Link 'link_opts' /Exec=destest destest.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$RPW:
+$ CC 'CC_OPTS' rpw
+$ Link 'link_opts' /Exec=rpw rpw.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$SPEED:
+$ CC 'CC_OPTS' speed
+$ Link 'link_opts' /Exec=speed speed.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
+$!
+$!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+$!
+$DES:
+$ CC 'CC_OPTS' des
+$ Link 'link_opts' /Exec=des des.obj,libdes/LIBRARY,'opt_file'/Option
+$ Return
diff --git a/crypto/des/xcbc_enc.c b/crypto/des/xcbc_enc.c
new file mode 100644
index 0000000..fa25117
--- /dev/null
+++ b/crypto/des/xcbc_enc.c
@@ -0,0 +1,206 @@
+/* crypto/des/xcbc_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "des_locl.h"
+
+/* RSA's DESX */
+
+static unsigned char desx_white_in2out[256]={
+0xBD,0x56,0xEA,0xF2,0xA2,0xF1,0xAC,0x2A,0xB0,0x93,0xD1,0x9C,0x1B,0x33,0xFD,0xD0,
+0x30,0x04,0xB6,0xDC,0x7D,0xDF,0x32,0x4B,0xF7,0xCB,0x45,0x9B,0x31,0xBB,0x21,0x5A,
+0x41,0x9F,0xE1,0xD9,0x4A,0x4D,0x9E,0xDA,0xA0,0x68,0x2C,0xC3,0x27,0x5F,0x80,0x36,
+0x3E,0xEE,0xFB,0x95,0x1A,0xFE,0xCE,0xA8,0x34,0xA9,0x13,0xF0,0xA6,0x3F,0xD8,0x0C,
+0x78,0x24,0xAF,0x23,0x52,0xC1,0x67,0x17,0xF5,0x66,0x90,0xE7,0xE8,0x07,0xB8,0x60,
+0x48,0xE6,0x1E,0x53,0xF3,0x92,0xA4,0x72,0x8C,0x08,0x15,0x6E,0x86,0x00,0x84,0xFA,
+0xF4,0x7F,0x8A,0x42,0x19,0xF6,0xDB,0xCD,0x14,0x8D,0x50,0x12,0xBA,0x3C,0x06,0x4E,
+0xEC,0xB3,0x35,0x11,0xA1,0x88,0x8E,0x2B,0x94,0x99,0xB7,0x71,0x74,0xD3,0xE4,0xBF,
+0x3A,0xDE,0x96,0x0E,0xBC,0x0A,0xED,0x77,0xFC,0x37,0x6B,0x03,0x79,0x89,0x62,0xC6,
+0xD7,0xC0,0xD2,0x7C,0x6A,0x8B,0x22,0xA3,0x5B,0x05,0x5D,0x02,0x75,0xD5,0x61,0xE3,
+0x18,0x8F,0x55,0x51,0xAD,0x1F,0x0B,0x5E,0x85,0xE5,0xC2,0x57,0x63,0xCA,0x3D,0x6C,
+0xB4,0xC5,0xCC,0x70,0xB2,0x91,0x59,0x0D,0x47,0x20,0xC8,0x4F,0x58,0xE0,0x01,0xE2,
+0x16,0x38,0xC4,0x6F,0x3B,0x0F,0x65,0x46,0xBE,0x7E,0x2D,0x7B,0x82,0xF9,0x40,0xB5,
+0x1D,0x73,0xF8,0xEB,0x26,0xC7,0x87,0x97,0x25,0x54,0xB1,0x28,0xAA,0x98,0x9D,0xA5,
+0x64,0x6D,0x7A,0xD4,0x10,0x81,0x44,0xEF,0x49,0xD6,0xAE,0x2E,0xDD,0x76,0x5C,0x2F,
+0xA7,0x1C,0xC9,0x09,0x69,0x9A,0x83,0xCF,0x29,0x39,0xB9,0xE9,0x4C,0xFF,0x43,0xAB,
+ };
+
+void des_xwhite_in2out(des_key,in_white,out_white)
+des_cblock (*des_key);
+des_cblock (*in_white);
+des_cblock (*out_white);
+ {
+ unsigned char *key,*in,*out;
+ int out0,out1;
+ int i;
+
+ key=(unsigned char *)des_key;
+ in=(unsigned char *)in_white;
+ out=(unsigned char *)out_white;
+
+ out[0]=out[1]=out[2]=out[3]=out[4]=out[5]=out[6]=out[7]=0;
+ out0=out1=0;
+ for (i=0; i<8; i++)
+ {
+ out[i]=key[i]^desx_white_in2out[out0^out1];
+ out0=out1;
+ out1=(int)out[i&0x07];
+ }
+
+ out0=out[0];
+ out1=out[i];
+ for (i=0; i<8; i++)
+ {
+ out[i]=in[i]^desx_white_in2out[out0^out1];
+ out0=out1;
+ out1=(int)out[i&0x07];
+ }
+ }
+
+void des_xcbc_encrypt(input, output, length, schedule, ivec, inw,outw,enc)
+des_cblock (*input);
+des_cblock (*output);
+long length;
+des_key_schedule schedule;
+des_cblock (*ivec);
+des_cblock (*inw);
+des_cblock (*outw);
+int enc;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG tout0,tout1,xor0,xor1;
+ register DES_LONG inW0,inW1,outW0,outW1;
+ register unsigned char *in,*out;
+ register long l=length;
+ DES_LONG tin[2];
+ unsigned char *iv;
+
+ in=(unsigned char *)inw;
+ c2l(in,inW0);
+ c2l(in,inW1);
+ in=(unsigned char *)outw;
+ c2l(in,outW0);
+ c2l(in,outW1);
+
+ in=(unsigned char *)input;
+ out=(unsigned char *)output;
+ iv=(unsigned char *)ivec;
+
+ if (enc)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0^inW0; tin[0]=tin0;
+ tin1^=tout1^inW1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]^outW0; l2c(tout0,out);
+ tout1=tin[1]^outW1; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0^inW0; tin[0]=tin0;
+ tin1^=tout1^inW1; tin[1]=tin1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_ENCRYPT);
+ tout0=tin[0]^outW0; l2c(tout0,out);
+ tout1=tin[1]^outW1; l2c(tout1,out);
+ }
+ iv=(unsigned char *)ivec;
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ for (l-=8; l>0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0^outW0;
+ c2l(in,tin1); tin[1]=tin1^outW1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0^inW0;
+ tout1=tin[1]^xor1^inW1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0^outW0;
+ c2l(in,tin1); tin[1]=tin1^outW1;
+ des_encrypt((DES_LONG *)tin,schedule,DES_DECRYPT);
+ tout0=tin[0]^xor0^inW0;
+ tout1=tin[1]^xor1^inW1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+
+ iv=(unsigned char *)ivec;
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ inW0=inW1=outW0=outW1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/crypto/dh/Makefile.ssl b/crypto/dh/Makefile.ssl
new file mode 100644
index 0000000..7e0c1e1
--- /dev/null
+++ b/crypto/dh/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/dh/Makefile
+#
+
+DIR= dh
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=dh
+ERRC=dh_err
+GENERAL=Makefile
+TEST= dhtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dh_gen.c dh_key.c dh_lib.c dh_check.c $(ERRC).c
+LIBOBJ= dh_gen.o dh_key.o dh_lib.o dh_check.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dh.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/dh/dh.err b/crypto/dh/dh.err
new file mode 100644
index 0000000..a4fe746
--- /dev/null
+++ b/crypto/dh/dh.err
@@ -0,0 +1,12 @@
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+#define DH_F_DHPARAMS_PRINT 100
+#define DH_F_DHPARAMS_PRINT_FP 101
+#define DH_F_DH_COMPUTE_KEY 102
+#define DH_F_DH_GENERATE_KEY 103
+#define DH_F_DH_GENERATE_PARAMETERS 104
+#define DH_F_DH_NEW 105
+
+/* Reason codes. */
+#define DH_R_NO_PRIVATE_VALUE 100
diff --git a/crypto/dh/dh.h b/crypto/dh/dh.h
new file mode 100644
index 0000000..4497802
--- /dev/null
+++ b/crypto/dh/dh.h
@@ -0,0 +1,162 @@
+/* crypto/dh/dh.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_DH_H
+#define HEADER_DH_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef HEADER_BN_H
+#define BIGNUM char
+#endif
+
+typedef struct dh_st
+ {
+ /* This first argument is used to pick up errors when
+ * a DH is passed instead of a EVP_PKEY */
+ int pad;
+ int version;
+ BIGNUM *p;
+ BIGNUM *g;
+ int length; /* optional */
+ BIGNUM *pub_key; /* y */
+ BIGNUM *priv_key; /* x */
+ } DH;
+
+#define DH_GENERATOR_2 2
+/* #define DH_GENERATOR_3 3 */
+#define DH_GENERATOR_5 5
+
+/* DH_check error codes */
+#define DH_CHECK_P_NOT_PRIME 0x01
+#define DH_CHECK_P_NOT_STRONG_PRIME 0x02
+#define DH_UNABLE_TO_CHECK_GENERATOR 0x04
+#define DH_NOT_SUITABLE_GENERATOR 0x08
+
+#define DHparams_dup(x) (DH *)ASN1_dup((int (*)())i2d_DHparams, \
+ (char *(*)())d2i_DHparams,(char *)(x))
+#define d2i_DHparams_fp(fp,x) (DH *)ASN1_d2i_fp((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams,(fp),(unsigned char **)(x))
+#define i2d_DHparams_fp(fp,x) ASN1_i2d_fp(i2d_DHparams,(fp), \
+ (unsigned char *)(x))
+#define d2i_DHparams_bio(bp,x) (DH *)ASN1_d2i_bio((char *(*)())DH_new, \
+ (char *(*)())d2i_DHparams,(bp),(unsigned char **)(x))
+#define i2d_DHparams_bio(bp,x) ASN1_i2d_bio(i2d_DHparams,(bp), \
+ (unsigned char *)(x))
+
+#ifndef NOPROTO
+DH * DH_new(void);
+void DH_free(DH *dh);
+int DH_size(DH *dh);
+DH * DH_generate_parameters(int prime_len,int generator,
+ void (*callback)(int,int));
+int DH_check(DH *dh,int *codes);
+int DH_generate_key(DH *dh);
+int DH_compute_key(unsigned char *key,BIGNUM *pub_key,DH *dh);
+DH * d2i_DHparams(DH **a,unsigned char **pp, long length);
+int i2d_DHparams(DH *a,unsigned char **pp);
+#ifndef WIN16
+int DHparams_print_fp(FILE *fp, DH *x);
+#endif
+#ifdef HEADER_BIO_H
+int DHparams_print(BIO *bp, DH *x);
+#else
+int DHparams_print(char *bp, DH *x);
+#endif
+void ERR_load_DH_strings(void );
+
+#else
+
+DH * DH_new();
+void DH_free();
+int DH_size();
+DH * DH_generate_parameters();
+int DH_check();
+int DH_generate_key();
+int DH_compute_key();
+DH * d2i_DHparams();
+int i2d_DHparams();
+#ifndef WIN16
+int DHparams_print_fp();
+#endif
+int DHparams_print();
+void ERR_load_DH_strings();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the DH functions. */
+
+/* Function codes. */
+#define DH_F_DHPARAMS_PRINT 100
+#define DH_F_DHPARAMS_PRINT_FP 101
+#define DH_F_DH_COMPUTE_KEY 102
+#define DH_F_DH_GENERATE_KEY 103
+#define DH_F_DH_GENERATE_PARAMETERS 104
+#define DH_F_DH_NEW 105
+
+/* Reason codes. */
+#define DH_R_NO_PRIVATE_VALUE 100
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/dh/dh1024.pem b/crypto/dh/dh1024.pem
new file mode 100644
index 0000000..81d43f6
--- /dev/null
+++ b/crypto/dh/dh1024.pem
@@ -0,0 +1,5 @@
+-----BEGIN DH PARAMETERS-----
+MIGHAoGBAJf2QmHKtQXdKCjhPx1ottPb0PMTBH9A6FbaWMsTuKG/K3g6TG1Z1fkq
+/Gz/PWk/eLI9TzFgqVAuPvr3q14a1aZeVUMTgo2oO5/y2UHe6VaJ+trqCTat3xlx
+/mNbIK9HA2RgPC3gWfVLZQrY+gz3ASHHR5nXWHEyvpuZm7m3h+irAgEC
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh192.pem b/crypto/dh/dh192.pem
new file mode 100644
index 0000000..521c072
--- /dev/null
+++ b/crypto/dh/dh192.pem
@@ -0,0 +1,3 @@
+-----BEGIN DH PARAMETERS-----
+MB4CGQDUoLoCULb9LsYm5+/WN992xxbiLQlEuIsCAQM=
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh2048.pem b/crypto/dh/dh2048.pem
new file mode 100644
index 0000000..295460f
--- /dev/null
+++ b/crypto/dh/dh2048.pem
@@ -0,0 +1,16 @@
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEA7ZKJNYJFVcs7+6J2WmkEYb8h86tT0s0h2v94GRFS8Q7B4lW9aG9o
+AFO5Imov5Jo0H2XMWTKKvbHbSe3fpxJmw/0hBHAY8H/W91hRGXKCeyKpNBgdL8sh
+z22SrkO2qCnHJ6PLAMXy5fsKpFmFor2tRfCzrfnggTXu2YOzzK7q62bmqVdmufEo
+pT8igNcLpvZxk5uBDvhakObMym9mX3rAEBoe8PwttggMYiiw7NuJKO4MqD1llGkW
+aVM8U2ATsCun1IKHrRxynkE1/MJ86VHeYYX8GZt2YA8z+GuzylIOKcMH6JAWzMwA
+Gbatw6QwizOhr9iMjZ0B26TE3X8LvW84wwIBAg==
+-----END DH PARAMETERS-----
+-----BEGIN DH PARAMETERS-----
+MIIBCAKCAQEArtA3w73zP6Lu3EOQtwogiXt3AXXpuS6yD4BhzNS1pZFyPHk0/an5
+8ydEkPhQZHKDW+BZJxxPLANaTudWo2YT8TgtvUdN6KSgMiEi6McwqDw+SADuvW+F
+SKUYFxG6VFIxyEP6xBdf+vhJxEDbRG2EYsHDRRtJ76gp9cSKTHusf2R+4AAVGqnt
+gRAbNqtcOar/7FSj+Pl8G3v0Bty0LcCSpbqgYlnv6z+rErQmmC6PPvSz97TDMCok
+yKpCE9hFA1zkqK3TH4FmFvGeIaXJUIBZf4mArWuBTjWFW3nmhESRUn1VK3K3x42N
+a5k6c2+EhrMFiLjxuH6JZoqL0/E93FF9SwIBAg==
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh4096.pem b/crypto/dh/dh4096.pem
new file mode 100644
index 0000000..390943a
--- /dev/null
+++ b/crypto/dh/dh4096.pem
@@ -0,0 +1,14 @@
+-----BEGIN DH PARAMETERS-----
+MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
+vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
+TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
+bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
+rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
+EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
+bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
+W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
+ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
+NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
+jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
+-----END DH PARAMETERS-----
+
diff --git a/crypto/dh/dh512.pem b/crypto/dh/dh512.pem
new file mode 100644
index 0000000..0a4d863
--- /dev/null
+++ b/crypto/dh/dh512.pem
@@ -0,0 +1,4 @@
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
diff --git a/crypto/dh/dh_check.c b/crypto/dh/dh_check.c
new file mode 100644
index 0000000..8da8dc8
--- /dev/null
+++ b/crypto/dh/dh_check.c
@@ -0,0 +1,120 @@
+/* crypto/dh/dh_check.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+/* Check that p is a strong prime and
+ * if g is 2, 3 or 5, check that is is a suitable generator
+ * where
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5
+ * for 5, p mod 10 == 3 or 7
+ * should hold.
+ */
+
+int DH_check(dh,ret)
+DH *dh;
+int *ret;
+ {
+ int ok=0;
+ BN_CTX *ctx=NULL;
+ BN_ULONG l;
+ BIGNUM *q=NULL;
+
+ *ret=0;
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ q=BN_new();
+ if (q == NULL) goto err;
+
+ if (BN_is_word(dh->g,DH_GENERATOR_2))
+ {
+ l=BN_mod_word(dh->p,24);
+ if (l != 11) *ret|=DH_NOT_SUITABLE_GENERATOR;
+ }
+/* else if (BN_is_word(dh->g,DH_GENERATOR_3))
+ {
+ l=BN_mod_word(dh->p,12);
+ if (l != 5) *ret|=DH_NOT_SUITABLE_GENERATOR;
+ }*/
+ else if (BN_is_word(dh->g,DH_GENERATOR_5))
+ {
+ l=BN_mod_word(dh->p,10);
+ if ((l != 3) && (l != 7))
+ *ret|=DH_NOT_SUITABLE_GENERATOR;
+ }
+ else
+ *ret|=DH_UNABLE_TO_CHECK_GENERATOR;
+
+ if (!BN_is_prime(dh->p,BN_prime_checks,NULL,ctx))
+ *ret|=DH_CHECK_P_NOT_PRIME;
+ else
+ {
+ if (!BN_rshift1(q,dh->p)) goto err;
+ if (!BN_is_prime(q,BN_prime_checks,NULL,ctx))
+ *ret|=DH_CHECK_P_NOT_STRONG_PRIME;
+ }
+ ok=1;
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (q != NULL) BN_free(q);
+ return(ok);
+ }
diff --git a/crypto/dh/dh_err.c b/crypto/dh/dh_err.c
new file mode 100644
index 0000000..1950f43
--- /dev/null
+++ b/crypto/dh/dh_err.c
@@ -0,0 +1,90 @@
+/* lib/dh/dh_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "dh.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA DH_str_functs[]=
+ {
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT,0), "DHparams_print"},
+{ERR_PACK(0,DH_F_DHPARAMS_PRINT_FP,0), "DHparams_print_fp"},
+{ERR_PACK(0,DH_F_DH_COMPUTE_KEY,0), "DH_compute_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_KEY,0), "DH_generate_key"},
+{ERR_PACK(0,DH_F_DH_GENERATE_PARAMETERS,0), "DH_generate_parameters"},
+{ERR_PACK(0,DH_F_DH_NEW,0), "DH_new"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA DH_str_reasons[]=
+ {
+{DH_R_NO_PRIVATE_VALUE ,"no private value"},
+{0,NULL},
+ };
+
+void ERR_load_DH_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_DH,DH_str_functs);
+ ERR_load_strings(ERR_LIB_DH,DH_str_reasons);
+ }
+ }
diff --git a/crypto/dh/dh_gen.c b/crypto/dh/dh_gen.c
new file mode 100644
index 0000000..ff4f18e
--- /dev/null
+++ b/crypto/dh/dh_gen.c
@@ -0,0 +1,149 @@
+/* crypto/dh/dh_gen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+/* We generate DH parameters as follows
+ * find a prime q which is prime_len/2 bits long.
+ * p=(2*q)+1 or (p-1)/2 = q
+ * For this case, g is a generator if
+ * g^((p-1)/q) mod p != 1 for values of q which are the factors of p-1.
+ * Since the factors of p-1 are q and 2, we just need to check
+ * g^2 mod p != 1 and g^q mod p != 1.
+ *
+ * Having said all that,
+ * there is another special case method for the generators 2, 3 and 5.
+ * for 2, p mod 24 == 11
+ * for 3, p mod 12 == 5 <<<<< does not work for strong primes.
+ * for 5, p mod 10 == 3 or 7
+ *
+ * Thanks to Phil Karn <karn@qualcomm.com> for the pointers about the
+ * special generators and for answering some of my questions.
+ *
+ * I've implemented the second simple method :-).
+ * Since DH should be using a strong prime (both p and q are prime),
+ * this generator function can take a very very long time to run.
+ */
+
+DH *DH_generate_parameters(prime_len,generator,callback)
+int prime_len;
+int generator;
+void (*callback)(P_I_I);
+ {
+ BIGNUM *p=NULL,*t1,*t2;
+ DH *ret=NULL;
+ int g,ok= -1;
+ BN_CTX *ctx=NULL;
+
+ ret=DH_new();
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ t1=ctx->bn[0];
+ t2=ctx->bn[1];
+ ctx->tos=2;
+
+ if (generator == DH_GENERATOR_2)
+ {
+ BN_set_word(t1,24);
+ BN_set_word(t2,11);
+ g=2;
+ }
+#ifdef undef /* does not work for strong primes */
+ else if (generator == DH_GENERATOR_3)
+ {
+ BN_set_word(t1,12);
+ BN_set_word(t2,5);
+ g=3;
+ }
+#endif
+ else if (generator == DH_GENERATOR_5)
+ {
+ BN_set_word(t1,10);
+ BN_set_word(t2,3);
+ /* BN_set_word(t3,7); just have to miss
+ * out on these ones :-( */
+ g=5;
+ }
+ else
+ g=generator;
+
+ p=BN_generate_prime(prime_len,1,t1,t2,callback);
+ if (p == NULL) goto err;
+ if (callback != NULL) callback(3,0);
+ ret->p=p;
+ ret->g=BN_new();
+ if (!BN_set_word(ret->g,g)) goto err;
+ ok=1;
+err:
+ if (ok == -1)
+ {
+ DHerr(DH_F_DH_GENERATE_PARAMETERS,ERR_R_BN_LIB);
+ ok=0;
+ }
+
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (!ok && (ret != NULL))
+ {
+ DH_free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
diff --git a/crypto/dh/dh_key.c b/crypto/dh/dh_key.c
new file mode 100644
index 0000000..12f47c4
--- /dev/null
+++ b/crypto/dh/dh_key.c
@@ -0,0 +1,142 @@
+/* crypto/dh/dh_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rand.h"
+#include "dh.h"
+
+int DH_generate_key(dh)
+DH *dh;
+ {
+ int ok=0;
+ unsigned int i;
+ BN_CTX *ctx=NULL;
+ BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ if (dh->priv_key == NULL)
+ {
+ i=dh->length;
+ if (i == 0)
+ {
+ /* Make the number p-1 bits long */
+ i=BN_num_bits(dh->p)-1;
+ }
+ priv_key=BN_new();
+ if (priv_key == NULL) goto err;
+ if (!BN_rand(priv_key,i,0,0)) goto err;
+ }
+ else
+ priv_key=dh->priv_key;
+
+ if (dh->pub_key == NULL)
+ {
+ pub_key=BN_new();
+ if (pub_key == NULL) goto err;
+ }
+ else
+ pub_key=dh->pub_key;
+
+ if (!BN_mod_exp(pub_key,dh->g,priv_key,dh->p,ctx)) goto err;
+
+ dh->pub_key=pub_key;
+ dh->priv_key=priv_key;
+ ok=1;
+err:
+ if (ok != 1)
+ DHerr(DH_F_DH_GENERATE_KEY,ERR_R_BN_LIB);
+
+ if ((pub_key != NULL) && (dh->pub_key == NULL)) BN_free(pub_key);
+ if ((priv_key != NULL) && (dh->priv_key == NULL)) BN_free(priv_key);
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ok);
+ }
+
+int DH_compute_key(key,pub_key,dh)
+unsigned char *key;
+BIGNUM *pub_key;
+DH *dh;
+ {
+ BN_CTX *ctx;
+ BIGNUM *tmp;
+ int ret= -1;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ tmp=ctx->bn[ctx->tos++];
+
+ if (dh->priv_key == NULL)
+ {
+ DHerr(DH_F_DH_COMPUTE_KEY,DH_R_NO_PRIVATE_VALUE);
+ goto err;
+ }
+ if (!BN_mod_exp(tmp,pub_key,dh->priv_key,dh->p,ctx))
+ {
+ DHerr(DH_F_DH_COMPUTE_KEY,ERR_R_BN_LIB);
+ goto err;
+ }
+
+ ret=BN_bn2bin(tmp,key);
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ret);
+ }
diff --git a/crypto/dh/dh_lib.c b/crypto/dh/dh_lib.c
new file mode 100644
index 0000000..786a2c1
--- /dev/null
+++ b/crypto/dh/dh_lib.c
@@ -0,0 +1,100 @@
+/* crypto/dh/dh_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dh.h"
+
+char *DH_version="Diffie-Hellman part of SSLeay 0.8.1b 29-Jun-1998";
+
+DH *DH_new()
+ {
+ DH *ret;
+
+ ret=(DH *)Malloc(sizeof(DH));
+ if (ret == NULL)
+ {
+ DHerr(DH_F_DH_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->pad=0;
+ ret->version=0;
+ ret->p=NULL;
+ ret->g=NULL;
+ ret->length=0;
+ ret->pub_key=NULL;
+ ret->priv_key=NULL;
+ return(ret);
+ }
+
+void DH_free(r)
+DH *r;
+ {
+ if (r->p != NULL) BN_clear_free(r->p);
+ if (r->g != NULL) BN_clear_free(r->g);
+ if (r->pub_key != NULL) BN_clear_free(r->pub_key);
+ if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+ Free(r);
+ }
+
+int DH_size(dh)
+DH *dh;
+ {
+ return(BN_num_bytes(dh->p));
+ }
diff --git a/crypto/dh/dhtest.c b/crypto/dh/dhtest.c
new file mode 100644
index 0000000..b338715
--- /dev/null
+++ b/crypto/dh/dhtest.c
@@ -0,0 +1,187 @@
+/* crypto/dh/dhtest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "crypto.h"
+#include "bio.h"
+#include "bn.h"
+#include "dh.h"
+
+#ifdef WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK cb(int p, int n);
+#else
+static void MS_CALLBACK cb();
+#endif
+
+#ifdef WIN16
+#define APPS_WIN16
+#include "../bio/bss_file.c"
+#endif
+
+BIO *out=NULL;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ DH *a,*b;
+ char buf[12];
+ unsigned char *abuf=NULL,*bbuf=NULL;
+ int i,alen,blen,aout,bout,ret=1;
+
+#ifdef WIN32
+ CRYPTO_malloc_init();
+#endif
+
+ out=BIO_new(BIO_s_file());
+ if (out == NULL) exit(1);
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+
+ a=DH_generate_parameters(64,DH_GENERATOR_5,cb);
+ if (a == NULL) goto err;
+
+ BIO_puts(out,"\np =");
+ BN_print(out,a->p);
+ BIO_puts(out,"\ng =");
+ BN_print(out,a->g);
+ BIO_puts(out,"\n");
+
+ b=DH_new();
+ if (b == NULL) goto err;
+
+ b->p=BN_dup(a->p);
+ b->g=BN_dup(a->g);
+ if ((b->p == NULL) || (b->g == NULL)) goto err;
+
+ if (!DH_generate_key(a)) goto err;
+ BIO_puts(out,"pri 1=");
+ BN_print(out,a->priv_key);
+ BIO_puts(out,"\npub 1=");
+ BN_print(out,a->pub_key);
+ BIO_puts(out,"\n");
+
+ if (!DH_generate_key(b)) goto err;
+ BIO_puts(out,"pri 2=");
+ BN_print(out,b->priv_key);
+ BIO_puts(out,"\npub 2=");
+ BN_print(out,b->pub_key);
+ BIO_puts(out,"\n");
+
+ alen=DH_size(a);
+ abuf=(unsigned char *)Malloc(alen);
+ aout=DH_compute_key(abuf,b->pub_key,a);
+
+ BIO_puts(out,"key1 =");
+ for (i=0; i<aout; i++)
+ {
+ sprintf(buf,"%02X",abuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+
+ blen=DH_size(b);
+ bbuf=(unsigned char *)Malloc(blen);
+ bout=DH_compute_key(bbuf,a->pub_key,b);
+
+ BIO_puts(out,"key2 =");
+ for (i=0; i<bout; i++)
+ {
+ sprintf(buf,"%02X",bbuf[i]);
+ BIO_puts(out,buf);
+ }
+ BIO_puts(out,"\n");
+ if ((aout < 4) || (bout != aout) || (memcmp(abuf,bbuf,aout) != 0))
+ {
+ fprintf(stderr,"Error in DH routines\n");
+ ret=1;
+ }
+ else
+ ret=0;
+err:
+ if (abuf != NULL) Free(abuf);
+ if (bbuf != NULL) Free(bbuf);
+ exit(ret);
+ return(ret);
+ }
+
+static void MS_CALLBACK cb(p, n)
+int p;
+int n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ BIO_write(out,&c,1);
+#ifdef LINT
+ p=n;
+#endif
+ }
diff --git a/crypto/dh/example b/crypto/dh/example
new file mode 100644
index 0000000..16a33d2
--- /dev/null
+++ b/crypto/dh/example
@@ -0,0 +1,50 @@
+From owner-cypherpunks@toad.com Mon Sep 25 10:50:51 1995
+Received: from minbne.mincom.oz.au by orb.mincom.oz.au with SMTP id AA10562
+ (5.65c/IDA-1.4.4 for eay); Wed, 27 Sep 1995 19:41:55 +1000
+Received: by minbne.mincom.oz.au id AA19958
+ (5.65c/IDA-1.4.4 for eay@orb.mincom.oz.au); Wed, 27 Sep 1995 19:34:59 +1000
+Received: from relay3.UU.NET by bunyip.cc.uq.oz.au with SMTP (PP);
+ Wed, 27 Sep 1995 19:13:05 +1000
+Received: from toad.com by relay3.UU.NET with SMTP id QQzizb16156;
+ Wed, 27 Sep 1995 04:48:46 -0400
+Received: by toad.com id AA07905; Tue, 26 Sep 95 06:31:45 PDT
+Received: from by toad.com id AB07851; Tue, 26 Sep 95 06:31:40 PDT
+Received: from servo.qualcomm.com (servo.qualcomm.com [129.46.128.14])
+ by cygnus.com (8.6.12/8.6.9) with ESMTP id RAA18442
+ for <cypherpunks@toad.com>; Mon, 25 Sep 1995 17:52:47 -0700
+Received: (karn@localhost) by servo.qualcomm.com (8.6.12/QC-BSD-2.5.1)
+ id RAA14732; Mon, 25 Sep 1995 17:50:51 -0700
+Date: Mon, 25 Sep 1995 17:50:51 -0700
+From: Phil Karn <karn@qualcomm.com>
+Message-Id: <199509260050.RAA14732@servo.qualcomm.com>
+To: cypherpunks@toad.com, ipsec-dev@eit.com
+Subject: Primality verification needed
+Sender: owner-cypherpunks@toad.com
+Precedence: bulk
+Status: RO
+X-Status:
+
+Hi. I've generated a 2047-bit "strong" prime number that I would like to
+use with Diffie-Hellman key exchange. I assert that not only is this number
+'p' prime, but so is (p-1)/2.
+
+I've used the mpz_probab_prime() function in the Gnu Math Package (GMP) version
+1.3.2 to test this number. This function uses the Miller-Rabin primality test.
+However, to increase my confidence that this number really is a strong prime,
+I'd like to ask others to confirm it with other tests. Here's the number in hex:
+
+72a925f760b2f954ed287f1b0953f3e6aef92e456172f9fe86fdd8822241b9c9788fbc289982743e
+fbcd2ccf062b242d7a567ba8bbb40d79bca7b8e0b6c05f835a5b938d985816bc648985adcff5402a
+a76756b36c845a840a1d059ce02707e19cf47af0b5a882f32315c19d1b86a56c5389c5e9bee16b65
+fde7b1a8d74a7675de9b707d4c5a4633c0290c95ff30a605aeb7ae864ff48370f13cf01d49adb9f2
+3d19a439f753ee7703cf342d87f431105c843c78ca4df639931f3458fae8a94d1687e99a76ed99d0
+ba87189f42fd31ad8262c54a8cf5914ae6c28c540d714a5f6087a171fb74f4814c6f968d72386ef3
+56a05180c3bec7ddd5ef6fe76b1f717b
+
+The generator, g, for this prime is 2.
+
+Thanks!
+
+Phil Karn
+
+
diff --git a/crypto/dh/generate b/crypto/dh/generate
new file mode 100644
index 0000000..5d40723
--- /dev/null
+++ b/crypto/dh/generate
@@ -0,0 +1,65 @@
+From: stewarts@ix.netcom.com (Bill Stewart)
+Newsgroups: sci.crypt
+Subject: Re: Diffie-Hellman key exchange
+Date: Wed, 11 Oct 1995 23:08:28 GMT
+Organization: Freelance Information Architect
+Lines: 32
+Message-ID: <45hir2$7l8@ixnews7.ix.netcom.com>
+References: <458rhn$76m$1@mhadf.production.compuserve.com>
+NNTP-Posting-Host: ix-pl4-16.ix.netcom.com
+X-NETCOM-Date: Wed Oct 11 4:09:22 PM PDT 1995
+X-Newsreader: Forte Free Agent 1.0.82
+
+Kent Briggs <72124.3234@CompuServe.COM> wrote:
+
+>I have a copy of the 1976 IEEE article describing the
+>Diffie-Hellman public key exchange algorithm: y=a^x mod q. I'm
+>looking for sources that give examples of secure a,q pairs and
+>possible some source code that I could examine.
+
+q should be prime, and ideally should be a "strong prime",
+which means it's of the form 2n+1 where n is also prime.
+q also needs to be long enough to prevent the attacks LaMacchia and
+Odlyzko described (some variant on a factoring attack which generates
+a large pile of simultaneous equations and then solves them);
+long enough is about the same size as factoring, so 512 bits may not
+be secure enough for most applications. (The 192 bits used by
+"secure NFS" was certainly not long enough.)
+
+a should be a generator for q, which means it needs to be
+relatively prime to q-1. Usually a small prime like 2, 3 or 5 will
+work.
+
+....
+
+Date: Tue, 26 Sep 1995 13:52:36 MST
+From: "Richard Schroeppel" <rcs@cs.arizona.edu>
+To: karn
+Cc: ho@cs.arizona.edu
+Subject: random large primes
+
+Since your prime is really random, proving it is hard.
+My personal limit on rigorously proved primes is ~350 digits.
+If you really want a proof, we should talk to Francois Morain,
+or the Australian group.
+
+If you want 2 to be a generator (mod P), then you need it
+to be a non-square. If (P-1)/2 is also prime, then
+non-square == primitive-root for bases << P.
+
+In the case at hand, this means 2 is a generator iff P = 11 (mod 24).
+If you want this, you should restrict your sieve accordingly.
+
+3 is a generator iff P = 5 (mod 12).
+
+5 is a generator iff P = 3 or 7 (mod 10).
+
+2 is perfectly usable as a base even if it's a non-generator, since
+it still covers half the space of possible residues. And an
+eavesdropper can always determine the low-bit of your exponent for
+a generator anyway.
+
+Rich rcs@cs.arizona.edu
+
+
+
diff --git a/crypto/dh/p1024.c b/crypto/dh/p1024.c
new file mode 100644
index 0000000..7f8cd56
--- /dev/null
+++ b/crypto/dh/p1024.c
@@ -0,0 +1,92 @@
+/* crypto/dh/p1024.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={0x97,0xF6,0x42,0x61,0xCA,0xB5,0x05,0xDD,
+ 0x28,0x28,0xE1,0x3F,0x1D,0x68,0xB6,0xD3,
+ 0xDB,0xD0,0xF3,0x13,0x04,0x7F,0x40,0xE8,
+ 0x56,0xDA,0x58,0xCB,0x13,0xB8,0xA1,0xBF,
+ 0x2B,0x78,0x3A,0x4C,0x6D,0x59,0xD5,0xF9,
+ 0x2A,0xFC,0x6C,0xFF,0x3D,0x69,0x3F,0x78,
+ 0xB2,0x3D,0x4F,0x31,0x60,0xA9,0x50,0x2E,
+ 0x3E,0xFA,0xF7,0xAB,0x5E,0x1A,0xD5,0xA6,
+ 0x5E,0x55,0x43,0x13,0x82,0x8D,0xA8,0x3B,
+ 0x9F,0xF2,0xD9,0x41,0xDE,0xE9,0x56,0x89,
+ 0xFA,0xDA,0xEA,0x09,0x36,0xAD,0xDF,0x19,
+ 0x71,0xFE,0x63,0x5B,0x20,0xAF,0x47,0x03,
+ 0x64,0x60,0x3C,0x2D,0xE0,0x59,0xF5,0x4B,
+ 0x65,0x0A,0xD8,0xFA,0x0C,0xF7,0x01,0x21,
+ 0xC7,0x47,0x99,0xD7,0x58,0x71,0x32,0xBE,
+ 0x9B,0x99,0x9B,0xB9,0xB7,0x87,0xE8,0xAB,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,2);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/crypto/dh/p192.c b/crypto/dh/p192.c
new file mode 100644
index 0000000..c96972c
--- /dev/null
+++ b/crypto/dh/p192.c
@@ -0,0 +1,80 @@
+/* crypto/dh/p192.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xD4,0xA0,0xBA,0x02,0x50,0xB6,0xFD,0x2E,
+0xC6,0x26,0xE7,0xEF,0xD6,0x37,0xDF,0x76,
+0xC7,0x16,0xE2,0x2D,0x09,0x44,0xB8,0x8B,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,3);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/crypto/dh/p512.c b/crypto/dh/p512.c
new file mode 100644
index 0000000..6105612
--- /dev/null
+++ b/crypto/dh/p512.c
@@ -0,0 +1,85 @@
+/* crypto/dh/p512.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+#include "asn1.h"
+#include "dh.h"
+#include "pem.h"
+
+unsigned char data[]={
+0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,
+0xD0,0xE4,0xAF,0x75,0x6F,0x4C,0xCA,0x92,
+0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,
+0x57,0x46,0x50,0xD3,0x69,0x99,0xDB,0x29,
+0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,
+0xD8,0x00,0x3E,0x7C,0x47,0x74,0xE8,0x33,
+ };
+
+main()
+ {
+ DH *dh;
+
+ dh=DH_new();
+ dh->p=BN_bin2bn(data,sizeof(data),NULL);
+ dh->g=BN_new();
+ BN_set_word(dh->g,2);
+ PEM_write_DHparams(stdout,dh);
+ }
diff --git a/crypto/dsa/Makefile.ssl b/crypto/dsa/Makefile.ssl
new file mode 100644
index 0000000..7b9c9cf
--- /dev/null
+++ b/crypto/dsa/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/dsa/Makefile
+#
+
+DIR= dsa
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=dsa
+ERRC=dsa_err
+GENERAL=Makefile
+TEST=dsatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= dsa_gen.c dsa_key.c dsa_lib.c dsa_vrf.c dsa_sign.c $(ERRC).c
+LIBOBJ= dsa_gen.o dsa_key.o dsa_lib.o dsa_vrf.o dsa_sign.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= dsa.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/dsa/README b/crypto/dsa/README
new file mode 100644
index 0000000..6a7e9c1
--- /dev/null
+++ b/crypto/dsa/README
@@ -0,0 +1,4 @@
+The stuff in here is based on patches supplied to me by
+Steven Schoch <schoch@sheba.arc.nasa.gov> to do DSS.
+I have since modified a them a little but a debt of gratitude
+is due for doing the initial work.
diff --git a/crypto/dsa/dsa.err b/crypto/dsa/dsa.err
new file mode 100644
index 0000000..1131e9f
--- /dev/null
+++ b/crypto/dsa/dsa.err
@@ -0,0 +1,15 @@
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+#define DSA_F_DSAPARAMS_PRINT 100
+#define DSA_F_DSAPARAMS_PRINT_FP 101
+#define DSA_F_DSA_IS_PRIME 102
+#define DSA_F_DSA_NEW 103
+#define DSA_F_DSA_PRINT 104
+#define DSA_F_DSA_PRINT_FP 105
+#define DSA_F_DSA_SIGN 106
+#define DSA_F_DSA_SIGN_SETUP 107
+#define DSA_F_DSA_VERIFY 108
+
+/* Reason codes. */
+#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
diff --git a/crypto/dsa/dsa.h b/crypto/dsa/dsa.h
new file mode 100644
index 0000000..e5dfafe
--- /dev/null
+++ b/crypto/dsa/dsa.h
@@ -0,0 +1,194 @@
+/* crypto/dsa/dsa.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/*
+ * The DSS routines are based on patches supplied by
+ * Steven Schoch <schoch@sheba.arc.nasa.gov>. He basically did the
+ * work and I have just tweaked them a little to fit into my
+ * stylistic vision for SSLeay :-) */
+
+#ifndef HEADER_DSA_H
+#define HEADER_DSA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bn.h"
+
+typedef struct dsa_st
+ {
+ /* This first variable is used to pick up errors where
+ * a DSA is passed instead of of a EVP_PKEY */
+ int pad;
+ int version;
+ int write_params;
+ BIGNUM *p;
+ BIGNUM *q; /* == 20 */
+ BIGNUM *g;
+
+ BIGNUM *pub_key; /* y public key */
+ BIGNUM *priv_key; /* x private key */
+
+ BIGNUM *kinv; /* Signing pre-calc */
+ BIGNUM *r; /* Signing pre-calc */
+
+ int references;
+ } DSA;
+
+#define DSAparams_dup(x) (DSA *)ASN1_dup((int (*)())i2d_DSAparams, \
+ (char *(*)())d2i_DSAparams,(char *)(x))
+#define d2i_DSAparams_fp(fp,x) (DSA *)ASN1_d2i_fp((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams,(fp),(unsigned char **)(x))
+#define i2d_DSAparams_fp(fp,x) ASN1_i2d_fp(i2d_DSAparams,(fp), \
+ (unsigned char *)(x))
+#define d2i_DSAparams_bio(bp,x) (DSA *)ASN1_d2i_bio((char *(*)())DSA_new, \
+ (char *(*)())d2i_DSAparams,(bp),(unsigned char **)(x))
+#define i2d_DSAparams_bio(bp,x) ASN1_i2d_bio(i2d_DSAparams,(bp), \
+ (unsigned char *)(x))
+
+#ifndef NOPROTO
+
+DSA * DSA_new(void);
+int DSA_size(DSA *);
+ /* DSA * DSA_generate_key(int bits, void (*callback)()); */
+ /* next 4 return -1 on error */
+int DSA_sign_setup( DSA *dsa,BN_CTX *ctx_in,BIGNUM **kinvp,BIGNUM **rp);
+int DSA_sign(int type,unsigned char *dgst,int dlen,
+ unsigned char *sig, unsigned int *siglen, DSA *dsa);
+int DSA_verify(int type,unsigned char *dgst,int dgst_len,
+ unsigned char *sigbuf, int siglen, DSA *dsa);
+void DSA_free (DSA *r);
+
+void ERR_load_DSA_strings(void );
+
+DSA * d2i_DSAPublicKey(DSA **a, unsigned char **pp, long length);
+DSA * d2i_DSAPrivateKey(DSA **a, unsigned char **pp, long length);
+DSA * d2i_DSAparams(DSA **a, unsigned char **pp, long length);
+DSA * DSA_generate_parameters(int bits, unsigned char *seed,int seed_len,
+ int *counter_ret, unsigned long *h_ret,void (*callback)());
+int DSA_generate_key(DSA *a);
+int i2d_DSAPublicKey(DSA *a, unsigned char **pp);
+int i2d_DSAPrivateKey(DSA *a, unsigned char **pp);
+int i2d_DSAparams(DSA *a,unsigned char **pp);
+
+#ifdef HEADER_BIO_H
+int DSAparams_print(BIO *bp, DSA *x);
+int DSA_print(BIO *bp, DSA *x, int off);
+#endif
+#ifndef WIN16
+int DSAparams_print_fp(FILE *fp, DSA *x);
+int DSA_print_fp(FILE *bp, DSA *x, int off);
+#endif
+
+int DSA_is_prime(BIGNUM *q,void (*callback)());
+
+#else
+
+DSA * DSA_new();
+int DSA_size();
+int DSA_sign_setup();
+int DSA_sign();
+int DSA_verify();
+void DSA_free ();
+
+void ERR_load_DSA_strings();
+
+DSA * d2i_DSAPublicKey();
+DSA * d2i_DSAPrivateKey();
+DSA * d2i_DSAparams();
+DSA * DSA_generate_parameters();
+int DSA_generate_key();
+int i2d_DSAPublicKey();
+int i2d_DSAPrivateKey();
+int i2d_DSAparams();
+
+int DSA_is_prime();
+
+int DSAparams_print();
+int DSA_print();
+
+#ifndef WIN16
+int DSAparams_print_fp();
+int DSA_print_fp();
+#endif
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the DSA functions. */
+
+/* Function codes. */
+#define DSA_F_DSAPARAMS_PRINT 100
+#define DSA_F_DSAPARAMS_PRINT_FP 101
+#define DSA_F_DSA_IS_PRIME 102
+#define DSA_F_DSA_NEW 103
+#define DSA_F_DSA_PRINT 104
+#define DSA_F_DSA_PRINT_FP 105
+#define DSA_F_DSA_SIGN 106
+#define DSA_F_DSA_SIGN_SETUP 107
+#define DSA_F_DSA_VERIFY 108
+
+/* Reason codes. */
+#define DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 100
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/dsa/dsa_err.c b/crypto/dsa/dsa_err.c
new file mode 100644
index 0000000..ec0699d
--- /dev/null
+++ b/crypto/dsa/dsa_err.c
@@ -0,0 +1,93 @@
+/* lib/dsa/dsa_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "dsa.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA DSA_str_functs[]=
+ {
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT,0), "DSAparams_print"},
+{ERR_PACK(0,DSA_F_DSAPARAMS_PRINT_FP,0), "DSAparams_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_IS_PRIME,0), "DSA_is_prime"},
+{ERR_PACK(0,DSA_F_DSA_NEW,0), "DSA_new"},
+{ERR_PACK(0,DSA_F_DSA_PRINT,0), "DSA_print"},
+{ERR_PACK(0,DSA_F_DSA_PRINT_FP,0), "DSA_print_fp"},
+{ERR_PACK(0,DSA_F_DSA_SIGN,0), "DSA_sign"},
+{ERR_PACK(0,DSA_F_DSA_SIGN_SETUP,0), "DSA_sign_setup"},
+{ERR_PACK(0,DSA_F_DSA_VERIFY,0), "DSA_verify"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA DSA_str_reasons[]=
+ {
+{DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
+{0,NULL},
+ };
+
+void ERR_load_DSA_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_DSA,DSA_str_functs);
+ ERR_load_strings(ERR_LIB_DSA,DSA_str_reasons);
+ }
+ }
diff --git a/crypto/dsa/dsa_gen.c b/crypto/dsa/dsa_gen.c
new file mode 100644
index 0000000..2b80104
--- /dev/null
+++ b/crypto/dsa/dsa_gen.c
@@ -0,0 +1,325 @@
+/* crypto/dsa/dsa_gen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define HASH SHA
+#else
+#define HASH SHA1
+#endif
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "sha.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+
+DSA *DSA_generate_parameters(bits,seed_in,seed_len,counter_ret,h_ret,callback)
+int bits;
+unsigned char *seed_in;
+int seed_len;
+int *counter_ret;
+unsigned long *h_ret;
+void (*callback)();
+ {
+ int ok=0;
+ unsigned char seed[SHA_DIGEST_LENGTH];
+ unsigned char md[SHA_DIGEST_LENGTH];
+ unsigned char buf[SHA_DIGEST_LENGTH],buf2[SHA_DIGEST_LENGTH];
+ BIGNUM *r0,*W,*X,*c,*test;
+ BIGNUM *g=NULL,*q=NULL,*p=NULL;
+ int k,n=0,i,b,m=0;
+ int counter=0;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+ unsigned int h=2;
+ DSA *ret=NULL;
+
+ if (bits < 512) bits=512;
+ bits=(bits+63)/64*64;
+
+ if ((seed_in != NULL) && (seed_len == 20))
+ memcpy(seed,seed_in,seed_len);
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ ctx2=BN_CTX_new();
+ if (ctx2 == NULL) goto err;
+ ret=DSA_new();
+ if (ret == NULL) goto err;
+ r0=ctx2->bn[0];
+ g=ctx2->bn[1];
+ W=ctx2->bn[2];
+ q=ctx2->bn[3];
+ X=ctx2->bn[4];
+ c=ctx2->bn[5];
+ p=ctx2->bn[6];
+ test=ctx2->bn[7];
+
+ BN_lshift(test,BN_value_one(),bits-1);
+
+ for (;;)
+ {
+ for (;;)
+ {
+ /* step 1 */
+ if (callback != NULL) callback(0,m++);
+
+ if (!seed_len)
+ RAND_bytes(seed,SHA_DIGEST_LENGTH);
+ else
+ seed_len=0;
+
+ memcpy(buf,seed,SHA_DIGEST_LENGTH);
+ memcpy(buf2,seed,SHA_DIGEST_LENGTH);
+ for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+ {
+ buf[i]++;
+ if (buf[i] != 0) break;
+ }
+
+ /* step 2 */
+ HASH(seed,SHA_DIGEST_LENGTH,md);
+ HASH(buf,SHA_DIGEST_LENGTH,buf2);
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ md[i]^=buf2[i];
+
+ /* step 3 */
+ md[0]|=0x80;
+ md[SHA_DIGEST_LENGTH-1]|=0x01;
+ if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,q)) abort();
+
+ /* step 4 */
+ if (DSA_is_prime(q,callback) > 0) break;
+ /* do a callback call */
+ /* step 5 */
+ }
+
+ if (callback != NULL) callback(2,0);
+ if (callback != NULL) callback(3,0);
+
+ /* step 6 */
+ counter=0;
+
+ n=(bits-1)/160;
+ b=(bits-1)-n*160;
+
+ for (;;)
+ {
+ /* step 7 */
+ BN_zero(W);
+ for (k=0; k<=n; k++)
+ {
+ for (i=SHA_DIGEST_LENGTH-1; i >= 0; i--)
+ {
+ buf[i]++;
+ if (buf[i] != 0) break;
+ }
+
+ HASH(buf,SHA_DIGEST_LENGTH,md);
+
+ /* step 8 */
+ if (!BN_bin2bn(md,SHA_DIGEST_LENGTH,r0)) abort();
+ BN_lshift(r0,r0,160*k);
+ BN_add(W,W,r0);
+ }
+
+ /* more of step 8 */
+ BN_mask_bits(W,bits-1);
+ BN_copy(X,W); /* this should be ok */
+ BN_add(X,X,test); /* this should be ok */
+
+ /* step 9 */
+ BN_lshift1(r0,q);
+ BN_mod(c,X,r0,ctx);
+ BN_sub(r0,c,BN_value_one());
+ BN_sub(p,X,r0);
+
+ /* step 10 */
+ if (BN_cmp(p,test) >= 0)
+ {
+ /* step 11 */
+ if (DSA_is_prime(p,callback) > 0)
+ goto end;
+ }
+
+ /* step 13 */
+ counter++;
+
+ /* step 14 */
+ if (counter >= 4096) break;
+
+ if (callback != NULL) callback(0,counter);
+ }
+ }
+end:
+ if (callback != NULL) callback(2,1);
+
+ /* We now need to gernerate g */
+ /* Set r0=(p-1)/q */
+ BN_sub(test,p,BN_value_one());
+ BN_div(r0,NULL,test,q,ctx);
+
+ BN_set_word(test,h);
+ for (;;)
+ {
+ /* g=test^r0%p */
+ BN_mod_exp(g,test,r0,p,ctx);
+ if (!BN_is_one(g)) break;
+ BN_add(test,test,BN_value_one());
+ h++;
+ }
+
+ if (callback != NULL) callback(3,1);
+
+ ok=1;
+err:
+ if (!ok)
+ {
+ if (ret != NULL) DSA_free(ret);
+ }
+ else
+ {
+ ret->p=BN_dup(p);
+ ret->q=BN_dup(q);
+ ret->g=BN_dup(g);
+ if ((m > 1) && (seed_in != NULL)) memcpy(seed_in,seed,20);
+ if (counter_ret != NULL) *counter_ret=counter;
+ if (h_ret != NULL) *h_ret=h;
+ }
+ BN_CTX_free(ctx);
+ BN_CTX_free(ctx2);
+ return(ok?ret:NULL);
+ }
+
+int DSA_is_prime(w, callback)
+BIGNUM *w;
+void (*callback)();
+ {
+ int ok= -1,j,i,n;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+ BIGNUM *w_1,*b,*m,*z;
+ int a;
+
+ if (!BN_is_bit_set(w,0)) return(0);
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ ctx2=BN_CTX_new();
+ if (ctx2 == NULL) goto err;
+
+ m= ctx2->bn[2];
+ b= ctx2->bn[3];
+ z= ctx2->bn[4];
+ w_1=ctx2->bn[5];
+
+ /* step 1 */
+ n=50;
+
+ /* step 2 */
+ if (!BN_sub(w_1,w,BN_value_one())) goto err;
+ for (a=1; !BN_is_bit_set(w_1,a); a++)
+ ;
+ if (!BN_rshift(m,w_1,a)) goto err;
+
+ for (i=1; i < n; i++)
+ {
+ /* step 3 */
+ BN_rand(b,BN_num_bits(w)-2/*-1*/,0,0);
+ BN_set_word(b,0x10001L);
+
+ /* step 4 */
+ j=0;
+ if (!BN_mod_exp(z,b,m,w,ctx)) goto err;
+
+ /* step 5 */
+ for (;;)
+ {
+ if (((j == 0) && BN_is_one(z)) || (BN_cmp(z,w_1) == 0))
+ break;
+
+ /* step 6 */
+ if ((j > 0) && BN_is_one(z))
+ {
+ ok=0;
+ goto err;
+ }
+
+ j++;
+ if (j >= a)
+ {
+ ok=0;
+ goto err;
+ }
+
+ if (!BN_mod_mul(z,z,z,w,ctx)) goto err;
+ if (callback != NULL) callback(1,j);
+ }
+ }
+
+ ok=1;
+err:
+ if (ok == -1) DSAerr(DSA_F_DSA_IS_PRIME,ERR_R_BN_LIB);
+ BN_CTX_free(ctx);
+ BN_CTX_free(ctx2);
+
+ return(ok);
+ }
+
diff --git a/crypto/dsa/dsa_key.c b/crypto/dsa/dsa_key.c
new file mode 100644
index 0000000..2c70248
--- /dev/null
+++ b/crypto/dsa/dsa_key.c
@@ -0,0 +1,112 @@
+/* crypto/dsa/dsa_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "sha.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+
+int DSA_generate_key(dsa)
+DSA *dsa;
+ {
+ int ok=0;
+ unsigned int i;
+ BN_CTX *ctx=NULL;
+ BIGNUM *pub_key=NULL,*priv_key=NULL;
+
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+
+ if (dsa->priv_key == NULL)
+ {
+ if ((priv_key=BN_new()) == NULL) goto err;
+ }
+ else
+ priv_key=dsa->priv_key;
+
+ i=BN_num_bits(dsa->q);
+ for (;;)
+ {
+ BN_rand(priv_key,i,1,0);
+ if (BN_cmp(priv_key,dsa->q) >= 0)
+ BN_sub(priv_key,priv_key,dsa->q);
+ if (!BN_is_zero(priv_key)) break;
+ }
+
+ if (dsa->pub_key == NULL)
+ {
+ if ((pub_key=BN_new()) == NULL) goto err;
+ }
+ else
+ pub_key=dsa->pub_key;
+
+ if (!BN_mod_exp(pub_key,dsa->g,priv_key,dsa->p,ctx)) goto err;
+
+ dsa->priv_key=priv_key;
+ dsa->pub_key=pub_key;
+ ok=1;
+
+err:
+ if ((pub_key != NULL) && (dsa->pub_key == NULL)) BN_free(pub_key);
+ if ((priv_key != NULL) && (dsa->priv_key == NULL)) BN_free(priv_key);
+ if (ctx != NULL) BN_CTX_free(ctx);
+ return(ok);
+ }
+
diff --git a/crypto/dsa/dsa_lib.c b/crypto/dsa/dsa_lib.c
new file mode 100644
index 0000000..e666db0
--- /dev/null
+++ b/crypto/dsa/dsa_lib.c
@@ -0,0 +1,142 @@
+/* crypto/dsa/dsa_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "asn1.h"
+
+char *DSA_version="\0DSA part of SSLeay 0.8.1b 29-Jun-1998";
+
+DSA *DSA_new()
+ {
+ DSA *ret;
+
+ ret=(DSA *)Malloc(sizeof(DSA));
+ if (ret == NULL)
+ {
+ DSAerr(DSA_F_DSA_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->pad=0;
+ ret->version=0;
+ ret->write_params=1;
+ ret->p=NULL;
+ ret->q=NULL;
+ ret->g=NULL;
+
+ ret->pub_key=NULL;
+ ret->priv_key=NULL;
+
+ ret->kinv=NULL;
+ ret->r=NULL;
+
+ ret->references=1;
+ return(ret);
+ }
+
+void DSA_free(r)
+DSA *r;
+ {
+ int i;
+
+ if (r == NULL) return;
+
+ i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_DSA);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"DSA_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (r->p != NULL) BN_clear_free(r->p);
+ if (r->q != NULL) BN_clear_free(r->q);
+ if (r->g != NULL) BN_clear_free(r->g);
+ if (r->pub_key != NULL) BN_clear_free(r->pub_key);
+ if (r->priv_key != NULL) BN_clear_free(r->priv_key);
+ if (r->kinv != NULL) BN_clear_free(r->kinv);
+ if (r->r != NULL) BN_clear_free(r->r);
+ Free(r);
+ }
+
+int DSA_size(r)
+DSA *r;
+ {
+ int ret,i;
+ ASN1_INTEGER bs;
+ unsigned char buf[4];
+
+ i=BN_num_bits(r->q);
+ bs.length=(i+7)/8;
+ bs.data=buf;
+ bs.type=V_ASN1_INTEGER;
+ /* If the top bit is set the asn1 encoding is 1 larger. */
+ buf[0]=0xff;
+
+ i=i2d_ASN1_INTEGER(&bs,NULL);
+ i+=i; /* r and s */
+ ret=ASN1_object_size(1,i,V_ASN1_SEQUENCE);
+ return(ret);
+ }
+
diff --git a/crypto/dsa/dsa_sign.c b/crypto/dsa/dsa_sign.c
new file mode 100644
index 0000000..ebb758f
--- /dev/null
+++ b/crypto/dsa/dsa_sign.c
@@ -0,0 +1,215 @@
+/* crypto/dsa/dsa_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+#include "asn1.h"
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* DSAerr(DSA_F_DSA_SIGN,DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); */
+
+int DSA_sign(type,dgst,dlen,sig,siglen,dsa)
+int type;
+unsigned char *dgst;
+int dlen;
+unsigned char *sig; /* out */
+unsigned int *siglen; /* out */
+DSA *dsa;
+ {
+ BIGNUM *kinv=NULL,*r=NULL;
+ BIGNUM *m=NULL;
+ BIGNUM *xr=NULL,*s=NULL;
+ BN_CTX *ctx=NULL;
+ unsigned char *p;
+ int i,len=0,ret=0,reason=ERR_R_BN_LIB;
+ ASN1_INTEGER rbs,sbs;
+ MS_STATIC unsigned char rbuf[50]; /* assuming r is 20 bytes +extra */
+ MS_STATIC unsigned char sbuf[50]; /* assuming s is 20 bytes +extra */
+
+ i=BN_num_bytes(dsa->q); /* should be 20 */
+ if ((dlen > i) || (dlen > 50))
+ {
+ reason=DSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE;
+ goto err;
+ }
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ if ((dsa->kinv == NULL) || (dsa->r == NULL))
+ {
+ if (!DSA_sign_setup(dsa,ctx,&kinv,&r)) goto err;
+ }
+ else
+ {
+ kinv=dsa->kinv;
+ dsa->kinv=NULL;
+ r=dsa->r;
+ dsa->r=NULL;
+ }
+
+ m=BN_new();
+ xr=BN_new();
+ s=BN_new();
+ if (m == NULL || xr == NULL || s == NULL) goto err;
+
+ if (BN_bin2bn(dgst,dlen,m) == NULL) goto err;
+
+ /* Compute s = inv(k) (m + xr) mod q */
+ if (!BN_mul(xr, dsa->priv_key, r)) goto err; /* s = xr */
+ if (!BN_add(s, xr, m)) goto err; /* s = m + xr */
+ if (!BN_mod_mul(s,s,kinv,dsa->q,ctx)) goto err;
+
+ /*
+ * Now create a ASN.1 sequence of the integers R and S.
+ */
+ rbs.data=rbuf;
+ sbs.data=sbuf;
+ rbs.type = V_ASN1_INTEGER;
+ sbs.type = V_ASN1_INTEGER;
+ rbs.length=BN_bn2bin(r,rbs.data);
+ sbs.length=BN_bn2bin(s,sbs.data);
+
+ len =i2d_ASN1_INTEGER(&rbs,NULL);
+ len+=i2d_ASN1_INTEGER(&sbs,NULL);
+
+ p=sig;
+ ASN1_put_object(&p,1,len,V_ASN1_SEQUENCE,V_ASN1_UNIVERSAL);
+ i2d_ASN1_INTEGER(&rbs,&p);
+ i2d_ASN1_INTEGER(&sbs,&p);
+ *siglen=(p-sig);
+ ret=1;
+err:
+ if (!ret) DSAerr(DSA_F_DSA_SIGN,reason);
+
+#if 1 /* do the right thing :-) */
+ if (kinv != NULL) BN_clear_free(kinv);
+ if (r != NULL) BN_clear_free(r);
+#endif
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (m != NULL) BN_clear_free(m);
+ if (xr != NULL) BN_clear_free(xr);
+ if (s != NULL) BN_clear_free(s);
+ return(ret);
+ }
+
+int DSA_sign_setup(dsa,ctx_in,kinvp,rp)
+DSA *dsa;
+BN_CTX *ctx_in;
+BIGNUM **kinvp;
+BIGNUM **rp;
+ {
+ BN_CTX *ctx;
+ BIGNUM *k=NULL,*kinv=NULL,*r=NULL;
+ int ret=0;
+
+ if (ctx_in == NULL)
+ {
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+ }
+ else
+ ctx=ctx_in;
+
+ r=BN_new();
+ k=BN_new();
+ if ((r == NULL) || (k == NULL))
+ goto err;
+ kinv=NULL;
+
+ if (r == NULL) goto err;
+
+ /* Get random k */
+ for (;;)
+ {
+ if (!BN_rand(k, BN_num_bits(dsa->q), 1, 0)) goto err;
+ if (BN_cmp(k,dsa->q) >= 0)
+ BN_sub(k,k,dsa->q);
+ if (!BN_is_zero(k)) break;
+ }
+
+ /* Compute r = (g^k mod p) mod q */
+ if (!BN_mod_exp(r,dsa->g,k,dsa->p,ctx)) goto err;
+ if (!BN_mod(r,r,dsa->q,ctx)) goto err;
+
+ /* Compute part of 's = inv(k) (m + xr) mod q' */
+ if ((kinv=BN_mod_inverse(k,dsa->q,ctx)) == NULL) goto err;
+
+ if (*kinvp != NULL) BN_clear_free(*kinvp);
+ *kinvp=kinv;
+ kinv=NULL;
+ if (*rp != NULL) BN_clear_free(*rp);
+ *rp=r;
+ ret=1;
+err:
+ if (!ret)
+ {
+ DSAerr(DSA_F_DSA_SIGN_SETUP,ERR_R_BN_LIB);
+ if (kinv != NULL) BN_clear_free(kinv);
+ if (r != NULL) BN_clear_free(r);
+ }
+ if (ctx_in == NULL) BN_CTX_free(ctx);
+ if (k != NULL) BN_clear_free(k);
+ if (kinv != NULL) BN_clear_free(kinv);
+ return(ret);
+ }
+
diff --git a/crypto/dsa/dsa_vrf.c b/crypto/dsa/dsa_vrf.c
new file mode 100644
index 0000000..a217f86
--- /dev/null
+++ b/crypto/dsa/dsa_vrf.c
@@ -0,0 +1,152 @@
+/* crypto/dsa/dsa_vrf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Origional version from Steven Schoch <schoch@sheba.arc.nasa.gov> */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "dsa.h"
+#include "rand.h"
+#include "asn1.h"
+#include "asn1_mac.h"
+
+/* data has already been hashed (probably with SHA or SHA-1). */
+/* returns
+ * 1: correct signature
+ * 0: incorrect signature
+ * -1: error
+ */
+int DSA_verify(type,dgst,dgst_len,sigbuf,siglen, dsa)
+int type;
+unsigned char *dgst;
+int dgst_len;
+unsigned char *sigbuf;
+int siglen;
+DSA *dsa;
+ {
+ /* The next 3 are used by the M_ASN1 macros */
+ long length=siglen;
+ ASN1_CTX c;
+ unsigned char **pp= &sigbuf;
+ BN_CTX *ctx;
+ BIGNUM *r=NULL;
+ BIGNUM *t1=NULL,*t2=NULL;
+ BIGNUM *u1=NULL,*u2=NULL;
+ ASN1_INTEGER *bs=NULL;
+ int ret = -1;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ t1=BN_new();
+ t2=BN_new();
+ if (t1 == NULL || t2 == NULL) goto err;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((r=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
+ M_ASN1_D2I_get(bs,d2i_ASN1_INTEGER);
+ if ((u1=BN_bin2bn(bs->data,bs->length,NULL)) == NULL) goto err_bn;
+ if (!asn1_Finish(&c)) goto err;
+
+ /* Calculate W = inv(S) mod Q
+ * save W in u2 */
+ if ((u2=BN_mod_inverse(u1,dsa->q,ctx)) == NULL) goto err_bn;
+
+ /* save M in u1 */
+ if (BN_bin2bn(dgst,dgst_len,u1) == NULL) goto err_bn;
+
+ /* u1 = M * w mod q */
+ if (!BN_mod_mul(u1,u1,u2,dsa->q,ctx)) goto err_bn;
+
+ /* u2 = r * w mod q */
+ if (!BN_mod_mul(u2,r,u2,dsa->q,ctx)) goto err_bn;
+
+ /* v = ( g^u1 * y^u2 mod p ) mod q */
+ /* let t1 = g ^ u1 mod p */
+ if (!BN_mod_exp(t1,dsa->g,u1,dsa->p,ctx)) goto err_bn;
+ /* let t2 = y ^ u2 mod p */
+ if (!BN_mod_exp(t2,dsa->pub_key,u2,dsa->p,ctx)) goto err_bn;
+ /* let u1 = t1 * t2 mod p */
+ if (!BN_mod_mul(u1,t1,t2,dsa->p,ctx)) goto err_bn;
+ /* let u1 = u1 mod q */
+ if (!BN_mod(u1,u1,dsa->q,ctx)) goto err_bn;
+ /* V is now in u1. If the signature is correct, it will be
+ * equal to R. */
+ ret=(BN_ucmp(u1, r) == 0);
+ if (0)
+ {
+err: /* ASN1 error */
+ DSAerr(DSA_F_DSA_VERIFY,c.error);
+ }
+ if (0)
+ {
+err_bn: /* BN error */
+ DSAerr(DSA_F_DSA_VERIFY,ERR_R_BN_LIB);
+ }
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (r != NULL) BN_free(r);
+ if (t1 != NULL) BN_free(t1);
+ if (t2 != NULL) BN_free(t2);
+ if (u1 != NULL) BN_free(u1);
+ if (u2 != NULL) BN_free(u2);
+ if (bs != NULL) ASN1_BIT_STRING_free(bs);
+ return(ret);
+ }
diff --git a/crypto/dsa/dsagen.c b/crypto/dsa/dsagen.c
new file mode 100644
index 0000000..3422d87
--- /dev/null
+++ b/crypto/dsa/dsagen.c
@@ -0,0 +1,105 @@
+/* crypto/dsa/dsagen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "dsa.h"
+
+#define TEST
+#define GENUINE_DSA
+
+#ifdef GENUINE_DSA
+#define LAST_VALUE 0xbd
+#else
+#define LAST_VALUE 0xd3
+#endif
+
+#ifdef TEST
+unsigned char seed[20]={
+ 0xd5,0x01,0x4e,0x4b,
+ 0x60,0xef,0x2b,0xa8,
+ 0xb6,0x21,0x1b,0x40,
+ 0x62,0xba,0x32,0x24,
+ 0xe0,0x42,0x7d,LAST_VALUE};
+#endif
+
+int cb(p,n)
+int p,n;
+ {
+ char c='*';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ printf("%c",c);
+ fflush(stdout);
+ }
+
+main()
+ {
+ int i;
+ BIGNUM *n;
+ BN_CTX *ctx;
+ unsigned char seed_buf[20];
+ DSA *dsa;
+ int counter,h;
+
+ memcpy(seed_buf,seed,20);
+ dsa=DSA_generate_key(1024,seed,20,&counter,&h,cb);
+ }
+
diff --git a/crypto/dsa/dsatest.c b/crypto/dsa/dsatest.c
new file mode 100644
index 0000000..894d2db
--- /dev/null
+++ b/crypto/dsa/dsatest.c
@@ -0,0 +1,216 @@
+/* crypto/dsa/dsatest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "crypto.h"
+#include "rand.h"
+#include "bio.h"
+#include "err.h"
+#include "dsa.h"
+
+#ifdef WIN16
+#include "../bio/bss_file.c"
+#endif
+
+#ifdef WIN16
+#define MS_CALLBACK _far _loadds
+#else
+#define MS_CALLBACK
+#endif
+
+#ifndef NOPROTO
+static void MS_CALLBACK dsa_cb(int p, int n);
+#else
+static void MS_CALLBACK dsa_cb();
+#endif
+
+static unsigned char seed[20]={
+ 0xd5,0x01,0x4e,0x4b,0x60,0xef,0x2b,0xa8,0xb6,0x21,0x1b,0x40,
+ 0x62,0xba,0x32,0x24,0xe0,0x42,0x7d,0xd3,
+ };
+
+static unsigned char out_p[]={
+ 0x8d,0xf2,0xa4,0x94,0x49,0x22,0x76,0xaa,
+ 0x3d,0x25,0x75,0x9b,0xb0,0x68,0x69,0xcb,
+ 0xea,0xc0,0xd8,0x3a,0xfb,0x8d,0x0c,0xf7,
+ 0xcb,0xb8,0x32,0x4f,0x0d,0x78,0x82,0xe5,
+ 0xd0,0x76,0x2f,0xc5,0xb7,0x21,0x0e,0xaf,
+ 0xc2,0xe9,0xad,0xac,0x32,0xab,0x7a,0xac,
+ 0x49,0x69,0x3d,0xfb,0xf8,0x37,0x24,0xc2,
+ 0xec,0x07,0x36,0xee,0x31,0xc8,0x02,0x91,
+ };
+
+static unsigned char out_q[]={
+ 0xc7,0x73,0x21,0x8c,0x73,0x7e,0xc8,0xee,
+ 0x99,0x3b,0x4f,0x2d,0xed,0x30,0xf4,0x8e,
+ 0xda,0xce,0x91,0x5f,
+ };
+
+static unsigned char out_g[]={
+ 0x62,0x6d,0x02,0x78,0x39,0xea,0x0a,0x13,
+ 0x41,0x31,0x63,0xa5,0x5b,0x4c,0xb5,0x00,
+ 0x29,0x9d,0x55,0x22,0x95,0x6c,0xef,0xcb,
+ 0x3b,0xff,0x10,0xf3,0x99,0xce,0x2c,0x2e,
+ 0x71,0xcb,0x9d,0xe5,0xfa,0x24,0xba,0xbf,
+ 0x58,0xe5,0xb7,0x95,0x21,0x92,0x5c,0x9c,
+ 0xc4,0x2e,0x9f,0x6f,0x46,0x4b,0x08,0x8c,
+ 0xc5,0x72,0xaf,0x53,0xe6,0xd7,0x88,0x02,
+ };
+
+static BIO *bio_err=NULL;
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ DSA *dsa=NULL;
+ int counter,ret=0,i,j;
+ unsigned char buf[256];
+ unsigned long h;
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+
+ BIO_printf(bio_err,"test generation of DSA parameters\n");
+ BIO_printf(bio_err,"expect '.*' followed by 5 lines of '.'s and '+'s\n");
+ dsa=DSA_generate_parameters(512,seed,20,&counter,&h,dsa_cb);
+
+ BIO_printf(bio_err,"seed\n");
+ for (i=0; i<20; i+=4)
+ {
+ BIO_printf(bio_err,"%02X%02X%02X%02X ",
+ seed[i],seed[i+1],seed[i+2],seed[i+3]);
+ }
+ BIO_printf(bio_err,"\ncounter=%d h=%d\n",counter,h);
+
+ if (dsa == NULL) goto end;
+ DSA_print(bio_err,dsa,0);
+ if (counter != 105)
+ {
+ BIO_printf(bio_err,"counter should be 105\n");
+ goto end;
+ }
+ if (h != 2)
+ {
+ BIO_printf(bio_err,"h should be 2\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->q,buf);
+ j=sizeof(out_q);
+ if ((i != j) || (memcmp(buf,out_q,i) != 0))
+ {
+ BIO_printf(bio_err,"q value is wrong\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->p,buf);
+ j=sizeof(out_p);
+ if ((i != j) || (memcmp(buf,out_p,i) != 0))
+ {
+ BIO_printf(bio_err,"p value is wrong\n");
+ goto end;
+ }
+
+ i=BN_bn2bin(dsa->g,buf);
+ j=sizeof(out_g);
+ if ((i != j) || (memcmp(buf,out_g,i) != 0))
+ {
+ BIO_printf(bio_err,"g value is wrong\n");
+ goto end;
+ }
+
+ ret=1;
+end:
+ if (!ret)
+ ERR_print_errors(bio_err);
+ if (bio_err != NULL) BIO_free(bio_err);
+ if (dsa != NULL) DSA_free(dsa);
+ exit(!ret);
+ return(0);
+ }
+
+static void MS_CALLBACK dsa_cb(p, n)
+int p;
+int n;
+ {
+ char c='*';
+ static int ok=0,num=0;
+
+ if (p == 0) { c='.'; num++; };
+ if (p == 1) c='+';
+ if (p == 2) { c='*'; ok++; }
+ if (p == 3) c='\n';
+ BIO_write(bio_err,&c,1);
+ BIO_flush(bio_err);
+
+ if (!ok && (p == 0) && (num > 1))
+ {
+ BIO_printf(bio_err,"error in dsatest\n");
+ exit(1);
+ }
+ }
+
+
diff --git a/crypto/dsa/fips186a.txt b/crypto/dsa/fips186a.txt
new file mode 100644
index 0000000..3a2e0a0
--- /dev/null
+++ b/crypto/dsa/fips186a.txt
@@ -0,0 +1,122 @@
+The origional FIPE 180 used SHA-0 (FIPS 180) for its appendix 5
+examples. This is an updated version that uses SHA-1 (FIPS 180-1)
+supplied to me by Wei Dai
+--
+ APPENDIX 5. EXAMPLE OF THE DSA
+
+
+This appendix is for informational purposes only and is not required to meet
+the standard.
+
+Let L = 512 (size of p). The values in this example are expressed in
+hexadecimal notation. The p and q given here were generated by the prime
+generation standard described in appendix 2 using the 160-bit SEED:
+
+ d5014e4b 60ef2ba8 b6211b40 62ba3224 e0427dd3
+
+With this SEED, the algorithm found p and q when the counter was at 105.
+
+x was generated by the algorithm described in appendix 3, section 3.1, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit XSEED:
+
+XSEED =
+
+ bd029bbe 7f51960b cf9edb2b 61f06f0f eb5a38b6
+
+t =
+ 67452301 EFCDAB89 98BADCFE 10325476 C3D2E1F0
+
+x = G(t,XSEED) mod q
+
+k was generated by the algorithm described in appendix 3, section 3.2, using
+the SHA to construct G (as in appendix 3, section 3.3) and a 160-bit KSEED:
+
+KSEED =
+
+ 687a66d9 0648f993 867e121f 4ddf9ddb 01205584
+
+t =
+ EFCDAB89 98BADCFE 10325476 C3D2E1F0 67452301
+
+k = G(t,KSEED) mod q
+
+Finally:
+
+h = 2
+
+p =
+ 8df2a494 492276aa 3d25759b b06869cb eac0d83a fb8d0cf7
+ cbb8324f 0d7882e5 d0762fc5 b7210eaf c2e9adac 32ab7aac
+ 49693dfb f83724c2 ec0736ee 31c80291
+
+
+q =
+ c773218c 737ec8ee 993b4f2d ed30f48e dace915f
+
+
+g =
+ 626d0278 39ea0a13 413163a5 5b4cb500 299d5522 956cefcb
+ 3bff10f3 99ce2c2e 71cb9de5 fa24babf 58e5b795 21925c9c
+ c42e9f6f 464b088c c572af53 e6d78802
+
+
+x =
+ 2070b322 3dba372f de1c0ffc 7b2e3b49 8b260614
+
+
+k =
+ 358dad57 1462710f 50e254cf 1a376b2b deaadfbf
+
+
+kinv =
+
+ 0d516729 8202e49b 4116ac10 4fc3f415 ae52f917
+
+M = ASCII form of "abc" (See FIPS PUB 180-1, Appendix A)
+
+SHA(M) =
+
+ a9993e36 4706816a ba3e2571 7850c26c 9cd0d89d
+
+
+y =
+
+ 19131871 d75b1612 a819f29d 78d1b0d7 346f7aa7 7bb62a85
+ 9bfd6c56 75da9d21 2d3a36ef 1672ef66 0b8c7c25 5cc0ec74
+ 858fba33 f44c0669 9630a76b 030ee333
+
+
+r =
+ 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
+
+s =
+ 41e2345f 1f56df24 58f426d1 55b4ba2d b6dcd8c8
+
+
+w =
+ 9df4ece5 826be95f ed406d41 b43edc0b 1c18841b
+
+
+u1 =
+ bf655bd0 46f0b35e c791b004 804afcbb 8ef7d69d
+
+
+u2 =
+ 821a9263 12e97ade abcc8d08 2b527897 8a2df4b0
+
+
+gu1 mod p =
+
+ 51b1bf86 7888e5f3 af6fb476 9dd016bc fe667a65 aafc2753
+ 9063bd3d 2b138b4c e02cc0c0 2ec62bb6 7306c63e 4db95bbf
+ 6f96662a 1987a21b e4ec1071 010b6069
+
+
+yu2 mod p =
+
+ 8b510071 2957e950 50d6b8fd 376a668e 4b0d633c 1e46e665
+ 5c611a72 e2b28483 be52c74d 4b30de61 a668966e dc307a67
+ c19441f4 22bf3c34 08aeba1f 0a4dbec7
+
+v =
+ 8bac1ab6 6410435c b7181f95 b16ab97c 92b341c0
diff --git a/crypto/err/Makefile.ssl b/crypto/err/Makefile.ssl
new file mode 100644
index 0000000..9e1e451
--- /dev/null
+++ b/crypto/err/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/err/Makefile
+#
+
+DIR= error
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=err.c err_all.c err_prn.c
+LIBOBJ=err.o err_all.o err_prn.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= err.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/err/err.c b/crypto/err/err.c
new file mode 100644
index 0000000..6eec77a
--- /dev/null
+++ b/crypto/err/err.c
@@ -0,0 +1,550 @@
+/* crypto/err/err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "crypto.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "err.h"
+#include "crypto.h"
+
+
+static LHASH *error_hash=NULL;
+static LHASH *thread_hash=NULL;
+
+#ifndef NOPROTO
+static unsigned long err_hash(ERR_STRING_DATA *a);
+static int err_cmp(ERR_STRING_DATA *a, ERR_STRING_DATA *b);
+static unsigned long pid_hash(ERR_STATE *pid);
+static int pid_cmp(ERR_STATE *a,ERR_STATE *pid);
+#else
+static unsigned long err_hash();
+static int err_cmp();
+static unsigned long pid_hash();
+static int pid_cmp();
+#endif
+
+#ifndef NO_ERR
+static ERR_STRING_DATA ERR_str_libraries[]=
+ {
+{ERR_PACK(ERR_LIB_NONE,0,0) ,"unknown library"},
+{ERR_PACK(ERR_LIB_SYS,0,0) ,"system library"},
+{ERR_PACK(ERR_LIB_BN,0,0) ,"bignum routines"},
+{ERR_PACK(ERR_LIB_RSA,0,0) ,"rsa routines"},
+{ERR_PACK(ERR_LIB_DH,0,0) ,"Diffie-Hellman routines"},
+{ERR_PACK(ERR_LIB_EVP,0,0) ,"digital envelope routines"},
+{ERR_PACK(ERR_LIB_BUF,0,0) ,"memory buffer routines"},
+{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
+{ERR_PACK(ERR_LIB_OBJ,0,0) ,"object identifier routines"},
+{ERR_PACK(ERR_LIB_PEM,0,0) ,"PEM routines"},
+{ERR_PACK(ERR_LIB_ASN1,0,0) ,"asn1 encoding routines"},
+{ERR_PACK(ERR_LIB_X509,0,0) ,"x509 certificate routines"},
+{ERR_PACK(ERR_LIB_CONF,0,0) ,"configuation file routines"},
+{ERR_PACK(ERR_LIB_METH,0,0) ,"X509 lookup 'method' routines"},
+{ERR_PACK(ERR_LIB_SSL,0,0) ,"SSL routines"},
+{ERR_PACK(ERR_LIB_RSAREF,0,0) ,"RSAref routines"},
+{ERR_PACK(ERR_LIB_PROXY,0,0) ,"Proxy routines"},
+{ERR_PACK(ERR_LIB_BIO,0,0) ,"BIO routines"},
+{ERR_PACK(ERR_LIB_PKCS7,0,0) ,"PKCS7 routines"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA ERR_str_functs[]=
+ {
+ {ERR_PACK(0,SYS_F_FOPEN,0), "fopen"},
+ {ERR_PACK(0,SYS_F_CONNECT,0), "connect"},
+ {ERR_PACK(0,SYS_F_GETSERVBYNAME,0), "getservbyname"},
+ {ERR_PACK(0,SYS_F_SOCKET,0), "socket"},
+ {ERR_PACK(0,SYS_F_IOCTLSOCKET,0), "ioctlsocket"},
+ {ERR_PACK(0,SYS_F_BIND,0), "bind"},
+ {ERR_PACK(0,SYS_F_LISTEN,0), "listen"},
+ {ERR_PACK(0,SYS_F_ACCEPT,0), "accept"},
+#ifdef WINDOWS
+ {ERR_PACK(0,SYS_F_WSASTARTUP,0), "WSAstartup"},
+#endif
+ {0,NULL},
+ };
+
+static ERR_STRING_DATA ERR_str_reasons[]=
+ {
+{ERR_R_FATAL ,"fatal"},
+{ERR_R_SYS_LIB ,"system lib"},
+{ERR_R_BN_LIB ,"BN lib"},
+{ERR_R_RSA_LIB ,"RSA lib"},
+{ERR_R_DH_LIB ,"DH lib"},
+{ERR_R_EVP_LIB ,"EVP lib"},
+{ERR_R_BUF_LIB ,"BUF lib"},
+{ERR_R_BIO_LIB ,"BIO lib"},
+{ERR_R_OBJ_LIB ,"OBJ lib"},
+{ERR_R_PEM_LIB ,"PEM lib"},
+{ERR_R_X509_LIB ,"X509 lib"},
+{ERR_R_METH_LIB ,"METH lib"},
+{ERR_R_ASN1_LIB ,"ASN1 lib"},
+{ERR_R_CONF_LIB ,"CONF lib"},
+{ERR_R_SSL_LIB ,"SSL lib"},
+{ERR_R_PROXY_LIB ,"PROXY lib"},
+{ERR_R_BIO_LIB ,"BIO lib"},
+{ERR_R_PKCS7_LIB ,"PKCS7 lib"},
+{ERR_R_MALLOC_FAILURE ,"Malloc failure"},
+{ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED ,"called a fuction you should not call"},
+{0,NULL},
+ };
+#endif
+
+void ERR_load_ERR_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (init == 0)
+ {
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ return;
+ }
+ init=0;
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+
+#ifndef NO_ERR
+ ERR_load_strings(0,ERR_str_libraries);
+ ERR_load_strings(0,ERR_str_reasons);
+ ERR_load_strings(ERR_LIB_SYS,ERR_str_functs);
+#endif
+ }
+ }
+
+void ERR_load_strings(lib,str)
+int lib;
+ERR_STRING_DATA *str;
+ {
+ if (error_hash == NULL)
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
+ error_hash=lh_new(err_hash,err_cmp);
+ if (error_hash == NULL)
+ {
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+ return;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ ERR_load_ERR_strings();
+ }
+
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR_HASH);
+ while (str->error)
+ {
+ str->error|=ERR_PACK(lib,0,0);
+ lh_insert(error_hash,(char *)str);
+ str++;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR_HASH);
+ }
+
+void ERR_free_strings()
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+
+ if (error_hash != NULL)
+ {
+ lh_free(error_hash);
+ error_hash=NULL;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ }
+
+void ERR_put_error(lib,func,reason,file,line)
+int lib,func,reason;
+char *file;
+int line;
+ {
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+ es->top=(es->top+1)%ERR_NUM_ERRORS;
+ if (es->top == es->bottom)
+ es->bottom=(es->bottom+1)%ERR_NUM_ERRORS;
+ es->err_buffer[es->top]=ERR_PACK(lib,func,reason);
+ es->err_file[es->top]=file;
+ es->err_line[es->top]=line;
+ }
+
+void ERR_clear_error()
+ {
+ int i;
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+ for (i=0; i<ERR_NUM_ERRORS; i++)
+ {
+ es->err_buffer[i]=0;
+ es->err_file[i]=NULL;
+ es->err_line[i]= -1;
+ }
+ es->top=es->bottom=0;
+ }
+
+unsigned long ERR_peek_error()
+ {
+ int i;
+ ERR_STATE *es;
+
+ /* should be fine since only one thread should ever be playing
+ * with the value returned from this call */
+ es=ERR_get_state();
+
+ if (es->bottom == es->top) return(0);
+ i=(es->bottom+1)%ERR_NUM_ERRORS;
+
+
+ return(es->err_buffer[i]);
+ }
+
+unsigned long ERR_get_error()
+ {
+ int i;
+ unsigned long ret;
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+ if (es->bottom == es->top) return(0);
+ i=(es->bottom+1)%ERR_NUM_ERRORS;
+ es->bottom=i;
+ ret=es->err_buffer[i];
+ es->err_buffer[i]=0;
+
+
+ return(ret);
+ }
+
+unsigned long ERR_peek_error_line(file,line)
+char **file;
+int *line;
+ {
+ int i=0;
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+ if (es->bottom == es->top)
+ {
+ return(0);
+ }
+
+ i=(es->bottom+1)%ERR_NUM_ERRORS;
+ if (es->err_file[i] == NULL)
+ {
+ *file="NA";
+ *line=0;
+ }
+ else
+ {
+ *file=es->err_file[i];
+ *line=es->err_line[i];
+ }
+
+ return(es->err_buffer[i]);
+ }
+
+unsigned long ERR_get_error_line(file,line)
+char **file;
+int *line;
+ {
+ int i;
+ unsigned long ret;
+ ERR_STATE *es;
+
+ es=ERR_get_state();
+
+ if (es->bottom == es->top)
+ return(0);
+
+ i=(es->bottom+1)%ERR_NUM_ERRORS;
+ es->bottom=i;
+ ret= es->err_buffer[i];
+ if (es->err_file[i] == NULL)
+ {
+ *file="NA";
+ *line=0;
+ }
+ else
+ {
+ *file=es->err_file[i];
+ *line=es->err_line[i];
+ }
+ es->err_buffer[i]=0;
+ es->err_file[i]=NULL;
+ es->err_line[i]= -1;
+
+ return(ret);
+ }
+
+/* BAD for multi-threaded, uses a local buffer if ret == NULL */
+char *ERR_error_string(e,ret)
+unsigned long e;
+char *ret;
+ {
+ static char buf[256];
+ char *ls,*fs,*rs;
+ unsigned long l,f,r;
+ int i;
+
+ l=ERR_GET_LIB(e);
+ f=ERR_GET_FUNC(e);
+ r=ERR_GET_REASON(e);
+
+ ls=ERR_lib_error_string(e);
+ fs=ERR_func_error_string(e);
+ rs=ERR_reason_error_string(e);
+
+ if (ret == NULL) ret=buf;
+
+ sprintf(&(ret[0]),"error:%08lX:",e);
+ i=strlen(ret);
+ if (ls == NULL)
+ sprintf(&(ret[i]),":lib(%lu) ",l);
+ else sprintf(&(ret[i]),"%s",ls);
+ i=strlen(ret);
+ if (fs == NULL)
+ sprintf(&(ret[i]),":func(%lu) ",f);
+ else sprintf(&(ret[i]),":%s",fs);
+ i=strlen(ret);
+ if (rs == NULL)
+ sprintf(&(ret[i]),":reason(%lu)",r);
+ else sprintf(&(ret[i]),":%s",rs);
+
+ return(ret);
+ }
+
+LHASH *ERR_get_string_table()
+ {
+ return(error_hash);
+ }
+
+LHASH *ERR_get_err_state_table()
+ {
+ return(thread_hash);
+ }
+
+char *ERR_lib_error_string(e)
+unsigned long e;
+ {
+ ERR_STRING_DATA d,*p=NULL;
+ unsigned long l;
+
+ l=ERR_GET_LIB(e);
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+ if (error_hash != NULL)
+ {
+ d.error=ERR_PACK(l,0,0);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ return((p == NULL)?NULL:p->string);
+ }
+
+char *ERR_func_error_string(e)
+unsigned long e;
+ {
+ ERR_STRING_DATA d,*p=NULL;
+ unsigned long l,f;
+
+ l=ERR_GET_LIB(e);
+ f=ERR_GET_FUNC(e);
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+ if (error_hash != NULL)
+ {
+ d.error=ERR_PACK(l,f,0);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ return((p == NULL)?NULL:p->string);
+ }
+
+char *ERR_reason_error_string(e)
+unsigned long e;
+ {
+ ERR_STRING_DATA d,*p=NULL;
+ unsigned long l,r;
+
+ l=ERR_GET_LIB(e);
+ r=ERR_GET_REASON(e);
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR_HASH);
+
+ if (error_hash != NULL)
+ {
+ d.error=ERR_PACK(l,0,r);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,(char *)&d);
+ if (p == NULL)
+ {
+ d.error=ERR_PACK(0,0,r);
+ p=(ERR_STRING_DATA *)lh_retrieve(error_hash,
+ (char *)&d);
+ }
+ }
+
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR_HASH);
+
+ return((p == NULL)?NULL:p->string);
+ }
+
+static unsigned long err_hash(a)
+ERR_STRING_DATA *a;
+ {
+ unsigned long ret,l;
+
+ l=a->error;
+ ret=l^ERR_GET_LIB(l)^ERR_GET_FUNC(l);
+ return(ret^ret%19*13);
+ }
+
+static int err_cmp(a,b)
+ERR_STRING_DATA *a,*b;
+ {
+ return((int)(a->error-b->error));
+ }
+
+static unsigned long pid_hash(a)
+ERR_STATE *a;
+ {
+ return(a->pid*13);
+ }
+
+static int pid_cmp(a,b)
+ERR_STATE *a,*b;
+ {
+ return((int)((long)a->pid - (long)b->pid));
+ }
+
+void ERR_remove_state(pid)
+unsigned long pid;
+ {
+ ERR_STATE *p,tmp;
+
+ if (thread_hash == NULL)
+ return;
+ if (pid == 0)
+ pid=(unsigned long)CRYPTO_thread_id();
+ tmp.pid=pid;
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ p=(ERR_STATE *)lh_delete(thread_hash,(char *)&tmp);
+ if (p != NULL) Free(p);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ }
+
+ERR_STATE *ERR_get_state()
+ {
+ static ERR_STATE fallback;
+ ERR_STATE *ret=NULL,tmp,*tmpp;
+ unsigned long pid;
+
+ pid=(unsigned long)CRYPTO_thread_id();
+
+ CRYPTO_r_lock(CRYPTO_LOCK_ERR);
+ if (thread_hash == NULL)
+ {
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ if (thread_hash == NULL)
+ {
+ thread_hash=lh_new(pid_hash,pid_cmp);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ if (thread_hash == NULL) return(&fallback);
+ }
+ else
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ }
+ else
+ {
+ tmp.pid=pid;
+ ret=(ERR_STATE *)lh_retrieve(thread_hash,(char *)&tmp);
+ CRYPTO_r_unlock(CRYPTO_LOCK_ERR);
+ }
+
+ /* ret == the error state, if NULL, make a new one */
+ if (ret == NULL)
+ {
+ ret=(ERR_STATE *)Malloc(sizeof(ERR_STATE));
+ if (ret == NULL) return(&fallback);
+ ret->pid=pid;
+ ret->top=0;
+ ret->bottom=0;
+ CRYPTO_w_lock(CRYPTO_LOCK_ERR);
+ tmpp=(ERR_STATE *)lh_insert(thread_hash,(char *)ret);
+ CRYPTO_w_unlock(CRYPTO_LOCK_ERR);
+ if (tmpp != NULL) /* old entry - should not happen */
+ Free(tmpp);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/err/err.h b/crypto/err/err.h
new file mode 100644
index 0000000..aa3354e
--- /dev/null
+++ b/crypto/err/err.h
@@ -0,0 +1,265 @@
+/* crypto/err/err.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ERR_H
+#define HEADER_ERR_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* The following is a bit of a trick to help the object files only contain
+ * the 'name of the file' string once. Since 'err.h' is protected by the
+ * HEADER_ERR_H stuff, this should be included only once per file. */
+
+#define ERR_file_name __FILE__
+
+#ifndef NO_ERR
+#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,d,e)
+#else
+#define ERR_PUT_error(a,b,c,d,e) ERR_put_error(a,b,c,NULL,0)
+#endif
+
+#include <errno.h>
+
+#define ERR_NUM_ERRORS 10
+typedef struct err_state_st
+ {
+ unsigned long pid;
+ unsigned long err_buffer[ERR_NUM_ERRORS];
+ char *err_file[ERR_NUM_ERRORS];
+ int err_line[ERR_NUM_ERRORS];
+ int top,bottom;
+ } ERR_STATE;
+
+/* library */
+#define ERR_LIB_NONE 1
+#define ERR_LIB_SYS 2
+#define ERR_LIB_BN 3
+#define ERR_LIB_RSA 4
+#define ERR_LIB_DH 5
+#define ERR_LIB_EVP 6
+#define ERR_LIB_BUF 7
+#define ERR_LIB_OBJ 8
+#define ERR_LIB_PEM 9
+#define ERR_LIB_DSA 10
+#define ERR_LIB_X509 11
+#define ERR_LIB_METH 12
+#define ERR_LIB_ASN1 13
+#define ERR_LIB_CONF 14
+#define ERR_LIB_SSL 20
+#define ERR_LIB_SSL23 21
+#define ERR_LIB_SSL2 22
+#define ERR_LIB_SSL3 23
+#define ERR_LIB_RSAREF 30
+#define ERR_LIB_PROXY 31
+#define ERR_LIB_BIO 32
+#define ERR_LIB_PKCS7 33
+
+#define ERR_LIB_USER 128
+
+#define SYSerr(f,r) ERR_PUT_error(ERR_LIB_SYS,(f),(r),ERR_file_name,__LINE__)
+#define BNerr(f,r) ERR_PUT_error(ERR_LIB_BN,(f),(r),ERR_file_name,__LINE__)
+#define RSAerr(f,r) ERR_PUT_error(ERR_LIB_RSA,(f),(r),ERR_file_name,__LINE__)
+#define DHerr(f,r) ERR_PUT_error(ERR_LIB_DH,(f),(r),ERR_file_name,__LINE__)
+#define EVPerr(f,r) ERR_PUT_error(ERR_LIB_EVP,(f),(r),ERR_file_name,__LINE__)
+#define BUFerr(f,r) ERR_PUT_error(ERR_LIB_BUF,(f),(r),ERR_file_name,__LINE__)
+#define BIOerr(f,r) ERR_PUT_error(ERR_LIB_BIO,(f),(r),ERR_file_name,__LINE__)
+#define OBJerr(f,r) ERR_PUT_error(ERR_LIB_OBJ,(f),(r),ERR_file_name,__LINE__)
+#define PEMerr(f,r) ERR_PUT_error(ERR_LIB_PEM,(f),(r),ERR_file_name,__LINE__)
+#define DSAerr(f,r) ERR_PUT_error(ERR_LIB_DSA,(f),(r),ERR_file_name,__LINE__)
+#define X509err(f,r) ERR_PUT_error(ERR_LIB_X509,(f),(r),ERR_file_name,__LINE__)
+#define METHerr(f,r) ERR_PUT_error(ERR_LIB_METH,(f),(r),ERR_file_name,__LINE__)
+#define ASN1err(f,r) ERR_PUT_error(ERR_LIB_ASN1,(f),(r),ERR_file_name,__LINE__)
+#define CONFerr(f,r) ERR_PUT_error(ERR_LIB_CONF,(f),(r),ERR_file_name,__LINE__)
+#define SSLerr(f,r) ERR_PUT_error(ERR_LIB_SSL,(f),(r),ERR_file_name,__LINE__)
+#define SSL23err(f,r) ERR_PUT_error(ERR_LIB_SSL23,(f),(r),ERR_file_name,__LINE__)
+#define SSL2err(f,r) ERR_PUT_error(ERR_LIB_SSL2,(f),(r),ERR_file_name,__LINE__)
+#define SSL3err(f,r) ERR_PUT_error(ERR_LIB_SSL3,(f),(r),ERR_file_name,__LINE__)
+#define RSAREFerr(f,r) ERR_PUT_error(ERR_LIB_RSAREF,(f),(r),ERR_file_name,__LINE__)
+#define PROXYerr(f,r) ERR_PUT_error(ERR_LIB_PROXY,(f),(r),ERR_file_name,__LINE__)
+#define PKCS7err(f,r) ERR_PUT_error(ERR_LIB_PKCS7,(f),(r),ERR_file_name,__LINE__)
+
+/* Borland C seems too stupid to be able to shift and do longs in
+ * the pre-processor :-( */
+#define ERR_PACK(l,f,r) (((((unsigned long)l)&0xffL)*0x1000000)| \
+ ((((unsigned long)f)&0xfffL)*0x1000)| \
+ ((((unsigned long)r)&0xfffL)))
+#define ERR_GET_LIB(l) (int)((((unsigned long)l)>>24L)&0xffL)
+#define ERR_GET_FUNC(l) (int)((((unsigned long)l)>>12L)&0xfffL)
+#define ERR_GET_REASON(l) (int)((l)&0xfffL)
+#define ERR_FATAL_ERROR(l) (int)((l)&ERR_R_FATAL)
+
+/* OS fuctions */
+#define SYS_F_FOPEN 1
+#define SYS_F_CONNECT 2
+#define SYS_F_GETSERVBYNAME 3
+#define SYS_F_SOCKET 4
+#define SYS_F_IOCTLSOCKET 5
+#define SYS_F_BIND 6
+#define SYS_F_LISTEN 7
+#define SYS_F_ACCEPT 8
+#define SYS_F_WSASTARTUP 9 /* Winsock stuff */
+
+#define ERR_R_FATAL 32
+/* reasons */
+#define ERR_R_SYS_LIB ERR_LIB_SYS
+#define ERR_R_BN_LIB ERR_LIB_BN
+#define ERR_R_RSA_LIB ERR_LIB_RSA
+#define ERR_R_DSA_LIB ERR_LIB_DSA
+#define ERR_R_DH_LIB ERR_LIB_DH
+#define ERR_R_EVP_LIB ERR_LIB_EVP
+#define ERR_R_BUF_LIB ERR_LIB_BUF
+#define ERR_R_BIO_LIB ERR_LIB_BIO
+#define ERR_R_OBJ_LIB ERR_LIB_OBJ
+#define ERR_R_PEM_LIB ERR_LIB_PEM
+#define ERR_R_X509_LIB ERR_LIB_X509
+#define ERR_R_METH_LIB ERR_LIB_METH
+#define ERR_R_ASN1_LIB ERR_LIB_ASN1
+#define ERR_R_CONF_LIB ERR_LIB_CONF
+#define ERR_R_SSL_LIB ERR_LIB_SSL
+#define ERR_R_SSL23_LIB ERR_LIB_SSL23
+#define ERR_R_SSL2_LIB ERR_LIB_SSL2
+#define ERR_R_SSL3_LIB ERR_LIB_SSL3
+#define ERR_R_PROXY_LIB ERR_LIB_PROXY
+#define ERR_R_BIO_LIB ERR_LIB_BIO
+#define ERR_R_PKCS7_LIB ERR_LIB_PKCS7
+
+/* fatal error */
+#define ERR_R_MALLOC_FAILURE (1|ERR_R_FATAL)
+#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED (2|ERR_R_FATAL)
+#define ERR_R_PASSED_NULL_PARAMETER (3|ERR_R_FATAL)
+
+typedef struct ERR_string_data_st
+ {
+ unsigned long error;
+ char *string;
+ } ERR_STRING_DATA;
+
+#ifndef NOPROTO
+void ERR_put_error(int lib, int func,int reason,char *file,int line);
+unsigned long ERR_get_error(void );
+unsigned long ERR_get_error_line(char **file,int *line);
+unsigned long ERR_peek_error(void );
+unsigned long ERR_peek_error_line(char **file,int *line);
+void ERR_clear_error(void );
+char *ERR_error_string(unsigned long e,char *buf);
+char *ERR_lib_error_string(unsigned long e);
+char *ERR_func_error_string(unsigned long e);
+char *ERR_reason_error_string(unsigned long e);
+#ifndef WIN16
+void ERR_print_errors_fp(FILE *fp);
+#endif
+#ifdef HEADER_BIO_H
+void ERR_print_errors(BIO *bp);
+#endif
+void ERR_load_strings(int lib,ERR_STRING_DATA str[]);
+void ERR_load_ERR_strings(void );
+void ERR_load_crypto_strings(void );
+void ERR_free_strings(void );
+
+void ERR_remove_state(unsigned long pid); /* if zero we look it up */
+ERR_STATE *ERR_get_state(void);
+
+#ifdef HEADER_LHASH_H
+LHASH *ERR_get_string_table(void );
+LHASH *ERR_get_err_state_table(void );
+#else
+char *ERR_get_string_table(void );
+char *ERR_get_err_state_table(void );
+#endif
+
+#else
+
+void ERR_put_error();
+unsigned long ERR_get_error();
+unsigned long ERR_get_error_line();
+unsigned long ERR_peek_error();
+unsigned long ERR_peek_error_line();
+void ERR_clear_error();
+char *ERR_error_string();
+char *ERR_lib_error_string();
+char *ERR_func_error_string();
+char *ERR_reason_error_string();
+#ifndef WIN16
+void ERR_print_errors_fp();
+#endif
+void ERR_print_errors();
+void ERR_load_strings();
+void ERR_load_ERR_strings();
+void ERR_load_crypto_strings();
+void ERR_free_strings();
+
+void ERR_remove_state();
+ERR_STATE *ERR_get_state();
+
+#ifdef HEADER_LHASH_H
+LHASH *ERR_get_string_table();
+LHASH *ERR_get_err_state_table();
+#else
+char *ERR_get_string_table();
+char *ERR_get_err_state_table();
+#endif
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/err/err_all.c b/crypto/err/err_all.c
new file mode 100644
index 0000000..d6d8109
--- /dev/null
+++ b/crypto/err/err_all.c
@@ -0,0 +1,115 @@
+/* crypto/err/err_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "asn1.h"
+#include "bn.h"
+#include "buffer.h"
+#include "bio.h"
+#ifndef NO_RSA
+#include "rsa.h"
+#endif
+#ifdef RSAref
+#include "rsaref.h"
+#endif
+#ifndef NO_DH
+#include "dh.h"
+#endif
+#ifndef NO_DSA
+#include "dsa.h"
+#endif
+#include "evp.h"
+#include "objects.h"
+#include "pem.h"
+#include "x509.h"
+#include "conf.h"
+#include "err.h"
+
+void ERR_load_crypto_strings()
+ {
+ static int done=0;
+
+ if (done) return;
+ done=1;
+#ifndef NO_ERR
+ ERR_load_ASN1_strings();
+ ERR_load_BN_strings();
+ ERR_load_BUF_strings();
+ ERR_load_BIO_strings();
+ ERR_load_CONF_strings();
+#ifndef NO_RSA
+#ifdef RSAref
+ ERR_load_RSAREF_strings();
+#else
+ ERR_load_RSA_strings();
+#endif
+#endif
+#ifndef NO_DH
+ ERR_load_DH_strings();
+#endif
+#ifndef NO_DSA
+ ERR_load_DSA_strings();
+#endif
+ ERR_load_ERR_strings();
+ ERR_load_EVP_strings();
+ ERR_load_OBJ_strings();
+ ERR_load_PEM_strings();
+ ERR_load_X509_strings();
+ ERR_load_PKCS7_strings();
+#endif
+ }
diff --git a/crypto/err/err_code.pl b/crypto/err/err_code.pl
new file mode 100644
index 0000000..5b89300
--- /dev/null
+++ b/crypto/err/err_code.pl
@@ -0,0 +1,126 @@
+#!/usr/local/bin/perl
+
+%errfile=(
+ "ERR", "NONE",
+ "BN", "bn/bn.err",
+ "RSA", "rsa/rsa.err",
+ "DSA", "dsa/dsa.err",
+ "DH", "dh/dh.err",
+ "EVP", "evp/evp.err",
+ "BUF", "buffer/buffer.err",
+ "BIO", "bio/bio.err",
+ "OBJ", "objects/objects.err",
+ "PEM", "pem/pem.err",
+ "X509", "x509/x509.err",
+ "METH", "meth/meth.err",
+ "ASN1", "asn1/asn1.err",
+ "CONF", "conf/conf.err",
+ "PROXY","proxy/proxy.err",
+ "PKCS7","pkcs7/pkcs7.err",
+ "RSAREF","../rsaref/rsaref.err",
+ "SSL", "../ssl/ssl.err",
+ "SSL2", "../ssl/ssl2.err",
+ "SSL3", "../ssl/ssl3.err",
+ "SSL23","../ssl/ssl23.err",
+ );
+
+$function{'RSAREF_F_RSA_BN2BIN'}=1;
+$function{'RSAREF_F_RSA_PRIVATE_DECRYPT'}=1;
+$function{'RSAREF_F_RSA_PRIVATE_ENCRYPT'}=1;
+$function{'RSAREF_F_RSA_PUBLIC_DECRYPT'}=1;
+$function{'RSAREF_F_RSA_PUBLIC_ENCRYPT'}=1;
+$function{'SSL_F_CLIENT_CERTIFICATE'}=1;
+
+$r_value{'SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE'}= 1010;
+$r_value{'SSL_R_SSLV3_ALERT_BAD_RECORD_MAC'}= 1020;
+$r_value{'SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE'}=1030;
+$r_value{'SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE'}= 1040;
+$r_value{'SSL_R_SSLV3_ALERT_NO_CERTIFICATE'}= 1041;
+$r_value{'SSL_R_SSLV3_ALERT_BAD_CERTIFICATE'}= 1042;
+$r_value{'SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE'}=1043;
+$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED'}= 1044;
+$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED'}= 1045;
+$r_value{'SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN'}= 1046;
+$r_value{'SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER'}= 1047;
+
+$r_value{'RSAREF_R_CONTENT_ENCODING'}= 0x0400;
+$r_value{'RSAREF_R_DATA'}= 0x0401;
+$r_value{'RSAREF_R_DIGEST_ALGORITHM'}= 0x0402;
+$r_value{'RSAREF_R_ENCODING'}= 0x0403;
+$r_value{'RSAREF_R_KEY'}= 0x0404;
+$r_value{'RSAREF_R_KEY_ENCODING'}= 0x0405;
+$r_value{'RSAREF_R_LEN'}= 0x0406;
+$r_value{'RSAREF_R_MODULUS_LEN'}= 0x0407;
+$r_value{'RSAREF_R_NEED_RANDOM'}= 0x0408;
+$r_value{'RSAREF_R_PRIVATE_KEY'}= 0x0409;
+$r_value{'RSAREF_R_PUBLIC_KEY'}= 0x040a;
+$r_value{'RSAREF_R_SIGNATURE'}= 0x040b;
+$r_value{'RSAREF_R_SIGNATURE_ENCODING'}=0x040c;
+$r_value{'RSAREF_R_ENCRYPTION_ALGORITHM'}=0x040d;
+
+$last="";
+while (<>)
+ {
+ if (/err\(([A-Z0-9]+_F_[0-9A-Z_]+)\s*,\s*([0-9A-Z]+_R_[0-9A-Z_]+)\s*\)/)
+ {
+ if ($1 != $last)
+ {
+ if ($function{$1} == 0)
+ {
+ printf STDERR "$. $1 is bad\n";
+ }
+ }
+ $function{$1}++;
+ $last=$1;
+ $reason{$2}++;
+ }
+ }
+
+foreach (keys %function,keys %reason)
+ {
+ /^([A-Z0-9]+)_/;
+ $prefix{$1}++;
+ }
+
+@F=sort keys %function;
+@R=sort keys %reason;
+foreach $j (sort keys %prefix)
+ {
+ next if $errfile{$j} eq "NONE";
+ printf STDERR "doing %-6s - ",$j;
+ open(OUT,">$errfile{$j}") || die "unable to open '$errfile{$j}':$!\n";
+ @f=grep(/^${j}_/,@F);
+ @r=grep(/^${j}_/,@R);
+ $num=100;
+ print OUT "/* Error codes for the $j functions. */\n\n";
+ print OUT "/* Function codes. */\n";
+ $f_count=0;
+ foreach $i (@f)
+ {
+ $z=6-int(length($i)/8);
+ printf OUT "#define $i%s $num\n","\t" x $z;
+ $num++;
+ $f_count++;
+ }
+ $num=100;
+ print OUT "\n/* Reason codes. */\n";
+ $r_count=0;
+ foreach $i (@r)
+ {
+ $z=6-int(length($i)/8);
+ if (defined($r_value{$i}))
+ {
+ printf OUT "#define $i%s $r_value{$i}\n","\t" x $z;
+ }
+ else
+ {
+ printf OUT "#define $i%s $num\n","\t" x $z;
+ $num++;
+ }
+ $r_count++;
+ }
+ close(OUT);
+
+ printf STDERR "%3d functions, %3d reasons\n",$f_count,$r_count;
+ }
+
diff --git a/crypto/err/err_genc.pl b/crypto/err/err_genc.pl
new file mode 100644
index 0000000..6733cfe
--- /dev/null
+++ b/crypto/err/err_genc.pl
@@ -0,0 +1,147 @@
+#!/usr/local/bin/perl
+
+($#ARGV == 1) || die "usage: $0 <header file> <output C file>\n";
+open(IN,"<$ARGV[0]") || die "unable to open $ARGV[0]:$!\n";
+open(STDOUT,">$ARGV[1]") || die "unable to open $ARGV[1]:$!\n";
+
+$Func=0;
+$Reas=0;
+$fuction{'FOPEN'}='fopen';
+while (<IN>)
+ {
+ if (/(\S+)\s*\(\);/)
+ {
+ $t=$1;
+ $t =~ s/\*//;
+ ($upper=$t) =~ tr/a-z/A-Z/;
+ $fuction{$upper}=$t;
+ }
+ next unless (/^#define\s+(\S+)\s/);
+
+ $o=$1;
+ if ($o =~ /^([^_]+)_F_(.*)/)
+ {
+ $type=$1;
+ $Func++;
+ $n=$2;
+ $n=$fuction{$n} if (defined($fuction{$n}));
+ $out{$1."_str_functs"}.=
+ sprintf("{ERR_PACK(0,%s,0),\t\"$n\"},\n",$o);
+ }
+ elsif ($o =~ /^([^_]+)_R_(.*)/)
+ {
+ $type=$1;
+ $Reas++;
+ $r=$2;
+ $r =~ tr/A-Z_/a-z /;
+ $pkg{$type."_str_reasons"}=$type;
+ $out{$type."_str_reasons"}.=sprintf("{%-40s,\"$r\"},\n",$o);
+ }
+ elsif ($ARGV[0] =~ /rsaref/ && $o =~ /^RE_(.*)/)
+ {
+ $type="RSAREF";
+ $Reas++;
+ $r=$1;
+ $r =~ tr/A-Z_/a-z /;
+ $pkg{$type."_str_reasons"}=$type;
+ $out{$type."_str_reasons"}.=sprintf("{%-40s,\"$r\"},\n",$o);
+ }
+ }
+close(IN);
+
+&header($type,$ARGV[0]);
+
+foreach (sort keys %out)
+ {
+ print "static ERR_STRING_DATA ${_}[]=\n\t{\n";
+ print $out{$_};
+ print "{0,NULL},\n";
+ print "\t};\n\n";
+ }
+
+print "void ERR_load_${type}_strings()\n";
+print "\t{\n";
+print "\tstatic int init=1;\n\n";
+print "\tif (init)\n";
+print "\t\t{\n";
+print "\t\tinit=0;\n";
+print "\t\tERR_load_strings(ERR_LIB_$type,${type}_str_functs);\n"
+ if $Func;
+print "\t\tERR_load_strings(ERR_LIB_$type,${type}_str_reasons);\n"
+ if $Reas;
+print "\t\t}\n";
+print "\t}\n";
+
+sub header
+ {
+ ($type,$header)=@_;
+
+ ($lc=$type) =~ tr/A-Z/a-z/;
+ $header =~ s/^.*\///;
+
+ print "/* lib/$lc/${lc}\_err.c */\n";
+ print <<'EOF';
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+EOF
+
+ print "#include <stdio.h>\n";
+ print "#include \"err.h\"\n";
+ print "#include \"$header\"\n";
+ print "\n/* BEGIN ERROR CODES */\n";
+ }
+
diff --git a/crypto/err/err_prn.c b/crypto/err/err_prn.c
new file mode 100644
index 0000000..16e3138
--- /dev/null
+++ b/crypto/err/err_prn.c
@@ -0,0 +1,102 @@
+/* crypto/err/err_prn.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "crypto.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "err.h"
+#include "crypto.h"
+
+#ifndef WIN16
+void ERR_print_errors_fp(fp)
+FILE *fp;
+ {
+ unsigned long l;
+ char buf[200];
+ char *file;
+ int line;
+ unsigned long es;
+
+ es=CRYPTO_thread_id();
+ while ((l=ERR_get_error_line(&file,&line)) != 0)
+ fprintf(fp,"%lu:%s:%s:%d\n",es,ERR_error_string(l,buf),
+ file,line);
+ }
+#endif
+
+void ERR_print_errors(bp)
+BIO *bp;
+ {
+ unsigned long l;
+ char buf[256];
+ char buf2[256];
+ char *file;
+ int line;
+ unsigned long es;
+
+ es=CRYPTO_thread_id();
+ while ((l=ERR_get_error_line(&file,&line)) != 0)
+ {
+ sprintf(buf2,"%lu:%s:%s:%d\n",es,ERR_error_string(l,buf),
+ file,line);
+ BIO_write(bp,buf2,strlen(buf2));
+ }
+ }
+
diff --git a/crypto/err/error.err b/crypto/err/error.err
new file mode 100644
index 0000000..f09557d
--- /dev/null
+++ b/crypto/err/error.err
@@ -0,0 +1,13 @@
+/* Error codes for the ERR functions. */
+
+/* Function codes. */
+
+/* Reason codes. */
+#define ERR_R_BN_LIB 100
+#define ERR_R_DER_LIB 101
+#define ERR_R_MALLOC_FAILURE 102
+#define ERR_R_PEM_LIB 103
+#define ERR_R_RSA_LIB 104
+#define ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED 105
+#define ERR_R_SYS_LIB 106
+#define ERR_R_X509_LIB 107
diff --git a/crypto/evp/Makefile.ssl b/crypto/evp/Makefile.ssl
new file mode 100644
index 0000000..2033811
--- /dev/null
+++ b/crypto/evp/Makefile.ssl
@@ -0,0 +1,105 @@
+#
+# SSLeay/crypto/evp/Makefile
+#
+
+DIR= evp
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=evp
+ERRC=evp_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= encode.c digest.c evp_enc.c evp_key.c \
+ e_ecb_d.c e_cbc_d.c e_cfb_d.c e_ofb_d.c \
+ e_ecb_i.c e_cbc_i.c e_cfb_i.c e_ofb_i.c \
+ e_ecb_3d.c e_cbc_3d.c e_rc4.c names.c \
+ e_cfb_3d.c e_ofb_3d.c e_xcbc_d.c \
+ e_ecb_r2.c e_cbc_r2.c e_cfb_r2.c e_ofb_r2.c \
+ e_ecb_bf.c e_cbc_bf.c e_cfb_bf.c e_ofb_bf.c \
+ m_null.c m_md2.c m_md5.c m_sha.c m_sha1.c m_dss.c m_dss1.c m_mdc2.c \
+ p_open.c p_seal.c p_sign.c p_verify.c p_lib.c \
+ bio_md.c bio_b64.c bio_enc.c $(ERRC).c e_null.c \
+ c_all.c
+
+LIBOBJ= encode.o digest.o evp_enc.o evp_key.o \
+ e_ecb_d.o e_cbc_d.o e_cfb_d.o e_ofb_d.o \
+ e_ecb_i.o e_cbc_i.o e_cfb_i.o e_ofb_i.o \
+ e_ecb_3d.o e_cbc_3d.o e_rc4.o names.o \
+ e_cfb_3d.o e_ofb_3d.o e_xcbc_d.o \
+ e_ecb_r2.o e_cbc_r2.o e_cfb_r2.o e_ofb_r2.o \
+ e_ecb_bf.o e_cbc_bf.o e_cfb_bf.o e_ofb_bf.o \
+ m_null.o m_md2.o m_md5.o m_sha.o m_sha1.o m_dss.o m_dss1.o m_mdc2.o \
+ p_open.o p_seal.o p_sign.o p_verify.o p_lib.o \
+ bio_md.o bio_b64.o bio_enc.o $(ERRC).o e_null.o \
+ c_all.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= evp.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/evp/bio_b64.c b/crypto/evp/bio_b64.c
new file mode 100644
index 0000000..e362dc3
--- /dev/null
+++ b/crypto/evp/bio_b64.c
@@ -0,0 +1,452 @@
+/* crypto/evp/bio_b64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int b64_write(BIO *h,char *buf,int num);
+static int b64_read(BIO *h,char *buf,int size);
+/*static int b64_puts(BIO *h,char *str); */
+/*static int b64_gets(BIO *h,char *str,int size); */
+static long b64_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int b64_new(BIO *h);
+static int b64_free(BIO *data);
+#else
+static int b64_write();
+static int b64_read();
+/*static int b64_puts(); */
+/*static int b64_gets(); */
+static long b64_ctrl();
+static int b64_new();
+static int b64_free();
+#endif
+
+#define B64_BLOCK_SIZE 1024
+#define B64_NONE 0
+#define B64_ENCODE 1
+#define B64_DECODE 2
+
+typedef struct b64_struct
+ {
+ /*BIO *bio; moved to the BIO structure */
+ int buf_len;
+ int buf_off;
+ int tmp_len; /* used to find the start when decoding */
+ int tmp_nl; /* If true, scan until '\n' */
+ int encode;
+ int start; /* have we started decoding yet? */
+ int cont; /* <= 0 when finished */
+ EVP_ENCODE_CTX base64;
+ char buf[EVP_ENCODE_LENGTH(B64_BLOCK_SIZE)+10];
+ char tmp[B64_BLOCK_SIZE];
+ } BIO_B64_CTX;
+
+static BIO_METHOD methods_b64=
+ {
+ BIO_TYPE_BASE64,"base64 encoding",
+ b64_write,
+ b64_read,
+ NULL, /* b64_puts, */
+ NULL, /* b64_gets, */
+ b64_ctrl,
+ b64_new,
+ b64_free,
+ };
+
+BIO_METHOD *BIO_f_base64()
+ {
+ return(&methods_b64);
+ }
+
+static int b64_new(bi)
+BIO *bi;
+ {
+ BIO_B64_CTX *ctx;
+
+ ctx=(BIO_B64_CTX *)Malloc(sizeof(BIO_B64_CTX));
+ if (ctx == NULL) return(0);
+
+ ctx->buf_len=0;
+ ctx->tmp_len=0;
+ ctx->tmp_nl=0;
+ ctx->buf_off=0;
+ ctx->cont=1;
+ ctx->start=1;
+ ctx->encode=0;
+
+ bi->init=1;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int b64_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int b64_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0,i,ii,j,k,x,n,num;
+ BIO_B64_CTX *ctx;
+ unsigned char *p,*q;
+
+ if (out == NULL) return(0);
+ ctx=(BIO_B64_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ if (ctx->encode != B64_DECODE)
+ {
+ ctx->encode=B64_DECODE;
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ EVP_DecodeInit(&(ctx->base64));
+ }
+
+ /* First check if there are bytes decoded/encoded */
+ if (ctx->buf_len > 0)
+ {
+ i=ctx->buf_len-ctx->buf_off;
+ if (i > outl) i=outl;
+ memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+ ret=i;
+ out+=i;
+ outl-=i;
+ ctx->buf_off+=i;
+ if (ctx->buf_len == ctx->buf_off)
+ {
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ }
+
+ /* At this point, we have room of outl bytes and an empty
+ * buffer, so we should read in some more. */
+
+ while (outl > 0)
+ {
+ if (ctx->cont <= 0) break;
+
+ i=BIO_read(b->next_bio,&(ctx->tmp[ctx->tmp_len]),
+ B64_BLOCK_SIZE-ctx->tmp_len);
+
+ if (i <= 0)
+ {
+ /* Should be continue next time we are called? */
+ if (!BIO_should_retry(b->next_bio))
+ ctx->cont=i;
+ break;
+ }
+ i+=ctx->tmp_len;
+
+ /* We need to scan, a line at a time until we
+ * have a valid line if we are starting. */
+ if (ctx->start)
+ {
+ q=p=(unsigned char *)ctx->tmp;
+ for (j=0; j<i; j++)
+ {
+ if (*(q++) != '\n') continue;
+
+ /* due to a previous very long line,
+ * we need to keep on scanning for a '\n'
+ * before we even start looking for
+ * base64 encoded stuff. */
+ if (ctx->tmp_nl)
+ {
+ p=q;
+ ctx->tmp_nl=0;
+ continue;
+ }
+
+ k=EVP_DecodeUpdate(&(ctx->base64),
+ (unsigned char *)ctx->buf,
+ &num,p,q-p);
+ if ((k <= 0) && (num == 0) && (ctx->start))
+ EVP_DecodeInit(&ctx->base64);
+ else
+ {
+ if (p != (unsigned char *)
+ &(ctx->tmp[0]))
+ {
+ i-=(p- (unsigned char *)
+ &(ctx->tmp[0]));
+ for (x=0; x < i; x++)
+ ctx->tmp[x]=p[x];
+ EVP_DecodeInit(&ctx->base64);
+ }
+ ctx->start=0;
+ break;
+ }
+ p=q;
+ }
+
+ /* we fell off the end without starting */
+ if (j == i)
+ {
+ /* Is this is one long chunk?, if so, keep on
+ * reading until a new line. */
+ if (p == (unsigned char *)&(ctx->tmp[0]))
+ {
+ ctx->tmp_nl=1;
+ ctx->tmp_len=0;
+ }
+ else if (p != q) /* finished on a '\n' */
+ {
+ n=q-p;
+ for (ii=0; ii<n; ii++)
+ ctx->tmp[ii]=p[ii];
+ ctx->tmp_len=n;
+ }
+ /* else finished on a '\n' */
+ continue;
+ }
+ else
+ ctx->tmp_len=0;
+ }
+ i=EVP_DecodeUpdate(&(ctx->base64),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)ctx->tmp,i);
+ ctx->cont=i;
+ ctx->buf_off=0;
+ if (i < 0)
+ {
+ ctx->buf_len=0;
+ break;
+ }
+
+ if (ctx->buf_len <= outl)
+ i=ctx->buf_len;
+ else
+ i=outl;
+
+ memcpy(out,ctx->buf,i);
+ ret+=i;
+ ctx->buf_off=i;
+ if (ctx->buf_off == ctx->buf_len)
+ {
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ outl-=i;
+ out+=i;
+ }
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return((ret == 0)?ctx->cont:ret);
+ }
+
+static int b64_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=inl,n,i;
+ BIO_B64_CTX *ctx;
+
+ ctx=(BIO_B64_CTX *)b->ptr;
+ BIO_clear_retry_flags(b);
+
+ if (ctx->encode != B64_ENCODE)
+ {
+ ctx->encode=B64_ENCODE;
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ EVP_EncodeInit(&(ctx->base64));
+ }
+
+ n=ctx->buf_len-ctx->buf_off;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return(i);
+ }
+ ctx->buf_off+=i;
+ n-=i;
+ }
+ /* at this point all pending data has been written */
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+
+ ctx->buf_off=0;
+ while (inl > 0)
+ {
+ n=(inl > B64_BLOCK_SIZE)?B64_BLOCK_SIZE:inl;
+ EVP_EncodeUpdate(&(ctx->base64),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)in,n);
+ inl-=n;
+ in+=n;
+
+ ctx->buf_off=0;
+ n=ctx->buf_len;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return((ret == 0)?i:ret);
+ }
+ n-=i;
+ ctx->buf_off+=i;
+ }
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ return(ret);
+ }
+
+static long b64_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO_B64_CTX *ctx;
+ long ret=1;
+ int i;
+
+ ctx=(BIO_B64_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ctx->cont=1;
+ ctx->start=1;
+ ctx->encode=B64_NONE;
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_EOF: /* More to read */
+ if (ctx->cont <= 0)
+ ret=1;
+ else
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_WPENDING: /* More to write in buffer */
+ ret=ctx->buf_len-ctx->buf_off;
+ if ((ret == 0) && (ctx->base64.num != 0))
+ ret=1;
+ else if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING: /* More to read in buffer */
+ ret=ctx->buf_len-ctx->buf_off;
+ if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_FLUSH:
+ /* do a final write */
+again:
+ while (ctx->buf_len != ctx->buf_off)
+ {
+ i=b64_write(b,NULL,0);
+ if (i < 0)
+ {
+ ret=i;
+ break;
+ }
+ }
+ if (ctx->base64.num != 0)
+ {
+ ctx->buf_off=0;
+ EVP_EncodeFinal(&(ctx->base64),
+ (unsigned char *)ctx->buf,
+ &(ctx->buf_len));
+ /* push out the bytes */
+ goto again;
+ }
+ /* Finally flush the underlying BIO */
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_CTRL_DUP:
+ break;
+ case BIO_CTRL_INFO:
+ case BIO_CTRL_GET:
+ case BIO_CTRL_SET:
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
diff --git a/crypto/evp/bio_enc.c b/crypto/evp/bio_enc.c
new file mode 100644
index 0000000..6020736
--- /dev/null
+++ b/crypto/evp/bio_enc.c
@@ -0,0 +1,402 @@
+/* crypto/evp/bio_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int enc_write(BIO *h,char *buf,int num);
+static int enc_read(BIO *h,char *buf,int size);
+/*static int enc_puts(BIO *h,char *str); */
+/*static int enc_gets(BIO *h,char *str,int size); */
+static long enc_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int enc_new(BIO *h);
+static int enc_free(BIO *data);
+#else
+static int enc_write();
+static int enc_read();
+/*static int enc_puts(); */
+/*static int enc_gets(); */
+static long enc_ctrl();
+static int enc_new();
+static int enc_free();
+#endif
+
+#define ENC_BLOCK_SIZE (1024*4)
+
+typedef struct enc_struct
+ {
+ int buf_len;
+ int buf_off;
+ int cont; /* <= 0 when finished */
+ int finished;
+ int ok; /* bad decrypt */
+ EVP_CIPHER_CTX cipher;
+ char buf[ENC_BLOCK_SIZE+10];
+ } BIO_ENC_CTX;
+
+static BIO_METHOD methods_enc=
+ {
+ BIO_TYPE_CIPHER,"cipher",
+ enc_write,
+ enc_read,
+ NULL, /* enc_puts, */
+ NULL, /* enc_gets, */
+ enc_ctrl,
+ enc_new,
+ enc_free,
+ };
+
+BIO_METHOD *BIO_f_cipher()
+ {
+ return(&methods_enc);
+ }
+
+static int enc_new(bi)
+BIO *bi;
+ {
+ BIO_ENC_CTX *ctx;
+
+ ctx=(BIO_ENC_CTX *)Malloc(sizeof(BIO_ENC_CTX));
+ if (ctx == NULL) return(0);
+
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ ctx->cont=1;
+ ctx->finished=0;
+ ctx->ok=1;
+
+ bi->init=0;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int enc_free(a)
+BIO *a;
+ {
+ BIO_ENC_CTX *b;
+
+ if (a == NULL) return(0);
+ b=(BIO_ENC_CTX *)a->ptr;
+ EVP_CIPHER_CTX_cleanup(&(b->cipher));
+ memset(a->ptr,0,sizeof(BIO_ENC_CTX));
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int enc_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0,i;
+ BIO_ENC_CTX *ctx;
+
+ if (out == NULL) return(0);
+ ctx=(BIO_ENC_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ /* First check if there are bytes decoded/encoded */
+ if (ctx->buf_len > 0)
+ {
+ i=ctx->buf_len-ctx->buf_off;
+ if (i > outl) i=outl;
+ memcpy(out,&(ctx->buf[ctx->buf_off]),i);
+ ret=i;
+ out+=i;
+ outl-=i;
+ ctx->buf_off+=i;
+ if (ctx->buf_len == ctx->buf_off)
+ {
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ }
+
+ /* At this point, we have room of outl bytes and an empty
+ * buffer, so we should read in some more. */
+
+ while (outl > 0)
+ {
+ if (ctx->cont <= 0) break;
+
+ /* read in at offset 8, read the EVP_Cipher
+ * documentation about why */
+ i=BIO_read(b->next_bio,&(ctx->buf[8]),ENC_BLOCK_SIZE);
+
+ if (i <= 0)
+ {
+ /* Should be continue next time we are called? */
+ if (!BIO_should_retry(b->next_bio))
+ {
+ ctx->cont=i;
+ i=EVP_CipherFinal(&(ctx->cipher),
+ (unsigned char *)ctx->buf,
+ &(ctx->buf_len));
+ ctx->ok=i;
+ ctx->buf_off=0;
+ }
+ else
+ ret=(ret == 0)?i:ret;
+ break;
+ }
+ else
+ {
+ EVP_CipherUpdate(&(ctx->cipher),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)&(ctx->buf[8]),i);
+ ctx->cont=1;
+ }
+
+ if (ctx->buf_len <= outl)
+ i=ctx->buf_len;
+ else
+ i=outl;
+
+ if (i <= 0) break;
+ memcpy(out,ctx->buf,i);
+ ret+=i;
+ ctx->buf_off=i;
+ outl-=i;
+ out+=i;
+ }
+
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return((ret == 0)?ctx->cont:ret);
+ }
+
+static int enc_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0,n,i;
+ BIO_ENC_CTX *ctx;
+
+ ctx=(BIO_ENC_CTX *)b->ptr;
+ ret=inl;
+
+ BIO_clear_retry_flags(b);
+ n=ctx->buf_len-ctx->buf_off;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return(i);
+ }
+ ctx->buf_off+=i;
+ n-=i;
+ }
+ /* at this point all pending data has been written */
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+
+ ctx->buf_off=0;
+ while (inl > 0)
+ {
+ n=(inl > ENC_BLOCK_SIZE)?ENC_BLOCK_SIZE:inl;
+ EVP_CipherUpdate(&(ctx->cipher),
+ (unsigned char *)ctx->buf,&ctx->buf_len,
+ (unsigned char *)in,n);
+ inl-=n;
+ in+=n;
+
+ ctx->buf_off=0;
+ n=ctx->buf_len;
+ while (n > 0)
+ {
+ i=BIO_write(b->next_bio,&(ctx->buf[ctx->buf_off]),n);
+ if (i <= 0)
+ {
+ BIO_copy_next_retry(b);
+ return(i);
+ }
+ n-=i;
+ ctx->buf_off+=i;
+ }
+ ctx->buf_len=0;
+ ctx->buf_off=0;
+ }
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long enc_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ BIO *dbio;
+ BIO_ENC_CTX *ctx,*dctx;
+ long ret=1;
+ int i;
+
+ ctx=(BIO_ENC_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ ctx->ok=1;
+ ctx->finished=0;
+ EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+ ctx->cipher.encrypt);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_EOF: /* More to read */
+ if (ctx->cont <= 0)
+ ret=1;
+ else
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=ctx->buf_len-ctx->buf_off;
+ if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING: /* More to read in buffer */
+ ret=ctx->buf_len-ctx->buf_off;
+ if (ret <= 0)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_FLUSH:
+ /* do a final write */
+again:
+ while (ctx->buf_len != ctx->buf_off)
+ {
+ i=enc_write(b,NULL,0);
+ if (i < 0)
+ {
+ ret=i;
+ break;
+ }
+ }
+
+ if (!ctx->finished)
+ {
+ ctx->finished=1;
+ ctx->buf_off=0;
+ ret=EVP_CipherFinal(&(ctx->cipher),
+ (unsigned char *)ctx->buf,
+ &(ctx->buf_len));
+ ctx->ok=(int)ret;
+ if (ret <= 0) break;
+
+ /* push out the bytes */
+ goto again;
+ }
+
+ /* Finally flush the underlying BIO */
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_C_GET_CIPHER_STATUS:
+ ret=(long)ctx->ok;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ dctx=(BIO_ENC_CTX *)dbio->ptr;
+ memcpy(&(dctx->cipher),&(ctx->cipher),sizeof(ctx->cipher));
+ dbio->init=1;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+void BIO_set_cipher(b,c,k,i,e)
+BIO *b;
+EVP_CIPHER *c;
+unsigned char *k;
+unsigned char *i;
+int e;
+ {
+ BIO_ENC_CTX *ctx;
+
+ if (b == NULL) return;
+
+ if ((b->callback != NULL) &&
+ (b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,0L) <= 0))
+ return;
+
+ b->init=1;
+ ctx=(BIO_ENC_CTX *)b->ptr;
+ EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+
+ if (b->callback != NULL)
+ b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);
+ }
+
diff --git a/crypto/evp/bio_md.c b/crypto/evp/bio_md.c
new file mode 100644
index 0000000..0d6508c
--- /dev/null
+++ b/crypto/evp/bio_md.c
@@ -0,0 +1,270 @@
+/* crypto/evp/bio_md.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "evp.h"
+
+/* BIO_put and BIO_get both add to the digest,
+ * BIO_gets returns the digest */
+
+#ifndef NOPROTO
+static int md_write(BIO *h,char *buf,int num);
+static int md_read(BIO *h,char *buf,int size);
+/*static int md_puts(BIO *h,char *str); */
+static int md_gets(BIO *h,char *str,int size);
+static long md_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int md_new(BIO *h);
+static int md_free(BIO *data);
+#else
+static int md_write();
+static int md_read();
+/*static int md_puts(); */
+static int md_gets();
+static long md_ctrl();
+static int md_new();
+static int md_free();
+#endif
+
+static BIO_METHOD methods_md=
+ {
+ BIO_TYPE_MD,"message digest",
+ md_write,
+ md_read,
+ NULL, /* md_puts, */
+ md_gets,
+ md_ctrl,
+ md_new,
+ md_free,
+ };
+
+BIO_METHOD *BIO_f_md()
+ {
+ return(&methods_md);
+ }
+
+static int md_new(bi)
+BIO *bi;
+ {
+ EVP_MD_CTX *ctx;
+
+ ctx=(EVP_MD_CTX *)Malloc(sizeof(EVP_MD_CTX));
+ if (ctx == NULL) return(0);
+
+ bi->init=0;
+ bi->ptr=(char *)ctx;
+ bi->flags=0;
+ return(1);
+ }
+
+static int md_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ Free(a->ptr);
+ a->ptr=NULL;
+ a->init=0;
+ a->flags=0;
+ return(1);
+ }
+
+static int md_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=0;
+ EVP_MD_CTX *ctx;
+
+ if (out == NULL) return(0);
+ ctx=(EVP_MD_CTX *)b->ptr;
+
+ if ((ctx == NULL) || (b->next_bio == NULL)) return(0);
+
+ ret=BIO_read(b->next_bio,out,outl);
+ if (b->init)
+ {
+ if (ret > 0)
+ {
+ EVP_DigestUpdate(ctx,(unsigned char *)out,
+ (unsigned int)ret);
+ }
+ }
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static int md_write(b,in,inl)
+BIO *b;
+char *in;
+int inl;
+ {
+ int ret=0;
+ EVP_MD_CTX *ctx;
+
+ if ((in == NULL) || (inl <= 0)) return(0);
+ ctx=(EVP_MD_CTX *)b->ptr;
+
+ if ((ctx != NULL) && (b->next_bio != NULL))
+ ret=BIO_write(b->next_bio,in,inl);
+ if (b->init)
+ {
+ if (ret > 0)
+ {
+ EVP_DigestUpdate(ctx,(unsigned char *)in,
+ (unsigned int)ret);
+ }
+ }
+ BIO_clear_retry_flags(b);
+ BIO_copy_next_retry(b);
+ return(ret);
+ }
+
+static long md_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ EVP_MD_CTX *ctx,*dctx,**pctx;
+ EVP_MD **ppmd;
+ EVP_MD *md;
+ long ret=1;
+ BIO *dbio;
+
+ ctx=(EVP_MD_CTX *)b->ptr;
+
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ if (b->init)
+ EVP_DigestInit(ctx,ctx->digest);
+ else
+ ret=0;
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ case BIO_C_GET_MD:
+ if (b->init)
+ {
+ ppmd=(EVP_MD **)ptr;
+ *ppmd=ctx->digest;
+ }
+ else
+ ret=0;
+ break;
+ case BIO_C_GET_MD_CTX:
+ if (b->init)
+ {
+ pctx=(EVP_MD_CTX **)ptr;
+ *pctx=ctx;
+ }
+ else
+ ret=0;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+
+ case BIO_C_SET_MD:
+ md=(EVP_MD *)ptr;
+ EVP_DigestInit(ctx,md);
+ b->init=1;
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ dctx=(EVP_MD_CTX *)dbio->ptr;
+ memcpy(dctx,ctx,sizeof(ctx));
+ b->init=1;
+ break;
+ default:
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ break;
+ }
+ return(ret);
+ }
+
+static int md_gets(bp,buf,size)
+BIO *bp;
+char *buf;
+int size;
+ {
+ EVP_MD_CTX *ctx;
+ unsigned int ret;
+
+
+ ctx=(EVP_MD_CTX *)bp->ptr;
+ if (size < ctx->digest->md_size)
+ return(0);
+ EVP_DigestFinal(ctx,(unsigned char *)buf,&ret);
+ return((int)ret);
+ }
+
+/*
+static int md_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ return(-1);
+ }
+*/
+
diff --git a/crypto/evp/c_all.c b/crypto/evp/c_all.c
new file mode 100644
index 0000000..b618d8d
--- /dev/null
+++ b/crypto/evp/c_all.c
@@ -0,0 +1,155 @@
+/* crypto/evp/c_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+void SSLeay_add_all_algorithms()
+ {
+ SSLeay_add_all_ciphers();
+ SSLeay_add_all_digests();
+ }
+
+void SSLeay_add_all_ciphers()
+ {
+#ifndef NO_DES
+ EVP_add_cipher(EVP_des_cfb());
+ EVP_add_cipher(EVP_des_ede_cfb());
+ EVP_add_cipher(EVP_des_ede3_cfb());
+
+ EVP_add_cipher(EVP_des_ofb());
+ EVP_add_cipher(EVP_des_ede_ofb());
+ EVP_add_cipher(EVP_des_ede3_ofb());
+
+ EVP_add_cipher(EVP_desx_cbc());
+ EVP_add_alias(SN_desx_cbc,"DESX");
+ EVP_add_alias(SN_desx_cbc,"desx");
+
+ EVP_add_cipher(EVP_des_cbc());
+ EVP_add_alias(SN_des_cbc,"DES");
+ EVP_add_alias(SN_des_cbc,"des");
+ EVP_add_cipher(EVP_des_ede_cbc());
+ EVP_add_cipher(EVP_des_ede3_cbc());
+ EVP_add_alias(SN_des_ede3_cbc,"DES3");
+ EVP_add_alias(SN_des_ede3_cbc,"des3");
+
+ EVP_add_cipher(EVP_des_ecb());
+ EVP_add_cipher(EVP_des_ede());
+ EVP_add_cipher(EVP_des_ede3());
+#endif
+
+#ifndef NO_RC4
+ EVP_add_cipher(EVP_rc4());
+#endif
+
+#ifndef NO_IDEA
+ EVP_add_cipher(EVP_idea_ecb());
+ EVP_add_cipher(EVP_idea_cfb());
+ EVP_add_cipher(EVP_idea_ofb());
+ EVP_add_cipher(EVP_idea_cbc());
+ EVP_add_alias(SN_idea_cbc,"IDEA");
+ EVP_add_alias(SN_idea_cbc,"idea");
+#endif
+
+#ifndef NO_RC2
+ EVP_add_cipher(EVP_rc2_ecb());
+ EVP_add_cipher(EVP_rc2_cfb());
+ EVP_add_cipher(EVP_rc2_ofb());
+ EVP_add_cipher(EVP_rc2_cbc());
+ EVP_add_alias(SN_rc2_cbc,"RC2");
+ EVP_add_alias(SN_rc2_cbc,"rc2");
+#endif
+
+#ifndef NO_BLOWFISH
+ EVP_add_cipher(EVP_bf_ecb());
+ EVP_add_cipher(EVP_bf_cfb());
+ EVP_add_cipher(EVP_bf_ofb());
+ EVP_add_cipher(EVP_bf_cbc());
+ EVP_add_alias(SN_bf_cbc,"BF");
+ EVP_add_alias(SN_bf_cbc,"bf");
+ EVP_add_alias(SN_bf_cbc,"blowfish");
+#endif
+ }
+
+
+void SSLeay_add_all_digests()
+ {
+#ifndef NO_MD2
+ EVP_add_digest(EVP_md2());
+#endif
+#ifndef NO_MD2
+ EVP_add_digest(EVP_md5());
+#endif
+#ifndef NO_SHA
+ EVP_add_digest(EVP_sha());
+#ifndef NO_DSA
+ EVP_add_digest(EVP_dss());
+#endif
+#endif
+#ifndef NO_SHA1
+ EVP_add_digest(EVP_sha1());
+#ifndef NO_DSA
+ EVP_add_digest(EVP_dss1());
+#endif
+#endif
+#if !defined(NO_MDC2) && !defined(NO_DES)
+ EVP_add_digest(EVP_mdc2());
+#endif
+ }
diff --git a/crypto/evp/digest.c b/crypto/evp/digest.c
new file mode 100644
index 0000000..035218d
--- /dev/null
+++ b/crypto/evp/digest.c
@@ -0,0 +1,89 @@
+/* crypto/evp/digest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "evp.h"
+
+void EVP_DigestInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+ {
+ ctx->digest=type;
+ type->init(&(ctx->md));
+ }
+
+void EVP_DigestUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+ {
+ ctx->digest->update(&(ctx->md.base[0]),data,(unsigned long)count);
+ }
+
+void EVP_DigestFinal(ctx,md,size)
+EVP_MD_CTX *ctx;
+unsigned char *md;
+unsigned int *size;
+ {
+ ctx->digest->final(md,&(ctx->md.base[0]));
+ if (size != NULL)
+ *size=ctx->digest->md_size;
+ memset(&(ctx->md),0,sizeof(ctx->md));
+ }
diff --git a/crypto/evp/e_cbc_3d.c b/crypto/evp/e_cbc_3d.c
new file mode 100644
index 0000000..3749759
--- /dev/null
+++ b/crypto/evp/e_cbc_3d.c
@@ -0,0 +1,153 @@
+/* crypto/evp/e_cbc_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_cbc_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_cbc_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_cbc_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_cbc_ede_init_key();
+static void des_cbc_ede3_init_key();
+static void des_cbc_ede_cipher();
+#endif
+
+static EVP_CIPHER d_cbc_ede_cipher2=
+ {
+ NID_des_ede_cbc,
+ 8,16,8,
+ des_cbc_ede_init_key,
+ des_cbc_ede_cipher,
+ };
+
+static EVP_CIPHER d_cbc_ede_cipher3=
+ {
+ NID_des_ede3_cbc,
+ 8,24,8,
+ des_cbc_ede3_init_key,
+ des_cbc_ede_cipher,
+ };
+
+EVP_CIPHER *EVP_des_ede_cbc()
+ {
+ return(&d_cbc_ede_cipher2);
+ }
+
+EVP_CIPHER *EVP_des_ede3_cbc()
+ {
+ return(&d_cbc_ede_cipher3);
+ }
+
+static void des_cbc_ede_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_ede.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_ede.iv[0]),&(ctx->c.des_ede.oiv[0]),8);
+
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+ memcpy( (char *)ctx->c.des_ede.ks3,
+ (char *)ctx->c.des_ede.ks1,
+ sizeof(ctx->c.des_ede.ks1));
+ }
+ }
+
+static void des_cbc_ede3_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_ede.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_ede.iv[0]),&(ctx->c.des_ede.oiv[0]),8);
+
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+ des_set_key((des_cblock *)&(key[16]),ctx->c.des_ede.ks3);
+ }
+ }
+
+static void des_cbc_ede_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_ede3_cbc_encrypt(
+ (des_cblock *)in,(des_cblock *)out,
+ (long)inl, ctx->c.des_ede.ks1,
+ ctx->c.des_ede.ks2,ctx->c.des_ede.ks3,
+ (des_cblock *)&(ctx->c.des_ede.iv[0]),
+ ctx->encrypt);
+ }
diff --git a/crypto/evp/e_cbc_bf.c b/crypto/evp/e_cbc_bf.c
new file mode 100644
index 0000000..d6278e2
--- /dev/null
+++ b/crypto/evp/e_cbc_bf.c
@@ -0,0 +1,114 @@
+/* crypto/evp/e_cbc_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void bf_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void bf_cbc_init_key();
+static void bf_cbc_cipher();
+#endif
+
+static EVP_CIPHER bfish_cbc_cipher=
+ {
+ NID_bf_cbc,
+ 8,EVP_BLOWFISH_KEY_SIZE,8,
+ bf_cbc_init_key,
+ bf_cbc_cipher,
+ };
+
+EVP_CIPHER *EVP_bf_cbc()
+ {
+ return(&bfish_cbc_cipher);
+ }
+
+static void bf_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.bf_cbc.oiv[0]),iv,8);
+ memcpy(&(ctx->c.bf_cbc.iv[0]),&(ctx->c.bf_cbc.oiv[0]),8);
+ if (key != NULL)
+ BF_set_key(&(ctx->c.bf_cbc.ks),EVP_BLOWFISH_KEY_SIZE,key);
+ }
+
+static void bf_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ BF_cbc_encrypt(
+ in,out,(long)inl,
+ &(ctx->c.bf_cbc.ks),&(ctx->c.bf_cbc.iv[0]),
+ ctx->encrypt);
+ }
+
+#endif
diff --git a/crypto/evp/e_cbc_d.c b/crypto/evp/e_cbc_d.c
new file mode 100644
index 0000000..accc01e
--- /dev/null
+++ b/crypto/evp/e_cbc_d.c
@@ -0,0 +1,111 @@
+/* crypto/evp/e_cbc_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_cbc_init_key();
+static void des_cbc_cipher();
+#endif
+
+static EVP_CIPHER d_cbc_cipher=
+ {
+ NID_des_cbc,
+ 8,8,8,
+ des_cbc_init_key,
+ des_cbc_cipher,
+ };
+
+EVP_CIPHER *EVP_des_cbc()
+ {
+ return(&d_cbc_cipher);
+ }
+
+static void des_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cbc.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cbc.iv[0]),&(ctx->c.des_cbc.oiv[0]),8);
+ if (key != NULL)
+ des_set_key((des_cblock *)key,ctx->c.des_cbc.ks);
+ }
+
+static void des_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_ncbc_encrypt(
+ (des_cblock *)in,(des_cblock *)out,
+ (long)inl, ctx->c.des_cbc.ks,
+ (des_cblock *)&(ctx->c.des_cbc.iv[0]),
+ ctx->encrypt);
+ }
diff --git a/crypto/evp/e_cbc_i.c b/crypto/evp/e_cbc_i.c
new file mode 100644
index 0000000..abfb5ed
--- /dev/null
+++ b/crypto/evp/e_cbc_i.c
@@ -0,0 +1,126 @@
+/* crypto/evp/e_cbc_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void idea_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void idea_cbc_init_key();
+static void idea_cbc_cipher();
+#endif
+
+static EVP_CIPHER i_cbc_cipher=
+ {
+ NID_idea_cbc,
+ 8,16,8,
+ idea_cbc_init_key,
+ idea_cbc_cipher,
+ };
+
+EVP_CIPHER *EVP_idea_cbc()
+ {
+ return(&i_cbc_cipher);
+ }
+
+static void idea_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.idea_cbc.oiv[0]),iv,8);
+ memcpy(&(ctx->c.idea_cbc.iv[0]),&(ctx->c.idea_cbc.oiv[0]),8);
+ if (key != NULL)
+ {
+ if (enc)
+ idea_set_encrypt_key(key,&(ctx->c.idea_cbc.ks));
+ else
+ {
+ IDEA_KEY_SCHEDULE tmp;
+
+ idea_set_encrypt_key(key,&tmp);
+ idea_set_decrypt_key(&tmp,&(ctx->c.idea_cbc.ks));
+ memset((unsigned char *)&tmp,0,
+ sizeof(IDEA_KEY_SCHEDULE));
+ }
+ }
+ }
+
+static void idea_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ idea_cbc_encrypt(
+ in,out,(long)inl,
+ &(ctx->c.idea_cbc.ks),&(ctx->c.idea_cbc.iv[0]),
+ ctx->encrypt);
+ }
+
+#endif
diff --git a/crypto/evp/e_cbc_r2.c b/crypto/evp/e_cbc_r2.c
new file mode 100644
index 0000000..2e3f855
--- /dev/null
+++ b/crypto/evp/e_cbc_r2.c
@@ -0,0 +1,115 @@
+/* crypto/evp/e_cbc_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void rc2_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void rc2_cbc_init_key();
+static void rc2_cbc_cipher();
+#endif
+
+static EVP_CIPHER r2_cbc_cipher=
+ {
+ NID_rc2_cbc,
+ 8,EVP_RC2_KEY_SIZE,8,
+ rc2_cbc_init_key,
+ rc2_cbc_cipher,
+ };
+
+EVP_CIPHER *EVP_rc2_cbc()
+ {
+ return(&r2_cbc_cipher);
+ }
+
+static void rc2_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.rc2_cbc.oiv[0]),iv,8);
+ memcpy(&(ctx->c.rc2_cbc.iv[0]),&(ctx->c.rc2_cbc.oiv[0]),8);
+ if (key != NULL)
+ RC2_set_key(&(ctx->c.rc2_cbc.ks),EVP_RC2_KEY_SIZE,key,
+ EVP_RC2_KEY_SIZE*8);
+ }
+
+static void rc2_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ RC2_cbc_encrypt(
+ in,out,(long)inl,
+ &(ctx->c.rc2_cbc.ks),&(ctx->c.rc2_cbc.iv[0]),
+ ctx->encrypt);
+ }
+
+#endif
diff --git a/crypto/evp/e_cfb_3d.c b/crypto/evp/e_cfb_3d.c
new file mode 100644
index 0000000..3d6577a
--- /dev/null
+++ b/crypto/evp/e_cfb_3d.c
@@ -0,0 +1,156 @@
+/* crypto/evp/e_cfb_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ede_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ede3_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ede_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_ede_cfb_init_key();
+static void des_ede3_cfb_init_key();
+static void des_ede_cfb_cipher();
+#endif
+
+static EVP_CIPHER d_ede_cfb_cipher2=
+ {
+ NID_des_ede_cfb64,
+ 1,16,8,
+ des_ede_cfb_init_key,
+ des_ede_cfb_cipher,
+ };
+
+static EVP_CIPHER d_ede3_cfb_cipher3=
+ {
+ NID_des_ede3_cfb64,
+ 1,24,8,
+ des_ede3_cfb_init_key,
+ des_ede_cfb_cipher,
+ };
+
+EVP_CIPHER *EVP_des_ede_cfb()
+ {
+ return(&d_ede_cfb_cipher2);
+ }
+
+EVP_CIPHER *EVP_des_ede3_cfb()
+ {
+ return(&d_ede3_cfb_cipher3);
+ }
+
+static void des_ede_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.des_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+ memcpy( (char *)ctx->c.des_cfb.ks3,
+ (char *)ctx->c.des_cfb.ks,
+ sizeof(ctx->c.des_cfb.ks));
+ }
+ }
+
+static void des_ede3_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.des_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+ des_set_key((des_cblock *)&(key[16]),ctx->c.des_cfb.ks3);
+ }
+ }
+
+static void des_ede_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_ede3_cfb64_encrypt(
+ in,out,(long)inl,
+ ctx->c.des_cfb.ks,
+ ctx->c.des_cfb.ks2,
+ ctx->c.des_cfb.ks3,
+ (des_cblock *)&(ctx->c.des_cfb.iv[0]),
+ &ctx->c.des_cfb.num,ctx->encrypt);
+ }
diff --git a/crypto/evp/e_cfb_bf.c b/crypto/evp/e_cfb_bf.c
new file mode 100644
index 0000000..be15d14
--- /dev/null
+++ b/crypto/evp/e_cfb_bf.c
@@ -0,0 +1,116 @@
+/* crypto/evp/e_cfb_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void bf_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void bf_cfb_init_key();
+static void bf_cfb_cipher();
+#endif
+
+static EVP_CIPHER bfish_cfb_cipher=
+ {
+ NID_bf_cfb64,
+ 1,EVP_BLOWFISH_KEY_SIZE,8,
+ bf_cfb_init_key,
+ bf_cfb_cipher,
+ };
+
+EVP_CIPHER *EVP_bf_cfb()
+ {
+ return(&bfish_cfb_cipher);
+ }
+
+static void bf_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.bf_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.bf_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.bf_cfb.iv[0]),&(ctx->c.bf_cfb.oiv[0]),8);
+ if (key != NULL)
+ BF_set_key(&(ctx->c.bf_cfb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+ }
+
+static void bf_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ BF_cfb64_encrypt(
+ in,out,
+ (long)inl, &(ctx->c.bf_cfb.ks),
+ &(ctx->c.bf_cfb.iv[0]),
+ &ctx->c.bf_cfb.num,ctx->encrypt);
+ }
+#endif
diff --git a/crypto/evp/e_cfb_d.c b/crypto/evp/e_cfb_d.c
new file mode 100644
index 0000000..75af87a
--- /dev/null
+++ b/crypto/evp/e_cfb_d.c
@@ -0,0 +1,113 @@
+/* crypto/evp/e_cfb_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_cfb_init_key();
+static void des_cfb_cipher();
+#endif
+
+static EVP_CIPHER d_cfb_cipher=
+ {
+ NID_des_cfb64,
+ 1,8,8,
+ des_cfb_init_key,
+ des_cfb_cipher,
+ };
+
+EVP_CIPHER *EVP_des_cfb()
+ {
+ return(&d_cfb_cipher);
+ }
+
+static void des_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.des_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+ if (key != NULL)
+ des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+ }
+
+static void des_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_cfb64_encrypt(
+ in,out,
+ (long)inl, ctx->c.des_cfb.ks,
+ (des_cblock *)&(ctx->c.des_cfb.iv[0]),
+ &ctx->c.des_cfb.num,ctx->encrypt);
+ }
diff --git a/crypto/evp/e_cfb_i.c b/crypto/evp/e_cfb_i.c
new file mode 100644
index 0000000..7fe2fbf
--- /dev/null
+++ b/crypto/evp/e_cfb_i.c
@@ -0,0 +1,116 @@
+/* crypto/evp/e_cfb_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void idea_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void idea_cfb_init_key();
+static void idea_cfb_cipher();
+#endif
+
+static EVP_CIPHER i_cfb_cipher=
+ {
+ NID_idea_cfb64,
+ 1,IDEA_KEY_LENGTH,IDEA_BLOCK,
+ idea_cfb_init_key,
+ idea_cfb_cipher,
+ };
+
+EVP_CIPHER *EVP_idea_cfb()
+ {
+ return(&i_cfb_cipher);
+ }
+
+static void idea_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.idea_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.idea_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.idea_cfb.iv[0]),&(ctx->c.idea_cfb.oiv[0]),8);
+ if (key != NULL)
+ idea_set_encrypt_key(key,&(ctx->c.idea_cfb.ks));
+ }
+
+static void idea_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ idea_cfb64_encrypt(
+ in,out,(long)inl,
+ &(ctx->c.idea_cfb.ks),&(ctx->c.idea_cfb.iv[0]),
+ &ctx->c.idea_cfb.num,ctx->encrypt);
+ }
+
+#endif
diff --git a/crypto/evp/e_cfb_r2.c b/crypto/evp/e_cfb_r2.c
new file mode 100644
index 0000000..a63c0f1
--- /dev/null
+++ b/crypto/evp/e_cfb_r2.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_cfb_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_cfb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void rc2_cfb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void rc2_cfb_init_key();
+static void rc2_cfb_cipher();
+#endif
+
+static EVP_CIPHER r2_cfb_cipher=
+ {
+ NID_rc2_cfb64,
+ 1,EVP_RC2_KEY_SIZE,8,
+ rc2_cfb_init_key,
+ rc2_cfb_cipher,
+ };
+
+EVP_CIPHER *EVP_rc2_cfb()
+ {
+ return(&r2_cfb_cipher);
+ }
+
+static void rc2_cfb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.rc2_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.rc2_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.rc2_cfb.iv[0]),&(ctx->c.rc2_cfb.oiv[0]),8);
+ if (key != NULL)
+ RC2_set_key(&(ctx->c.rc2_cfb.ks),EVP_RC2_KEY_SIZE,key,
+ EVP_RC2_KEY_SIZE*8);
+ }
+
+static void rc2_cfb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ RC2_cfb64_encrypt(
+ in,out,
+ (long)inl, &(ctx->c.rc2_cfb.ks),
+ &(ctx->c.rc2_cfb.iv[0]),
+ &ctx->c.rc2_cfb.num,ctx->encrypt);
+ }
+#endif
diff --git a/crypto/evp/e_dsa.c b/crypto/evp/e_dsa.c
new file mode 100644
index 0000000..f3dc78e
--- /dev/null
+++ b/crypto/evp/e_dsa.c
@@ -0,0 +1,71 @@
+/* crypto/evp/e_dsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_PKEY_METHOD dss_method=
+ {
+ DSA_sign,
+ DSA_verify,
+ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,NULL},
+ };
+
diff --git a/crypto/evp/e_ecb_3d.c b/crypto/evp/e_ecb_3d.c
new file mode 100644
index 0000000..0a19805
--- /dev/null
+++ b/crypto/evp/e_ecb_3d.c
@@ -0,0 +1,152 @@
+/* crypto/evp/e_ecb_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ede_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ede3_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ede_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_ede_init_key();
+static void des_ede3_init_key();
+static void des_ede_cipher();
+#endif
+
+static EVP_CIPHER d_ede_cipher2=
+ {
+ NID_des_ede,
+ 8,16,0,
+ des_ede_init_key,
+ des_ede_cipher,
+ };
+
+static EVP_CIPHER d_ede3_cipher3=
+ {
+ NID_des_ede3,
+ 8,24,0,
+ des_ede3_init_key,
+ des_ede_cipher,
+ };
+
+EVP_CIPHER *EVP_des_ede()
+ {
+ return(&d_ede_cipher2);
+ }
+
+EVP_CIPHER *EVP_des_ede3()
+ {
+ return(&d_ede3_cipher3);
+ }
+
+static void des_ede_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+ memcpy( (char *)ctx->c.des_ede.ks3,
+ (char *)ctx->c.des_ede.ks1,
+ sizeof(ctx->c.des_ede.ks1));
+ }
+ }
+
+static void des_ede3_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_ede.ks1);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_ede.ks2);
+ des_set_key((des_cblock *)&(key[16]),ctx->c.des_ede.ks3);
+ }
+ }
+
+static void des_ede_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ unsigned int i;
+
+ if (inl < 8) return;
+ inl-=8;
+ for (i=0; i<=inl; i+=8)
+ {
+ des_ecb3_encrypt(
+ (des_cblock *)&(in[i]),(des_cblock *)&(out[i]),
+ ctx->c.des_ede.ks1,
+ ctx->c.des_ede.ks2,
+ ctx->c.des_ede.ks3,
+ ctx->encrypt);
+ }
+ }
diff --git a/crypto/evp/e_ecb_bf.c b/crypto/evp/e_ecb_bf.c
new file mode 100644
index 0000000..f625862
--- /dev/null
+++ b/crypto/evp/e_ecb_bf.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_ecb_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void bf_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void bf_ecb_init_key();
+static void bf_ecb_cipher();
+#endif
+
+static EVP_CIPHER bfish_ecb_cipher=
+ {
+ NID_bf_ecb,
+ 8,EVP_BLOWFISH_KEY_SIZE,0,
+ bf_ecb_init_key,
+ bf_ecb_cipher,
+ };
+
+EVP_CIPHER *EVP_bf_ecb()
+ {
+ return(&bfish_ecb_cipher);
+ }
+
+static void bf_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ BF_set_key(&(ctx->c.bf_ecb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+ }
+
+static void bf_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ unsigned int i;
+
+ if (inl < 8) return;
+ inl-=8;
+ for (i=0; i<=inl; i+=8)
+ {
+ BF_ecb_encrypt(
+ &(in[i]),&(out[i]),
+ &(ctx->c.bf_ecb.ks),ctx->encrypt);
+ }
+ }
+
+#endif
diff --git a/crypto/evp/e_ecb_d.c b/crypto/evp/e_ecb_d.c
new file mode 100644
index 0000000..b1b80e6
--- /dev/null
+++ b/crypto/evp/e_ecb_d.c
@@ -0,0 +1,113 @@
+/* crypto/evp/e_ecb_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_ecb_init_key();
+static void des_ecb_cipher();
+#endif
+
+static EVP_CIPHER d_ecb_cipher=
+ {
+ NID_des_ecb,
+ 8,8,0,
+ des_ecb_init_key,
+ des_ecb_cipher,
+ };
+
+EVP_CIPHER *EVP_des_ecb()
+ {
+ return(&d_ecb_cipher);
+ }
+
+static void des_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ des_set_key((des_cblock *)key,ctx->c.des_ecb.ks);
+ }
+
+static void des_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ unsigned int i;
+
+ if (inl < 8) return;
+ inl-=8;
+ for (i=0; i<=inl; i+=8)
+ {
+ des_ecb_encrypt(
+ (des_cblock *)&(in[i]),(des_cblock *)&(out[i]),
+ ctx->c.des_ecb.ks,ctx->encrypt);
+ }
+ }
diff --git a/crypto/evp/e_ecb_i.c b/crypto/evp/e_ecb_i.c
new file mode 100644
index 0000000..318c4c3
--- /dev/null
+++ b/crypto/evp/e_ecb_i.c
@@ -0,0 +1,128 @@
+/* crypto/evp/e_ecb_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void idea_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void idea_ecb_init_key();
+static void idea_ecb_cipher();
+#endif
+
+static EVP_CIPHER i_ecb_cipher=
+ {
+ NID_idea_ecb,
+ 8,16,0,
+ idea_ecb_init_key,
+ idea_ecb_cipher,
+ };
+
+EVP_CIPHER *EVP_idea_ecb()
+ {
+ return(&i_ecb_cipher);
+ }
+
+static void idea_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ {
+ if (enc)
+ idea_set_encrypt_key(key,&(ctx->c.idea_ecb.ks));
+ else
+ {
+ IDEA_KEY_SCHEDULE tmp;
+
+ idea_set_encrypt_key(key,&tmp);
+ idea_set_decrypt_key(&tmp, &(ctx->c.idea_ecb.ks));
+ memset((unsigned char *)&tmp,0,
+ sizeof(IDEA_KEY_SCHEDULE));
+ }
+ }
+ }
+
+static void idea_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ unsigned int i;
+
+ if (inl < 8) return;
+ inl-=8;
+ for (i=0; i<=inl; i+=8)
+ {
+ idea_ecb_encrypt(
+ &(in[i]),&(out[i]),&(ctx->c.idea_ecb.ks));
+ }
+ }
+
+#endif
diff --git a/crypto/evp/e_ecb_r2.c b/crypto/evp/e_ecb_r2.c
new file mode 100644
index 0000000..66d25f6
--- /dev/null
+++ b/crypto/evp/e_ecb_r2.c
@@ -0,0 +1,118 @@
+/* crypto/evp/e_ecb_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_ecb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void rc2_ecb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void rc2_ecb_init_key();
+static void rc2_ecb_cipher();
+#endif
+
+static EVP_CIPHER r2_ecb_cipher=
+ {
+ NID_rc2_ecb,
+ 8,EVP_RC2_KEY_SIZE,0,
+ rc2_ecb_init_key,
+ rc2_ecb_cipher,
+ };
+
+EVP_CIPHER *EVP_rc2_ecb()
+ {
+ return(&r2_ecb_cipher);
+ }
+
+static void rc2_ecb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ RC2_set_key(&(ctx->c.rc2_ecb.ks),EVP_RC2_KEY_SIZE,key,
+ EVP_RC2_KEY_SIZE*8);
+ }
+
+static void rc2_ecb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ unsigned int i;
+
+ if (inl < 8) return;
+ inl-=8;
+ for (i=0; i<=inl; i+=8)
+ {
+ RC2_ecb_encrypt(
+ &(in[i]),&(out[i]),
+ &(ctx->c.rc2_ecb.ks),ctx->encrypt);
+ }
+ }
+
+#endif
diff --git a/crypto/evp/e_null.c b/crypto/evp/e_null.c
new file mode 100644
index 0000000..c30e273
--- /dev/null
+++ b/crypto/evp/e_null.c
@@ -0,0 +1,105 @@
+/* crypto/evp/e_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void null_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void null_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void null_init_key();
+static void null_cipher();
+#endif
+
+static EVP_CIPHER n_cipher=
+ {
+ NID_undef,
+ 1,0,0,
+ null_init_key,
+ null_cipher,
+ };
+
+EVP_CIPHER *EVP_enc_null()
+ {
+ return(&n_cipher);
+ }
+
+static void null_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ memset(&(ctx->c),0,sizeof(ctx->c));
+ }
+
+static void null_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ if (in != out)
+ memcpy((char *)out,(char *)in,(int)inl);
+ }
+
diff --git a/crypto/evp/e_ofb_3d.c b/crypto/evp/e_ofb_3d.c
new file mode 100644
index 0000000..7dbe50f
--- /dev/null
+++ b/crypto/evp/e_ofb_3d.c
@@ -0,0 +1,155 @@
+/* crypto/evp/e_ofb_3d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ede_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ede3_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ede_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_ede_ofb_init_key();
+static void des_ede3_ofb_init_key();
+static void des_ede_ofb_cipher();
+#endif
+
+static EVP_CIPHER d_ede_ofb_cipher2=
+ {
+ NID_des_ede_ofb64,
+ 1,16,8,
+ des_ede_ofb_init_key,
+ des_ede_ofb_cipher,
+ };
+
+static EVP_CIPHER d_ede3_ofb_cipher3=
+ {
+ NID_des_ede3_ofb64,
+ 1,24,8,
+ des_ede3_ofb_init_key,
+ des_ede_ofb_cipher,
+ };
+
+EVP_CIPHER *EVP_des_ede_ofb()
+ {
+ return(&d_ede_ofb_cipher2);
+ }
+
+EVP_CIPHER *EVP_des_ede3_ofb()
+ {
+ return(&d_ede3_ofb_cipher3);
+ }
+
+static void des_ede_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.des_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+ memcpy( (char *)ctx->c.des_cfb.ks3,
+ (char *)ctx->c.des_cfb.ks,
+ sizeof(ctx->c.des_cfb.ks));
+ }
+ }
+
+static void des_ede3_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.des_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+ des_set_key((des_cblock *)&(key[8]),ctx->c.des_cfb.ks2);
+ des_set_key((des_cblock *)&(key[16]),ctx->c.des_cfb.ks3);
+ }
+ }
+
+static void des_ede_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_ede3_ofb64_encrypt(
+ in,out,
+ (long)inl,
+ ctx->c.des_cfb.ks, ctx->c.des_cfb.ks2, ctx->c.des_cfb.ks3,
+ (des_cblock *)&(ctx->c.des_cfb.iv[0]),
+ &ctx->c.des_cfb.num);
+ }
diff --git a/crypto/evp/e_ofb_bf.c b/crypto/evp/e_ofb_bf.c
new file mode 100644
index 0000000..078f171
--- /dev/null
+++ b/crypto/evp/e_ofb_bf.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_ofb_bf.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_BLOWFISH
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void bf_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void bf_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void bf_ofb_init_key();
+static void bf_ofb_cipher();
+#endif
+
+static EVP_CIPHER bfish_ofb_cipher=
+ {
+ NID_bf_ofb64,
+ 1,EVP_BLOWFISH_KEY_SIZE,8,
+ bf_ofb_init_key,
+ bf_ofb_cipher,
+ };
+
+EVP_CIPHER *EVP_bf_ofb()
+ {
+ return(&bfish_ofb_cipher);
+ }
+
+static void bf_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.bf_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.bf_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.bf_cfb.iv[0]),&(ctx->c.bf_cfb.oiv[0]),8);
+ if (key != NULL)
+ BF_set_key(&(ctx->c.bf_cfb.ks),EVP_BLOWFISH_KEY_SIZE,key);
+ }
+
+static void bf_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ BF_ofb64_encrypt(
+ in,out,
+ (long)inl, &(ctx->c.bf_cfb.ks),
+ &(ctx->c.bf_cfb.iv[0]),
+ &ctx->c.bf_cfb.num);
+ }
+
+#endif
diff --git a/crypto/evp/e_ofb_d.c b/crypto/evp/e_ofb_d.c
new file mode 100644
index 0000000..a48af2e
--- /dev/null
+++ b/crypto/evp/e_ofb_d.c
@@ -0,0 +1,113 @@
+/* crypto/evp/e_ofb_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void des_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void des_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void des_ofb_init_key();
+static void des_ofb_cipher();
+#endif
+
+static EVP_CIPHER d_ofb_cipher=
+ {
+ NID_des_ofb64,
+ 1,8,8,
+ des_ofb_init_key,
+ des_ofb_cipher,
+ };
+
+EVP_CIPHER *EVP_des_ofb()
+ {
+ return(&d_ofb_cipher);
+ }
+
+static void des_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.des_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.des_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.des_cfb.iv[0]),&(ctx->c.des_cfb.oiv[0]),8);
+ if (key != NULL)
+ des_set_key((des_cblock *)key,ctx->c.des_cfb.ks);
+ }
+
+static void des_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_ofb64_encrypt(
+ in,out,
+ (long)inl, ctx->c.des_cfb.ks,
+ (des_cblock *)&(ctx->c.des_cfb.iv[0]),
+ &ctx->c.des_cfb.num);
+ }
diff --git a/crypto/evp/e_ofb_i.c b/crypto/evp/e_ofb_i.c
new file mode 100644
index 0000000..dbf370b
--- /dev/null
+++ b/crypto/evp/e_ofb_i.c
@@ -0,0 +1,116 @@
+/* crypto/evp/e_ofb_i.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_IDEA
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void idea_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void idea_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void idea_ofb_init_key();
+static void idea_ofb_cipher();
+#endif
+
+static EVP_CIPHER i_ofb_cipher=
+ {
+ NID_idea_ofb64,
+ 1,IDEA_KEY_LENGTH,IDEA_BLOCK,
+ idea_ofb_init_key,
+ idea_ofb_cipher,
+ };
+
+EVP_CIPHER *EVP_idea_ofb()
+ {
+ return(&i_ofb_cipher);
+ }
+
+static void idea_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.idea_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.idea_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.idea_cfb.iv[0]),&(ctx->c.idea_cfb.oiv[0]),8);
+ if (key != NULL)
+ idea_set_encrypt_key(key,&(ctx->c.idea_cfb.ks));
+ }
+
+static void idea_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ idea_ofb64_encrypt(
+ in,out,(long)inl,
+ &(ctx->c.idea_cfb.ks),&(ctx->c.idea_cfb.iv[0]),
+ &ctx->c.idea_cfb.num);
+ }
+
+#endif
diff --git a/crypto/evp/e_ofb_r2.c b/crypto/evp/e_ofb_r2.c
new file mode 100644
index 0000000..04e13b3
--- /dev/null
+++ b/crypto/evp/e_ofb_r2.c
@@ -0,0 +1,118 @@
+/* crypto/evp/e_ofb_r2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC2
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc2_ofb_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void rc2_ofb_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void rc2_ofb_init_key();
+static void rc2_ofb_cipher();
+#endif
+
+static EVP_CIPHER r2_ofb_cipher=
+ {
+ NID_rc2_ofb64,
+ 1,EVP_RC2_KEY_SIZE,8,
+ rc2_ofb_init_key,
+ rc2_ofb_cipher,
+ };
+
+EVP_CIPHER *EVP_rc2_ofb()
+ {
+ return(&r2_ofb_cipher);
+ }
+
+static void rc2_ofb_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ ctx->c.rc2_cfb.num=0;
+
+ if (iv != NULL)
+ memcpy(&(ctx->c.rc2_cfb.oiv[0]),iv,8);
+ memcpy(&(ctx->c.rc2_cfb.iv[0]),&(ctx->c.rc2_cfb.oiv[0]),8);
+ if (key != NULL)
+ RC2_set_key(&(ctx->c.rc2_cfb.ks),EVP_RC2_KEY_SIZE,key,
+ EVP_RC2_KEY_SIZE*8);
+ }
+
+static void rc2_ofb_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ RC2_ofb64_encrypt(
+ in,out,
+ (long)inl, &(ctx->c.rc2_cfb.ks),
+ &(ctx->c.rc2_cfb.iv[0]),
+ &ctx->c.rc2_cfb.num);
+ }
+
+#endif
diff --git a/crypto/evp/e_rc4.c b/crypto/evp/e_rc4.c
new file mode 100644
index 0000000..e1ffb5d
--- /dev/null
+++ b/crypto/evp/e_rc4.c
@@ -0,0 +1,109 @@
+/* crypto/evp/e_rc4.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef NO_RC4
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void rc4_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void rc4_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void rc4_init_key();
+static void rc4_cipher();
+#endif
+
+static EVP_CIPHER r4_cipher=
+ {
+ NID_rc4,
+ 1,EVP_RC4_KEY_SIZE,0,
+ rc4_init_key,
+ rc4_cipher,
+ };
+
+EVP_CIPHER *EVP_rc4()
+ {
+ return(&r4_cipher);
+ }
+
+static void rc4_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (key != NULL)
+ memcpy(&(ctx->c.rc4.key[0]),key,EVP_CIPHER_CTX_key_length(ctx));
+ RC4_set_key(&(ctx->c.rc4.ks),EVP_CIPHER_CTX_key_length(ctx),
+ ctx->c.rc4.key);
+ }
+
+static void rc4_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ RC4(&(ctx->c.rc4.ks),inl,in,out);
+ }
+#endif
diff --git a/crypto/evp/e_xcbc_d.c b/crypto/evp/e_xcbc_d.c
new file mode 100644
index 0000000..55fe086
--- /dev/null
+++ b/crypto/evp/e_xcbc_d.c
@@ -0,0 +1,117 @@
+/* crypto/evp/e_xcbc_d.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+#ifndef NOPROTO
+static void desx_cbc_init_key(EVP_CIPHER_CTX *ctx, unsigned char *key,
+ unsigned char *iv,int enc);
+static void desx_cbc_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ unsigned char *in, unsigned int inl);
+#else
+static void desx_cbc_init_key();
+static void desx_cbc_cipher();
+#endif
+
+static EVP_CIPHER d_xcbc_cipher=
+ {
+ NID_desx_cbc,
+ 8,24,8,
+ desx_cbc_init_key,
+ desx_cbc_cipher,
+ };
+
+EVP_CIPHER *EVP_desx_cbc()
+ {
+ return(&d_xcbc_cipher);
+ }
+
+static void desx_cbc_init_key(ctx,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (iv != NULL)
+ memcpy(&(ctx->c.desx_cbc.oiv[0]),iv,8);
+ memcpy(&(ctx->c.desx_cbc.iv[0]),&(ctx->c.desx_cbc.oiv[0]),8);
+ if (key != NULL)
+ {
+ des_set_key((des_cblock *)key,ctx->c.desx_cbc.ks);
+ memcpy(&(ctx->c.desx_cbc.inw[0]),&(key[8]),8);
+ memcpy(&(ctx->c.desx_cbc.outw[0]),&(key[16]),8);
+ }
+ }
+
+static void desx_cbc_cipher(ctx,out,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+unsigned char *in;
+unsigned int inl;
+ {
+ des_xcbc_encrypt(
+ (des_cblock *)in,(des_cblock *)out,
+ (long)inl, ctx->c.desx_cbc.ks,
+ (des_cblock *)&(ctx->c.desx_cbc.iv[0]),
+ (des_cblock *)&(ctx->c.desx_cbc.inw[0]),
+ (des_cblock *)&(ctx->c.desx_cbc.outw[0]),
+ ctx->encrypt);
+ }
diff --git a/crypto/evp/encode.c b/crypto/evp/encode.c
new file mode 100644
index 0000000..7cd6524
--- /dev/null
+++ b/crypto/evp/encode.c
@@ -0,0 +1,422 @@
+/* crypto/evp/encode.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+#define conv_bin2ascii(a) (data_bin2ascii[(a)&0x3f])
+#define conv_ascii2bin(a) (data_ascii2bin[(a)&0x7f])
+
+/* 64 char lines
+ * pad input with 0
+ * left over chars are set to =
+ * 1 byte => xx==
+ * 2 bytes => xxx=
+ * 3 bytes => xxxx
+ */
+#define BIN_PER_LINE (64/4*3)
+#define CHUNKS_PER_LINE (64/4)
+#define CHAR_PER_LINE (64+1)
+
+static unsigned char data_bin2ascii[65]="ABCDEFGHIJKLMNOPQRSTUVWXYZ\
+abcdefghijklmnopqrstuvwxyz0123456789+/";
+
+/* 0xF0 is a EOLN
+ * 0xF1 is ignore but next needs to be 0xF0 (for \r\n processing).
+ * 0xF2 is EOF
+ * 0xE0 is ignore at start of line.
+ * 0xFF is error
+ */
+
+#define B64_EOLN 0xF0
+#define B64_CR 0xF1
+#define B64_EOF 0xF2
+#define B64_WS 0xE0
+#define B64_ERROR 0xFF
+#define B64_NOT_BASE64(a) (((a)|0x13) == 0xF3)
+
+static unsigned char data_ascii2bin[128]={
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0xE0,0xF0,0xFF,0xFF,0xF1,0xFF,0xFF,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xE0,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0xFF,0xFF,0x3E,0xFF,0xF2,0xFF,0x3F,
+ 0x34,0x35,0x36,0x37,0x38,0x39,0x3A,0x3B,
+ 0x3C,0x3D,0xFF,0xFF,0xFF,0x00,0xFF,0xFF,
+ 0xFF,0x00,0x01,0x02,0x03,0x04,0x05,0x06,
+ 0x07,0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,
+ 0x0F,0x10,0x11,0x12,0x13,0x14,0x15,0x16,
+ 0x17,0x18,0x19,0xFF,0xFF,0xFF,0xFF,0xFF,
+ 0xFF,0x1A,0x1B,0x1C,0x1D,0x1E,0x1F,0x20,
+ 0x21,0x22,0x23,0x24,0x25,0x26,0x27,0x28,
+ 0x29,0x2A,0x2B,0x2C,0x2D,0x2E,0x2F,0x30,
+ 0x31,0x32,0x33,0xFF,0xFF,0xFF,0xFF,0xFF,
+ };
+
+void EVP_EncodeInit(ctx)
+EVP_ENCODE_CTX *ctx;
+ {
+ ctx->length=48;
+ ctx->num=0;
+ ctx->line_num=0;
+ }
+
+void EVP_EncodeUpdate(ctx,out,outl,in,inl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int i,j;
+ unsigned int total=0;
+
+ *outl=0;
+ if (inl == 0) return;
+ if ((ctx->num+inl) < ctx->length)
+ {
+ memcpy(&(ctx->enc_data[ctx->num]),in,inl);
+ ctx->num+=inl;
+ return;
+ }
+ if (ctx->num != 0)
+ {
+ i=ctx->length-ctx->num;
+ memcpy(&(ctx->enc_data[ctx->num]),in,i);
+ in+=i;
+ inl-=i;
+ j=EVP_EncodeBlock(out,ctx->enc_data,ctx->length);
+ ctx->num=0;
+ out+=j;
+ *(out++)='\n';
+ *out='\0';
+ total=j+1;
+ }
+ while (inl >= ctx->length)
+ {
+ j=EVP_EncodeBlock(out,in,ctx->length);
+ in+=ctx->length;
+ inl-=ctx->length;
+ out+=j;
+ *(out++)='\n';
+ *out='\0';
+ total+=j+1;
+ }
+ if (inl != 0)
+ memcpy(&(ctx->enc_data[0]),in,inl);
+ ctx->num=inl;
+ *outl=total;
+ }
+
+void EVP_EncodeFinal(ctx,out,outl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ unsigned int ret=0;
+
+ if (ctx->num != 0)
+ {
+ ret=EVP_EncodeBlock(out,ctx->enc_data,ctx->num);
+ out[ret++]='\n';
+ out[ret]='\0';
+ ctx->num=0;
+ }
+ *outl=ret;
+ }
+
+int EVP_EncodeBlock(t,f,dlen)
+unsigned char *t,*f;
+int dlen;
+ {
+ int i,ret=0;
+ unsigned long l;
+
+ for (i=dlen; i > 0; i-=3)
+ {
+ if (i >= 3)
+ {
+ l= (((unsigned long)f[0])<<16L)|
+ (((unsigned long)f[1])<< 8L)|f[2];
+ *(t++)=conv_bin2ascii(l>>18L);
+ *(t++)=conv_bin2ascii(l>>12L);
+ *(t++)=conv_bin2ascii(l>> 6L);
+ *(t++)=conv_bin2ascii(l );
+ }
+ else
+ {
+ l=((unsigned long)f[0])<<16L;
+ if (i == 2) l|=((unsigned long)f[1]<<8L);
+
+ *(t++)=conv_bin2ascii(l>>18L);
+ *(t++)=conv_bin2ascii(l>>12L);
+ *(t++)=(i == 1)?'=':conv_bin2ascii(l>> 6L);
+ *(t++)='=';
+ }
+ ret+=4;
+ f+=3;
+ }
+
+ *t='\0';
+ return(ret);
+ }
+
+void EVP_DecodeInit(ctx)
+EVP_ENCODE_CTX *ctx;
+ {
+ ctx->length=30;
+ ctx->num=0;
+ ctx->line_num=0;
+ }
+
+/* -1 for error
+ * 0 for last line
+ * 1 for full line
+ */
+int EVP_DecodeUpdate(ctx,out,outl,in,inl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int seof= -1,eof=0,rv= -1,ret=0,i,v,tmp,n,ln,tmp2;
+ unsigned char *d;
+
+ n=ctx->num;
+ d=ctx->enc_data;
+ ln=ctx->line_num;
+
+ /* last line of input. */
+ if ((inl == 0) || ((n == 0) && (conv_ascii2bin(in[0]) == B64_EOF)))
+ { rv=0; goto end; }
+
+ /* We parse the input data */
+ for (i=0; i<inl; i++)
+ {
+ /* If the current line is > 80 characters, scream alot */
+ if (ln >= 80) { rv= -1; goto end; }
+
+ /* Get char and put it into the buffer */
+ tmp= *(in++);
+ v=conv_ascii2bin(tmp);
+ /* only save the good data :-) */
+ if (!B64_NOT_BASE64(v))
+ {
+ d[n++]=tmp;
+ ln++;
+ }
+ else if (v == B64_ERROR)
+ {
+ rv= -1;
+ goto end;
+ }
+
+ /* have we seen a '=' which is 'definitly' the last
+ * input line. seof will point to the character that
+ * holds it. and eof will hold how many characters to
+ * chop off. */
+ if (tmp == '=')
+ {
+ if (seof == -1) seof=n;
+ eof++;
+ }
+
+ /* eoln */
+ if (v == B64_EOLN) ln=0;
+
+ /* If we are at the end of input and it looks like a
+ * line, process it. */
+ if (((i+1) == inl) && (((n&3) == 0) || eof))
+ v=B64_EOF;
+
+ if ((v == B64_EOF) || (n >= 64))
+ {
+ tmp2=v;
+ if (n > 0)
+ {
+ v=EVP_DecodeBlock(out,d,n);
+ if (v < 0) { rv=0; goto end; }
+ n=0;
+ ret+=(v-eof);
+ }
+ else
+ {
+ eof=1;
+ v=0;
+ }
+
+ /* This is the case where we have had a short
+ * but valid input line */
+ if ((v < ctx->length) && eof)
+ {
+ rv=0;
+ goto end;
+ }
+ else
+ ctx->length=v;
+
+ if (seof >= 0) { rv=0; goto end; }
+ out+=v;
+ }
+ }
+ rv=1;
+end:
+ *outl=ret;
+ ctx->num=n;
+ ctx->line_num=ln;
+ return(rv);
+ }
+
+int EVP_DecodeBlock(t,f,n)
+unsigned char *t,*f;
+int n;
+ {
+ int i,ret=0,a,b,c,d;
+ unsigned long l;
+
+ /* trim white space from the start of the line. */
+ while ((conv_ascii2bin(*f) == B64_WS) && (n > 0))
+ {
+ f++;
+ n--;
+ }
+
+ /* strip off stuff at the end of the line
+ * ascii2bin values B64_WS, B64_EOLN, B64_EOLN and B64_EOF */
+ while ((n > 3) && (B64_NOT_BASE64(conv_ascii2bin(f[n-1]))))
+ n--;
+
+ if (n%4 != 0) return(-1);
+
+ for (i=0; i<n; i+=4)
+ {
+ a=conv_ascii2bin(*(f++));
+ b=conv_ascii2bin(*(f++));
+ c=conv_ascii2bin(*(f++));
+ d=conv_ascii2bin(*(f++));
+ if ( (a & 0x80) || (b & 0x80) ||
+ (c & 0x80) || (d & 0x80))
+ return(-1);
+ l=( (((unsigned long)a)<<18L)|
+ (((unsigned long)b)<<12L)|
+ (((unsigned long)c)<< 6L)|
+ (((unsigned long)d) ));
+ *(t++)=(unsigned char)(l>>16L)&0xff;
+ *(t++)=(unsigned char)(l>> 8L)&0xff;
+ *(t++)=(unsigned char)(l )&0xff;
+ ret+=3;
+ }
+ return(ret);
+ }
+
+int EVP_DecodeFinal(ctx,out,outl)
+EVP_ENCODE_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i;
+
+ *outl=0;
+ if (ctx->num != 0)
+ {
+ i=EVP_DecodeBlock(out,ctx->enc_data,ctx->num);
+ if (i < 0) return(-1);
+ ctx->num=0;
+ *outl=i;
+ return(1);
+ }
+ else
+ return(1);
+ }
+
+#ifdef undef
+int EVP_DecodeValid(buf,len)
+unsigned char *buf;
+int len;
+ {
+ int i,num=0,bad=0;
+
+ if (len == 0) return(-1);
+ while (conv_ascii2bin(*buf) == B64_WS)
+ {
+ buf++;
+ len--;
+ if (len == 0) return(-1);
+ }
+
+ for (i=len; i >= 4; i-=4)
+ {
+ if ( (conv_ascii2bin(buf[0]) >= 0x40) ||
+ (conv_ascii2bin(buf[1]) >= 0x40) ||
+ (conv_ascii2bin(buf[2]) >= 0x40) ||
+ (conv_ascii2bin(buf[3]) >= 0x40))
+ return(-1);
+ buf+=4;
+ num+=1+(buf[2] != '=')+(buf[3] != '=');
+ }
+ if ((i == 1) && (conv_ascii2bin(buf[0]) == B64_EOLN))
+ return(num);
+ if ((i == 2) && (conv_ascii2bin(buf[0]) == B64_EOLN) &&
+ (conv_ascii2bin(buf[0]) == B64_EOLN))
+ return(num);
+ return(1);
+ }
+#endif
diff --git a/crypto/evp/evp.err b/crypto/evp/evp.err
new file mode 100644
index 0000000..0630b99
--- /dev/null
+++ b/crypto/evp/evp.err
@@ -0,0 +1,23 @@
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+#define EVP_F_D2I_PKEY 100
+#define EVP_F_EVP_DECRYPTFINAL 101
+#define EVP_F_EVP_OPENINIT 102
+#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+#define EVP_F_EVP_PKEY_NEW 104
+#define EVP_F_EVP_SEALINIT 105
+#define EVP_F_EVP_SIGNFINAL 106
+#define EVP_F_EVP_VERIFYFINAL 107
+
+/* Reason codes. */
+#define EVP_R_BAD_DECRYPT 100
+#define EVP_R_DIFFERENT_KEY_TYPES 101
+#define EVP_R_IV_TOO_LARGE 102
+#define EVP_R_MISSING_PARMATERS 103
+#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
+#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+#define EVP_R_PUBLIC_KEY_NOT_RSA 106
+#define EVP_R_UNSUPPORTED_CIPHER 107
+#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108
+#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109
diff --git a/crypto/evp/evp.h b/crypto/evp/evp.h
new file mode 100644
index 0000000..3ece7fb
--- /dev/null
+++ b/crypto/evp/evp.h
@@ -0,0 +1,704 @@
+/* crypto/evp/evp.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_ENVELOPE_H
+#define HEADER_ENVELOPE_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef NO_MD2
+#include "md2.h"
+#endif
+#ifndef NO_MD5
+#include "md5.h"
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+#include "sha.h"
+#endif
+#ifndef NO_DES
+#include "des.h"
+#endif
+#ifndef NO_RC4
+#include "rc4.h"
+#endif
+#ifndef NO_RC2
+#include "rc2.h"
+#endif
+#ifndef NO_BLOWFISH
+#include "blowfish.h"
+#endif
+#ifndef NO_IDEA
+#include "idea.h"
+#endif
+#ifndef NO_MDC2
+#include "mdc2.h"
+#endif
+
+#define EVP_RC2_KEY_SIZE 16
+#define EVP_RC4_KEY_SIZE 16
+#define EVP_BLOWFISH_KEY_SIZE 16
+#define EVP_MAX_MD_SIZE 20
+#define EVP_MAX_KEY_LENGTH 24
+#define EVP_MAX_IV_LENGTH 8
+
+#ifndef NO_RSA
+#include "rsa.h"
+#else
+#define RSA long
+#endif
+
+#ifndef NO_DSA
+#include "dsa.h"
+#else
+#define DSA long
+#endif
+
+#ifndef NO_DH
+#include "dh.h"
+#else
+#define DH long
+#endif
+
+#include "objects.h"
+
+#define EVP_PK_RSA 0x0001
+#define EVP_PK_DSA 0x0002
+#define EVP_PK_DH 0x0004
+#define EVP_PKT_SIGN 0x0010
+#define EVP_PKT_ENC 0x0020
+#define EVP_PKT_EXCH 0x0040
+#define EVP_PKS_RSA 0x0100
+#define EVP_PKS_DSA 0x0200
+#define EVP_PKT_EXP 0x1000 /* <= 512 bit key */
+
+#define EVP_PKEY_NONE NID_undef
+#define EVP_PKEY_RSA NID_rsaEncryption
+#define EVP_PKEY_RSA2 NID_rsa
+#define EVP_PKEY_DSA NID_dsa
+#define EVP_PKEY_DSA2 NID_dsaWithSHA
+#define EVP_PKEY_DSA3 NID_dsaWithSHA1
+#define EVP_PKEY_DH NID_dhKeyAgreement
+
+typedef struct evp_pkey_st
+ {
+ int type;
+ int save_type;
+ int references;
+ union {
+ char *ptr;
+ struct rsa_st *rsa; /* RSA */
+ struct dsa_st *dsa; /* DSA */
+ struct dh_st *dh; /* DH */
+ } pkey;
+ int save_parameters;
+#ifdef HEADER_STACK_H
+ STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+#else
+ char /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+#endif
+ } EVP_PKEY;
+
+#ifndef EVP_MD
+typedef struct env_md_st
+ {
+ int type;
+ int pkey_type;
+ int md_size;
+ void (*init)();
+ void (*update)();
+ void (*final)();
+
+ int (*sign)();
+ int (*verify)();
+ int required_pkey_type[4]; /*EVP_PKEY_xxx */
+ } EVP_MD;
+
+#define EVP_PKEY_NULL_method NULL,NULL,{0,0,0,0}
+
+#ifndef NO_DSA
+#define EVP_PKEY_DSA_method DSA_sign,DSA_verify, \
+ {EVP_PKEY_DSA,EVP_PKEY_DSA2,EVP_PKEY_DSA3,0}
+#else
+#define EVP_PKEY_DSA_method EVP_PKEY_NULL_method
+#endif
+
+#ifndef NO_RSA
+#define EVP_PKEY_RSA_method RSA_sign,RSA_verify, \
+ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method \
+ RSA_sign_ASN1_OCTET_STRING, \
+ RSA_verify_ASN1_OCTET_STRING, \
+ {EVP_PKEY_RSA,EVP_PKEY_RSA2,0,0}
+#else
+#define EVP_PKEY_RSA_method EVP_PKEY_NULL_method
+#define EVP_PKEY_RSA_ASN1_OCTET_STRING_method EVP_PKEY_NULL_method
+#endif
+
+#endif /* !EVP_MD */
+
+typedef struct env_md_ctx_st
+ {
+ EVP_MD *digest;
+ union {
+ unsigned char base[4];
+#ifndef NO_MD2
+ MD2_CTX md2;
+#endif
+#ifndef NO_MD5
+ MD5_CTX md5;
+#endif
+#if !defined(NO_SHA) || !defined(NO_SHA1)
+ SHA_CTX sha;
+#endif
+#ifndef NO_MDC2
+ MDC2_CTX mdc2;
+#endif
+ } md;
+ } EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+ {
+ int nid;
+ int block_size;
+ int key_len;
+ int iv_len;
+ void (*init)(); /* init for encryption */
+ void (*do_cipher)(); /* encrypt data */
+ void (*cleanup)(); /* used by cipher method */
+ } EVP_CIPHER;
+
+typedef struct evp_cipher_info_st
+ {
+ EVP_CIPHER *cipher;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ } EVP_CIPHER_INFO;
+
+typedef struct evp_cipher_ctx_st
+ {
+ EVP_CIPHER *cipher;
+ int encrypt; /* encrypt or decrypt */
+ int buf_len; /* number we have left */
+ unsigned char buf[8];
+ char *app_data; /* aplication stuff */
+ union {
+#ifndef NO_RC4
+ struct
+ {
+ unsigned char key[EVP_RC4_KEY_SIZE];
+ RC4_KEY ks; /* working key */
+ } rc4;
+#endif
+#ifndef NO_DES
+ struct
+ {
+ des_key_schedule ks;/* key schedule */
+ } des_ecb;
+
+ struct
+ {
+ C_Block oiv; /* original iv */
+ C_Block iv; /* working iv */
+ des_key_schedule ks;/* key schedule */
+ } des_cbc;
+
+ struct
+ {
+ C_Block oiv; /* original iv */
+ C_Block iv; /* working iv */
+ C_Block inw;
+ C_Block outw;
+ des_key_schedule ks;/* key schedule */
+ } desx_cbc;
+
+ struct
+ {
+ C_Block oiv; /* original iv */
+ C_Block iv; /* working iv */
+ des_key_schedule ks;/* key schedule */
+ des_key_schedule ks2;/* key schedule (for ede) */
+ des_key_schedule ks3;/* key schedule (for ede3) */
+ int num; /* used by cfb mode */
+ } des_cfb;
+
+ struct
+ {
+ C_Block oiv; /* original iv */
+ C_Block iv; /* working iv */
+ des_key_schedule ks1;/* ksched 1 */
+ des_key_schedule ks2;/* ksched 2 */
+ des_key_schedule ks3;/* ksched 3 */
+ } des_ede;
+#endif
+#ifndef NO_IDEA
+ struct
+ {
+ IDEA_KEY_SCHEDULE ks;/* key schedule */
+ } idea_ecb;
+ struct
+ {
+ unsigned char oiv[8];/* original iv */
+ unsigned char iv[8]; /* working iv */
+ IDEA_KEY_SCHEDULE ks;/* key schedule */
+ } idea_cbc;
+ struct
+ {
+ unsigned char oiv[8];/* original iv */
+ unsigned char iv[8]; /* working iv */
+ IDEA_KEY_SCHEDULE ks;/* key schedule */
+ int num; /* used by cfb mode */
+ } idea_cfb;
+#endif
+#ifndef NO_RC2
+ struct
+ {
+ RC2_KEY ks;/* key schedule */
+ } rc2_ecb;
+ struct
+ {
+ unsigned char oiv[8];/* original iv */
+ unsigned char iv[8]; /* working iv */
+ RC2_KEY ks;/* key schedule */
+ } rc2_cbc;
+ struct
+ {
+ unsigned char oiv[8];/* original iv */
+ unsigned char iv[8]; /* working iv */
+ RC2_KEY ks;/* key schedule */
+ int num; /* used by cfb mode */
+ } rc2_cfb;
+#endif
+#ifndef NO_BLOWFISH
+ struct
+ {
+ BF_KEY ks;/* key schedule */
+ } bf_ecb;
+ struct
+ {
+ unsigned char oiv[8];/* original iv */
+ unsigned char iv[8]; /* working iv */
+ BF_KEY ks;/* key schedule */
+ } bf_cbc;
+ struct
+ {
+ unsigned char oiv[8];/* original iv */
+ unsigned char iv[8]; /* working iv */
+ BF_KEY ks;/* key schedule */
+ int num; /* used by cfb mode */
+ } bf_cfb;
+#endif
+ } c;
+ } EVP_CIPHER_CTX;
+
+typedef struct evp_Encode_Ctx_st
+ {
+ int num; /* number saved in a partial encode/decode */
+ int length; /* The length is either the output line length
+ * (in input bytes) or the shortest input line
+ * length that is ok. Once decoding begins,
+ * the length is adjusted up each time a longer
+ * line is decoded */
+ unsigned char enc_data[80]; /* data to encode */
+ int line_num; /* number read on current line */
+ } EVP_ENCODE_CTX;
+
+#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ (char *)(rsa))
+#define EVP_PKEY_assign_DSA(pkey,dsa) EVP_PKEY_assign((pkey),EVP_PKEY_DSA,\
+ (char *)(dsa))
+#define EVP_PKEY_assign_DH(pkey,dh) EVP_PKEY_assign((pkey),EVP_PKEY_DH,\
+ (char *)(dh))
+
+/* Add some extra combinations */
+#define EVP_get_digestbynid(a) EVP_get_digestbyname(OBJ_nid2sn(a))
+#define EVP_get_digestbyobj(a) EVP_get_digestbynid(OBJ_obj2nid(a))
+#define EVP_get_cipherbynid(a) EVP_get_cipherbyname(OBJ_nid2sn(a))
+#define EVP_get_cipherbyobj(a) EVP_get_cipherbynid(OBJ_obj2nid(a))
+
+#define EVP_MD_type(e) ((e)->type)
+#define EVP_MD_pkey_type(e) ((e)->pkey_type)
+#define EVP_MD_size(e) ((e)->md_size)
+#define EVP_MD_CTX_size(e) ((e)->digest->md_size)
+#define EVP_MD_CTX_type(e) ((e)->digest)
+
+#define EVP_CIPHER_nid(e) ((e)->nid)
+#define EVP_CIPHER_block_size(e) ((e)->block_size)
+#define EVP_CIPHER_key_length(e) ((e)->key_len)
+#define EVP_CIPHER_iv_length(e) ((e)->iv_len)
+
+#define EVP_CIPHER_CTX_cipher(e) ((e)->cipher)
+#define EVP_CIPHER_CTX_nid(e) ((e)->cipher->nid)
+#define EVP_CIPHER_CTX_block_size(e) ((e)->cipher->block_size)
+#define EVP_CIPHER_CTX_key_length(e) ((e)->cipher->key_len)
+#define EVP_CIPHER_CTX_iv_length(e) ((e)->cipher->iv_len)
+#define EVP_CIPHER_CTX_get_app_data(e) ((e)->app_data)
+#define EVP_CIPHER_CTX_set_app_data(e,d) ((e)->app_data=(char *)(d))
+
+#define EVP_ENCODE_LENGTH(l) (((l+2)/3*4)+(l/48+1)*2+80)
+#define EVP_DECODE_LENGTH(l) ((l+3)/4*3+80)
+
+#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
+#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
+#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
+#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
+
+#define BIO_set_md(b,md) BIO_ctrl(b,BIO_C_SET_MD,0,(char *)md)
+#define BIO_get_md(b,mdp) BIO_ctrl(b,BIO_C_GET_MD,0,(char *)mdp)
+#define BIO_get_md_ctx(b,mdcp) BIO_ctrl(b,BIO_C_GET_MD_CTX,0,(char *)mdcp)
+#define BIO_get_cipher_status(b) BIO_ctrl(b,BIO_C_GET_CIPHER_STATUS,0,NULL)
+
+#define EVP_Cipher(c,o,i,l) (c)->cipher->do_cipher((c),(o),(i),(l))
+
+#ifndef NOPROTO
+
+void EVP_DigestInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void EVP_DigestUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+void EVP_DigestFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s);
+
+int EVP_read_pw_string(char *buf,int length,char *prompt,int verify);
+void EVP_set_pw_prompt(char *prompt);
+char * EVP_get_pw_prompt(void);
+
+int EVP_BytesToKey(EVP_CIPHER *type,EVP_MD *md,unsigned char *salt,
+ unsigned char *data, int datal, int count,
+ unsigned char *key,unsigned char *iv);
+
+EVP_CIPHER *EVP_get_cipherbyname(char *name);
+
+void EVP_EncryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
+ unsigned char *key, unsigned char *iv);
+void EVP_EncryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+void EVP_EncryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+void EVP_DecryptInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,
+ unsigned char *key, unsigned char *iv);
+void EVP_DecryptUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+int EVP_DecryptFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+void EVP_CipherInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type, unsigned char *key,
+ unsigned char *iv,int enc);
+void EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, unsigned char *out,
+ int *outl, unsigned char *in, int inl);
+int EVP_CipherFinal(EVP_CIPHER_CTX *ctx, unsigned char *outm, int *outl);
+
+int EVP_SignFinal(EVP_MD_CTX *ctx,unsigned char *md,unsigned int *s,
+ EVP_PKEY *pkey);
+
+int EVP_VerifyFinal(EVP_MD_CTX *ctx,unsigned char *sigbuf,
+ unsigned int siglen,EVP_PKEY *pkey);
+
+int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+ int ekl,unsigned char *iv,EVP_PKEY *priv);
+int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+
+int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+ int *ekl, unsigned char *iv,EVP_PKEY **pubk, int npubk);
+void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
+ int *outl,unsigned char *in,int inl);
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
+int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n);
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
+ unsigned char *in, int inl);
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+ char *out, int *outl);
+int EVP_DecodeBlock(unsigned char *t, unsigned
+ char *f, int n);
+
+void ERR_load_EVP_strings(void );
+
+void EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *a);
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_md(void);
+BIO_METHOD *BIO_f_base64(void);
+BIO_METHOD *BIO_f_cipher(void);
+void BIO_set_cipher(BIO *b,EVP_CIPHER *c,unsigned char *k,
+ unsigned char *i, int enc);
+#endif
+
+EVP_MD *EVP_md_null(void);
+EVP_MD *EVP_md2(void);
+EVP_MD *EVP_md5(void);
+EVP_MD *EVP_sha(void);
+EVP_MD *EVP_sha1(void);
+EVP_MD *EVP_dss(void);
+EVP_MD *EVP_dss1(void);
+EVP_MD *EVP_mdc2(void);
+
+EVP_CIPHER *EVP_enc_null(void); /* does nothing :-) */
+EVP_CIPHER *EVP_des_ecb(void);
+EVP_CIPHER *EVP_des_ede(void);
+EVP_CIPHER *EVP_des_ede3(void);
+EVP_CIPHER *EVP_des_cfb(void);
+EVP_CIPHER *EVP_des_ede_cfb(void);
+EVP_CIPHER *EVP_des_ede3_cfb(void);
+EVP_CIPHER *EVP_des_ofb(void);
+EVP_CIPHER *EVP_des_ede_ofb(void);
+EVP_CIPHER *EVP_des_ede3_ofb(void);
+EVP_CIPHER *EVP_des_cbc(void);
+EVP_CIPHER *EVP_des_ede_cbc(void);
+EVP_CIPHER *EVP_des_ede3_cbc(void);
+EVP_CIPHER *EVP_desx_cbc(void);
+EVP_CIPHER *EVP_rc4(void);
+EVP_CIPHER *EVP_idea_ecb(void);
+EVP_CIPHER *EVP_idea_cfb(void);
+EVP_CIPHER *EVP_idea_ofb(void);
+EVP_CIPHER *EVP_idea_cbc(void);
+EVP_CIPHER *EVP_rc2_ecb(void);
+EVP_CIPHER *EVP_rc2_cbc(void);
+EVP_CIPHER *EVP_rc2_cfb(void);
+EVP_CIPHER *EVP_rc2_ofb(void);
+EVP_CIPHER *EVP_bf_ecb(void);
+EVP_CIPHER *EVP_bf_cbc(void);
+EVP_CIPHER *EVP_bf_cfb(void);
+EVP_CIPHER *EVP_bf_ofb(void);
+
+void SSLeay_add_all_algorithms(void);
+void SSLeay_add_all_ciphers(void);
+void SSLeay_add_all_digests(void);
+
+int EVP_add_cipher(EVP_CIPHER *cipher);
+int EVP_add_digest(EVP_MD *digest);
+int EVP_add_alias(char *name,char *alias);
+int EVP_delete_alias(char *name);
+
+EVP_CIPHER *EVP_get_cipherbyname(char *name);
+EVP_MD *EVP_get_digestbyname(char *name);
+void EVP_cleanup(void);
+
+int EVP_PKEY_type(int type);
+int EVP_PKEY_size(EVP_PKEY *pkey);
+int EVP_PKEY_assign(EVP_PKEY *pkey,int type,char *key);
+EVP_PKEY * EVP_PKEY_new(void);
+void EVP_PKEY_free(EVP_PKEY *pkey);
+EVP_PKEY * d2i_PublicKey(int type,EVP_PKEY **a, unsigned char **pp,
+ long length);
+int i2d_PublicKey(EVP_PKEY *a, unsigned char **pp);
+
+EVP_PKEY * d2i_PrivateKey(int type,EVP_PKEY **a, unsigned char **pp,
+ long length);
+int i2d_PrivateKey(EVP_PKEY *a, unsigned char **pp);
+
+int EVP_PKEY_copy_parameters(EVP_PKEY *to,EVP_PKEY *from);
+int EVP_PKEY_missing_parameters(EVP_PKEY *pkey);
+int EVP_PKEY_save_parameters(EVP_PKEY *pkey,int mode);
+
+#else
+
+void EVP_DigestInit();
+void EVP_DigestUpdate();
+void EVP_DigestFinal();
+
+int EVP_read_pw_string();
+void EVP_set_pw_prompt();
+char * EVP_get_pw_prompt();
+
+int EVP_BytesToKey();
+
+EVP_CIPHER *EVP_get_cipherbyname();
+
+void EVP_EncryptInit();
+void EVP_EncryptUpdate();
+void EVP_EncryptFinal();
+
+void EVP_DecryptInit();
+void EVP_DecryptUpdate();
+int EVP_DecryptFinal();
+
+void EVP_CipherInit();
+void EVP_CipherUpdate();
+int EVP_CipherFinal();
+
+int EVP_SignFinal();
+
+int EVP_VerifyFinal();
+
+int EVP_OpenInit();
+int EVP_OpenFinal();
+
+int EVP_SealInit();
+void EVP_SealFinal();
+
+void EVP_EncodeInit();
+void EVP_EncodeUpdate();
+void EVP_EncodeFinal();
+int EVP_EncodeBlock();
+
+void EVP_DecodeInit();
+int EVP_DecodeUpdate();
+int EVP_DecodeFinal();
+int EVP_DecodeBlock();
+
+void ERR_load_EVP_strings();
+
+void EVP_CIPHER_CTX_cleanup();
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_md();
+BIO_METHOD *BIO_f_base64();
+BIO_METHOD *BIO_f_cipher();
+void BIO_set_cipher();
+#endif
+
+EVP_MD *EVP_md_null();
+EVP_MD *EVP_md2();
+EVP_MD *EVP_md5();
+EVP_MD *EVP_sha();
+EVP_MD *EVP_sha1();
+EVP_MD *EVP_dss();
+EVP_MD *EVP_dss1();
+EVP_MD *EVP_mdc2();
+
+EVP_CIPHER *EVP_enc_null();
+EVP_CIPHER *EVP_des_ecb();
+EVP_CIPHER *EVP_des_ede();
+EVP_CIPHER *EVP_des_ede3();
+EVP_CIPHER *EVP_des_cfb();
+EVP_CIPHER *EVP_des_ede_cfb();
+EVP_CIPHER *EVP_des_ede3_cfb();
+EVP_CIPHER *EVP_des_ofb();
+EVP_CIPHER *EVP_des_ede_ofb();
+EVP_CIPHER *EVP_des_ede3_ofb();
+EVP_CIPHER *EVP_des_cbc();
+EVP_CIPHER *EVP_des_ede_cbc();
+EVP_CIPHER *EVP_des_ede3_cbc();
+EVP_CIPHER *EVP_desx_cbc();
+EVP_CIPHER *EVP_rc4();
+EVP_CIPHER *EVP_idea_ecb();
+EVP_CIPHER *EVP_idea_cfb();
+EVP_CIPHER *EVP_idea_ofb();
+EVP_CIPHER *EVP_idea_cbc();
+EVP_CIPHER *EVP_rc2_ecb();
+EVP_CIPHER *EVP_rc2_cbc();
+EVP_CIPHER *EVP_rc2_cfb();
+EVP_CIPHER *EVP_rc2_ofb();
+EVP_CIPHER *EVP_bf_ecb();
+EVP_CIPHER *EVP_bf_cbc();
+EVP_CIPHER *EVP_bf_cfb();
+EVP_CIPHER *EVP_bf_ofb();
+
+void SSLeay_add_all_algorithms();
+void SSLeay_add_all_ciphers();
+void SSLeay_add_all_digests();
+
+int EVP_add_cipher();
+int EVP_add_digest();
+int EVP_add_alias();
+int EVP_delete_alias();
+
+EVP_CIPHER *EVP_get_cipherbyname();
+EVP_MD *EVP_get_digestbyname();
+void EVP_cleanup();
+
+int EVP_PKEY_type();
+int EVP_PKEY_size();
+int EVP_PKEY_assign();
+EVP_PKEY * EVP_PKEY_new();
+void EVP_PKEY_free();
+EVP_PKEY * d2i_PublicKey();
+int i2d_PublicKey();
+
+EVP_PKEY * d2i_PrivateKey();
+int i2d_PrivateKey();
+
+int EVP_PKEY_copy_parameters();
+int EVP_PKEY_missing_parameters();
+int EVP_PKEY_save_parameters();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the EVP functions. */
+
+/* Function codes. */
+#define EVP_F_D2I_PKEY 100
+#define EVP_F_EVP_DECRYPTFINAL 101
+#define EVP_F_EVP_OPENINIT 102
+#define EVP_F_EVP_PKEY_COPY_PARAMETERS 103
+#define EVP_F_EVP_PKEY_NEW 104
+#define EVP_F_EVP_SEALINIT 105
+#define EVP_F_EVP_SIGNFINAL 106
+#define EVP_F_EVP_VERIFYFINAL 107
+
+/* Reason codes. */
+#define EVP_R_BAD_DECRYPT 100
+#define EVP_R_DIFFERENT_KEY_TYPES 101
+#define EVP_R_IV_TOO_LARGE 102
+#define EVP_R_MISSING_PARMATERS 103
+#define EVP_R_NO_SIGN_FUNCTION_CONFIGURED 104
+#define EVP_R_NO_VERIFY_FUNCTION_CONFIGURED 105
+#define EVP_R_PUBLIC_KEY_NOT_RSA 106
+#define EVP_R_UNSUPPORTED_CIPHER 107
+#define EVP_R_WRONG_FINAL_BLOCK_LENGTH 108
+#define EVP_R_WRONG_PUBLIC_KEY_TYPE 109
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/evp/evp_enc.c b/crypto/evp/evp_enc.c
new file mode 100644
index 0000000..2015b5f
--- /dev/null
+++ b/crypto/evp/evp_enc.c
@@ -0,0 +1,296 @@
+/* crypto/evp/evp_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+char *EVP_version="EVP part of SSLeay 0.8.1b 29-Jun-1998";
+
+void EVP_CipherInit(ctx,data,key,iv,enc)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *data;
+unsigned char *key;
+unsigned char *iv;
+int enc;
+ {
+ if (enc)
+ EVP_EncryptInit(ctx,data,key,iv);
+ else
+ EVP_DecryptInit(ctx,data,key,iv);
+ }
+
+void EVP_CipherUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ if (ctx->encrypt)
+ EVP_EncryptUpdate(ctx,out,outl,in,inl);
+ else EVP_DecryptUpdate(ctx,out,outl,in,inl);
+ }
+
+int EVP_CipherFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ if (ctx->encrypt)
+ {
+ EVP_EncryptFinal(ctx,out,outl);
+ return(1);
+ }
+ else return(EVP_DecryptFinal(ctx,out,outl));
+ }
+
+void EVP_EncryptInit(ctx,cipher,key,iv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *cipher;
+unsigned char *key;
+unsigned char *iv;
+ {
+ if (cipher != NULL)
+ ctx->cipher=cipher;
+ ctx->cipher->init(ctx,key,iv,1);
+ ctx->encrypt=1;
+ ctx->buf_len=0;
+ }
+
+void EVP_DecryptInit(ctx,cipher,key,iv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *cipher;
+unsigned char *key;
+unsigned char *iv;
+ {
+ if (cipher != NULL)
+ ctx->cipher=cipher;
+ ctx->cipher->init(ctx,key,iv,0);
+ ctx->encrypt=0;
+ ctx->buf_len=0;
+ }
+
+
+void EVP_EncryptUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int i,j,bl;
+
+ i=ctx->buf_len;
+ bl=ctx->cipher->block_size;
+ *outl=0;
+ if ((inl == 0) && (i != bl)) return;
+ if (i != 0)
+ {
+ if (i+inl < bl)
+ {
+ memcpy(&(ctx->buf[i]),in,inl);
+ ctx->buf_len+=inl;
+ return;
+ }
+ else
+ {
+ j=bl-i;
+ if (j != 0) memcpy(&(ctx->buf[i]),in,j);
+ ctx->cipher->do_cipher(ctx,out,ctx->buf,bl);
+ inl-=j;
+ in+=j;
+ out+=bl;
+ *outl+=bl;
+ }
+ }
+ i=inl%bl; /* how much is left */
+ inl-=i;
+ if (inl > 0)
+ {
+ ctx->cipher->do_cipher(ctx,out,in,inl);
+ *outl+=inl;
+ }
+
+ if (i != 0)
+ memcpy(ctx->buf,&(in[inl]),i);
+ ctx->buf_len=i;
+ }
+
+void EVP_EncryptFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i,n,b,bl;
+
+ b=ctx->cipher->block_size;
+ if (b == 1)
+ {
+ *outl=0;
+ return;
+ }
+ bl=ctx->buf_len;
+ n=b-bl;
+ for (i=bl; i<b; i++)
+ ctx->buf[i]=n;
+ ctx->cipher->do_cipher(ctx,out,ctx->buf,b);
+ *outl=b;
+ }
+
+void EVP_DecryptUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ int b,bl,n;
+ int keep_last=0;
+
+ *outl=0;
+ if (inl == 0) return;
+
+ b=ctx->cipher->block_size;
+ if (b > 1)
+ {
+ /* Is the input a multiple of the block size? */
+ bl=ctx->buf_len;
+ n=inl+bl;
+ if (n%b == 0)
+ {
+ if (inl < b) /* must be 'just one' buff */
+ {
+ memcpy(&(ctx->buf[bl]),in,inl);
+ ctx->buf_len=b;
+ *outl=0;
+ return;
+ }
+ keep_last=1;
+ inl-=b; /* don't do the last block */
+ }
+ }
+ EVP_EncryptUpdate(ctx,out,outl,in,inl);
+
+ /* if we have 'decrypted' a multiple of block size, make sure
+ * we have a copy of this last block */
+ if (keep_last)
+ {
+ memcpy(&(ctx->buf[0]),&(in[inl]),b);
+#ifdef DEBUG
+ if (ctx->buf_len != 0)
+ {
+ abort();
+ }
+#endif
+ ctx->buf_len=b;
+ }
+ }
+
+int EVP_DecryptFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i,b;
+ int n;
+
+ *outl=0;
+ b=ctx->cipher->block_size;
+ if (b > 1)
+ {
+ if (ctx->buf_len != b)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_WRONG_FINAL_BLOCK_LENGTH);
+ return(0);
+ }
+ EVP_EncryptUpdate(ctx,ctx->buf,&n,ctx->buf,0);
+ if (n != b)
+ return(0);
+ n=ctx->buf[b-1];
+ if (n > b)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+ return(0);
+ }
+ for (i=0; i<n; i++)
+ {
+ if (ctx->buf[--b] != n)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
+ return(0);
+ }
+ }
+ n=ctx->cipher->block_size-n;
+ for (i=0; i<n; i++)
+ out[i]=ctx->buf[i];
+ *outl=n;
+ }
+ else
+ *outl=0;
+ return(1);
+ }
+
+void EVP_CIPHER_CTX_cleanup(c)
+EVP_CIPHER_CTX *c;
+ {
+ if ((c->cipher != NULL) && (c->cipher->cleanup != NULL))
+ c->cipher->cleanup(c);
+ memset(c,0,sizeof(EVP_CIPHER_CTX));
+ }
+
diff --git a/crypto/evp/evp_err.c b/crypto/evp/evp_err.c
new file mode 100644
index 0000000..326da11
--- /dev/null
+++ b/crypto/evp/evp_err.c
@@ -0,0 +1,101 @@
+/* lib/evp/evp_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "evp.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA EVP_str_functs[]=
+ {
+{ERR_PACK(0,EVP_F_D2I_PKEY,0), "D2I_PKEY"},
+{ERR_PACK(0,EVP_F_EVP_DECRYPTFINAL,0), "EVP_DecryptFinal"},
+{ERR_PACK(0,EVP_F_EVP_OPENINIT,0), "EVP_OpenInit"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_COPY_PARAMETERS,0), "EVP_PKEY_copy_parameters"},
+{ERR_PACK(0,EVP_F_EVP_PKEY_NEW,0), "EVP_PKEY_new"},
+{ERR_PACK(0,EVP_F_EVP_SEALINIT,0), "EVP_SealInit"},
+{ERR_PACK(0,EVP_F_EVP_SIGNFINAL,0), "EVP_SignFinal"},
+{ERR_PACK(0,EVP_F_EVP_VERIFYFINAL,0), "EVP_VerifyFinal"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA EVP_str_reasons[]=
+ {
+{EVP_R_BAD_DECRYPT ,"bad decrypt"},
+{EVP_R_DIFFERENT_KEY_TYPES ,"different key types"},
+{EVP_R_IV_TOO_LARGE ,"iv too large"},
+{EVP_R_MISSING_PARMATERS ,"missing parmaters"},
+{EVP_R_NO_SIGN_FUNCTION_CONFIGURED ,"no sign function configured"},
+{EVP_R_NO_VERIFY_FUNCTION_CONFIGURED ,"no verify function configured"},
+{EVP_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
+{EVP_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{EVP_R_WRONG_FINAL_BLOCK_LENGTH ,"wrong final block length"},
+{EVP_R_WRONG_PUBLIC_KEY_TYPE ,"wrong public key type"},
+{0,NULL},
+ };
+
+void ERR_load_EVP_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_EVP,EVP_str_functs);
+ ERR_load_strings(ERR_LIB_EVP,EVP_str_reasons);
+ }
+ }
diff --git a/crypto/evp/evp_key.c b/crypto/evp/evp_key.c
new file mode 100644
index 0000000..0aa1dbb
--- /dev/null
+++ b/crypto/evp/evp_key.c
@@ -0,0 +1,163 @@
+/* crypto/evp/evp_key.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "x509.h"
+#include "objects.h"
+#include "evp.h"
+
+/* should be init to zeros. */
+static char prompt_string[80];
+
+void EVP_set_pw_prompt(prompt)
+char *prompt;
+ {
+ if (prompt == NULL)
+ prompt_string[0]='\0';
+ else
+ strncpy(prompt_string,prompt,79);
+ }
+
+char *EVP_get_pw_prompt()
+ {
+ if (prompt_string[0] == '\0')
+ return(NULL);
+ else
+ return(prompt_string);
+ }
+
+int EVP_read_pw_string(buf,len,prompt,verify)
+char *buf;
+int len;
+char *prompt;
+int verify;
+ {
+ if ((prompt == NULL) && (prompt_string[0] != '\0'))
+ prompt=prompt_string;
+ return(des_read_pw_string(buf,len,prompt,verify));
+ }
+
+int EVP_BytesToKey(type,md,salt,data,datal,count,key,iv)
+EVP_CIPHER *type;
+EVP_MD *md;
+unsigned char *salt;
+unsigned char *data;
+int datal;
+int count;
+unsigned char *key;
+unsigned char *iv;
+ {
+ EVP_MD_CTX c;
+ unsigned char md_buf[EVP_MAX_MD_SIZE];
+ int niv,nkey,addmd=0;
+ unsigned int mds=0,i;
+
+ nkey=type->key_len;
+ niv=type->iv_len;
+
+ if (data == NULL) return(nkey);
+
+ for (;;)
+ {
+ EVP_DigestInit(&c,md);
+ if (addmd++)
+ EVP_DigestUpdate(&c,&(md_buf[0]),mds);
+ EVP_DigestUpdate(&c,data,datal);
+ if (salt != NULL)
+ EVP_DigestUpdate(&c,salt,8);
+ EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+
+ for (i=1; i<(unsigned int)count; i++)
+ {
+ EVP_DigestInit(&c,md);
+ EVP_DigestUpdate(&c,&(md_buf[0]),mds);
+ EVP_DigestFinal(&c,&(md_buf[0]),&mds);
+ }
+ i=0;
+ if (nkey)
+ {
+ for (;;)
+ {
+ if (nkey == 0) break;
+ if (i == mds) break;
+ if (key != NULL)
+ *(key++)=md_buf[i];
+ nkey--;
+ i++;
+ }
+ }
+ if (niv && (i != mds))
+ {
+ for (;;)
+ {
+ if (niv == 0) break;
+ if (i == mds) break;
+ if (iv != NULL)
+ *(iv++)=md_buf[i];
+ niv--;
+ i++;
+ }
+ }
+ if ((nkey == 0) && (niv == 0)) break;
+ }
+ memset(&c,0,sizeof(c));
+ memset(&(md_buf[0]),0,EVP_MAX_MD_SIZE);
+ return(nkey);
+ }
+
diff --git a/crypto/evp/m_dss.c b/crypto/evp/m_dss.c
new file mode 100644
index 0000000..743beac
--- /dev/null
+++ b/crypto/evp/m_dss.c
@@ -0,0 +1,80 @@
+/* crypto/evp/m_dss.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD dsa_md=
+ {
+ NID_dsaWithSHA,
+ NID_dsaWithSHA,
+ SHA_DIGEST_LENGTH,
+ SHA_Init,
+ SHA_Update,
+ SHA_Final,
+ EVP_PKEY_DSA_method,
+ };
+
+EVP_MD *EVP_dss()
+ {
+ return(&dsa_md);
+ }
+
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
new file mode 100644
index 0000000..a14e859
--- /dev/null
+++ b/crypto/evp/m_dss1.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_dss1.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD dss1_md=
+ {
+ NID_dsa,
+ NID_dsaWithSHA1,
+ SHA_DIGEST_LENGTH,
+ SHA1_Init,
+ SHA1_Update,
+ SHA1_Final,
+ EVP_PKEY_DSA_method,
+ };
+
+EVP_MD *EVP_dss1()
+ {
+ return(&dss1_md);
+ }
diff --git a/crypto/evp/m_md2.c b/crypto/evp/m_md2.c
new file mode 100644
index 0000000..17360c1
--- /dev/null
+++ b/crypto/evp/m_md2.c
@@ -0,0 +1,80 @@
+/* crypto/evp/m_md2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md2_md=
+ {
+ NID_md2,
+ NID_md2WithRSAEncryption,
+ MD2_DIGEST_LENGTH,
+ MD2_Init,
+ MD2_Update,
+ MD2_Final,
+ EVP_PKEY_RSA_method,
+ };
+
+EVP_MD *EVP_md2()
+ {
+ return(&md2_md);
+ }
+
diff --git a/crypto/evp/m_md5.c b/crypto/evp/m_md5.c
new file mode 100644
index 0000000..f7b4eb1
--- /dev/null
+++ b/crypto/evp/m_md5.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_md5.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD md5_md=
+ {
+ NID_md5,
+ NID_md5WithRSAEncryption,
+ MD5_DIGEST_LENGTH,
+ MD5_Init,
+ MD5_Update,
+ MD5_Final,
+ EVP_PKEY_RSA_method,
+ };
+
+EVP_MD *EVP_md5()
+ {
+ return(&md5_md);
+ }
diff --git a/crypto/evp/m_mdc2.c b/crypto/evp/m_mdc2.c
new file mode 100644
index 0000000..da70f68
--- /dev/null
+++ b/crypto/evp/m_mdc2.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_mdc2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD mdc2_md=
+ {
+ NID_mdc2,
+ NID_mdc2WithRSA,
+ MDC2_DIGEST_LENGTH,
+ MDC2_Init,
+ MDC2_Update,
+ MDC2_Final,
+ EVP_PKEY_RSA_ASN1_OCTET_STRING_method,
+ };
+
+EVP_MD *EVP_mdc2()
+ {
+ return(&mdc2_md);
+ }
diff --git a/crypto/evp/m_null.c b/crypto/evp/m_null.c
new file mode 100644
index 0000000..47db2c5
--- /dev/null
+++ b/crypto/evp/m_null.c
@@ -0,0 +1,86 @@
+/* crypto/evp/m_null.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static void function()
+ {
+ }
+
+static EVP_MD null_md=
+ {
+ NID_undef,
+ NID_undef,
+ 0,
+ function,
+ function,
+ function,
+
+ EVP_PKEY_NULL_method
+ };
+
+EVP_MD *EVP_md_null()
+ {
+ return(&null_md);
+ }
+
+
diff --git a/crypto/evp/m_sha.c b/crypto/evp/m_sha.c
new file mode 100644
index 0000000..d723ac7
--- /dev/null
+++ b/crypto/evp/m_sha.c
@@ -0,0 +1,80 @@
+/* crypto/evp/m_sha.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha_md=
+ {
+ NID_sha,
+ NID_shaWithRSAEncryption,
+ SHA_DIGEST_LENGTH,
+ SHA_Init,
+ SHA_Update,
+ SHA_Final,
+ EVP_PKEY_RSA_method,
+ };
+
+EVP_MD *EVP_sha()
+ {
+ return(&sha_md);
+ }
+
diff --git a/crypto/evp/m_sha1.c b/crypto/evp/m_sha1.c
new file mode 100644
index 0000000..30037ff
--- /dev/null
+++ b/crypto/evp/m_sha1.c
@@ -0,0 +1,79 @@
+/* crypto/evp/m_sha1.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+static EVP_MD sha1_md=
+ {
+ NID_sha1,
+ NID_sha1WithRSAEncryption,
+ SHA_DIGEST_LENGTH,
+ SHA1_Init,
+ SHA1_Update,
+ SHA1_Final,
+ EVP_PKEY_RSA_method,
+ };
+
+EVP_MD *EVP_sha1()
+ {
+ return(&sha1_md);
+ }
diff --git a/crypto/evp/names.c b/crypto/evp/names.c
new file mode 100644
index 0000000..49fd34f
--- /dev/null
+++ b/crypto/evp/names.c
@@ -0,0 +1,281 @@
+/* crypto/evp/names.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+
+typedef struct aliases_st {
+ char *alias;
+ /* This must be the last field becaue I will allocate things
+ * so they go off the end of it */
+ char name[4];
+ } ALIASES;
+
+static STACK /* ALIASES */ *aliases=NULL;
+static STACK /* EVP_CIPHERS */ *ciphers=NULL;
+static STACK /* EVP_MD */ *digests=NULL;
+
+static int cipher_nid_cmp(a,b)
+EVP_CIPHER **a,**b;
+ { return((*a)->nid - (*b)->nid); }
+
+static int digest_type_cmp(a,b)
+EVP_MD **a,**b;
+ { return((*a)->pkey_type - (*b)->pkey_type); }
+
+int EVP_add_cipher(c)
+EVP_CIPHER *c;
+ {
+ int i;
+
+ if (ciphers == NULL)
+ {
+ ciphers=sk_new(cipher_nid_cmp);
+ if (ciphers == NULL) return(0);
+ }
+ if ((i=sk_find(ciphers,(char *)c)) >= 0)
+ {
+ if (sk_value(ciphers,i) == (char *)c)
+ return(1);
+ sk_delete(ciphers,i);
+ }
+ return(sk_push(ciphers,(char *)c));
+ }
+
+int EVP_add_digest(md)
+EVP_MD *md;
+ {
+ int i;
+ char *n;
+
+ if (digests == NULL)
+ {
+ digests=sk_new(digest_type_cmp);
+ if (digests == NULL) return(0);
+ }
+ if ((i=sk_find(digests,(char *)md)) >= 0)
+ {
+ if (sk_value(digests,i) == (char *)md)
+ return(1);
+ sk_delete(digests,i);
+ }
+ if (md->type != md->pkey_type)
+ {
+ n=OBJ_nid2sn(md->pkey_type);
+ EVP_add_alias(n,OBJ_nid2sn(md->type));
+ EVP_add_alias(n,OBJ_nid2ln(md->type));
+ }
+ sk_push(digests,(char *)md);
+ return(1);
+ }
+
+static int alias_cmp(a,b)
+ALIASES **a,**b;
+ {
+ return(strcmp((*a)->alias,(*b)->alias));
+ }
+
+int EVP_add_alias(name,aname)
+char *name;
+char *aname;
+ {
+ int l1,l2,i;
+ ALIASES *a;
+ char *p;
+
+ if ((name == NULL) || (aname == NULL)) return(0);
+ l1=strlen(name)+1;
+ l2=strlen(aname)+1;
+ i=sizeof(ALIASES)+l1+l2;
+ if ((a=(ALIASES *)Malloc(i)) == NULL)
+ return(0);
+ strcpy(a->name,name);
+ p= &(a->name[l1]);
+ strcpy(p,aname);
+ a->alias=p;
+
+ if (aliases == NULL)
+ {
+ aliases=sk_new(alias_cmp);
+ if (aliases == NULL) goto err;
+ }
+
+ if ((i=sk_find(aliases,(char *)a)) >= 0)
+ Free(sk_delete(aliases,i));
+ if (!sk_push(aliases,(char *)a)) goto err;
+ return(1);
+err:
+ return(0);
+ }
+
+int EVP_delete_alias(name)
+char *name;
+ {
+ ALIASES a;
+ int i;
+
+ if (aliases != NULL)
+ {
+ a.alias=name;
+ if ((i=sk_find(aliases,(char *)&a)) >= 0)
+ {
+ Free(sk_delete(aliases,i));
+ return(1);
+ }
+ }
+ return(0);
+ }
+
+EVP_CIPHER *EVP_get_cipherbyname(name)
+char *name;
+ {
+ int nid,num=6,i;
+ EVP_CIPHER c,*cp;
+ ALIASES a,*ap;
+
+ if (ciphers == NULL) return(NULL);
+ for (;;)
+ {
+ if (num-- <= 0) return(NULL);
+ if (aliases != NULL)
+ {
+ a.alias=name;
+ i=sk_find(aliases,(char *)&a);
+ if (i >= 0)
+ {
+ ap=(ALIASES *)sk_value(aliases,i);
+ name=ap->name;
+ continue;
+ }
+ }
+
+ nid=OBJ_txt2nid(name);
+ c.nid=nid;
+ i=sk_find(ciphers,(char *)&c);
+ if (i >= 0)
+ {
+ cp=(EVP_CIPHER *)sk_value(ciphers,i);
+ return(cp);
+ }
+ else
+ return(NULL);
+ }
+ }
+
+EVP_MD *EVP_get_digestbyname(name)
+char *name;
+ {
+ int nid,num=6,i;
+ EVP_MD c,*cp;
+ ALIASES a,*ap;
+
+ if (digests == NULL) return(NULL);
+
+ for (;;)
+ {
+ if (num-- <= 0) return(NULL);
+
+ if (aliases != NULL)
+ {
+ a.alias=name;
+ i=sk_find(aliases,(char *)&a);
+ if (i >= 0)
+ {
+ ap=(ALIASES *)sk_value(aliases,i);
+ name=ap->name;
+ continue;
+ }
+ }
+
+ nid=OBJ_txt2nid(name);
+ c.pkey_type=nid;
+ i=sk_find(digests,(char *)&c);
+ if (i >= 0)
+ {
+ cp=(EVP_MD *)sk_value(digests,i);
+ return(cp);
+ }
+ else
+ return(NULL);
+ }
+ }
+
+void EVP_cleanup()
+ {
+ int i;
+
+ if (aliases != NULL)
+ {
+ for (i=0; i<sk_num(aliases); i++)
+ Free(sk_value(aliases,i));
+ sk_free(aliases);
+ aliases=NULL;
+ }
+ if (ciphers != NULL)
+ {
+ sk_free(ciphers);
+ ciphers=NULL;
+ }
+ if (digests != NULL)
+ {
+ sk_free(digests);
+ digests=NULL;
+ }
+ }
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
new file mode 100644
index 0000000..1136904
--- /dev/null
+++ b/crypto/evp/p_lib.c
@@ -0,0 +1,256 @@
+/* crypto/evp/p_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "evp.h"
+#include "asn1_mac.h"
+#include "x509.h"
+
+/* EVPerr(EVP_F_D2I_PKEY,EVP_R_UNSUPPORTED_CIPHER); */
+/* EVPerr(EVP_F_D2I_PKEY,EVP_R_IV_TOO_LARGE); */
+
+#ifndef NOPROTO
+static void EVP_PKEY_free_it(EVP_PKEY *x);
+#else
+static void EVP_PKEY_free_it();
+#endif
+
+int EVP_PKEY_size(pkey)
+EVP_PKEY *pkey;
+ {
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ return(RSA_size(pkey->pkey.rsa));
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ return(DSA_size(pkey->pkey.dsa));
+#endif
+ return(0);
+ }
+
+int EVP_PKEY_save_parameters(pkey,mode)
+EVP_PKEY *pkey;
+int mode;
+ {
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ int ret=pkey->save_parameters=mode;
+
+ if (mode >= 0)
+ pkey->save_parameters=mode;
+ return(ret);
+ }
+#endif
+ return(0);
+ }
+
+int EVP_PKEY_copy_parameters(to,from)
+EVP_PKEY *to,*from;
+ {
+ if (to->type != from->type)
+ {
+ EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_DIFFERENT_KEY_TYPES);
+ return(0);
+ }
+
+ if (EVP_PKEY_missing_parameters(from))
+ {
+ EVPerr(EVP_F_EVP_PKEY_COPY_PARAMETERS,EVP_R_MISSING_PARMATERS);
+ return(0);
+ }
+#ifndef NO_DSA
+ if (to->type == EVP_PKEY_DSA)
+ {
+ BIGNUM *a;
+
+ if ((a=BN_dup(from->pkey.dsa->p)) == NULL) goto err;
+ if (to->pkey.dsa->p != NULL) BN_free(to->pkey.dsa->p);
+ to->pkey.dsa->p=a;
+
+ if ((a=BN_dup(from->pkey.dsa->q)) == NULL) goto err;
+ if (to->pkey.dsa->q != NULL) BN_free(to->pkey.dsa->q);
+ to->pkey.dsa->q=a;
+
+ if ((a=BN_dup(from->pkey.dsa->g)) == NULL) goto err;
+ if (to->pkey.dsa->g != NULL) BN_free(to->pkey.dsa->g);
+ to->pkey.dsa->g=a;
+ }
+#endif
+ return(1);
+err:
+ return(0);
+ }
+
+int EVP_PKEY_missing_parameters(pkey)
+EVP_PKEY *pkey;
+ {
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ DSA *dsa;
+
+ dsa=pkey->pkey.dsa;
+ if ((dsa->p == NULL) || (dsa->q == NULL) || (dsa->g == NULL))
+ return(1);
+ }
+#endif
+ return(0);
+ }
+
+EVP_PKEY *EVP_PKEY_new()
+ {
+ EVP_PKEY *ret;
+
+ ret=(EVP_PKEY *)Malloc(sizeof(EVP_PKEY));
+ if (ret == NULL)
+ {
+ EVPerr(EVP_F_EVP_PKEY_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ ret->type=EVP_PKEY_NONE;
+ ret->references=1;
+ ret->pkey.ptr=NULL;
+ ret->attributes=NULL;
+ ret->save_parameters=1;
+ return(ret);
+ }
+
+int EVP_PKEY_assign(pkey,type,key)
+EVP_PKEY *pkey;
+int type;
+char *key;
+ {
+ if (pkey == NULL) return(0);
+ if (pkey->pkey.ptr != NULL)
+ EVP_PKEY_free_it(pkey);
+ pkey->type=EVP_PKEY_type(type);
+ pkey->save_type=type;
+ pkey->pkey.ptr=key;
+ return(1);
+ }
+
+int EVP_PKEY_type(type)
+int type;
+ {
+ switch (type)
+ {
+ case EVP_PKEY_RSA:
+ case EVP_PKEY_RSA2:
+ return(EVP_PKEY_RSA);
+ case EVP_PKEY_DSA:
+ case EVP_PKEY_DSA2:
+ case EVP_PKEY_DSA3:
+ return(EVP_PKEY_DSA);
+ case EVP_PKEY_DH:
+ return(EVP_PKEY_DH);
+ default:
+ return(NID_undef);
+ }
+ }
+
+void EVP_PKEY_free(x)
+EVP_PKEY *x;
+ {
+ int i;
+
+ if (x == NULL) return;
+
+ i=CRYPTO_add(&x->references,-1,CRYPTO_LOCK_EVP_PKEY);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"EVP_PKEY_free, bad reference count\n");
+ abort();
+ }
+#endif
+ EVP_PKEY_free_it(x);
+ Free((char *)x);
+ }
+
+static void EVP_PKEY_free_it(x)
+EVP_PKEY *x;
+ {
+ switch (x->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ case EVP_PKEY_RSA2:
+ RSA_free(x->pkey.rsa);
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ case EVP_PKEY_DSA2:
+ case EVP_PKEY_DSA3:
+ DSA_free(x->pkey.dsa);
+ break;
+#endif
+#ifndef NO_DH
+ case EVP_PKEY_DH:
+ DH_free(x->pkey.dh);
+ break;
+#endif
+ }
+ }
+
diff --git a/crypto/evp/p_open.c b/crypto/evp/p_open.c
new file mode 100644
index 0000000..4643405
--- /dev/null
+++ b/crypto/evp/p_open.c
@@ -0,0 +1,118 @@
+/* crypto/evp/p_open.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_OpenInit(ctx,type,ek,ekl,iv,priv)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *type;
+unsigned char *ek;
+int ekl;
+unsigned char *iv;
+EVP_PKEY *priv;
+ {
+ unsigned char *key=NULL;
+ int i,size=0,ret=0;
+
+ if (priv->type != EVP_PKEY_RSA)
+ {
+ EVPerr(EVP_F_EVP_OPENINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
+ ret= -1;
+ goto err;
+ }
+
+ size=RSA_size(priv->pkey.rsa);
+ key=(unsigned char *)Malloc(size+2);
+ if (key == NULL)
+ {
+ /* ERROR */
+ EVPerr(EVP_F_EVP_OPENINIT,ERR_R_MALLOC_FAILURE);
+ ret= -1;
+ goto err;
+ }
+
+ i=RSA_private_decrypt(ekl,ek,key,priv->pkey.rsa,RSA_PKCS1_PADDING);
+ if (i != type->key_len)
+ {
+ /* ERROR */
+ goto err;
+ }
+
+ EVP_DecryptInit(ctx,type,key,iv);
+ ret=1;
+err:
+ if (key != NULL) memset(key,0,size);
+ Free(key);
+ return(ret);
+ }
+
+int EVP_OpenFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ int i;
+
+ i=EVP_DecryptFinal(ctx,out,outl);
+ EVP_DecryptInit(ctx,NULL,NULL,NULL);
+ return(i);
+ }
diff --git a/crypto/evp/p_seal.c b/crypto/evp/p_seal.c
new file mode 100644
index 0000000..b059c59
--- /dev/null
+++ b/crypto/evp/p_seal.c
@@ -0,0 +1,122 @@
+/* crypto/evp/p_seal.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_SealInit(ctx,type,ek,ekl,iv,pubk,npubk)
+EVP_CIPHER_CTX *ctx;
+EVP_CIPHER *type;
+unsigned char **ek;
+int *ekl;
+unsigned char *iv;
+EVP_PKEY **pubk;
+int npubk;
+ {
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ int i,ret=0,n;
+
+ if (npubk <= 0) return(0);
+ RAND_bytes(key,EVP_MAX_KEY_LENGTH);
+ if (type->iv_len > 0)
+ RAND_bytes(iv,type->iv_len);
+
+ EVP_EncryptInit(ctx,type,key,iv);
+ for (i=0; i<npubk; i++)
+ {
+ if (pubk[i]->type != EVP_PKEY_RSA)
+ {
+ EVPerr(EVP_F_EVP_SEALINIT,EVP_R_PUBLIC_KEY_NOT_RSA);
+ goto err;
+ }
+ n=RSA_public_encrypt(type->key_len,key,ek[i],pubk[i]->pkey.rsa,
+ RSA_PKCS1_PADDING);
+ if (n <= 0) goto err;
+ ekl[i]=n;
+ }
+ ret=npubk;
+err:
+ memset(key,0,EVP_MAX_KEY_LENGTH);
+ return(ret);
+ }
+
+/* MACRO
+void EVP_SealUpdate(ctx,out,outl,in,inl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ EVP_EncryptUpdate(ctx,out,outl,in,inl);
+ }
+*/
+
+void EVP_SealFinal(ctx,out,outl)
+EVP_CIPHER_CTX *ctx;
+unsigned char *out;
+int *outl;
+ {
+ EVP_EncryptFinal(ctx,out,outl);
+ EVP_EncryptInit(ctx,NULL,NULL,NULL);
+ }
diff --git a/crypto/evp/p_sign.c b/crypto/evp/p_sign.c
new file mode 100644
index 0000000..ad5bcd8
--- /dev/null
+++ b/crypto/evp/p_sign.c
@@ -0,0 +1,117 @@
+/* crypto/evp/p_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+#ifdef undef
+void EVP_SignInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+ {
+ EVP_DigestInit(ctx,type);
+ }
+
+void EVP_SignUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+ {
+ EVP_DigestUpdate(ctx,data,count);
+ }
+#endif
+
+int EVP_SignFinal(ctx,sigret,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigret;
+unsigned int *siglen;
+EVP_PKEY *pkey;
+ {
+ unsigned char m[EVP_MAX_MD_SIZE];
+ unsigned int m_len;
+ int i,ok=0,v;
+
+ *siglen=0;
+ EVP_DigestFinal(ctx,&(m[0]),&m_len);
+ for (i=0; i<4; i++)
+ {
+ v=ctx->digest->required_pkey_type[i];
+ if (v == 0) break;
+ if (pkey->type == v)
+ {
+ ok=1;
+ break;
+ }
+ }
+ if (!ok)
+ {
+ EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
+ return(0);
+ }
+ if (ctx->digest->sign == NULL)
+ {
+ EVPerr(EVP_F_EVP_SIGNFINAL,EVP_R_NO_SIGN_FUNCTION_CONFIGURED);
+ return(0);
+ }
+ return(ctx->digest->sign(ctx->digest->type,m,m_len,sigret,siglen,
+ pkey->pkey.ptr));
+ }
+
diff --git a/crypto/evp/p_verify.c b/crypto/evp/p_verify.c
new file mode 100644
index 0000000..4dbaf1e
--- /dev/null
+++ b/crypto/evp/p_verify.c
@@ -0,0 +1,99 @@
+/* crypto/evp/p_verify.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int EVP_VerifyFinal(ctx,sigbuf,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigbuf;
+unsigned int siglen;
+EVP_PKEY *pkey;
+ {
+ unsigned char m[EVP_MAX_MD_SIZE];
+ unsigned int m_len;
+ int i,ok=0,v;
+
+ for (i=0; i<4; i++)
+ {
+ v=ctx->digest->required_pkey_type[i];
+ if (v == 0) break;
+ if (pkey->type == v)
+ {
+ ok=1;
+ break;
+ }
+ }
+ if (!ok)
+ {
+ EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_WRONG_PUBLIC_KEY_TYPE);
+ return(-1);
+ }
+ EVP_DigestFinal(ctx,&(m[0]),&m_len);
+ if (ctx->digest->verify == NULL)
+ {
+ EVPerr(EVP_F_EVP_VERIFYFINAL,EVP_R_NO_VERIFY_FUNCTION_CONFIGURED);
+ return(0);
+ }
+
+ return(ctx->digest->verify(ctx->digest->type,m,m_len,
+ sigbuf,siglen,pkey->pkey.ptr));
+ }
diff --git a/crypto/idea/Makefile.ssl b/crypto/idea/Makefile.ssl
new file mode 100644
index 0000000..41b42ce
--- /dev/null
+++ b/crypto/idea/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/idea/Makefile
+#
+
+DIR= idea
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=ideatest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=i_cbc.c i_cfb64.c i_ofb64.c i_ecb.c i_skey.c
+LIBOBJ=i_cbc.o i_cfb64.o i_ofb64.o i_ecb.o i_skey.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= idea.h
+HEADER= idea_lcl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/idea/i_cbc.c b/crypto/idea/i_cbc.c
new file mode 100644
index 0000000..d17e9f2
--- /dev/null
+++ b/crypto/idea/i_cbc.c
@@ -0,0 +1,140 @@
+/* crypto/idea/i_cbc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+void idea_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+IDEA_KEY_SCHEDULE *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register unsigned long tin0,tin1;
+ register unsigned long tout0,tout1,xor0,xor1;
+ register long l=length;
+ unsigned long tin[2];
+
+ if (encrypt)
+ {
+ n2l(iv,tout0);
+ n2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0);
+ n2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ idea_encrypt(tin,ks);
+ tout0=tin[0]; l2n(tout0,out);
+ tout1=tin[1]; l2n(tout1,out);
+ }
+ if (l != -8)
+ {
+ n2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ idea_encrypt(tin,ks);
+ tout0=tin[0]; l2n(tout0,out);
+ tout1=tin[1]; l2n(tout1,out);
+ }
+ l2n(tout0,iv);
+ l2n(tout1,iv);
+ }
+ else
+ {
+ n2l(iv,xor0);
+ n2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ n2l(in,tin0); tin[0]=tin0;
+ n2l(in,tin1); tin[1]=tin1;
+ idea_encrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2n(tout0,out);
+ l2n(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ n2l(in,tin0); tin[0]=tin0;
+ n2l(in,tin1); tin[1]=tin1;
+ idea_encrypt(tin,ks);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2nn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2n(xor0,iv);
+ l2n(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/crypto/idea/i_cfb64.c b/crypto/idea/i_cfb64.c
new file mode 100644
index 0000000..366f2d1
--- /dev/null
+++ b/crypto/idea/i_cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/idea/i_cfb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void idea_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+IDEA_KEY_SCHEDULE *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+ {
+ register unsigned long v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned long ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (encrypt)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ idea_encrypt((unsigned long *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ n2l(iv,v0); ti[0]=v0;
+ n2l(iv,v1); ti[1]=v1;
+ idea_encrypt((unsigned long *)ti,schedule);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2n(t,iv);
+ t=ti[1]; l2n(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=t=c=cc=0;
+ *num=n;
+ }
+
diff --git a/crypto/idea/i_ecb.c b/crypto/idea/i_ecb.c
new file mode 100644
index 0000000..b3b694b
--- /dev/null
+++ b/crypto/idea/i_ecb.c
@@ -0,0 +1,138 @@
+/* crypto/idea/i_ecb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+char *IDEA_version="IDEA part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *idea_options()
+ {
+ if (sizeof(short) != sizeof(IDEA_INT))
+ return("idea(int)");
+ else
+ return("idea(short)");
+ }
+
+void idea_ecb_encrypt(in, out, ks)
+unsigned char *in;
+unsigned char *out;
+IDEA_KEY_SCHEDULE *ks;
+ {
+ unsigned long l0,l1,d[2];
+
+ n2l(in,l0); d[0]=l0;
+ n2l(in,l1); d[1]=l1;
+ idea_encrypt(d,ks);
+ l0=d[0]; l2n(l0,out);
+ l1=d[1]; l2n(l1,out);
+ l0=l1=d[0]=d[1]=0;
+ }
+
+void idea_encrypt(d,key)
+unsigned long *d;
+IDEA_KEY_SCHEDULE *key;
+ {
+ int i;
+ register IDEA_INT *p;
+ register unsigned long x1,x2,x3,x4,t0,t1,ul;
+
+ x2=d[0];
+ x1=(x2>>16);
+ x4=d[1];
+ x3=(x4>>16);
+
+ p= &(key->data[0][0]);
+ for (i=0; i<8; i++)
+ {
+ x1&=0xffff;
+ idea_mul(x1,x1,*p,ul); p++;
+
+ x2+= *(p++);
+ x3+= *(p++);
+
+ x4&=0xffff;
+ idea_mul(x4,x4,*p,ul); p++;
+
+ t0=(x1^x3)&0xffff;
+ idea_mul(t0,t0,*p,ul); p++;
+
+ t1=(t0+(x2^x4))&0xffff;
+ idea_mul(t1,t1,*p,ul); p++;
+
+ t0+=t1;
+
+ x1^=t1;
+ x4^=t0;
+ ul=x2^t0; /* do the swap to x3 */
+ x2=x3^t1;
+ x3=ul;
+ }
+
+ x1&=0xffff;
+ idea_mul(x1,x1,*p,ul); p++;
+
+ t0= x3+ *(p++);
+ t1= x2+ *(p++);
+
+ x4&=0xffff;
+ idea_mul(x4,x4,*p,ul);
+
+ d[0]=(t0&0xffff)|((x1&0xffff)<<16);
+ d[1]=(x4&0xffff)|((t1&0xffff)<<16);
+ }
diff --git a/crypto/idea/i_ofb64.c b/crypto/idea/i_ofb64.c
new file mode 100644
index 0000000..43a9584
--- /dev/null
+++ b/crypto/idea/i_ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/idea/i_ofb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void idea_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+IDEA_KEY_SCHEDULE *schedule;
+unsigned char *ivec;
+int *num;
+ {
+ register unsigned long v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned char d[8];
+ register char *dp;
+ unsigned long ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ n2l(iv,v0);
+ n2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2n(v0,dp);
+ l2n(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ idea_encrypt((unsigned long *)ti,schedule);
+ dp=(char *)d;
+ t=ti[0]; l2n(t,dp);
+ t=ti[1]; l2n(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2n(v0,iv);
+ l2n(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/crypto/idea/i_skey.c b/crypto/idea/i_skey.c
new file mode 100644
index 0000000..fcbdb69
--- /dev/null
+++ b/crypto/idea/i_skey.c
@@ -0,0 +1,166 @@
+/* crypto/idea/i_skey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "idea.h"
+#include "idea_lcl.h"
+
+#ifndef NOPROTO
+static IDEA_INT inverse(unsigned int xin);
+#else
+static IDEA_INT inverse();
+#endif
+
+void idea_set_encrypt_key(key, ks)
+unsigned char *key;
+IDEA_KEY_SCHEDULE *ks;
+ {
+ int i;
+ register IDEA_INT *kt,*kf,r0,r1,r2;
+
+ kt= &(ks->data[0][0]);
+ n2s(key,kt[0]); n2s(key,kt[1]); n2s(key,kt[2]); n2s(key,kt[3]);
+ n2s(key,kt[4]); n2s(key,kt[5]); n2s(key,kt[6]); n2s(key,kt[7]);
+
+ kf=kt;
+ kt+=8;
+ for (i=0; i<6; i++)
+ {
+ r2= kf[1];
+ r1= kf[2];
+ *(kt++)= ((r2<<9) | (r1>>7))&0xffff;
+ r0= kf[3];
+ *(kt++)= ((r1<<9) | (r0>>7))&0xffff;
+ r1= kf[4];
+ *(kt++)= ((r0<<9) | (r1>>7))&0xffff;
+ r0= kf[5];
+ *(kt++)= ((r1<<9) | (r0>>7))&0xffff;
+ r1= kf[6];
+ *(kt++)= ((r0<<9) | (r1>>7))&0xffff;
+ r0= kf[7];
+ *(kt++)= ((r1<<9) | (r0>>7))&0xffff;
+ r1= kf[0];
+ if (i >= 5) break;
+ *(kt++)= ((r0<<9) | (r1>>7))&0xffff;
+ *(kt++)= ((r1<<9) | (r2>>7))&0xffff;
+ kf+=8;
+ }
+ }
+
+void idea_set_decrypt_key(ek, dk)
+IDEA_KEY_SCHEDULE *ek;
+IDEA_KEY_SCHEDULE *dk;
+ {
+ int r;
+ register IDEA_INT *fp,*tp,t;
+
+ tp= &(dk->data[0][0]);
+ fp= &(ek->data[8][0]);
+ for (r=0; r<9; r++)
+ {
+ *(tp++)=inverse(fp[0]);
+ *(tp++)=((int)(0x10000L-fp[2])&0xffff);
+ *(tp++)=((int)(0x10000L-fp[1])&0xffff);
+ *(tp++)=inverse(fp[3]);
+ if (r == 8) break;
+ fp-=6;
+ *(tp++)=fp[4];
+ *(tp++)=fp[5];
+ }
+
+ tp= &(dk->data[0][0]);
+ t=tp[1];
+ tp[1]=tp[2];
+ tp[2]=t;
+
+ t=tp[49];
+ tp[49]=tp[50];
+ tp[50]=t;
+ }
+
+/* taken directly from the 'paper' I'll have a look at it later */
+static IDEA_INT inverse(xin)
+unsigned int xin;
+ {
+ long n1,n2,q,r,b1,b2,t;
+
+ if (xin == 0)
+ b2=0;
+ else
+ {
+ n1=0x10001;
+ n2=xin;
+ b2=1;
+ b1=0;
+
+ do {
+ r=(n1%n2);
+ q=(n1-r)/n2;
+ if (r == 0)
+ { if (b2 < 0) b2=0x10001+b2; }
+ else
+ {
+ n1=n2;
+ n2=r;
+ t=b2;
+ b2=b1-q*b2;
+ b1=t;
+ }
+ } while (r != 0);
+ }
+ return((IDEA_INT)b2);
+ }
diff --git a/crypto/idea/idea.h b/crypto/idea/idea.h
new file mode 100644
index 0000000..e0eb4e0
--- /dev/null
+++ b/crypto/idea/idea.h
@@ -0,0 +1,116 @@
+/* crypto/idea/idea.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify idea.org since idea.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_IDEA_H
+#define HEADER_IDEA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define IDEA_ENCRYPT 1
+#define IDEA_DECRYPT 0
+
+#define IDEA_INT unsigned int
+#define IDEA_BLOCK 8
+#define IDEA_KEY_LENGTH 16
+
+typedef struct idea_key_st
+ {
+ IDEA_INT data[9][6];
+ } IDEA_KEY_SCHEDULE;
+
+#ifndef NOPROTO
+char *idea_options(void);
+void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+ IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
+void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+ int *num,int enc);
+void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
+void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
+#else
+char *idea_options();
+void idea_ecb_encrypt();
+void idea_set_encrypt_key();
+void idea_set_decrypt_key();
+void idea_cbc_encrypt();
+void idea_cfb64_encrypt();
+void idea_ofb64_encrypt();
+void idea_encrypt();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/idea/idea.org b/crypto/idea/idea.org
new file mode 100644
index 0000000..e0eb4e0
--- /dev/null
+++ b/crypto/idea/idea.org
@@ -0,0 +1,116 @@
+/* crypto/idea/idea.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify idea.org since idea.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_IDEA_H
+#define HEADER_IDEA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define IDEA_ENCRYPT 1
+#define IDEA_DECRYPT 0
+
+#define IDEA_INT unsigned int
+#define IDEA_BLOCK 8
+#define IDEA_KEY_LENGTH 16
+
+typedef struct idea_key_st
+ {
+ IDEA_INT data[9][6];
+ } IDEA_KEY_SCHEDULE;
+
+#ifndef NOPROTO
+char *idea_options(void);
+void idea_ecb_encrypt(unsigned char *in, unsigned char *out,
+ IDEA_KEY_SCHEDULE *ks);
+void idea_set_encrypt_key(unsigned char *key, IDEA_KEY_SCHEDULE *ks);
+void idea_set_decrypt_key(IDEA_KEY_SCHEDULE *ek, IDEA_KEY_SCHEDULE *dk);
+void idea_cbc_encrypt(unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,int enc);
+void idea_cfb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv,
+ int *num,int enc);
+void idea_ofb64_encrypt(unsigned char *in, unsigned char *out,
+ long length, IDEA_KEY_SCHEDULE *ks, unsigned char *iv, int *num);
+void idea_encrypt(unsigned long *in, IDEA_KEY_SCHEDULE *ks);
+#else
+char *idea_options();
+void idea_ecb_encrypt();
+void idea_set_encrypt_key();
+void idea_set_decrypt_key();
+void idea_cbc_encrypt();
+void idea_cfb64_encrypt();
+void idea_ofb64_encrypt();
+void idea_encrypt();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/idea/idea_lcl.h b/crypto/idea/idea_lcl.h
new file mode 100644
index 0000000..fcd007f
--- /dev/null
+++ b/crypto/idea/idea_lcl.h
@@ -0,0 +1,197 @@
+/* crypto/idea/idea_lcl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* The new form of this macro (check if the a*b == 0) was sugested by
+ * Colin Plumb <colin@nyx10.cs.du.edu> */
+/* Removal of the inner if from from Wei Dai 24/4/96 */
+#define idea_mul(r,a,b,ul) \
+ul=(unsigned long)a*b; \
+if (ul != 0) \
+ { \
+ r=(ul&0xffff)-(ul>>16); \
+ r-=((r)>>16); \
+/* if (r&0xffff0000L) r=(r+0x10001); */ \
+ } \
+else \
+ r=(-(int)a-b+1); /* assuming a or b is 0 and in range */ \
+
+#ifdef undef
+#define idea_mul(r,a,b,ul,sl) \
+if (a == 0) r=(0x10001-b)&0xffff; \
+else if (b == 0) r=(0x10001-a)&0xffff; \
+else { \
+ ul=(unsigned long)a*b; \
+ sl=(ul&0xffff)-(ul>>16); \
+ if (sl <= 0) sl+=0x10001; \
+ r=sl; \
+ }
+#endif
+
+/* 7/12/95 - Many thanks to Rhys Weatherley <rweather@us.oracle.com>
+ * for pointing out that I was assuming little endian
+ * byte order for all quantities what idea
+ * actually used bigendian. No where in the spec does it mention
+ * this, it is all in terms of 16 bit numbers and even the example
+ * does not use byte streams for the input example :-(.
+ * If you byte swap each pair of input, keys and iv, the functions
+ * would produce the output as the old version :-(.
+ */
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+#undef s2n
+#define s2n(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+#undef n2s
+#define n2s(c,l) (l =((IDEA_INT)(*((c)++)))<< 8L, \
+ l|=((IDEA_INT)(*((c)++))) )
+
+#ifdef undef
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+#undef c2s
+#define c2s(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L)
+
+#undef s2c
+#define s2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff))
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+#endif
diff --git a/crypto/idea/ideatest.c b/crypto/idea/ideatest.c
new file mode 100644
index 0000000..ee01ba5
--- /dev/null
+++ b/crypto/idea/ideatest.c
@@ -0,0 +1,232 @@
+/* crypto/idea/ideatest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "idea.h"
+
+unsigned char k[16]={
+ 0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
+ 0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
+
+unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
+unsigned char c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
+unsigned char out[80];
+
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+ 0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+ 0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+ };
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+ 0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+ 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+ };
+
+#ifndef NOPROTO
+static int cfb64_test(unsigned char *cfb_cipher);
+static char *pt(unsigned char *p);
+#else
+static int cfb64_test();
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ IDEA_KEY_SCHEDULE key,dkey;
+ unsigned char iv[8];
+
+ idea_set_encrypt_key(k,&key);
+ idea_ecb_encrypt(in,out,&key);
+ if (memcmp(out,c,8) != 0)
+ {
+ printf("ecb idea error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",c[i]);
+ err=20;
+ printf("\n");
+ }
+
+ idea_set_decrypt_key(&key,&dkey);
+ idea_ecb_encrypt(c,out,&dkey);
+ if (memcmp(out,in,8) != 0)
+ {
+ printf("ecb idea error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",out[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",in[i]);
+ printf("\n");
+ err=3;
+ }
+
+ if (err == 0) printf("ecb idea ok\n");
+
+ memcpy(iv,k,8);
+ idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
+ memcpy(iv,k,8);
+ idea_cbc_encrypt(out,out,8,&dkey,iv,0);
+ idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
+ if (memcmp(text,out,strlen(text)+1) != 0)
+ {
+ printf("cbc idea bad\n");
+ err=4;
+ }
+ else
+ printf("cbc idea ok\n");
+
+ printf("cfb64 idea ");
+ if (cfb64_test(cfb_cipher64))
+ {
+ printf("bad\n");
+ err=5;
+ }
+ else
+ printf("ok\n");
+
+ exit(err);
+ return(err);
+ }
+
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ IDEA_KEY_SCHEDULE eks,dks;
+ int err=0,i,n;
+
+ idea_set_encrypt_key(cfb_key,&eks);
+ idea_set_decrypt_key(&eks,&dks);
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)CFB_TEST_SIZE-12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb64_encrypt encrypt error\n");
+ for (i=0; i<CFB_TEST_SIZE; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)CFB_TEST_SIZE-17,&dks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
diff --git a/crypto/idea/version b/crypto/idea/version
new file mode 100644
index 0000000..3f22293
--- /dev/null
+++ b/crypto/idea/version
@@ -0,0 +1,12 @@
+1.1 07/12/95 - eay
+ Many thanks to Rhys Weatherley <rweather@us.oracle.com>
+ for pointing out that I was assuming little endian byte
+ order for all quantities what idea actually used
+ bigendian. No where in the spec does it mention
+ this, it is all in terms of 16 bit numbers and even the example
+ does not use byte streams for the input example :-(.
+ If you byte swap each pair of input, keys and iv, the functions
+ would produce the output as the old version :-(.
+
+1.0 ??/??/95 - eay
+ First version.
diff --git a/crypto/lhash/Makefile.ssl b/crypto/lhash/Makefile.ssl
new file mode 100644
index 0000000..cb08547
--- /dev/null
+++ b/crypto/lhash/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/lhash/Makefile
+#
+
+DIR= lhash
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=lhash.c lh_stats.c
+LIBOBJ=lhash.o lh_stats.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= lhash.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/lhash/lh_stats.c b/crypto/lhash/lh_stats.c
new file mode 100644
index 0000000..824eb62
--- /dev/null
+++ b/crypto/lhash/lh_stats.c
@@ -0,0 +1,289 @@
+/* crypto/lhash/lh_stats.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+/* If you wish to build this outside of SSLeay, remove the following line
+ * and things should work as expected */
+#include "bio.h"
+
+#include "lhash.h"
+
+#ifndef HEADER_BIO_H
+
+void lh_stats(lh, out)
+LHASH *lh;
+FILE *out;
+ {
+ fprintf(out,"num_items = %lu\n",lh->num_items);
+ fprintf(out,"num_nodes = %u\n",lh->num_nodes);
+ fprintf(out,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
+ fprintf(out,"num_expands = %lu\n",lh->num_expands);
+ fprintf(out,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
+ fprintf(out,"num_contracts = %lu\n",lh->num_contracts);
+ fprintf(out,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
+ fprintf(out,"num_hash_calls = %lu\n",lh->num_hash_calls);
+ fprintf(out,"num_comp_calls = %lu\n",lh->num_comp_calls);
+ fprintf(out,"num_insert = %lu\n",lh->num_insert);
+ fprintf(out,"num_replace = %lu\n",lh->num_replace);
+ fprintf(out,"num_delete = %lu\n",lh->num_delete);
+ fprintf(out,"num_no_delete = %lu\n",lh->num_no_delete);
+ fprintf(out,"num_retrieve = %lu\n",lh->num_retrieve);
+ fprintf(out,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
+ fprintf(out,"num_hash_comps = %lu\n",lh->num_hash_comps);
+#ifdef DEBUG
+ fprintf(out,"p = %u\n",lh->p);
+ fprintf(out,"pmax = %u\n",lh->pmax);
+ fprintf(out,"up_load = %lu\n",lh->up_load);
+ fprintf(out,"down_load = %lu\n",lh->down_load);
+#endif
+ }
+
+void lh_node_stats(lh, out)
+LHASH *lh;
+FILE *out;
+ {
+ LHASH_NODE *n;
+ unsigned int i,num;
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ fprintf(out,"node %6u -> %3u\n",i,num);
+ }
+ }
+
+void lh_node_usage_stats(lh, out)
+LHASH *lh;
+FILE *out;
+ {
+ LHASH_NODE *n;
+ unsigned long num;
+ unsigned int i;
+ unsigned long total=0,n_used=0;
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ if (num != 0)
+ {
+ n_used++;
+ total+=num;
+ }
+ }
+ fprintf(out,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
+ fprintf(out,"%lu items\n",total);
+ if (n_used == 0) return;
+ fprintf(out,"load %d.%02d actual load %d.%02d\n",
+ (int)(total/lh->num_nodes),
+ (int)((total%lh->num_nodes)*100/lh->num_nodes),
+ (int)(total/n_used),
+ (int)((total%n_used)*100/n_used));
+ }
+
+#else
+
+#ifndef WIN16
+void lh_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+ {
+ BIO *bp;
+
+ bp=BIO_new(BIO_s_file());
+ if (bp == NULL) goto end;
+ BIO_set_fp(bp,fp,BIO_NOCLOSE);
+ lh_stats_bio(lh,bp);
+ BIO_free(bp);
+end:;
+ }
+
+void lh_node_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+ {
+ BIO *bp;
+
+ bp=BIO_new(BIO_s_file());
+ if (bp == NULL) goto end;
+ BIO_set_fp(bp,fp,BIO_NOCLOSE);
+ lh_node_stats_bio(lh,bp);
+ BIO_free(bp);
+end:;
+ }
+
+void lh_node_usage_stats(lh,fp)
+LHASH *lh;
+FILE *fp;
+ {
+ BIO *bp;
+
+ bp=BIO_new(BIO_s_file());
+ if (bp == NULL) goto end;
+ BIO_set_fp(bp,fp,BIO_NOCLOSE);
+ lh_node_usage_stats_bio(lh,bp);
+ BIO_free(bp);
+end:;
+ }
+
+#endif
+
+void lh_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+ {
+ char buf[128];
+
+ sprintf(buf,"num_items = %lu\n",lh->num_items);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_nodes = %u\n",lh->num_nodes);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_alloc_nodes = %u\n",lh->num_alloc_nodes);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_expands = %lu\n",lh->num_expands);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_expand_reallocs = %lu\n",lh->num_expand_reallocs);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_contracts = %lu\n",lh->num_contracts);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_contract_reallocs = %lu\n",lh->num_contract_reallocs);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_hash_calls = %lu\n",lh->num_hash_calls);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_comp_calls = %lu\n",lh->num_comp_calls);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_insert = %lu\n",lh->num_insert);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_replace = %lu\n",lh->num_replace);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_delete = %lu\n",lh->num_delete);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_no_delete = %lu\n",lh->num_no_delete);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_retrieve = %lu\n",lh->num_retrieve);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_retrieve_miss = %lu\n",lh->num_retrieve_miss);
+ BIO_puts(out,buf);
+ sprintf(buf,"num_hash_comps = %lu\n",lh->num_hash_comps);
+ BIO_puts(out,buf);
+#ifdef DEBUG
+ sprintf(buf,"p = %u\n",lh->p);
+ BIO_puts(out,buf);
+ sprintf(buf,"pmax = %u\n",lh->pmax);
+ BIO_puts(out,buf);
+ sprintf(buf,"up_load = %lu\n",lh->up_load);
+ BIO_puts(out,buf);
+ sprintf(buf,"down_load = %lu\n",lh->down_load);
+ BIO_puts(out,buf);
+#endif
+ }
+
+void lh_node_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+ {
+ LHASH_NODE *n;
+ unsigned int i,num;
+ char buf[128];
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ sprintf(buf,"node %6u -> %3u\n",i,num);
+ BIO_puts(out,buf);
+ }
+ }
+
+void lh_node_usage_stats_bio(lh, out)
+LHASH *lh;
+BIO *out;
+ {
+ LHASH_NODE *n;
+ unsigned long num;
+ unsigned int i;
+ unsigned long total=0,n_used=0;
+ char buf[128];
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ for (n=lh->b[i],num=0; n != NULL; n=n->next)
+ num++;
+ if (num != 0)
+ {
+ n_used++;
+ total+=num;
+ }
+ }
+ sprintf(buf,"%lu nodes used out of %u\n",n_used,lh->num_nodes);
+ BIO_puts(out,buf);
+ sprintf(buf,"%lu items\n",total);
+ BIO_puts(out,buf);
+ if (n_used == 0) return;
+ sprintf(buf,"load %d.%02d actual load %d.%02d\n",
+ (int)(total/lh->num_nodes),
+ (int)((total%lh->num_nodes)*100/lh->num_nodes),
+ (int)(total/n_used),
+ (int)((total%n_used)*100/n_used));
+ BIO_puts(out,buf);
+ }
+
+#endif
diff --git a/crypto/lhash/lh_test.c b/crypto/lhash/lh_test.c
new file mode 100644
index 0000000..f90b3bb
--- /dev/null
+++ b/crypto/lhash/lh_test.c
@@ -0,0 +1,89 @@
+/* crypto/lhash/lh_test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "lhash.h"
+
+main()
+ {
+ LHASH *conf;
+ char buf[256];
+ int i;
+
+ conf=lh_new(lh_strhash,strcmp);
+ for (;;)
+ {
+ char *p;
+
+ buf[0]='\0';
+ fgets(buf,256,stdin);
+ if (buf[0] == '\0') break;
+ buf[256]='\0';
+ i=strlen(buf);
+ p=Malloc(i+1);
+ memcpy(p,buf,i+1);
+ lh_insert(conf,p);
+ }
+
+ lh_node_stats(conf,stdout);
+ lh_stats(conf,stdout);
+ lh_node_usage_stats(conf,stdout);
+ exit(0);
+ }
diff --git a/crypto/lhash/lhash.c b/crypto/lhash/lhash.c
new file mode 100644
index 0000000..3e61248
--- /dev/null
+++ b/crypto/lhash/lhash.c
@@ -0,0 +1,489 @@
+/* crypto/lhash/lhash.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+char *lh_version="lhash part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Code for dynamic hash table routines
+ * Author - Eric Young v 2.0
+ *
+ * 2.0 eay - Fixed a bug that occured when using lh_delete
+ * from inside lh_doall(). As entries were deleted,
+ * the 'table' was 'contract()ed', making some entries
+ * jump from the end of the table to the start, there by
+ * skiping the lh_doall() processing. eay - 4/12/95
+ *
+ * 1.9 eay - Fixed a memory leak in lh_free, the LHASH_NODEs
+ * were not being free()ed. 21/11/95
+ *
+ * 1.8 eay - Put the stats routines into a separate file, lh_stats.c
+ * 19/09/95
+ *
+ * 1.7 eay - Removed the fputs() for realloc failures - the code
+ * should silently tolerate them. I have also fixed things
+ * lint complained about 04/05/95
+ *
+ * 1.6 eay - Fixed an invalid pointers in contract/expand 27/07/92
+ *
+ * 1.5 eay - Fixed a misuse of realloc in expand 02/03/1992
+ *
+ * 1.4 eay - Fixed lh_doall so the function can call lh_delete 28/05/91
+ *
+ * 1.3 eay - Fixed a few lint problems 19/3/1991
+ *
+ * 1.2 eay - Fixed lh_doall problem 13/3/1991
+ *
+ * 1.1 eay - Added lh_doall
+ *
+ * 1.0 eay - First version
+ */
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "lhash.h"
+
+#undef MIN_NODES
+#define MIN_NODES 16
+#define UP_LOAD (2*LH_LOAD_MULT) /* load times 256 (default 2) */
+#define DOWN_LOAD (LH_LOAD_MULT) /* load times 256 (default 1) */
+
+#ifndef NOPROTO
+
+#define P_CP char *
+#define P_CPP char *,char *
+static void expand(LHASH *lh);
+static void contract(LHASH *lh);
+static LHASH_NODE **getrn(LHASH *lh, char *data, unsigned long *rhash);
+
+#else
+
+#define P_CP
+#define P_CPP
+static void expand();
+static void contract();
+static LHASH_NODE **getrn();
+
+#endif
+
+LHASH *lh_new(h, c)
+unsigned long (*h)();
+int (*c)();
+ {
+ LHASH *ret;
+ int i;
+
+ if ((ret=(LHASH *)malloc(sizeof(LHASH))) == NULL)
+ goto err0;
+ if ((ret->b=(LHASH_NODE **)malloc(sizeof(LHASH_NODE *)*MIN_NODES)) == NULL)
+ goto err1;
+ for (i=0; i<MIN_NODES; i++)
+ ret->b[i]=NULL;
+ ret->comp=((c == NULL)?(int (*)())strcmp:c);
+ ret->hash=((h == NULL)?(unsigned long (*)())lh_strhash:h);
+ ret->num_nodes=MIN_NODES/2;
+ ret->num_alloc_nodes=MIN_NODES;
+ ret->p=0;
+ ret->pmax=MIN_NODES/2;
+ ret->up_load=UP_LOAD;
+ ret->down_load=DOWN_LOAD;
+ ret->num_items=0;
+
+ ret->num_expands=0;
+ ret->num_expand_reallocs=0;
+ ret->num_contracts=0;
+ ret->num_contract_reallocs=0;
+ ret->num_hash_calls=0;
+ ret->num_comp_calls=0;
+ ret->num_insert=0;
+ ret->num_replace=0;
+ ret->num_delete=0;
+ ret->num_no_delete=0;
+ ret->num_retrieve=0;
+ ret->num_retrieve_miss=0;
+ ret->num_hash_comps=0;
+
+ return(ret);
+err1:
+ free((char *)ret);
+err0:
+ return(NULL);
+ }
+
+void lh_free(lh)
+LHASH *lh;
+ {
+ unsigned int i;
+ LHASH_NODE *n,*nn;
+
+ for (i=0; i<lh->num_nodes; i++)
+ {
+ n=lh->b[i];
+ while (n != NULL)
+ {
+ nn=n->next;
+ free(n);
+ n=nn;
+ }
+ }
+ free((char *)lh->b);
+ free((char *)lh);
+ }
+
+char *lh_insert(lh, data)
+LHASH *lh;
+char *data;
+ {
+ unsigned long hash;
+ LHASH_NODE *nn,**rn;
+ char *ret;
+
+ if (lh->up_load <= (lh->num_items*LH_LOAD_MULT/lh->num_nodes))
+ expand(lh);
+
+ rn=getrn(lh,data,&hash);
+
+ if (*rn == NULL)
+ {
+ if ((nn=(LHASH_NODE *)malloc(sizeof(LHASH_NODE))) == NULL)
+ return(NULL);
+ nn->data=data;
+ nn->next=NULL;
+#ifndef NO_HASH_COMP
+ nn->hash=hash;
+#endif
+ *rn=nn;
+ ret=NULL;
+ lh->num_insert++;
+ lh->num_items++;
+ }
+ else /* replace same key */
+ {
+ ret= (*rn)->data;
+ (*rn)->data=data;
+ lh->num_replace++;
+ }
+ return(ret);
+ }
+
+char *lh_delete(lh, data)
+LHASH *lh;
+char *data;
+ {
+ unsigned long hash;
+ LHASH_NODE *nn,**rn;
+ char *ret;
+
+ rn=getrn(lh,data,&hash);
+
+ if (*rn == NULL)
+ {
+ lh->num_no_delete++;
+ return(NULL);
+ }
+ else
+ {
+ nn= *rn;
+ *rn=nn->next;
+ ret=nn->data;
+ free((char *)nn);
+ lh->num_delete++;
+ }
+
+ lh->num_items--;
+ if ((lh->num_nodes > MIN_NODES) &&
+ (lh->down_load >= (lh->num_items*LH_LOAD_MULT/lh->num_nodes)))
+ contract(lh);
+
+ return(ret);
+ }
+
+char *lh_retrieve(lh, data)
+LHASH *lh;
+char *data;
+ {
+ unsigned long hash;
+ LHASH_NODE **rn;
+ char *ret;
+
+ rn=getrn(lh,data,&hash);
+
+ if (*rn == NULL)
+ {
+ lh->num_retrieve_miss++;
+ return(NULL);
+ }
+ else
+ {
+ ret= (*rn)->data;
+ lh->num_retrieve++;
+ }
+ return(ret);
+ }
+
+void lh_doall(lh, func)
+LHASH *lh;
+void (*func)();
+ {
+ lh_doall_arg(lh,func,NULL);
+ }
+
+void lh_doall_arg(lh, func, arg)
+LHASH *lh;
+void (*func)();
+char *arg;
+ {
+ int i;
+ LHASH_NODE *a,*n;
+
+ /* reverse the order so we search from 'top to bottom'
+ * We were having memory leaks otherwise */
+ for (i=lh->num_nodes-1; i>=0; i--)
+ {
+ a=lh->b[i];
+ while (a != NULL)
+ {
+ /* 28/05/91 - eay - n added so items can be deleted
+ * via lh_doall */
+ n=a->next;
+ func(a->data,arg);
+ a=n;
+ }
+ }
+ }
+
+static void expand(lh)
+LHASH *lh;
+ {
+ LHASH_NODE **n,**n1,**n2,*np;
+ unsigned int p,i,j;
+ unsigned long hash,nni;
+
+ lh->num_nodes++;
+ lh->num_expands++;
+ p=(int)lh->p++;
+ n1= &(lh->b[p]);
+ n2= &(lh->b[p+(int)lh->pmax]);
+ *n2=NULL; /* 27/07/92 - eay - undefined pointer bug */
+ nni=lh->num_alloc_nodes;
+
+ for (np= *n1; np != NULL; )
+ {
+#ifndef NO_HASH_COMP
+ hash=np->hash;
+#else
+ hash=(*(lh->hash))(np->data);
+ lh->num_hash_calls++;
+#endif
+ if ((hash%nni) != p)
+ { /* move it */
+ *n1= (*n1)->next;
+ np->next= *n2;
+ *n2=np;
+ }
+ else
+ n1= &((*n1)->next);
+ np= *n1;
+ }
+
+ if ((lh->p) >= lh->pmax)
+ {
+ j=(int)lh->num_alloc_nodes*2;
+ n=(LHASH_NODE **)realloc((char *)lh->b,
+ (unsigned int)sizeof(LHASH_NODE *)*j);
+ if (n == NULL)
+ {
+/* fputs("realloc error in lhash",stderr); */
+ lh->p=0;
+ return;
+ }
+ /* else */
+ for (i=(int)lh->num_alloc_nodes; i<j; i++)/* 26/02/92 eay */
+ n[i]=NULL; /* 02/03/92 eay */
+ lh->pmax=lh->num_alloc_nodes;
+ lh->num_alloc_nodes=j;
+ lh->num_expand_reallocs++;
+ lh->p=0;
+ lh->b=n;
+ }
+ }
+
+static void contract(lh)
+LHASH *lh;
+ {
+ LHASH_NODE **n,*n1,*np;
+
+ np=lh->b[lh->p+lh->pmax-1];
+ lh->b[lh->p+lh->pmax-1]=NULL; /* 24/07-92 - eay - weird but :-( */
+ if (lh->p == 0)
+ {
+ n=(LHASH_NODE **)realloc((char *)lh->b,
+ (unsigned int)(sizeof(LHASH_NODE *)*lh->pmax));
+ if (n == NULL)
+ {
+/* fputs("realloc error in lhash",stderr); */
+ return;
+ }
+ lh->num_contract_reallocs++;
+ lh->num_alloc_nodes/=2;
+ lh->pmax/=2;
+ lh->p=lh->pmax-1;
+ lh->b=n;
+ }
+ else
+ lh->p--;
+
+ lh->num_nodes--;
+ lh->num_contracts++;
+
+ n1=lh->b[(int)lh->p];
+ if (n1 == NULL)
+ lh->b[(int)lh->p]=np;
+ else
+ {
+ while (n1->next != NULL)
+ n1=n1->next;
+ n1->next=np;
+ }
+ }
+
+static LHASH_NODE **getrn(lh, data, rhash)
+LHASH *lh;
+char *data;
+unsigned long *rhash;
+ {
+ LHASH_NODE **ret,*n1;
+ unsigned long hash,nn;
+ int (*cf)();
+
+ hash=(*(lh->hash))(data);
+ lh->num_hash_calls++;
+ *rhash=hash;
+
+ nn=hash%lh->pmax;
+ if (nn < lh->p)
+ nn=hash%lh->num_alloc_nodes;
+
+ cf=lh->comp;
+ ret= &(lh->b[(int)nn]);
+ for (n1= *ret; n1 != NULL; n1=n1->next)
+ {
+#ifndef NO_HASH_COMP
+ lh->num_hash_comps++;
+ if (n1->hash != hash)
+ {
+ ret= &(n1->next);
+ continue;
+ }
+#endif
+ lh->num_comp_calls++;
+ if ((*cf)(n1->data,data) == 0)
+ break;
+ ret= &(n1->next);
+ }
+ return(ret);
+ }
+
+/*
+static unsigned long lh_strhash(str)
+char *str;
+ {
+ int i,l;
+ unsigned long ret=0;
+ unsigned short *s;
+
+ if (str == NULL) return(0);
+ l=(strlen(str)+1)/2;
+ s=(unsigned short *)str;
+ for (i=0; i<l; i++)
+ ret^=(s[i]<<(i&0x0f));
+ return(ret);
+ } */
+
+/* The following hash seems to work very well on normal text strings
+ * no collisions on /usr/dict/words and it distributes on %2^n quite
+ * well, not as good as MD5, but still good.
+ */
+unsigned long lh_strhash(c)
+char *c;
+ {
+ unsigned long ret=0;
+ long n;
+ unsigned long v;
+ int r;
+
+ if ((c == NULL) || (*c == '\0'))
+ return(ret);
+/*
+ unsigned char b[16];
+ MD5(c,strlen(c),b);
+ return(b[0]|(b[1]<<8)|(b[2]<<16)|(b[3]<<24));
+*/
+
+ n=0x100;
+ while (*c)
+ {
+ v=n|(*c);
+ n+=0x100;
+ r= (int)((v>>2)^v)&0x0f;
+ ret=(ret<<r)|(ret>>(32-r));
+ ret&=0xFFFFFFFFL;
+ ret^=v*v;
+ c++;
+ }
+ return((ret>>16)^ret);
+ }
+
diff --git a/crypto/lhash/lhash.h b/crypto/lhash/lhash.h
new file mode 100644
index 0000000..66678cf
--- /dev/null
+++ b/crypto/lhash/lhash.h
@@ -0,0 +1,155 @@
+/* crypto/lhash/lhash.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Header for dynamic hash table routines
+ * Author - Eric Young
+ */
+
+#ifndef HEADER_LHASH_H
+#define HEADER_LHASH_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct lhash_node_st
+ {
+ char *data;
+ struct lhash_node_st *next;
+#ifndef NO_HASH_COMP
+ unsigned long hash;
+#endif
+ } LHASH_NODE;
+
+typedef struct lhash_st
+ {
+ LHASH_NODE **b;
+ int (*comp)();
+ unsigned long (*hash)();
+ unsigned int num_nodes;
+ unsigned int num_alloc_nodes;
+ unsigned int p;
+ unsigned int pmax;
+ unsigned long up_load; /* load times 256 */
+ unsigned long down_load; /* load times 256 */
+ unsigned long num_items;
+
+ unsigned long num_expands;
+ unsigned long num_expand_reallocs;
+ unsigned long num_contracts;
+ unsigned long num_contract_reallocs;
+ unsigned long num_hash_calls;
+ unsigned long num_comp_calls;
+ unsigned long num_insert;
+ unsigned long num_replace;
+ unsigned long num_delete;
+ unsigned long num_no_delete;
+ unsigned long num_retrieve;
+ unsigned long num_retrieve_miss;
+ unsigned long num_hash_comps;
+ } LHASH;
+
+#define LH_LOAD_MULT 256
+
+#ifndef NOPROTO
+LHASH *lh_new(unsigned long (*h)(), int (*c)());
+void lh_free(LHASH *lh);
+char *lh_insert(LHASH *lh, char *data);
+char *lh_delete(LHASH *lh, char *data);
+char *lh_retrieve(LHASH *lh, char *data);
+void lh_doall(LHASH *lh, void (*func)(/* char *b */));
+void lh_doall_arg(LHASH *lh, void (*func)(/*char *a,char *b*/),char *arg);
+unsigned long lh_strhash(char *c);
+
+#ifndef WIN16
+void lh_stats(LHASH *lh, FILE *out);
+void lh_node_stats(LHASH *lh, FILE *out);
+void lh_node_usage_stats(LHASH *lh, FILE *out);
+#endif
+
+#ifdef HEADER_BIO_H
+void lh_stats_bio(LHASH *lh, BIO *out);
+void lh_node_stats_bio(LHASH *lh, BIO *out);
+void lh_node_usage_stats_bio(LHASH *lh, BIO *out);
+#endif
+#else
+LHASH *lh_new();
+void lh_free();
+char *lh_insert();
+char *lh_delete();
+char *lh_retrieve();
+void lh_doall();
+void lh_doall_arg();
+unsigned long lh_strhash();
+
+#ifndef WIN16
+void lh_stats();
+void lh_node_stats();
+void lh_node_usage_stats();
+#endif
+void lh_stats_bio();
+void lh_node_stats_bio();
+void lh_node_usage_stats_bio();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/crypto/lhash/num.pl b/crypto/lhash/num.pl
new file mode 100644
index 0000000..30fedf9
--- /dev/null
+++ b/crypto/lhash/num.pl
@@ -0,0 +1,17 @@
+#!/usr/local/bin/perl
+
+#node 10 -> 4
+
+while (<>)
+ {
+ next unless /^node/;
+ chop;
+ @a=split;
+ $num{$a[3]}++;
+ }
+
+@a=sort {$a <=> $b } keys %num;
+foreach (0 .. $a[$#a])
+ {
+ printf "%4d:%4d\n",$_,$num{$_};
+ }
diff --git a/crypto/libvms.com b/crypto/libvms.com
new file mode 100755
index 0000000..44f90c6
--- /dev/null
+++ b/crypto/libvms.com
@@ -0,0 +1,31 @@
+$!
+$! Compile crypto.c as several subset modules and insert in crypto-xxx.olb.
+$! If P1 is specifed, it specifies alternate list of subsets to compile.
+$!
+$ libname = "CRYPTO-AXP.OLB"
+$ subset_list = "LIB,ASN1,BN,BUFFER,CONF,DES,DH,DSA,ERROR,EVP,IDEA,LHASH,MD," + -
+ "METH,OBJECTS,PEM,RAND,RC,RSA,SHA,STACK,TXT_DB,X509"
+$ if p1 .nes. "" then subset_list = p1
+$!
+$ if f$getsyi("CPU") .lt. 128 then libname = "CRYPTO-VAX.OLB"
+$ if f$search(libname) .eqs. "" then library/create/object/log 'libname'
+$!
+$ cc = "cc/include=[-.include]/prefix=all" + P2
+$!
+$ i = 0
+$ next_subset:
+$ subset = f$element(i,",",subset_list)
+$ if subset .eqs. "," then goto done
+$ i = i + 1
+$ create crypto_'subset'.subset
+#include "crypto.c"
+$ ofile = "sys$disk:[]crypto_" + subset + ".obj"
+$ on warning then goto next_subset
+$ write sys$output "Compiling ", ofile
+$ cc /object='ofile' crypto_'subset'.subset -
+ /define=(CRYPTO_SUBSET,CRYPTO_'subset'_SUBSET)
+$ library/replace/log 'libname'/module=CRYPTO_'subset' 'ofile'
+$ goto next_subset
+$!
+$ done:
+$ exit
diff --git a/crypto/md/Makefile.ssl b/crypto/md/Makefile.ssl
new file mode 100644
index 0000000..3e9dda7
--- /dev/null
+++ b/crypto/md/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/md/Makefile
+#
+
+DIR= md
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=md2test.c md5test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md2_dgst.c md5_dgst.c md2_one.c md5_one.c
+LIBOBJ=md2_dgst.o md5_dgst.o md2_one.o md5_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= md2.h md5.h
+HEADER= md5_locl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/md/md2.c b/crypto/md/md2.c
new file mode 100644
index 0000000..f3a65b9
--- /dev/null
+++ b/crypto/md/md2.c
@@ -0,0 +1,137 @@
+/* crypto/md/md2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md2.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+void exit(int);
+void perror(const char *);
+#else
+void do_fp();
+void pt();
+int read();
+void exit();
+void perror();
+#endif
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("MD2(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ return(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ MD2_CTX c;
+ unsigned char md[MD2_DIGEST_LENGTH];
+ int fd,i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ MD2_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ MD2_Update(&c,buf,(unsigned long)i);
+ }
+ MD2_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<MD2_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
diff --git a/crypto/md/md2.h b/crypto/md/md2.h
new file mode 100644
index 0000000..9f39933
--- /dev/null
+++ b/crypto/md/md2.h
@@ -0,0 +1,106 @@
+/* crypto/md/md2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify md2.org since md2.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MD2_DIGEST_LENGTH 16
+#define MD2_BLOCK 16
+
+#define MD2_INT unsigned int
+
+typedef struct MD2state_st
+ {
+ int num;
+ unsigned char data[MD2_BLOCK];
+ MD2_INT cksm[MD2_BLOCK];
+ MD2_INT state[MD2_BLOCK];
+ } MD2_CTX;
+
+#ifndef NOPROTO
+char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+char *MD2_options();
+void MD2_Init();
+void MD2_Update();
+void MD2_Final();
+unsigned char *MD2();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md/md2.org b/crypto/md/md2.org
new file mode 100644
index 0000000..9f39933
--- /dev/null
+++ b/crypto/md/md2.org
@@ -0,0 +1,106 @@
+/* crypto/md/md2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify md2.org since md2.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+
+#ifndef HEADER_MD2_H
+#define HEADER_MD2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MD2_DIGEST_LENGTH 16
+#define MD2_BLOCK 16
+
+#define MD2_INT unsigned int
+
+typedef struct MD2state_st
+ {
+ int num;
+ unsigned char data[MD2_BLOCK];
+ MD2_INT cksm[MD2_BLOCK];
+ MD2_INT state[MD2_BLOCK];
+ } MD2_CTX;
+
+#ifndef NOPROTO
+char *MD2_options(void);
+void MD2_Init(MD2_CTX *c);
+void MD2_Update(MD2_CTX *c, register unsigned char *data, unsigned long len);
+void MD2_Final(unsigned char *md, MD2_CTX *c);
+unsigned char *MD2(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+char *MD2_options();
+void MD2_Init();
+void MD2_Update();
+void MD2_Final();
+unsigned char *MD2();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md/md2_dgst.c b/crypto/md/md2_dgst.c
new file mode 100644
index 0000000..ef70de7
--- /dev/null
+++ b/crypto/md/md2_dgst.c
@@ -0,0 +1,235 @@
+/* crypto/md/md2_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *MD2_version="MD2 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from RFC1319 The MD2 Message-Digest Algorithm
+ */
+
+#define UCHAR unsigned char
+
+#ifndef NOPROTO
+static void md2_block(MD2_CTX *c, unsigned char *d);
+#else
+static void md2_block();
+#endif
+
+/* The magic S table - I have converted it to hex since it is
+ * basicaly just a random byte string. */
+static MD2_INT S[256]={
+ 0x29, 0x2E, 0x43, 0xC9, 0xA2, 0xD8, 0x7C, 0x01,
+ 0x3D, 0x36, 0x54, 0xA1, 0xEC, 0xF0, 0x06, 0x13,
+ 0x62, 0xA7, 0x05, 0xF3, 0xC0, 0xC7, 0x73, 0x8C,
+ 0x98, 0x93, 0x2B, 0xD9, 0xBC, 0x4C, 0x82, 0xCA,
+ 0x1E, 0x9B, 0x57, 0x3C, 0xFD, 0xD4, 0xE0, 0x16,
+ 0x67, 0x42, 0x6F, 0x18, 0x8A, 0x17, 0xE5, 0x12,
+ 0xBE, 0x4E, 0xC4, 0xD6, 0xDA, 0x9E, 0xDE, 0x49,
+ 0xA0, 0xFB, 0xF5, 0x8E, 0xBB, 0x2F, 0xEE, 0x7A,
+ 0xA9, 0x68, 0x79, 0x91, 0x15, 0xB2, 0x07, 0x3F,
+ 0x94, 0xC2, 0x10, 0x89, 0x0B, 0x22, 0x5F, 0x21,
+ 0x80, 0x7F, 0x5D, 0x9A, 0x5A, 0x90, 0x32, 0x27,
+ 0x35, 0x3E, 0xCC, 0xE7, 0xBF, 0xF7, 0x97, 0x03,
+ 0xFF, 0x19, 0x30, 0xB3, 0x48, 0xA5, 0xB5, 0xD1,
+ 0xD7, 0x5E, 0x92, 0x2A, 0xAC, 0x56, 0xAA, 0xC6,
+ 0x4F, 0xB8, 0x38, 0xD2, 0x96, 0xA4, 0x7D, 0xB6,
+ 0x76, 0xFC, 0x6B, 0xE2, 0x9C, 0x74, 0x04, 0xF1,
+ 0x45, 0x9D, 0x70, 0x59, 0x64, 0x71, 0x87, 0x20,
+ 0x86, 0x5B, 0xCF, 0x65, 0xE6, 0x2D, 0xA8, 0x02,
+ 0x1B, 0x60, 0x25, 0xAD, 0xAE, 0xB0, 0xB9, 0xF6,
+ 0x1C, 0x46, 0x61, 0x69, 0x34, 0x40, 0x7E, 0x0F,
+ 0x55, 0x47, 0xA3, 0x23, 0xDD, 0x51, 0xAF, 0x3A,
+ 0xC3, 0x5C, 0xF9, 0xCE, 0xBA, 0xC5, 0xEA, 0x26,
+ 0x2C, 0x53, 0x0D, 0x6E, 0x85, 0x28, 0x84, 0x09,
+ 0xD3, 0xDF, 0xCD, 0xF4, 0x41, 0x81, 0x4D, 0x52,
+ 0x6A, 0xDC, 0x37, 0xC8, 0x6C, 0xC1, 0xAB, 0xFA,
+ 0x24, 0xE1, 0x7B, 0x08, 0x0C, 0xBD, 0xB1, 0x4A,
+ 0x78, 0x88, 0x95, 0x8B, 0xE3, 0x63, 0xE8, 0x6D,
+ 0xE9, 0xCB, 0xD5, 0xFE, 0x3B, 0x00, 0x1D, 0x39,
+ 0xF2, 0xEF, 0xB7, 0x0E, 0x66, 0x58, 0xD0, 0xE4,
+ 0xA6, 0x77, 0x72, 0xF8, 0xEB, 0x75, 0x4B, 0x0A,
+ 0x31, 0x44, 0x50, 0xB4, 0x8F, 0xED, 0x1F, 0x1A,
+ 0xDB, 0x99, 0x8D, 0x33, 0x9F, 0x11, 0x83, 0x14,
+ };
+
+char *MD2_options()
+ {
+ if (sizeof(MD2_INT) == 1)
+ return("md2(char)");
+ else
+ return("md2(int)");
+ }
+
+void MD2_Init(c)
+MD2_CTX *c;
+ {
+ c->num=0;
+ memset(c->state,0,MD2_BLOCK*sizeof(MD2_INT));
+ memset(c->cksm,0,MD2_BLOCK*sizeof(MD2_INT));
+ memset(c->data,0,MD2_BLOCK);
+ }
+
+void MD2_Update(c, data, len)
+MD2_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register UCHAR *p;
+
+ if (len == 0) return;
+
+ p=c->data;
+ if (c->num != 0)
+ {
+ if ((c->num+len) >= MD2_BLOCK)
+ {
+ memcpy(&(p[c->num]),data,MD2_BLOCK-c->num);
+ md2_block(c,c->data);
+ data+=(MD2_BLOCK - c->num);
+ len-=(MD2_BLOCK - c->num);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ memcpy(&(p[c->num]),data,(int)len);
+ /* data+=len; */
+ c->num+=(int)len;
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of MD2_BLOCK
+ * chars and save the leftovers to c->data. */
+ while (len >= MD2_BLOCK)
+ {
+ md2_block(c,data);
+ data+=MD2_BLOCK;
+ len-=MD2_BLOCK;
+ }
+ memcpy(p,data,(int)len);
+ c->num=(int)len;
+ }
+
+static void md2_block(c, d)
+MD2_CTX *c;
+unsigned char *d;
+ {
+ register MD2_INT t,*sp1,*sp2;
+ register int i,j;
+ MD2_INT state[48];
+
+ sp1=c->state;
+ sp2=c->cksm;
+ j=sp2[MD2_BLOCK-1];
+ for (i=0; i<16; i++)
+ {
+ state[i]=sp1[i];
+ state[i+16]=t=d[i];
+ state[i+32]=(t^sp1[i]);
+ j=sp2[i]^=S[t^j];
+ }
+ t=0;
+ for (i=0; i<18; i++)
+ {
+ for (j=0; j<48; j+=8)
+ {
+ t= state[j+ 0]^=S[t];
+ t= state[j+ 1]^=S[t];
+ t= state[j+ 2]^=S[t];
+ t= state[j+ 3]^=S[t];
+ t= state[j+ 4]^=S[t];
+ t= state[j+ 5]^=S[t];
+ t= state[j+ 6]^=S[t];
+ t= state[j+ 7]^=S[t];
+ }
+ t=(t+i)&0xff;
+ }
+ memcpy(sp1,state,16*sizeof(MD2_INT));
+ memset(state,0,48*sizeof(MD2_INT));
+ }
+
+void MD2_Final(md, c)
+unsigned char *md;
+MD2_CTX *c;
+ {
+ int i,v;
+ register UCHAR *cp;
+ register MD2_INT *p1,*p2;
+
+ cp=c->data;
+ p1=c->state;
+ p2=c->cksm;
+ v=MD2_BLOCK-c->num;
+ for (i=c->num; i<MD2_BLOCK; i++)
+ cp[i]=(UCHAR)v;
+
+ md2_block(c,cp);
+
+ for (i=0; i<MD2_BLOCK; i++)
+ cp[i]=(UCHAR)p2[i];
+ md2_block(c,cp);
+
+ for (i=0; i<16; i++)
+ md[i]=(UCHAR)(p1[i]&0xff);
+ memset((char *)&c,0,sizeof(c));
+ }
+
diff --git a/crypto/md/md2_one.c b/crypto/md/md2_one.c
new file mode 100644
index 0000000..352484a
--- /dev/null
+++ b/crypto/md/md2_one.c
@@ -0,0 +1,80 @@
+/* crypto/md/md2_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md2.h"
+
+/* This is a separate file so that #defines in cryptlib.h can
+ * map my MD functions to different names */
+
+unsigned char *MD2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ MD2_CTX c;
+ static unsigned char m[MD2_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ MD2_Init(&c);
+ MD2_Update(&c,d,n);
+ MD2_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* Security consideration */
+ return(md);
+ }
diff --git a/crypto/md/md2test.c b/crypto/md/md2test.c
new file mode 100644
index 0000000..6e51245
--- /dev/null
+++ b/crypto/md/md2test.c
@@ -0,0 +1,130 @@
+/* crypto/md/md2test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "md2.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "8350e5a3e24c153df2275c9f80692773",
+ "32ec01ec4a6dac72c0ab96fb34c0b5d1",
+ "da853b0d3f88d99b30283a69e6ded6bb",
+ "ab4f496bfb2a530b219ff33031fe06b0",
+ "4e8ddff3650292ab5a4108c3aa47940b",
+ "da33def2a42df13975352846c30338cd",
+ "d5976f79d83d3a0dc9806c3c66f3efd8",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ char **P,**R;
+ char *p;
+
+ P=test;
+ R=ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(MD2((unsigned char *)*P,(unsigned long)strlen(*P),NULL));
+ if (strcmp(p,*R) != 0)
+ {
+ printf("error calculating MD2 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD2_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/crypto/md/md5.c b/crypto/md/md5.c
new file mode 100644
index 0000000..2dd7894
--- /dev/null
+++ b/crypto/md/md5.c
@@ -0,0 +1,135 @@
+/* crypto/md/md5.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "md5.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("MD5(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ MD5_CTX c;
+ unsigned char md[MD5_DIGEST_LENGTH];
+ int fd;
+ int i;
+ static unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ MD5_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ MD5_Update(&c,buf,(unsigned long)i);
+ }
+ MD5_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/crypto/md/md5.h b/crypto/md/md5.h
new file mode 100644
index 0000000..0071db8
--- /dev/null
+++ b/crypto/md/md5.h
@@ -0,0 +1,97 @@
+/* crypto/md/md5.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MD5_H
+#define HEADER_MD5_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define MD5_CBLOCK 64
+#define MD5_LBLOCK 16
+#define MD5_BLOCK 16
+#define MD5_LAST_BLOCK 56
+#define MD5_LENGTH_BLOCK 8
+#define MD5_DIGEST_LENGTH 16
+
+typedef struct MD5state_st
+ {
+ unsigned long A,B,C,D;
+ unsigned long Nl,Nh;
+ unsigned long data[MD5_LBLOCK];
+ int num;
+ } MD5_CTX;
+
+#ifndef NOPROTO
+void MD5_Init(MD5_CTX *c);
+void MD5_Update(MD5_CTX *c, unsigned char *data, unsigned long len);
+void MD5_Final(unsigned char *md, MD5_CTX *c);
+unsigned char *MD5(unsigned char *d, unsigned long n, unsigned char *md);
+#else
+void MD5_Init();
+void MD5_Update();
+void MD5_Final();
+unsigned char *MD5();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/md/md5_dgst.c b/crypto/md/md5_dgst.c
new file mode 100644
index 0000000..b209bb4
--- /dev/null
+++ b/crypto/md/md5_dgst.c
@@ -0,0 +1,366 @@
+/* crypto/md/md5_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "md5_locl.h"
+
+char *MD5_version="MD5 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from RFC1321 The MD5 Message-Digest Algorithm
+ */
+
+#define INIT_DATA_A (unsigned long)0x67452301L
+#define INIT_DATA_B (unsigned long)0xefcdab89L
+#define INIT_DATA_C (unsigned long)0x98badcfeL
+#define INIT_DATA_D (unsigned long)0x10325476L
+
+#ifndef NOPROTO
+static void md5_block(MD5_CTX *c, unsigned long *p);
+#else
+static void md5_block();
+#endif
+
+void MD5_Init(c)
+MD5_CTX *c;
+ {
+ c->A=INIT_DATA_A;
+ c->B=INIT_DATA_B;
+ c->C=INIT_DATA_C;
+ c->D=INIT_DATA_D;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void MD5_Update(c, data, len)
+MD5_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffffL;
+ /* 95-05-24 eay Fixed a bug with the overflow handling, thanks to
+ * Wei Dai <weidai@eskimo.com> for pointing it out. */
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= MD5_CBLOCK)
+ {
+ l= p[sw];
+ p_c2l(data,l,sc);
+ p[sw++]=l;
+ for (; sw<MD5_LBLOCK; sw++)
+ {
+ c2l(data,l);
+ p[sw]=l;
+ }
+ len-=(MD5_CBLOCK-c->num);
+
+ md5_block(c,p);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ int ew,ec;
+
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ p_c2l_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ p_c2l(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { c2l(data,l); p[sw]=l; }
+ if (ec)
+ {
+ c2l_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of MD5_CBLOCK
+ * chars and save the leftovers to c->data. */
+ p=c->data;
+ while (len >= MD5_CBLOCK)
+ {
+#if defined(L_ENDIAN) || defined(B_ENDIAN)
+ memcpy(p,data,MD5_CBLOCK);
+ data+=MD5_CBLOCK;
+#ifdef B_ENDIAN
+ for (sw=(MD5_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+#endif
+#else
+ for (sw=(MD5_LBLOCK/4); sw; sw--)
+ {
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ c2l(data,l); *(p++)=l;
+ }
+#endif
+ p=c->data;
+ md5_block(c,p);
+ len-=MD5_CBLOCK;
+ }
+ sc=(int)len;
+ c->num=sc;
+ if (sc)
+ {
+ sw=sc>>2; /* words to copy */
+#ifdef L_ENDIAN
+ p[sw]=0;
+ memcpy(p,data,sc);
+#else
+ sc&=0x03;
+ for ( ; sw; sw--)
+ { c2l(data,l); *(p++)=l; }
+ c2l_p(data,l,sc);
+ *p=l;
+#endif
+ }
+ }
+
+static void md5_block(c, X)
+MD5_CTX *c;
+register ULONG *X;
+ {
+ register ULONG A,B,C,D;
+
+ A=c->A;
+ B=c->B;
+ C=c->C;
+ D=c->D;
+
+ /* Round 0 */
+ R0(A,B,C,D,X[ 0], 7,0xd76aa478L);
+ R0(D,A,B,C,X[ 1],12,0xe8c7b756L);
+ R0(C,D,A,B,X[ 2],17,0x242070dbL);
+ R0(B,C,D,A,X[ 3],22,0xc1bdceeeL);
+ R0(A,B,C,D,X[ 4], 7,0xf57c0fafL);
+ R0(D,A,B,C,X[ 5],12,0x4787c62aL);
+ R0(C,D,A,B,X[ 6],17,0xa8304613L);
+ R0(B,C,D,A,X[ 7],22,0xfd469501L);
+ R0(A,B,C,D,X[ 8], 7,0x698098d8L);
+ R0(D,A,B,C,X[ 9],12,0x8b44f7afL);
+ R0(C,D,A,B,X[10],17,0xffff5bb1L);
+ R0(B,C,D,A,X[11],22,0x895cd7beL);
+ R0(A,B,C,D,X[12], 7,0x6b901122L);
+ R0(D,A,B,C,X[13],12,0xfd987193L);
+ R0(C,D,A,B,X[14],17,0xa679438eL);
+ R0(B,C,D,A,X[15],22,0x49b40821L);
+ /* Round 1 */
+ R1(A,B,C,D,X[ 1], 5,0xf61e2562L);
+ R1(D,A,B,C,X[ 6], 9,0xc040b340L);
+ R1(C,D,A,B,X[11],14,0x265e5a51L);
+ R1(B,C,D,A,X[ 0],20,0xe9b6c7aaL);
+ R1(A,B,C,D,X[ 5], 5,0xd62f105dL);
+ R1(D,A,B,C,X[10], 9,0x02441453L);
+ R1(C,D,A,B,X[15],14,0xd8a1e681L);
+ R1(B,C,D,A,X[ 4],20,0xe7d3fbc8L);
+ R1(A,B,C,D,X[ 9], 5,0x21e1cde6L);
+ R1(D,A,B,C,X[14], 9,0xc33707d6L);
+ R1(C,D,A,B,X[ 3],14,0xf4d50d87L);
+ R1(B,C,D,A,X[ 8],20,0x455a14edL);
+ R1(A,B,C,D,X[13], 5,0xa9e3e905L);
+ R1(D,A,B,C,X[ 2], 9,0xfcefa3f8L);
+ R1(C,D,A,B,X[ 7],14,0x676f02d9L);
+ R1(B,C,D,A,X[12],20,0x8d2a4c8aL);
+ /* Round 2 */
+ R2(A,B,C,D,X[ 5], 4,0xfffa3942L);
+ R2(D,A,B,C,X[ 8],11,0x8771f681L);
+ R2(C,D,A,B,X[11],16,0x6d9d6122L);
+ R2(B,C,D,A,X[14],23,0xfde5380cL);
+ R2(A,B,C,D,X[ 1], 4,0xa4beea44L);
+ R2(D,A,B,C,X[ 4],11,0x4bdecfa9L);
+ R2(C,D,A,B,X[ 7],16,0xf6bb4b60L);
+ R2(B,C,D,A,X[10],23,0xbebfbc70L);
+ R2(A,B,C,D,X[13], 4,0x289b7ec6L);
+ R2(D,A,B,C,X[ 0],11,0xeaa127faL);
+ R2(C,D,A,B,X[ 3],16,0xd4ef3085L);
+ R2(B,C,D,A,X[ 6],23,0x04881d05L);
+ R2(A,B,C,D,X[ 9], 4,0xd9d4d039L);
+ R2(D,A,B,C,X[12],11,0xe6db99e5L);
+ R2(C,D,A,B,X[15],16,0x1fa27cf8L);
+ R2(B,C,D,A,X[ 2],23,0xc4ac5665L);
+ /* Round 3 */
+ R3(A,B,C,D,X[ 0], 6,0xf4292244L);
+ R3(D,A,B,C,X[ 7],10,0x432aff97L);
+ R3(C,D,A,B,X[14],15,0xab9423a7L);
+ R3(B,C,D,A,X[ 5],21,0xfc93a039L);
+ R3(A,B,C,D,X[12], 6,0x655b59c3L);
+ R3(D,A,B,C,X[ 3],10,0x8f0ccc92L);
+ R3(C,D,A,B,X[10],15,0xffeff47dL);
+ R3(B,C,D,A,X[ 1],21,0x85845dd1L);
+ R3(A,B,C,D,X[ 8], 6,0x6fa87e4fL);
+ R3(D,A,B,C,X[15],10,0xfe2ce6e0L);
+ R3(C,D,A,B,X[ 6],15,0xa3014314L);
+ R3(B,C,D,A,X[13],21,0x4e0811a1L);
+ R3(A,B,C,D,X[ 4], 6,0xf7537e82L);
+ R3(D,A,B,C,X[11],10,0xbd3af235L);
+ R3(C,D,A,B,X[ 2],15,0x2ad7d2bbL);
+ R3(B,C,D,A,X[ 9],21,0xeb86d391L);
+
+ c->A+=A&0xffffffffL;
+ c->B+=B&0xffffffffL;
+ c->C+=C&0xffffffffL;
+ c->D+=D&0xffffffffL;
+ }
+
+void MD5_Final(md, c)
+unsigned char *md;
+MD5_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+
+ /* purify often complains about the following line as an
+ * Uninitialized Memory Read. While this can be true, the
+ * following p_c2l macro will reset l when that case is true.
+ * This is because j&0x03 contains the number of 'valid' bytes
+ * already in p[i]. If and only if j&0x03 == 0, the UMR will
+ * occur but this is also the only time p_c2l will do
+ * l= *(cp++) instead of l|= *(cp++)
+ * Many thanks to Alex Tang <altitude@cic.net> for pickup this
+ * 'potential bug' */
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ p_c2l(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= MD5_LAST_BLOCK)
+ {
+ for (; i<MD5_LBLOCK; i++)
+ p[i]=0;
+ md5_block(c,p);
+ i=0;
+ }
+ for (; i<(MD5_LBLOCK-2); i++)
+ p[i]=0;
+ p[MD5_LBLOCK-2]=c->Nl;
+ p[MD5_LBLOCK-1]=c->Nh;
+ md5_block(c,p);
+ cp=md;
+ l=c->A; l2c(l,cp);
+ l=c->B; l2c(l,cp);
+ l=c->C; l2c(l,cp);
+ l=c->D; l2c(l,cp);
+
+ /* clear stuff, md5_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+ {
+ int i,ii;
+
+ for (i=0; i<2; i++)
+ {
+ for (ii=0; ii<8; ii++)
+ {
+ fprintf(stderr,"%08lx ",l[i*8+ii]);
+ }
+ fprintf(stderr,"\n");
+ }
+ }
+#endif
diff --git a/crypto/md/md5_locl.h b/crypto/md/md5_locl.h
new file mode 100644
index 0000000..b2f0028
--- /dev/null
+++ b/crypto/md/md5_locl.h
@@ -0,0 +1,190 @@
+/* crypto/md/md5_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+#include "md5.h"
+
+#define ULONG unsigned long
+#define UCHAR unsigned char
+#define UINT unsigned int
+
+#if defined(NOCONST)
+#define const
+#endif
+
+#undef c2l
+#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+#undef p_c2l
+#define p_c2l(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ case 3: l|=((unsigned long)(*((c)++)))<<24; \
+ } \
+ }
+
+/* NOTE the pointer is not incremented at the end of this */
+#undef c2l_p
+#define c2l_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<<16; \
+ case 2: l|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l|=((unsigned long)(*(--(c)))) ; \
+ } \
+ }
+
+#undef p_c2l_p
+#define p_c2l_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++))); \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<< 8; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<<16; \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+ }
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+ (a)=ROTATE(l,16L); \
+ }
+#endif
+/*
+#define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+#define G(x,y,z) (((x) & (z)) | ((y) & (~(z))))
+*/
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, the above can be
+ * simplified to the code below. Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ */
+#define F(x,y,z) ((((y) ^ (z)) & (x)) ^ (z))
+#define G(x,y,z) ((((x) ^ (y)) & (z)) ^ (y))
+#define H(x,y,z) ((x) ^ (y) ^ (z))
+#define I(x,y,z) (((x) | (~(z))) ^ (y))
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n) _lrotl(a,n)
+#else
+#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+
+#define R0(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+F((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };\
+
+#define R1(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+G((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+
+#define R2(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+H((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
+
+#define R3(a,b,c,d,k,s,t) { \
+ a+=((k)+(t)+I((b),(c),(d))); \
+ a=ROTATE(a,s); \
+ a+=b; };
diff --git a/crypto/md/md5_one.c b/crypto/md/md5_one.c
new file mode 100644
index 0000000..b23cb28
--- /dev/null
+++ b/crypto/md/md5_one.c
@@ -0,0 +1,78 @@
+/* crypto/md/md5_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "md5_locl.h"
+
+unsigned char *MD5(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ MD5_CTX c;
+ static unsigned char m[MD5_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ MD5_Init(&c);
+ MD5_Update(&c,d,n);
+ MD5_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* security consideration */
+ return(md);
+ }
+
diff --git a/crypto/md/md5test.c b/crypto/md/md5test.c
new file mode 100644
index 0000000..e5c38cf
--- /dev/null
+++ b/crypto/md/md5test.c
@@ -0,0 +1,130 @@
+/* crypto/md/md5test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "md5.h"
+
+char *test[]={
+ "",
+ "a",
+ "abc",
+ "message digest",
+ "abcdefghijklmnopqrstuvwxyz",
+ "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
+ "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
+ NULL,
+ };
+
+char *ret[]={
+ "d41d8cd98f00b204e9800998ecf8427e",
+ "0cc175b9c0f1b6a831c399e269772661",
+ "900150983cd24fb0d6963f7d28e17f72",
+ "f96b697d7cb7938d525a2f31aaf161d0",
+ "c3fcd3d76192e4007dfb496cca67e13b",
+ "d174ab98d277d9f5a5611c2c9f419d9f",
+ "57edf4a22be3c955ac49da2e2107b67a",
+ };
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ char *p;
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(MD5(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating MD5 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<MD5_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/crypto/mdc2/Makefile.ssl b/crypto/mdc2/Makefile.ssl
new file mode 100644
index 0000000..495a278
--- /dev/null
+++ b/crypto/mdc2/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/mdc2/Makefile
+#
+
+DIR= mdc2
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= mdc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=mdc2dgst.c mdc2_one.c
+LIBOBJ=mdc2dgst.o mdc2_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= mdc2.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/mdc2/mdc2.h b/crypto/mdc2/mdc2.h
new file mode 100644
index 0000000..d87ea12
--- /dev/null
+++ b/crypto/mdc2/mdc2.h
@@ -0,0 +1,100 @@
+/* crypto/mdc2/mdc2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_MDC2_H
+#define HEADER_MDC2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include <des.h>
+
+#define MDC2_BLOCK 8
+#define MDC2_DIGEST_LENGTH 16
+
+typedef struct mdc2_ctx_st
+ {
+ int num;
+ unsigned char data[MDC2_BLOCK];
+ des_cblock h,hh;
+ int pad_type; /* either 1 or 2, default 1 */
+ } MDC2_CTX;
+
+#ifndef NOPROTO
+
+void MDC2_Init(MDC2_CTX *c);
+void MDC2_Update(MDC2_CTX *c, unsigned char *data, unsigned long len);
+void MDC2_Final(unsigned char *md, MDC2_CTX *c);
+unsigned char *MDC2(unsigned char *d, unsigned long n, unsigned char *md);
+
+#else
+
+void MDC2_Init();
+void MDC2_Update();
+void MDC2_Final();
+unsigned char *MDC2();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/crypto/mdc2/mdc2_one.c b/crypto/mdc2/mdc2_one.c
new file mode 100644
index 0000000..488ae39
--- /dev/null
+++ b/crypto/mdc2/mdc2_one.c
@@ -0,0 +1,78 @@
+/* crypto/mdc2/mdc2_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "mdc2.h"
+
+unsigned char *MDC2(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ MDC2_CTX c;
+ static unsigned char m[MDC2_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ MDC2_Init(&c);
+ MDC2_Update(&c,d,n);
+ MDC2_Final(md,&c);
+ memset(&c,0,sizeof(c)); /* security consideration */
+ return(md);
+ }
+
diff --git a/crypto/mdc2/mdc2dgst.c b/crypto/mdc2/mdc2dgst.c
new file mode 100644
index 0000000..f4dfcf9
--- /dev/null
+++ b/crypto/mdc2/mdc2dgst.c
@@ -0,0 +1,211 @@
+/* crypto/mdc2/mdc2dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "des.h"
+#include "mdc2.h"
+
+#undef c2l
+#define c2l(c,l) (l =((DES_LONG)(*((c)++))) , \
+ l|=((DES_LONG)(*((c)++)))<< 8L, \
+ l|=((DES_LONG)(*((c)++)))<<16L, \
+ l|=((DES_LONG)(*((c)++)))<<24L)
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+#ifndef NOPROTO
+static void mdc2_body(MDC2_CTX *c, unsigned char *in, unsigned int len);
+#else
+static void mdc2_body();
+#endif
+
+void MDC2_Init(c)
+MDC2_CTX *c;
+ {
+ c->num=0;
+ c->pad_type=1;
+ memset(&(c->h[0]),0x52,MDC2_BLOCK);
+ memset(&(c->hh[0]),0x25,MDC2_BLOCK);
+ }
+
+void MDC2_Update(c,in,len)
+MDC2_CTX *c;
+register unsigned char *in;
+unsigned long len;
+ {
+ int i,j;
+
+ i=c->num;
+ if (i != 0)
+ {
+ if (i+len < MDC2_BLOCK)
+ {
+ /* partial block */
+ memcpy(&(c->data[i]),in,(int)len);
+ c->num+=(int)len;
+ return;
+ }
+ else
+ {
+ /* filled one */
+ j=MDC2_BLOCK-i;
+ memcpy(&(c->data[i]),in,j);
+ len-=j;
+ in+=j;
+ c->num=0;
+ mdc2_body(c,&(c->data[0]),MDC2_BLOCK);
+ }
+ }
+ i=(int)(len&(unsigned long)~(MDC2_BLOCK-1));
+ if (i > 0) mdc2_body(c,in,i);
+ j=(int)len-i;
+ if (j > 0)
+ {
+ memcpy(&(c->data[0]),&(in[i]),j);
+ c->num=j;
+ }
+ }
+
+static void mdc2_body(c,in,len)
+MDC2_CTX *c;
+unsigned char *in;
+unsigned int len;
+ {
+ register DES_LONG tin0,tin1;
+ register DES_LONG ttin0,ttin1;
+ DES_LONG d[2],dd[2];
+ des_cblock *h,*hh;
+ des_key_schedule k;
+ unsigned char *p;
+ unsigned int i;
+
+ h= (des_cblock *)&(c->h[0]);
+ hh= (des_cblock *)&(c->hh[0]);
+
+ for (i=0; i<len; i+=8)
+ {
+ c2l(in,tin0); d[0]=dd[0]=tin0;
+ c2l(in,tin1); d[1]=dd[1]=tin1;
+ (*h)[0]=((*h)[0]&0x9f)|0x40;
+ (*hh)[0]=((*hh)[0]&0x9f)|0x20;
+
+ des_set_key(h,k);
+ des_encrypt((DES_LONG *)d,k,1);
+
+ des_set_key(hh,k);
+ des_encrypt((DES_LONG *)dd,k,1);
+
+ ttin0=tin0^dd[0];
+ ttin1=tin1^dd[1];
+ tin0^=d[0];
+ tin1^=d[1];
+
+ p=(unsigned char *)h;
+ l2c(tin0,p);
+ l2c(ttin1,p);
+ p=(unsigned char *)hh;
+ l2c(ttin0,p);
+ l2c(tin1,p);
+ }
+ }
+
+void MDC2_Final(md,c)
+unsigned char *md;
+MDC2_CTX *c;
+ {
+ int i,j;
+
+ i=c->num;
+ j=c->pad_type;
+ if ((i > 0) || (j == 2))
+ {
+ if (j == 2)
+ c->data[i++]=0x80;
+ memset(&(c->data[i]),0,MDC2_BLOCK-i);
+ mdc2_body(c,c->data,MDC2_BLOCK);
+ }
+ memcpy(md,(char *)c->h,MDC2_BLOCK);
+ memcpy(&(md[MDC2_BLOCK]),(char *)c->hh,MDC2_BLOCK);
+ }
+
+#undef TEST
+
+#ifdef TEST
+main()
+ {
+ unsigned char md[MDC2_DIGEST_LENGTH];
+ int i;
+ MDC2_CTX c;
+ static char *text="Now is the time for all ";
+
+ MDC2_Init(&c);
+ MDC2_Update(&c,text,strlen(text));
+ MDC2_Final(&(md[0]),&c);
+
+ for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+ printf("%02X",md[i]);
+ printf("\n");
+ }
+
+#endif
diff --git a/crypto/mdc2/mdc2test.c b/crypto/mdc2/mdc2test.c
new file mode 100644
index 0000000..6e552a6
--- /dev/null
+++ b/crypto/mdc2/mdc2test.c
@@ -0,0 +1,122 @@
+/* crypto/mdc2/mdc2test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "mdc2.h"
+
+static unsigned char pad1[16]={
+ 0x42,0xE5,0x0C,0xD2,0x24,0xBA,0xCE,0xBA,
+ 0x76,0x0B,0xDD,0x2B,0xD4,0x09,0x28,0x1A
+ };
+
+static unsigned char pad2[16]={
+ 0x2E,0x46,0x79,0xB5,0xAD,0xD9,0xCA,0x75,
+ 0x35,0xD8,0x7A,0xFE,0xAB,0x33,0xBE,0xE2
+ };
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int ret=0;
+ unsigned char md[MDC2_DIGEST_LENGTH];
+ int i;
+ MDC2_CTX c;
+ static char *text="Now is the time for all ";
+
+ MDC2_Init(&c);
+ MDC2_Update(&c,(unsigned char *)text,strlen(text));
+ MDC2_Final(&(md[0]),&c);
+
+ if (memcmp(md,pad1,MDC2_DIGEST_LENGTH) != 0)
+ {
+ for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+ printf("%02X",md[i]);
+ printf(" <- generated\n");
+ for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+ printf("%02X",pad1[i]);
+ printf(" <- correct\n");
+ ret=1;
+ }
+ else
+ printf("pad1 - ok\n");
+
+ MDC2_Init(&c);
+ c.pad_type=2;
+ MDC2_Update(&c,(unsigned char *)text,strlen(text));
+ MDC2_Final(&(md[0]),&c);
+
+ if (memcmp(md,pad2,MDC2_DIGEST_LENGTH) != 0)
+ {
+ for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+ printf("%02X",md[i]);
+ printf(" <- generated\n");
+ for (i=0; i<MDC2_DIGEST_LENGTH; i++)
+ printf("%02X",pad2[i]);
+ printf(" <- correct\n");
+ ret=1;
+ }
+ else
+ printf("pad2 - ok\n");
+
+ exit(ret);
+ return(ret);
+ }
+
diff --git a/crypto/mem.c b/crypto/mem.c
new file mode 100644
index 0000000..4274cc9
--- /dev/null
+++ b/crypto/mem.c
@@ -0,0 +1,355 @@
+/* crypto/mem.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "buffer.h"
+#include "bio.h"
+#include "lhash.h"
+#include "cryptlib.h"
+
+static int mh_mode=CRYPTO_MEM_CHECK_OFF;
+static unsigned long order=0;
+
+static LHASH *mh=NULL;
+
+typedef struct mem_st
+ {
+ char *addr;
+ int num;
+ char *file;
+ int line;
+ unsigned long order;
+ } MEM;
+
+int CRYPTO_mem_ctrl(mode)
+int mode;
+ {
+ int ret=mh_mode;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ switch (mode)
+ {
+ case CRYPTO_MEM_CHECK_ON:
+ mh_mode|=CRYPTO_MEM_CHECK_ON;
+ break;
+ case CRYPTO_MEM_CHECK_OFF:
+ mh_mode&= ~CRYPTO_MEM_CHECK_ON;
+ break;
+ default:
+ break;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ return(ret);
+ }
+
+static int mem_cmp(a,b)
+MEM *a,*b;
+ {
+ return(a->addr - b->addr);
+ }
+
+static unsigned long mem_hash(a)
+MEM *a;
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)a->addr;
+
+ ret=ret*17851+(ret>>14)*7+(ret>>4)*251;
+ return(ret);
+ }
+
+static char *(*malloc_func)()= (char *(*)())malloc;
+static char *(*realloc_func)()= (char *(*)())realloc;
+static void (*free_func)()= (void (*)())free;
+
+void CRYPTO_set_mem_functions(m,r,f)
+char *(*m)();
+char *(*r)();
+void (*f)();
+ {
+ if ((m == NULL) || (r == NULL) || (f == NULL)) return;
+ malloc_func=m;
+ realloc_func=r;
+ free_func=f;
+ }
+
+void CRYPTO_get_mem_functions(m,r,f)
+char *(**m)();
+char *(**r)();
+void (**f)();
+ {
+ if (m != NULL) *m=malloc_func;
+ if (r != NULL) *r=realloc_func;
+ if (f != NULL) *f=free_func;
+ }
+
+char *CRYPTO_malloc(num)
+int num;
+ {
+ return(malloc_func(num));
+ }
+
+char *CRYPTO_realloc(str,num)
+char *str;
+int num;
+ {
+ return(realloc_func(str,num));
+ }
+
+void CRYPTO_free(str)
+char *str;
+ {
+ free_func(str);
+ }
+
+char *CRYPTO_dbg_malloc(num,file,line)
+int num;
+char *file;
+int line;
+ {
+ char *ret;
+ MEM *m;
+
+ if ((ret=malloc_func(num)) == NULL)
+ return(NULL);
+
+ if (mh_mode & CRYPTO_MEM_CHECK_ON)
+ {
+ if ((m=(MEM *)malloc(sizeof(MEM))) == NULL)
+ {
+ free(ret);
+ return(NULL);
+ }
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ if (mh == NULL)
+ {
+ if ((mh=lh_new(mem_hash,mem_cmp)) == NULL)
+ {
+ free(ret);
+ free(m);
+ return(NULL);
+ }
+ }
+
+ m->addr=ret;
+ m->file=file;
+ m->line=line;
+ m->num=num;
+ m->order=order++;
+ if (lh_insert(mh,(char *)m) != NULL)
+ {
+ free(m);
+ free(ret);
+ /* abort(); */
+ ret=NULL;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ return(ret);
+ }
+
+void CRYPTO_dbg_free(addr)
+char *addr;
+ {
+ MEM m,*mp;
+
+ if ((mh_mode & CRYPTO_MEM_CHECK_ON) && (mh != NULL))
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ m.addr=addr;
+ mp=(MEM *)lh_delete(mh,(char *)&m);
+ if (mp != NULL)
+ free(mp);
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ free_func(addr);
+ }
+
+char *CRYPTO_dbg_realloc(addr,num,file,line)
+char *addr;
+int num;
+char *file;
+int line;
+ {
+ char *ret;
+ MEM m,*mp;
+
+ ret=realloc_func(addr,num);
+ if (ret == addr) return(ret);
+
+ if (mh_mode & CRYPTO_MEM_CHECK_ON)
+ {
+ if (ret == NULL) return(NULL);
+ m.addr=addr;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ mp=(MEM *)lh_delete(mh,(char *)&m);
+ if (mp != NULL)
+ {
+ mp->addr=ret;
+ lh_insert(mh,(char *)mp);
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+ return(ret);
+ }
+
+char *CRYPTO_remalloc(a,n)
+char *a;
+int n;
+ {
+ if (a != NULL) Free(a);
+ a=(char *)Malloc(n);
+ return(a);
+ }
+
+char *CRYPTO_dbg_remalloc(a,n,file,line)
+char *a;
+int n;
+char *file;
+int line;
+ {
+ if (a != NULL) CRYPTO_dbg_free(a);
+ a=(char *)CRYPTO_dbg_malloc(n,file,line);
+ return(a);
+ }
+
+
+typedef struct mem_leak_st
+ {
+ BIO *bio;
+ int chunks;
+ long bytes;
+ } MEM_LEAK;
+
+static void print_leak(m,l)
+MEM *m;
+MEM_LEAK *l;
+ {
+ char buf[128];
+
+ sprintf(buf,"%5ld file=%s, line=%d, number=%d, address=%08lX\n",
+ m->order,m->file,m->line,m->num,(long)m->addr);
+ BIO_puts(l->bio,buf);
+ l->chunks++;
+ l->bytes+=m->num;
+ }
+
+void CRYPTO_mem_leaks(b)
+BIO *b;
+ {
+ MEM_LEAK ml;
+ char buf[80];
+
+ if (mh == NULL) return;
+ ml.bio=b;
+ ml.bytes=0;
+ ml.chunks=0;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ lh_doall_arg(mh,(void (*)())print_leak,(char *)&ml);
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ if (ml.chunks != 0)
+ {
+ sprintf(buf,"%ld bytes leaked in %d chunks\n",
+ ml.bytes,ml.chunks);
+ BIO_puts(b,buf);
+ }
+ /*
+ lh_stats_bio(mh,b);
+ lh_node_stats_bio(mh,b);
+ lh_node_usage_stats_bio(mh,b);
+ */
+ }
+
+static void (*mem_cb)()=NULL;
+
+static void cb_leak(m,cb)
+MEM *m;
+char *cb;
+ {
+ void (*mem_callback)()=(void (*)())cb;
+ mem_callback(m->order,m->file,m->line,m->num,m->addr);
+ }
+
+void CRYPTO_mem_leaks_cb(cb)
+void (*cb)();
+ {
+ if (mh == NULL) return;
+ CRYPTO_w_lock(CRYPTO_LOCK_MALLOC);
+ mem_cb=cb;
+ lh_doall_arg(mh,(void (*)())cb_leak,(char *)mem_cb);
+ mem_cb=NULL;
+ CRYPTO_w_unlock(CRYPTO_LOCK_MALLOC);
+ }
+
+#ifndef WIN16
+void CRYPTO_mem_leaks_fp(fp)
+FILE *fp;
+ {
+ BIO *b;
+
+ if (mh == NULL) return;
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ return;
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ CRYPTO_mem_leaks(b);
+ BIO_free(b);
+ }
+#endif
+
diff --git a/crypto/objects/Makefile.ssl b/crypto/objects/Makefile.ssl
new file mode 100644
index 0000000..148ac3c
--- /dev/null
+++ b/crypto/objects/Makefile.ssl
@@ -0,0 +1,87 @@
+#
+# SSLeay/crypto/objects/Makefile
+#
+
+DIR= objects
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=objects
+ERRC=obj_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= obj_dat.c obj_lib.c $(ERRC).c
+LIBOBJ= obj_dat.o obj_lib.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= objects.h
+HEADER= $(EXHEADER) obj_dat.h
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: obj_dat.h lib
+
+obj_dat.h: objects.h obj_dat.pl
+ perl ./obj_dat.pl < objects.h > obj_dat.h
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/objects/obj_dat.c b/crypto/objects/obj_dat.c
new file mode 100644
index 0000000..86c3d38
--- /dev/null
+++ b/crypto/objects/obj_dat.c
@@ -0,0 +1,501 @@
+/* crypto/objects/obj_dat.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "asn1.h"
+#include "objects.h"
+
+/* obj_dat.h is generated from objects.h by obj_dat.pl */
+#include "obj_dat.h"
+
+#ifndef NOPROTO
+static int sn_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+static int ln_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+static int obj_cmp(ASN1_OBJECT **a, ASN1_OBJECT **b);
+#else
+static int sn_cmp();
+static int ln_cmp();
+static int obj_cmp();
+#endif
+
+#define ADDED_DATA 0
+#define ADDED_SNAME 1
+#define ADDED_LNAME 2
+#define ADDED_NID 3
+
+typedef struct added_obj_st
+ {
+ int type;
+ ASN1_OBJECT *obj;
+ } ADDED_OBJ;
+
+static int new_nid=NUM_NID;
+static LHASH *added=NULL;
+
+static int sn_cmp(ap,bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+ { return(strcmp((*ap)->sn,(*bp)->sn)); }
+
+static int ln_cmp(ap,bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+ { return(strcmp((*ap)->ln,(*bp)->ln)); }
+
+static unsigned long add_hash(ca)
+ADDED_OBJ *ca;
+ {
+ ASN1_OBJECT *a;
+ int i;
+ unsigned long ret=0;
+ unsigned char *p;
+
+ a=ca->obj;
+ switch (ca->type)
+ {
+ case ADDED_DATA:
+ ret=a->length<<20L;
+ p=(unsigned char *)a->data;
+ for (i=0; i<a->length; i++)
+ ret^=p[i]<<((i*3)%24);
+ break;
+ case ADDED_SNAME:
+ ret=lh_strhash(a->sn);
+ break;
+ case ADDED_LNAME:
+ ret=lh_strhash(a->ln);
+ break;
+ case ADDED_NID:
+ ret=a->nid;
+ break;
+ default:
+ abort();
+ }
+ ret&=0x3fffffff;
+ ret|=ca->type<<30L;
+ return(ret);
+ }
+
+static int add_cmp(ca,cb)
+ADDED_OBJ *ca,*cb;
+ {
+ ASN1_OBJECT *a,*b;
+ int i;
+
+ i=ca->type-cb->type;
+ if (i) return(i);
+ a=ca->obj;
+ b=cb->obj;
+ switch (ca->type)
+ {
+ case ADDED_DATA:
+ i=(a->length - b->length);
+ if (i) return(i);
+ return(memcmp(a->data,b->data,a->length));
+ case ADDED_SNAME:
+ if (a->sn == NULL) return(-1);
+ else if (b->sn == NULL) return(1);
+ else return(strcmp(a->sn,b->sn));
+ case ADDED_LNAME:
+ if (a->ln == NULL) return(-1);
+ else if (b->ln == NULL) return(1);
+ else return(strcmp(a->ln,b->ln));
+ case ADDED_NID:
+ return(a->nid-b->nid);
+ default:
+ abort();
+ }
+ }
+
+static int init_added()
+ {
+ if (added != NULL) return(1);
+ added=lh_new(add_hash,add_cmp);
+ return(added != NULL);
+ }
+
+static void cleanup1(a)
+ADDED_OBJ *a;
+ {
+ a->obj->nid=0;
+ a->obj->flags|=ASN1_OBJECT_FLAG_DYNAMIC|
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS;
+ }
+
+static void cleanup2(a)
+ADDED_OBJ *a;
+ { a->obj->nid++; }
+
+static void cleanup3(a)
+ADDED_OBJ *a;
+ {
+ if (--a->obj->nid == 0)
+ ASN1_OBJECT_free(a->obj);
+ Free(a);
+ }
+
+void OBJ_cleanup()
+ {
+ if (added == NULL) return;
+ added->down_load=0;
+ lh_doall(added,cleanup1); /* zero counters */
+ lh_doall(added,cleanup2); /* set counters */
+ lh_doall(added,cleanup3); /* free objects */
+ lh_free(added);
+ }
+
+int OBJ_new_nid(num)
+int num;
+ {
+ int i;
+
+ i=new_nid;
+ new_nid+=num;
+ return(i);
+ }
+
+int OBJ_add_object(obj)
+ASN1_OBJECT *obj;
+ {
+ ASN1_OBJECT *o;
+ ADDED_OBJ *ao[4],*aop;
+ int i;
+
+ if (added == NULL)
+ if (!init_added()) return(0);
+ if ((o=OBJ_dup(obj)) == NULL) goto err;
+ ao[ADDED_DATA]=NULL;
+ ao[ADDED_SNAME]=NULL;
+ ao[ADDED_LNAME]=NULL;
+ ao[ADDED_NID]=NULL;
+ ao[ADDED_NID]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+ if ((o->length != 0) && (obj->data != NULL))
+ ao[ADDED_DATA]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+ if (o->sn != NULL)
+ ao[ADDED_SNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+ if (o->ln != NULL)
+ ao[ADDED_LNAME]=(ADDED_OBJ *)Malloc(sizeof(ADDED_OBJ));
+
+ for (i=ADDED_DATA; i<=ADDED_NID; i++)
+ {
+ if (ao[i] != NULL)
+ {
+ ao[i]->type=i;
+ ao[i]->obj=o;
+ aop=(ADDED_OBJ *)lh_insert(added,(char *)ao[i]);
+ /* memory leak, buit should not normally matter */
+ if (aop != NULL)
+ Free(aop);
+ }
+ }
+ o->flags&= ~(ASN1_OBJECT_FLAG_DYNAMIC|ASN1_OBJECT_FLAG_DYNAMIC_STRINGS);
+ return(o->nid);
+err:
+ for (i=ADDED_DATA; i<=ADDED_NID; i++)
+ if (ao[i] != NULL) Free(ao[i]);
+ if (o != NULL) Free(o);
+ return(0);
+ }
+
+ASN1_OBJECT *OBJ_nid2obj(n)
+int n;
+ {
+ ADDED_OBJ ad,*adp;
+ ASN1_OBJECT ob;
+
+ if ((n >= 0) && (n < NUM_NID))
+ {
+ if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+ {
+ OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return((ASN1_OBJECT *)&(nid_objs[n]));
+ }
+ else if (added == NULL)
+ return(NULL);
+ else
+ {
+ ad.type=ADDED_NID;
+ ad.obj= &ob;
+ ob.nid=n;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL)
+ return(adp->obj);
+ else
+ {
+ OBJerr(OBJ_F_OBJ_NID2OBJ,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ }
+ }
+
+char *OBJ_nid2sn(n)
+int n;
+ {
+ ADDED_OBJ ad,*adp;
+ ASN1_OBJECT ob;
+
+ if ((n >= 0) && (n < NUM_NID))
+ {
+ if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+ {
+ OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return(nid_objs[n].sn);
+ }
+ else if (added == NULL)
+ return(NULL);
+ else
+ {
+ ad.type=ADDED_NID;
+ ad.obj= &ob;
+ ob.nid=n;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL)
+ return(adp->obj->sn);
+ else
+ {
+ OBJerr(OBJ_F_OBJ_NID2SN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ }
+ }
+
+char *OBJ_nid2ln(n)
+int n;
+ {
+ ADDED_OBJ ad,*adp;
+ ASN1_OBJECT ob;
+
+ if ((n >= 0) && (n < NUM_NID))
+ {
+ if ((n != NID_undef) && (nid_objs[n].nid == NID_undef))
+ {
+ OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return(nid_objs[n].ln);
+ }
+ else if (added == NULL)
+ return(NULL);
+ else
+ {
+ ad.type=ADDED_NID;
+ ad.obj= &ob;
+ ob.nid=n;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL)
+ return(adp->obj->ln);
+ else
+ {
+ OBJerr(OBJ_F_OBJ_NID2LN,OBJ_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ }
+ }
+
+int OBJ_obj2nid(a)
+ASN1_OBJECT *a;
+ {
+ ASN1_OBJECT **op;
+ ADDED_OBJ ad,*adp;
+
+ if (a == NULL)
+ return(NID_undef);
+ if (a->nid != 0)
+ return(a->nid);
+
+ if (added != NULL)
+ {
+ ad.type=ADDED_DATA;
+ ad.obj=a;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL) return (adp->obj->nid);
+ }
+ op=(ASN1_OBJECT **)OBJ_bsearch((char *)&a,(char *)obj_objs,NUM_OBJ,
+ sizeof(ASN1_OBJECT *),(int (*)())obj_cmp);
+ if (op == NULL)
+ return(NID_undef);
+ return((*op)->nid);
+ }
+
+int OBJ_txt2nid(s)
+char *s;
+ {
+ int ret;
+
+ ret=OBJ_sn2nid(s);
+ if (ret == NID_undef)
+ return(OBJ_ln2nid(s));
+ else
+ return(ret);
+ }
+
+int OBJ_ln2nid(s)
+char *s;
+ {
+ ASN1_OBJECT o,*oo= &o,**op;
+ ADDED_OBJ ad,*adp;
+
+ o.ln=s;
+ if (added != NULL)
+ {
+ ad.type=ADDED_LNAME;
+ ad.obj= &o;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL) return (adp->obj->nid);
+ }
+ op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)ln_objs,NUM_LN,
+ sizeof(ASN1_OBJECT *),(int (*)())ln_cmp);
+ if (op == NULL) return(NID_undef);
+ return((*op)->nid);
+ }
+
+int OBJ_sn2nid(s)
+char *s;
+ {
+ ASN1_OBJECT o,*oo= &o,**op;
+ ADDED_OBJ ad,*adp;
+
+ o.sn=s;
+ if (added != NULL)
+ {
+ ad.type=ADDED_SNAME;
+ ad.obj= &o;
+ adp=(ADDED_OBJ *)lh_retrieve(added,(char *)&ad);
+ if (adp != NULL) return (adp->obj->nid);
+ }
+ op=(ASN1_OBJECT **)OBJ_bsearch((char *)&oo,(char *)sn_objs,NUM_SN,
+ sizeof(ASN1_OBJECT *),(int (*)())sn_cmp);
+ if (op == NULL) return(NID_undef);
+ return((*op)->nid);
+ }
+
+static int obj_cmp(ap, bp)
+ASN1_OBJECT **ap;
+ASN1_OBJECT **bp;
+ {
+ int j;
+ ASN1_OBJECT *a= *ap;
+ ASN1_OBJECT *b= *bp;
+
+ j=(a->length - b->length);
+ if (j) return(j);
+ return(memcmp(a->data,b->data,a->length));
+ }
+
+char *OBJ_bsearch(key,base,num,size,cmp)
+char *key;
+char *base;
+int num;
+int size;
+int (*cmp)();
+ {
+ int l,h,i,c;
+ char *p;
+
+ if (num == 0) return(NULL);
+ l=0;
+ h=num;
+ while (l < h)
+ {
+ i=(l+h)/2;
+ p= &(base[i*size]);
+ c=(*cmp)(key,p);
+ if (c < 0)
+ h=i;
+ else if (c > 0)
+ l=i+1;
+ else
+ return(p);
+ }
+ return(NULL);
+ }
+
+int OBJ_create_and_add_object(oid,sn,ln)
+char *oid;
+char *sn;
+char *ln;
+ {
+ int ok=0;
+ ASN1_OBJECT *op=NULL;
+ unsigned char *buf;
+ int i;
+
+ i=a2d_ASN1_OBJECT(NULL,0,oid,-1);
+ if (i <= 0) return(0);
+
+ if ((buf=(unsigned char *)Malloc(i)) == NULL)
+ {
+ OBJerr(OBJ_F_OBJ_CREATE_AND_ADD_OBJECT,OBJ_R_MALLOC_FAILURE);
+ return(0);
+ }
+ i=a2d_ASN1_OBJECT(buf,i,oid,-1);
+ op=(ASN1_OBJECT *)ASN1_OBJECT_create(OBJ_new_nid(1),buf,i,sn,ln);
+ if (op == NULL)
+ goto err;
+ ok=OBJ_add_object(op);
+err:
+ ASN1_OBJECT_free(op);
+ Free((char *)buf);
+ return(ok);
+ }
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
new file mode 100644
index 0000000..4b79abd
--- /dev/null
+++ b/crypto/objects/obj_dat.h
@@ -0,0 +1,541 @@
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+#define NUM_NID 97
+#define NUM_SN 70
+#define NUM_LN 96
+#define NUM_OBJ 78
+
+static unsigned char lvalues[515]={
+0x2A,0x86,0x48,0x86,0xF7,0x0D, /* [ 0] OBJ_rsadsi */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01, /* [ 6] OBJ_pkcs */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x02, /* [ 13] OBJ_md2 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x02,0x05, /* [ 21] OBJ_md5 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x04, /* [ 29] OBJ_rc4 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x01,/* [ 37] OBJ_rsaEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x02,/* [ 46] OBJ_md2WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x04,/* [ 55] OBJ_md5WithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x01,/* [ 64] OBJ_pbeWithMD2AndDES_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x03,/* [ 73] OBJ_pbeWithMD5AndDES_CBC */
+0x55, /* [ 82] OBJ_X500 */
+0x55,0x04, /* [ 83] OBJ_X509 */
+0x55,0x04,0x03, /* [ 85] OBJ_commonName */
+0x55,0x04,0x06, /* [ 88] OBJ_countryName */
+0x55,0x04,0x07, /* [ 91] OBJ_localityName */
+0x55,0x04,0x08, /* [ 94] OBJ_stateOrProvinceName */
+0x55,0x04,0x0A, /* [ 97] OBJ_organizationName */
+0x55,0x04,0x0B, /* [100] OBJ_organizationalUnitName */
+0x55,0x08,0x01,0x01, /* [103] OBJ_rsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07, /* [107] OBJ_pkcs7 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x01,/* [115] OBJ_pkcs7_data */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x02,/* [124] OBJ_pkcs7_signed */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x03,/* [133] OBJ_pkcs7_enveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x04,/* [142] OBJ_pkcs7_signedAndEnveloped */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x05,/* [151] OBJ_pkcs7_digest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x07,0x06,/* [160] OBJ_pkcs7_encrypted */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03, /* [169] OBJ_pkcs3 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x03,0x01,/* [177] OBJ_dhKeyAgreement */
+0x2B,0x0E,0x03,0x02,0x06, /* [186] OBJ_des_ecb */
+0x2B,0x0E,0x03,0x02,0x09, /* [191] OBJ_des_cfb64 */
+0x2B,0x0E,0x03,0x02,0x07, /* [196] OBJ_des_cbc */
+0x2B,0x0E,0x03,0x02,0x11, /* [201] OBJ_des_ede */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x02, /* [206] OBJ_rc2_cbc */
+0x2B,0x0E,0x03,0x02,0x12, /* [214] OBJ_sha */
+0x2B,0x0E,0x03,0x02,0x0F, /* [219] OBJ_shaWithRSAEncryption */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x03,0x07, /* [224] OBJ_des_ede3_cbc */
+0x2B,0x0E,0x03,0x02,0x08, /* [232] OBJ_des_ofb64 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09, /* [237] OBJ_pkcs9 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x01,/* [245] OBJ_pkcs9_emailAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x02,/* [254] OBJ_pkcs9_unstructuredName */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x03,/* [263] OBJ_pkcs9_contentType */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x04,/* [272] OBJ_pkcs9_messageDigest */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x05,/* [281] OBJ_pkcs9_signingTime */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x06,/* [290] OBJ_pkcs9_countersignature */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x07,/* [299] OBJ_pkcs9_challengePassword */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x08,/* [308] OBJ_pkcs9_unstructuredAddress */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x09,0x09,/* [317] OBJ_pkcs9_extCertAttributes */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42, /* [326] OBJ_netscape */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01, /* [333] OBJ_netscape_cert_extension */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02, /* [341] OBJ_netscape_data_type */
+0x2B,0x0E,0x03,0x02,0x1A, /* [349] OBJ_sha1 */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x01,0x05,/* [354] OBJ_sha1WithRSAEncryption */
+0x2B,0x0E,0x03,0x02,0x0D, /* [363] OBJ_dsaWithSHA */
+0x2B,0x0E,0x03,0x02,0x0C, /* [368] OBJ_dsa */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0B,/* [373] OBJ_pbeWithSHA1AndRC2_CBC */
+0x2A,0x86,0x48,0x86,0xF7,0x0D,0x01,0x05,0x0C,/* [382] OBJ_pbeWithSHA1AndRC4 */
+0x2B,0x0E,0x03,0x02,0x1B, /* [391] OBJ_dsaWithSHA1 */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x01,/* [396] OBJ_netscape_cert_type */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x02,/* [405] OBJ_netscape_base_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x03,/* [414] OBJ_netscape_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x04,/* [423] OBJ_netscape_ca_revocation_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x07,/* [432] OBJ_netscape_renewal_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x08,/* [441] OBJ_netscape_ca_policy_url */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0C,/* [450] OBJ_netscape_ssl_server_name */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x01,0x0D,/* [459] OBJ_netscape_comment */
+0x60,0x86,0x48,0x01,0x86,0xF8,0x42,0x02,0x05,/* [468] OBJ_netscape_cert_sequence */
+0x55,0x1D, /* [477] OBJ_ld_ce */
+0x55,0x1D,0x0E, /* [479] OBJ_subject_key_identifier */
+0x55,0x1D,0x0F, /* [482] OBJ_key_usage */
+0x55,0x1D,0x10, /* [485] OBJ_private_key_usage_period */
+0x55,0x1D,0x11, /* [488] OBJ_subject_alt_name */
+0x55,0x1D,0x12, /* [491] OBJ_issuer_alt_name */
+0x55,0x1D,0x13, /* [494] OBJ_basic_constraints */
+0x55,0x1D,0x14, /* [497] OBJ_crl_number */
+0x55,0x1D,0x20, /* [500] OBJ_certificate_policies */
+0x55,0x1D,0x23, /* [503] OBJ_authority_key_identifier */
+0x55,0x08,0x03,0x65, /* [506] OBJ_mdc2 */
+0x55,0x08,0x03,0x64, /* [510] OBJ_mdc2WithRSA */
+};
+
+static ASN1_OBJECT nid_objs[NUM_NID]={
+{"UNDEF","undefined",NID_undef,0,NULL},
+{"rsadsi","rsadsi",NID_rsadsi,6,&(lvalues[0]),0},
+{"pkcs","pkcs",NID_pkcs,7,&(lvalues[6]),0},
+{"MD2","md2",NID_md2,8,&(lvalues[13]),0},
+{"MD5","md5",NID_md5,8,&(lvalues[21]),0},
+{"RC4","rc4",NID_rc4,8,&(lvalues[29]),0},
+{"rsaEncryption","rsaEncryption",NID_rsaEncryption,9,&(lvalues[37]),0},
+{"RSA-MD2","md2WithRSAEncryption",NID_md2WithRSAEncryption,9,
+ &(lvalues[46]),0},
+{"RSA-MD5","md5WithRSAEncryption",NID_md5WithRSAEncryption,9,
+ &(lvalues[55]),0},
+{"pbeWithMD2AndDES-CBC","pbeWithMD2AndDES-CBC",
+ NID_pbeWithMD2AndDES_CBC,9,&(lvalues[64]),0},
+{"pbeWithMD5AndDES-CBC","pbeWithMD5AndDES-CBC",
+ NID_pbeWithMD5AndDES_CBC,9,&(lvalues[73]),0},
+{"X500","X500",NID_X500,1,&(lvalues[82]),0},
+{"X509","X509",NID_X509,2,&(lvalues[83]),0},
+{"CN","commonName",NID_commonName,3,&(lvalues[85]),0},
+{"C","countryName",NID_countryName,3,&(lvalues[88]),0},
+{"L","localityName",NID_localityName,3,&(lvalues[91]),0},
+{"ST","stateOrProvinceName",NID_stateOrProvinceName,3,&(lvalues[94]),0},
+{"O","organizationName",NID_organizationName,3,&(lvalues[97]),0},
+{"OU","organizationalUnitName",NID_organizationalUnitName,3,
+ &(lvalues[100]),0},
+{"RSA","rsa",NID_rsa,4,&(lvalues[103]),0},
+{"pkcs7","pkcs7",NID_pkcs7,8,&(lvalues[107]),0},
+{"pkcs7-data","pkcs7-data",NID_pkcs7_data,9,&(lvalues[115]),0},
+{"pkcs7-signedData","pkcs7-signedData",NID_pkcs7_signed,9,
+ &(lvalues[124]),0},
+{"pkcs7-envelopedData","pkcs7-envelopedData",NID_pkcs7_enveloped,9,
+ &(lvalues[133]),0},
+{"pkcs7-signedAndEnvelopedData","pkcs7-signedAndEnvelopedData",
+ NID_pkcs7_signedAndEnveloped,9,&(lvalues[142]),0},
+{"pkcs7-digestData","pkcs7-digestData",NID_pkcs7_digest,9,
+ &(lvalues[151]),0},
+{"pkcs7-encryptedData","pkcs7-encryptedData",NID_pkcs7_encrypted,9,
+ &(lvalues[160]),0},
+{"pkcs3","pkcs3",NID_pkcs3,8,&(lvalues[169]),0},
+{"dhKeyAgreement","dhKeyAgreement",NID_dhKeyAgreement,9,
+ &(lvalues[177]),0},
+{"DES-ECB","des-ecb",NID_des_ecb,5,&(lvalues[186]),0},
+{"DES-CFB","des-cfb",NID_des_cfb64,5,&(lvalues[191]),0},
+{"DES-CBC","des-cbc",NID_des_cbc,5,&(lvalues[196]),0},
+{"DES-EDE","des-ede",NID_des_ede,5,&(lvalues[201]),0},
+{"DES-EDE3","des-ede3",NID_des_ede3,0,NULL},
+{"IDEA-CBC","idea-cbc",NID_idea_cbc,0,NULL},
+{"IDEA-CFB","idea-cfb",NID_idea_cfb64,0,NULL},
+{"IDEA-ECB","idea-ecb",NID_idea_ecb,0,NULL},
+{"RC2-CBC","rc2-cbc",NID_rc2_cbc,8,&(lvalues[206]),0},
+{"RC2-ECB","rc2-ecb",NID_rc2_ecb,0,NULL},
+{"RC2-CFB","rc2-cfb",NID_rc2_cfb64,0,NULL},
+{"RC2-OFB","rc2-ofb",NID_rc2_ofb64,0,NULL},
+{"SHA","sha",NID_sha,5,&(lvalues[214]),0},
+{"RSA-SHA","shaWithRSAEncryption",NID_shaWithRSAEncryption,5,
+ &(lvalues[219]),0},
+{"DES-EDE-CBC","des-ede-cbc",NID_des_ede_cbc,0,NULL},
+{"DES-EDE3-CBC","des-ede3-cbc",NID_des_ede3_cbc,8,&(lvalues[224]),0},
+{"DES-OFB","des-ofb",NID_des_ofb64,5,&(lvalues[232]),0},
+{"IDEA-OFB","idea-ofb",NID_idea_ofb64,0,NULL},
+{"pkcs9","pkcs9",NID_pkcs9,8,&(lvalues[237]),0},
+{"Email","emailAddress",NID_pkcs9_emailAddress,9,&(lvalues[245]),0},
+{"unstructuredName","unstructuredName",NID_pkcs9_unstructuredName,9,
+ &(lvalues[254]),0},
+{"contentType","contentType",NID_pkcs9_contentType,9,&(lvalues[263]),0},
+{"messageDigest","messageDigest",NID_pkcs9_messageDigest,9,
+ &(lvalues[272]),0},
+{"signingTime","signingTime",NID_pkcs9_signingTime,9,&(lvalues[281]),0},
+{"countersignature","countersignature",NID_pkcs9_countersignature,9,
+ &(lvalues[290]),0},
+{"challengePassword","challengePassword",NID_pkcs9_challengePassword,
+ 9,&(lvalues[299]),0},
+{"unstructuredAddress","unstructuredAddress",
+ NID_pkcs9_unstructuredAddress,9,&(lvalues[308]),0},
+{"extendedCertificateAttributes","extendedCertificateAttributes",
+ NID_pkcs9_extCertAttributes,9,&(lvalues[317]),0},
+{"Netscape","Netscape Communications Corp.",NID_netscape,7,
+ &(lvalues[326]),0},
+{"nsCertExt","Netscape Certificate Extension",
+ NID_netscape_cert_extension,8,&(lvalues[333]),0},
+{"nsDataType","Netscape Data Type",NID_netscape_data_type,8,
+ &(lvalues[341]),0},
+{"DES-EDE-CFB","des-ede-cfb",NID_des_ede_cfb64,0,NULL},
+{"DES-EDE3-CFB","des-ede3-cfb",NID_des_ede3_cfb64,0,NULL},
+{"DES-EDE-OFB","des-ede-ofb",NID_des_ede_ofb64,0,NULL},
+{"DES-EDE3-OFB","des-ede3-ofb",NID_des_ede3_ofb64,0,NULL},
+{"SHA1","sha1",NID_sha1,5,&(lvalues[349]),0},
+{"RSA-SHA1","sha1WithRSAEncryption",NID_sha1WithRSAEncryption,9,
+ &(lvalues[354]),0},
+{"DSA-SHA","dsaWithSHA",NID_dsaWithSHA,5,&(lvalues[363]),0},
+{"DSA","dsaEncryption",NID_dsa,5,&(lvalues[368]),0},
+{"pbeWithSHA1AndRC2-CBC","pbeWithSHA1AndRC2-CBC",
+ NID_pbeWithSHA1AndRC2_CBC,9,&(lvalues[373]),0},
+{"pbeWithSHA1AndRC4","pbeWithSHA1AndRC4",NID_pbeWithSHA1AndRC4,9,
+ &(lvalues[382]),0},
+{"DSA-SHA1","dsaWithSHA1",NID_dsaWithSHA1,5,&(lvalues[391]),0},
+{"nsCertType","Netscape Cert Type",NID_netscape_cert_type,9,
+ &(lvalues[396]),0},
+{"nsBaseUrl","Netscape Base Url",NID_netscape_base_url,9,
+ &(lvalues[405]),0},
+{"nsRevocationUrl","Netscape Revocation Url",
+ NID_netscape_revocation_url,9,&(lvalues[414]),0},
+{"nsCaRevocationUrl","Netscape CA Revocation Url",
+ NID_netscape_ca_revocation_url,9,&(lvalues[423]),0},
+{"nsRenewalUrl","Netscape Renewal Url",NID_netscape_renewal_url,9,
+ &(lvalues[432]),0},
+{"nsCaPolicyUrl","Netscape CA Policy Url",NID_netscape_ca_policy_url,
+ 9,&(lvalues[441]),0},
+{"nsSslServerName","Netscape SSL Server Name",
+ NID_netscape_ssl_server_name,9,&(lvalues[450]),0},
+{"nsComment","Netscape Comment",NID_netscape_comment,9,&(lvalues[459]),0},
+{"nsCertSequence","Netscape Certificate Sequence",
+ NID_netscape_cert_sequence,9,&(lvalues[468]),0},
+{"DESX-CBC","desx-cbc",NID_desx_cbc,0,NULL},
+{"ld-ce","ld-ce",NID_ld_ce,2,&(lvalues[477]),0},
+{"subjectKeyIdentifier","X509v3 Subject Key Identifier",
+ NID_subject_key_identifier,3,&(lvalues[479]),0},
+{"keyUsage","X509v3 Key Usage",NID_key_usage,3,&(lvalues[482]),0},
+{"privateKeyUsagePeriod","X509v3 Private Key Usage Period",
+ NID_private_key_usage_period,3,&(lvalues[485]),0},
+{"subjectAltName","X509v3 Subject Alternative Name",
+ NID_subject_alt_name,3,&(lvalues[488]),0},
+{"issuerAltName","X509v3 Issuer Alternative Name",NID_issuer_alt_name,
+ 3,&(lvalues[491]),0},
+{"basicConstraints","X509v3 Basic Constraints",NID_basic_constraints,
+ 3,&(lvalues[494]),0},
+{"crlNumber","X509v3 CRL Number",NID_crl_number,3,&(lvalues[497]),0},
+{"certificatePolicies","X509v3 Certificate Policies",
+ NID_certificate_policies,3,&(lvalues[500]),0},
+{"authorityKeyIdentifier","X509v3 Authority Key Identifier",
+ NID_authority_key_identifier,3,&(lvalues[503]),0},
+{"BF-CBC","bf-cbc",NID_bf_cbc,0,NULL},
+{"BF-ECB","bf-ecb",NID_bf_ecb,0,NULL},
+{"BF-CFB","bf-cfb",NID_bf_cfb64,0,NULL},
+{"BF-OFB","bf-ofb",NID_bf_ofb64,0,NULL},
+{"MDC2","mdc2",NID_mdc2,4,&(lvalues[506]),0},
+{"RSA-MDC2","mdc2withRSA",NID_mdc2WithRSA,4,&(lvalues[510]),0},
+};
+
+static ASN1_OBJECT *sn_objs[NUM_SN]={
+&(nid_objs[91]),/* "BF-CBC" */
+&(nid_objs[93]),/* "BF-CFB" */
+&(nid_objs[92]),/* "BF-ECB" */
+&(nid_objs[94]),/* "BF-OFB" */
+&(nid_objs[14]),/* "C" */
+&(nid_objs[13]),/* "CN" */
+&(nid_objs[31]),/* "DES-CBC" */
+&(nid_objs[30]),/* "DES-CFB" */
+&(nid_objs[29]),/* "DES-ECB" */
+&(nid_objs[32]),/* "DES-EDE" */
+&(nid_objs[43]),/* "DES-EDE-CBC" */
+&(nid_objs[60]),/* "DES-EDE-CFB" */
+&(nid_objs[62]),/* "DES-EDE-OFB" */
+&(nid_objs[33]),/* "DES-EDE3" */
+&(nid_objs[44]),/* "DES-EDE3-CBC" */
+&(nid_objs[61]),/* "DES-EDE3-CFB" */
+&(nid_objs[63]),/* "DES-EDE3-OFB" */
+&(nid_objs[45]),/* "DES-OFB" */
+&(nid_objs[80]),/* "DESX-CBC" */
+&(nid_objs[67]),/* "DSA" */
+&(nid_objs[66]),/* "DSA-SHA" */
+&(nid_objs[70]),/* "DSA-SHA1" */
+&(nid_objs[48]),/* "Email" */
+&(nid_objs[34]),/* "IDEA-CBC" */
+&(nid_objs[35]),/* "IDEA-CFB" */
+&(nid_objs[36]),/* "IDEA-ECB" */
+&(nid_objs[46]),/* "IDEA-OFB" */
+&(nid_objs[15]),/* "L" */
+&(nid_objs[ 3]),/* "MD2" */
+&(nid_objs[ 4]),/* "MD5" */
+&(nid_objs[95]),/* "MDC2" */
+&(nid_objs[57]),/* "Netscape" */
+&(nid_objs[17]),/* "O" */
+&(nid_objs[18]),/* "OU" */
+&(nid_objs[37]),/* "RC2-CBC" */
+&(nid_objs[39]),/* "RC2-CFB" */
+&(nid_objs[38]),/* "RC2-ECB" */
+&(nid_objs[40]),/* "RC2-OFB" */
+&(nid_objs[ 5]),/* "RC4" */
+&(nid_objs[19]),/* "RSA" */
+&(nid_objs[ 7]),/* "RSA-MD2" */
+&(nid_objs[ 8]),/* "RSA-MD5" */
+&(nid_objs[96]),/* "RSA-MDC2" */
+&(nid_objs[42]),/* "RSA-SHA" */
+&(nid_objs[65]),/* "RSA-SHA1" */
+&(nid_objs[41]),/* "SHA" */
+&(nid_objs[64]),/* "SHA1" */
+&(nid_objs[16]),/* "ST" */
+&(nid_objs[ 0]),/* "UNDEF" */
+&(nid_objs[90]),/* "authorityKeyIdentifier" */
+&(nid_objs[87]),/* "basicConstraints" */
+&(nid_objs[89]),/* "certificatePolicies" */
+&(nid_objs[88]),/* "crlNumber" */
+&(nid_objs[86]),/* "issuerAltName" */
+&(nid_objs[83]),/* "keyUsage" */
+&(nid_objs[81]),/* "ld-ce" */
+&(nid_objs[72]),/* "nsBaseUrl" */
+&(nid_objs[76]),/* "nsCaPolicyUrl" */
+&(nid_objs[74]),/* "nsCaRevocationUrl" */
+&(nid_objs[58]),/* "nsCertExt" */
+&(nid_objs[79]),/* "nsCertSequence" */
+&(nid_objs[71]),/* "nsCertType" */
+&(nid_objs[78]),/* "nsComment" */
+&(nid_objs[59]),/* "nsDataType" */
+&(nid_objs[75]),/* "nsRenewalUrl" */
+&(nid_objs[73]),/* "nsRevocationUrl" */
+&(nid_objs[77]),/* "nsSslServerName" */
+&(nid_objs[84]),/* "privateKeyUsagePeriod" */
+&(nid_objs[85]),/* "subjectAltName" */
+&(nid_objs[82]),/* "subjectKeyIdentifier" */
+};
+
+static ASN1_OBJECT *ln_objs[NUM_LN]={
+&(nid_objs[72]),/* "Netscape Base Url" */
+&(nid_objs[76]),/* "Netscape CA Policy Url" */
+&(nid_objs[74]),/* "Netscape CA Revocation Url" */
+&(nid_objs[71]),/* "Netscape Cert Type" */
+&(nid_objs[58]),/* "Netscape Certificate Extension" */
+&(nid_objs[79]),/* "Netscape Certificate Sequence" */
+&(nid_objs[78]),/* "Netscape Comment" */
+&(nid_objs[57]),/* "Netscape Communications Corp." */
+&(nid_objs[59]),/* "Netscape Data Type" */
+&(nid_objs[75]),/* "Netscape Renewal Url" */
+&(nid_objs[73]),/* "Netscape Revocation Url" */
+&(nid_objs[77]),/* "Netscape SSL Server Name" */
+&(nid_objs[11]),/* "X500" */
+&(nid_objs[12]),/* "X509" */
+&(nid_objs[90]),/* "X509v3 Authority Key Identifier" */
+&(nid_objs[87]),/* "X509v3 Basic Constraints" */
+&(nid_objs[88]),/* "X509v3 CRL Number" */
+&(nid_objs[89]),/* "X509v3 Certificate Policies" */
+&(nid_objs[86]),/* "X509v3 Issuer Alternative Name" */
+&(nid_objs[83]),/* "X509v3 Key Usage" */
+&(nid_objs[84]),/* "X509v3 Private Key Usage Period" */
+&(nid_objs[85]),/* "X509v3 Subject Alternative Name" */
+&(nid_objs[82]),/* "X509v3 Subject Key Identifier" */
+&(nid_objs[91]),/* "bf-cbc" */
+&(nid_objs[93]),/* "bf-cfb" */
+&(nid_objs[92]),/* "bf-ecb" */
+&(nid_objs[94]),/* "bf-ofb" */
+&(nid_objs[54]),/* "challengePassword" */
+&(nid_objs[13]),/* "commonName" */
+&(nid_objs[50]),/* "contentType" */
+&(nid_objs[53]),/* "countersignature" */
+&(nid_objs[14]),/* "countryName" */
+&(nid_objs[31]),/* "des-cbc" */
+&(nid_objs[30]),/* "des-cfb" */
+&(nid_objs[29]),/* "des-ecb" */
+&(nid_objs[32]),/* "des-ede" */
+&(nid_objs[43]),/* "des-ede-cbc" */
+&(nid_objs[60]),/* "des-ede-cfb" */
+&(nid_objs[62]),/* "des-ede-ofb" */
+&(nid_objs[33]),/* "des-ede3" */
+&(nid_objs[44]),/* "des-ede3-cbc" */
+&(nid_objs[61]),/* "des-ede3-cfb" */
+&(nid_objs[63]),/* "des-ede3-ofb" */
+&(nid_objs[45]),/* "des-ofb" */
+&(nid_objs[80]),/* "desx-cbc" */
+&(nid_objs[28]),/* "dhKeyAgreement" */
+&(nid_objs[67]),/* "dsaEncryption" */
+&(nid_objs[66]),/* "dsaWithSHA" */
+&(nid_objs[70]),/* "dsaWithSHA1" */
+&(nid_objs[48]),/* "emailAddress" */
+&(nid_objs[56]),/* "extendedCertificateAttributes" */
+&(nid_objs[34]),/* "idea-cbc" */
+&(nid_objs[35]),/* "idea-cfb" */
+&(nid_objs[36]),/* "idea-ecb" */
+&(nid_objs[46]),/* "idea-ofb" */
+&(nid_objs[15]),/* "localityName" */
+&(nid_objs[ 3]),/* "md2" */
+&(nid_objs[ 7]),/* "md2WithRSAEncryption" */
+&(nid_objs[ 4]),/* "md5" */
+&(nid_objs[ 8]),/* "md5WithRSAEncryption" */
+&(nid_objs[95]),/* "mdc2" */
+&(nid_objs[96]),/* "mdc2withRSA" */
+&(nid_objs[51]),/* "messageDigest" */
+&(nid_objs[17]),/* "organizationName" */
+&(nid_objs[18]),/* "organizationalUnitName" */
+&(nid_objs[ 9]),/* "pbeWithMD2AndDES-CBC" */
+&(nid_objs[10]),/* "pbeWithMD5AndDES-CBC" */
+&(nid_objs[68]),/* "pbeWithSHA1AndRC2-CBC" */
+&(nid_objs[69]),/* "pbeWithSHA1AndRC4" */
+&(nid_objs[ 2]),/* "pkcs" */
+&(nid_objs[27]),/* "pkcs3" */
+&(nid_objs[20]),/* "pkcs7" */
+&(nid_objs[21]),/* "pkcs7-data" */
+&(nid_objs[25]),/* "pkcs7-digestData" */
+&(nid_objs[26]),/* "pkcs7-encryptedData" */
+&(nid_objs[23]),/* "pkcs7-envelopedData" */
+&(nid_objs[24]),/* "pkcs7-signedAndEnvelopedData" */
+&(nid_objs[22]),/* "pkcs7-signedData" */
+&(nid_objs[47]),/* "pkcs9" */
+&(nid_objs[37]),/* "rc2-cbc" */
+&(nid_objs[39]),/* "rc2-cfb" */
+&(nid_objs[38]),/* "rc2-ecb" */
+&(nid_objs[40]),/* "rc2-ofb" */
+&(nid_objs[ 5]),/* "rc4" */
+&(nid_objs[19]),/* "rsa" */
+&(nid_objs[ 6]),/* "rsaEncryption" */
+&(nid_objs[ 1]),/* "rsadsi" */
+&(nid_objs[41]),/* "sha" */
+&(nid_objs[64]),/* "sha1" */
+&(nid_objs[65]),/* "sha1WithRSAEncryption" */
+&(nid_objs[42]),/* "shaWithRSAEncryption" */
+&(nid_objs[52]),/* "signingTime" */
+&(nid_objs[16]),/* "stateOrProvinceName" */
+&(nid_objs[ 0]),/* "undefined" */
+&(nid_objs[55]),/* "unstructuredAddress" */
+&(nid_objs[49]),/* "unstructuredName" */
+};
+
+static ASN1_OBJECT *obj_objs[NUM_OBJ]={
+&(nid_objs[11]),/* OBJ_X500 2 5 */
+&(nid_objs[12]),/* OBJ_X509 2 5 4 */
+&(nid_objs[81]),/* OBJ_ld_ce 2 5 29 */
+&(nid_objs[13]),/* OBJ_commonName 2 5 4 3 */
+&(nid_objs[14]),/* OBJ_countryName 2 5 4 6 */
+&(nid_objs[15]),/* OBJ_localityName 2 5 4 7 */
+&(nid_objs[16]),/* OBJ_stateOrProvinceName 2 5 4 8 */
+&(nid_objs[17]),/* OBJ_organizationName 2 5 4 10 */
+&(nid_objs[18]),/* OBJ_organizationalUnitName 2 5 4 11 */
+&(nid_objs[82]),/* OBJ_subject_key_identifier 2 5 29 14 */
+&(nid_objs[83]),/* OBJ_key_usage 2 5 29 15 */
+&(nid_objs[84]),/* OBJ_private_key_usage_period 2 5 29 16 */
+&(nid_objs[85]),/* OBJ_subject_alt_name 2 5 29 17 */
+&(nid_objs[86]),/* OBJ_issuer_alt_name 2 5 29 18 */
+&(nid_objs[87]),/* OBJ_basic_constraints 2 5 29 19 */
+&(nid_objs[88]),/* OBJ_crl_number 2 5 29 20 */
+&(nid_objs[89]),/* OBJ_certificate_policies 2 5 29 32 */
+&(nid_objs[90]),/* OBJ_authority_key_identifier 2 5 29 35 */
+&(nid_objs[19]),/* OBJ_rsa 2 5 8 1 1 */
+&(nid_objs[96]),/* OBJ_mdc2WithRSA 2 5 8 3 100 */
+&(nid_objs[95]),/* OBJ_mdc2 2 5 8 3 101 */
+&(nid_objs[29]),/* OBJ_des_ecb 1 3 14 3 2 6 */
+&(nid_objs[31]),/* OBJ_des_cbc 1 3 14 3 2 7 */
+&(nid_objs[45]),/* OBJ_des_ofb64 1 3 14 3 2 8 */
+&(nid_objs[30]),/* OBJ_des_cfb64 1 3 14 3 2 9 */
+&(nid_objs[67]),/* OBJ_dsa 1 3 14 3 2 12 */
+&(nid_objs[66]),/* OBJ_dsaWithSHA 1 3 14 3 2 13 */
+&(nid_objs[42]),/* OBJ_shaWithRSAEncryption 1 3 14 3 2 15 */
+&(nid_objs[32]),/* OBJ_des_ede 1 3 14 3 2 17 */
+&(nid_objs[41]),/* OBJ_sha 1 3 14 3 2 18 */
+&(nid_objs[64]),/* OBJ_sha1 1 3 14 3 2 26 */
+&(nid_objs[70]),/* OBJ_dsaWithSHA1 1 3 14 3 2 27 */
+&(nid_objs[ 1]),/* OBJ_rsadsi 1 2 840 113549 */
+&(nid_objs[ 2]),/* OBJ_pkcs 1 2 840 113549 1 */
+&(nid_objs[57]),/* OBJ_netscape 2 16 840 1 113730 */
+&(nid_objs[27]),/* OBJ_pkcs3 1 2 840 113549 1 3 */
+&(nid_objs[20]),/* OBJ_pkcs7 1 2 840 113549 1 7 */
+&(nid_objs[47]),/* OBJ_pkcs9 1 2 840 113549 1 9 */
+&(nid_objs[ 3]),/* OBJ_md2 1 2 840 113549 2 2 */
+&(nid_objs[ 4]),/* OBJ_md5 1 2 840 113549 2 5 */
+&(nid_objs[37]),/* OBJ_rc2_cbc 1 2 840 113549 3 2 */
+&(nid_objs[ 5]),/* OBJ_rc4 1 2 840 113549 3 4 */
+&(nid_objs[44]),/* OBJ_des_ede3_cbc 1 2 840 113549 3 7 */
+&(nid_objs[58]),/* OBJ_netscape_cert_extension 2 16 840 1 113730 1 */
+&(nid_objs[59]),/* OBJ_netscape_data_type 2 16 840 1 113730 2 */
+&(nid_objs[ 6]),/* OBJ_rsaEncryption 1 2 840 113549 1 1 1 */
+&(nid_objs[ 7]),/* OBJ_md2WithRSAEncryption 1 2 840 113549 1 1 2 */
+&(nid_objs[ 8]),/* OBJ_md5WithRSAEncryption 1 2 840 113549 1 1 4 */
+&(nid_objs[65]),/* OBJ_sha1WithRSAEncryption 1 2 840 113549 1 1 5 */
+&(nid_objs[28]),/* OBJ_dhKeyAgreement 1 2 840 113549 1 3 1 */
+&(nid_objs[ 9]),/* OBJ_pbeWithMD2AndDES_CBC 1 2 840 113549 1 5 1 */
+&(nid_objs[10]),/* OBJ_pbeWithMD5AndDES_CBC 1 2 840 113549 1 5 3 */
+&(nid_objs[68]),/* OBJ_pbeWithSHA1AndRC2_CBC 1 2 840 113549 1 5 11 */
+&(nid_objs[69]),/* OBJ_pbeWithSHA1AndRC4 1 2 840 113549 1 5 12 */
+&(nid_objs[21]),/* OBJ_pkcs7_data 1 2 840 113549 1 7 1 */
+&(nid_objs[22]),/* OBJ_pkcs7_signed 1 2 840 113549 1 7 2 */
+&(nid_objs[23]),/* OBJ_pkcs7_enveloped 1 2 840 113549 1 7 3 */
+&(nid_objs[24]),/* OBJ_pkcs7_signedAndEnveloped 1 2 840 113549 1 7 4 */
+&(nid_objs[25]),/* OBJ_pkcs7_digest 1 2 840 113549 1 7 5 */
+&(nid_objs[26]),/* OBJ_pkcs7_encrypted 1 2 840 113549 1 7 6 */
+&(nid_objs[48]),/* OBJ_pkcs9_emailAddress 1 2 840 113549 1 9 1 */
+&(nid_objs[49]),/* OBJ_pkcs9_unstructuredName 1 2 840 113549 1 9 2 */
+&(nid_objs[50]),/* OBJ_pkcs9_contentType 1 2 840 113549 1 9 3 */
+&(nid_objs[51]),/* OBJ_pkcs9_messageDigest 1 2 840 113549 1 9 4 */
+&(nid_objs[52]),/* OBJ_pkcs9_signingTime 1 2 840 113549 1 9 5 */
+&(nid_objs[53]),/* OBJ_pkcs9_countersignature 1 2 840 113549 1 9 6 */
+&(nid_objs[54]),/* OBJ_pkcs9_challengePassword 1 2 840 113549 1 9 7 */
+&(nid_objs[55]),/* OBJ_pkcs9_unstructuredAddress 1 2 840 113549 1 9 8 */
+&(nid_objs[56]),/* OBJ_pkcs9_extCertAttributes 1 2 840 113549 1 9 9 */
+&(nid_objs[71]),/* OBJ_netscape_cert_type 2 16 840 1 113730 1 1 */
+&(nid_objs[72]),/* OBJ_netscape_base_url 2 16 840 1 113730 1 2 */
+&(nid_objs[73]),/* OBJ_netscape_revocation_url 2 16 840 1 113730 1 3 */
+&(nid_objs[74]),/* OBJ_netscape_ca_revocation_url 2 16 840 1 113730 1 4 */
+&(nid_objs[75]),/* OBJ_netscape_renewal_url 2 16 840 1 113730 1 7 */
+&(nid_objs[76]),/* OBJ_netscape_ca_policy_url 2 16 840 1 113730 1 8 */
+&(nid_objs[77]),/* OBJ_netscape_ssl_server_name 2 16 840 1 113730 1 12 */
+&(nid_objs[78]),/* OBJ_netscape_comment 2 16 840 1 113730 1 13 */
+&(nid_objs[79]),/* OBJ_netscape_cert_sequence 2 16 840 1 113730 2 5 */
+};
+
diff --git a/crypto/objects/obj_dat.pl b/crypto/objects/obj_dat.pl
new file mode 100644
index 0000000..ebeb243
--- /dev/null
+++ b/crypto/objects/obj_dat.pl
@@ -0,0 +1,269 @@
+#!/usr/local/bin/perl
+
+sub obj_cmp
+ {
+ local(@a,@b,$_,$r);
+
+ $A=$obj_len{$obj{$nid{$a}}};
+ $B=$obj_len{$obj{$nid{$b}}};
+
+ $r=($A-$B);
+ return($r) if $r != 0;
+
+ $A=$obj_der{$obj{$nid{$a}}};
+ $B=$obj_der{$obj{$nid{$b}}};
+
+ return($A cmp $B);
+ }
+
+sub expand_obj
+ {
+ local(*v)=@_;
+ local($k,$d);
+ local($i);
+
+ do {
+ $i=0;
+ foreach $k (keys %v)
+ {
+ if (($v{$k} =~ s/(OBJ_[^,]+),/$v{$1},/))
+ { $i++; }
+ }
+ } while($i);
+ foreach $k (keys %v)
+ {
+ @a=split(/,/,$v{$k});
+ $objn{$k}=$#a+1;
+ }
+ return(%objn);
+ }
+
+while (<>)
+ {
+ next unless /^\#define\s+(\S+)\s+(.*)$/;
+ $v=$1;
+ $d=$2;
+ if ($v =~ /^SN_(.*)$/)
+ { $sn{$1}=$d; }
+ elsif ($v =~ /^LN_(.*)$/)
+ { $ln{$1}=$d; }
+ elsif ($v =~ /^NID_(.*)$/)
+ { $nid{$d}=$1; }
+ elsif ($v =~ /^OBJ_(.*)$/)
+ {
+ $obj{$1}=$v;
+ $objd{$v}=$d;
+ }
+ }
+
+%ob=&expand_obj(*objd);
+
+@a=sort { $a <=> $b } keys %nid;
+$n=$a[$#a]+1;
+
+@lvalues=();
+$lvalues=0;
+
+for ($i=0; $i<$n; $i++)
+ {
+ if (!defined($nid{$i}))
+ {
+ push(@out,"{NULL,NULL,NID_undef,0,NULL},\n");
+ }
+ else
+ {
+ $sn=defined($sn{$nid{$i}})?"$sn{$nid{$i}}":"NULL";
+ $ln=defined($ln{$nid{$i}})?"$ln{$nid{$i}}":"NULL";
+ $sn=$ln if ($sn eq "NULL");
+ $ln=$sn if ($ln eq "NULL");
+ $out ="{";
+ $out.=$sn;
+ $out.=",".$ln;
+ $out.=",NID_$nid{$i},";
+ if (defined($obj{$nid{$i}}))
+ {
+ $v=$objd{$obj{$nid{$i}}};
+ $v =~ s/L//g;
+ $v =~ s/,/ /g;
+ $r=&der_it($v);
+ $z="";
+ $length=0;
+ foreach (unpack("C*",$r))
+ {
+ $z.=sprintf("0x%02X,",$_);
+ $length++;
+ }
+ $obj_der{$obj{$nid{$i}}}=$z;
+ $obj_len{$obj{$nid{$i}}}=$length;
+
+ push(@lvalues,sprintf("%-45s/* [%3d] %s */\n",
+ $z,$lvalues,$obj{$nid{$i}}));
+ $out.="$length,&(lvalues[$lvalues]),0";
+ $lvalues+=$length;
+ }
+ else
+ {
+ $out.="0,NULL";
+ }
+ $out.="},\n";
+ push(@out,$out);
+ }
+ }
+
+@a=grep(defined($sn{$nid{$_}}),0 .. $n);
+foreach (sort { $sn{$nid{$a}} cmp $sn{$nid{$b}} } @a)
+ {
+ push(@sn,sprintf("&(nid_objs[%2d]),/* $sn{$nid{$_}} */\n",$_));
+ }
+
+@a=grep(defined($ln{$nid{$_}}),0 .. $n);
+foreach (sort { $ln{$nid{$a}} cmp $ln{$nid{$b}} } @a)
+ {
+ push(@ln,sprintf("&(nid_objs[%2d]),/* $ln{$nid{$_}} */\n",$_));
+ }
+
+@a=grep(defined($obj{$nid{$_}}),0 .. $n);
+foreach (sort obj_cmp @a)
+ {
+ $m=$obj{$nid{$_}};
+ $v=$objd{$m};
+ $v =~ s/L//g;
+ $v =~ s/,/ /g;
+ push(@ob,sprintf("&(nid_objs[%2d]),/* %-32s %s */\n",$_,$m,$v));
+ }
+
+print <<'EOF';
+/* lib/obj/obj_dat.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* THIS FILE IS GENERATED FROM Objects.h by obj_dat.pl via the
+ * following command:
+ * perl obj_dat.pl < objects.h > obj_dat.h
+ */
+
+EOF
+
+printf "#define NUM_NID %d\n",$n;
+printf "#define NUM_SN %d\n",$#sn+1;
+printf "#define NUM_LN %d\n",$#ln+1;
+printf "#define NUM_OBJ %d\n\n",$#ob+1;
+
+printf "static unsigned char lvalues[%d]={\n",$lvalues+1;
+print @lvalues;
+print "};\n\n";
+
+printf "static ASN1_OBJECT nid_objs[NUM_NID]={\n";
+foreach (@out)
+ {
+ if (length($_) > 75)
+ {
+ $out="";
+ foreach (split(/,/))
+ {
+ $t=$out.$_.",";
+ if (length($t) > 70)
+ {
+ print "$out\n";
+ $t="\t$_,";
+ }
+ $out=$t;
+ }
+ chop $out;
+ print "$out";
+ }
+ else
+ { print $_; }
+ }
+print "};\n\n";
+
+printf "static ASN1_OBJECT *sn_objs[NUM_SN]={\n";
+print @sn;
+print "};\n\n";
+
+printf "static ASN1_OBJECT *ln_objs[NUM_LN]={\n";
+print @ln;
+print "};\n\n";
+
+printf "static ASN1_OBJECT *obj_objs[NUM_OBJ]={\n";
+print @ob;
+print "};\n\n";
+
+sub der_it
+ {
+ local($v)=@_;
+ local(@a,$i,$ret,@r);
+
+ @a=split(/\s+/,$v);
+ $ret.=pack("C*",$a[0]*40+$a[1]);
+ shift @a;
+ shift @a;
+ while ($_=shift(@a))
+ {
+ @r=();
+ $t=0;
+ while ($_ >= 128)
+ {
+ $x=$_%128;
+ $_/=128;
+ push(@r,((($t++)?0x80:0)|$x));
+ }
+ push(@r,((($t++)?0x80:0)|$_));
+ $ret.=pack("C*",reverse(@r));
+ }
+ return($ret);
+ }
diff --git a/crypto/objects/obj_err.c b/crypto/objects/obj_err.c
new file mode 100644
index 0000000..bfc13d7
--- /dev/null
+++ b/crypto/objects/obj_err.c
@@ -0,0 +1,90 @@
+/* lib/obj/obj_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "objects.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA OBJ_str_functs[]=
+ {
+{ERR_PACK(0,OBJ_F_OBJ_CREATE_AND_ADD_OBJECT,0), "OBJ_create_and_add_object"},
+{ERR_PACK(0,OBJ_F_OBJ_DUP,0), "OBJ_dup"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2LN,0), "OBJ_nid2ln"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2OBJ,0), "OBJ_nid2obj"},
+{ERR_PACK(0,OBJ_F_OBJ_NID2SN,0), "OBJ_nid2sn"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA OBJ_str_reasons[]=
+ {
+{OBJ_R_MALLOC_FAILURE ,"malloc failure"},
+{OBJ_R_UNKNOWN_NID ,"unknown nid"},
+{0,NULL},
+ };
+
+void ERR_load_OBJ_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_OBJ,OBJ_str_functs);
+ ERR_load_strings(ERR_LIB_OBJ,OBJ_str_reasons);
+ }
+ }
diff --git a/crypto/objects/obj_lib.c b/crypto/objects/obj_lib.c
new file mode 100644
index 0000000..35a8d70
--- /dev/null
+++ b/crypto/objects/obj_lib.c
@@ -0,0 +1,126 @@
+/* crypto/objects/obj_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "objects.h"
+#include "buffer.h"
+
+ASN1_OBJECT *OBJ_dup(o)
+ASN1_OBJECT *o;
+ {
+ ASN1_OBJECT *r;
+ int i;
+
+ if (o == NULL) return(NULL);
+ if (!(o->flags & ASN1_OBJECT_FLAG_DYNAMIC))
+ return(o);
+
+ r=(ASN1_OBJECT *)ASN1_OBJECT_new();
+ if (r == NULL)
+ {
+ OBJerr(OBJ_F_OBJ_DUP,ERR_R_ASN1_LIB);
+ return(NULL);
+ }
+ r->data=(unsigned char *)Malloc(o->length);
+ if (r->data == NULL)
+ goto err;
+ memcpy(r->data,o->data,o->length);
+ r->length=o->length;
+ r->nid=o->nid;
+ r->ln=r->sn=NULL;
+ if (o->ln != NULL)
+ {
+ i=strlen(o->ln)+1;
+ r->ln=(char *)Malloc(i);
+ if (r->ln == NULL) goto err;
+ memcpy(r->ln,o->ln,i);
+ }
+
+ if (o->sn != NULL)
+ {
+ i=strlen(o->sn)+1;
+ r->sn=(char *)Malloc(i);
+ if (r->sn == NULL) goto err;
+ memcpy(r->sn,o->sn,i);
+ }
+ r->flags=o->flags|(ASN1_OBJECT_FLAG_DYNAMIC|
+ ASN1_OBJECT_FLAG_DYNAMIC_STRINGS);
+ return(r);
+err:
+ OBJerr(OBJ_F_OBJ_DUP,ERR_R_MALLOC_FAILURE);
+ if (r != NULL)
+ {
+ if (r->ln != NULL) Free(r->ln);
+ if (r->data != NULL) Free(r->data);
+ Free(r);
+ }
+ return(NULL);
+ }
+
+int OBJ_cmp(a,b)
+ASN1_OBJECT *a;
+ASN1_OBJECT *b;
+ {
+ int ret;
+
+ ret=(a->length-b->length);
+ if (ret) return(ret);
+ return(memcmp(a->data,b->data,a->length));
+ }
diff --git a/crypto/objects/objects.err b/crypto/objects/objects.err
new file mode 100644
index 0000000..3f8c54e
--- /dev/null
+++ b/crypto/objects/objects.err
@@ -0,0 +1,12 @@
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+#define OBJ_F_OBJ_CREATE_AND_ADD_OBJECT 100
+#define OBJ_F_OBJ_DUP 101
+#define OBJ_F_OBJ_NID2LN 102
+#define OBJ_F_OBJ_NID2OBJ 103
+#define OBJ_F_OBJ_NID2SN 104
+
+/* Reason codes. */
+#define OBJ_R_MALLOC_FAILURE 100
+#define OBJ_R_UNKNOWN_NID 101
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
new file mode 100644
index 0000000..e69cb71
--- /dev/null
+++ b/crypto/objects/objects.h
@@ -0,0 +1,584 @@
+/* crypto/objects/objects.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_OBJECTS_H
+#define HEADER_OBJECTS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define SN_undef "UNDEF"
+#define LN_undef "undefined"
+#define NID_undef 0
+
+#define SN_Algorithm "Algorithm"
+#define LN_algorithm "algorithm"
+#define NID_algorithm 38
+#define OBJ_algorithm 1L,3L,14L,3L,2L
+
+#define LN_rsadsi "rsadsi"
+#define NID_rsadsi 1
+#define OBJ_rsadsi 1L,2L,840L,113549L
+
+#define LN_pkcs "pkcs"
+#define NID_pkcs 2
+#define OBJ_pkcs OBJ_rsadsi,1L
+
+#define SN_md2 "MD2"
+#define LN_md2 "md2"
+#define NID_md2 3
+#define OBJ_md2 OBJ_rsadsi,2L,2L
+
+#define SN_md5 "MD5"
+#define LN_md5 "md5"
+#define NID_md5 4
+#define OBJ_md5 OBJ_rsadsi,2L,5L
+
+#define SN_rc4 "RC4"
+#define LN_rc4 "rc4"
+#define NID_rc4 5
+#define OBJ_rc4 OBJ_rsadsi,3L,4L
+
+#define LN_rsaEncryption "rsaEncryption"
+#define NID_rsaEncryption 6
+#define OBJ_rsaEncryption OBJ_pkcs,1L,1L
+
+#define SN_md2WithRSAEncryption "RSA-MD2"
+#define LN_md2WithRSAEncryption "md2WithRSAEncryption"
+#define NID_md2WithRSAEncryption 7
+#define OBJ_md2WithRSAEncryption OBJ_pkcs,1L,2L
+
+#define SN_md5WithRSAEncryption "RSA-MD5"
+#define LN_md5WithRSAEncryption "md5WithRSAEncryption"
+#define NID_md5WithRSAEncryption 8
+#define OBJ_md5WithRSAEncryption OBJ_pkcs,1L,4L
+
+#define LN_pbeWithMD2AndDES_CBC "pbeWithMD2AndDES-CBC"
+#define NID_pbeWithMD2AndDES_CBC 9
+#define OBJ_pbeWithMD2AndDES_CBC OBJ_pkcs,5L,1L
+
+#define LN_pbeWithMD5AndDES_CBC "pbeWithMD5AndDES-CBC"
+#define NID_pbeWithMD5AndDES_CBC 10
+#define OBJ_pbeWithMD5AndDES_CBC OBJ_pkcs,5L,3L
+
+#define LN_X500 "X500"
+#define NID_X500 11
+#define OBJ_X500 2L,5L
+
+#define LN_X509 "X509"
+#define NID_X509 12
+#define OBJ_X509 OBJ_X500,4L
+
+#define SN_commonName "CN"
+#define LN_commonName "commonName"
+#define NID_commonName 13
+#define OBJ_commonName OBJ_X509,3L
+
+#define SN_countryName "C"
+#define LN_countryName "countryName"
+#define NID_countryName 14
+#define OBJ_countryName OBJ_X509,6L
+
+#define SN_localityName "L"
+#define LN_localityName "localityName"
+#define NID_localityName 15
+#define OBJ_localityName OBJ_X509,7L
+
+/* Postal Address? PA */
+
+/* should be "ST" (rfc1327) but MS uses 'S' */
+#define SN_stateOrProvinceName "ST"
+#define LN_stateOrProvinceName "stateOrProvinceName"
+#define NID_stateOrProvinceName 16
+#define OBJ_stateOrProvinceName OBJ_X509,8L
+
+#define SN_organizationName "O"
+#define LN_organizationName "organizationName"
+#define NID_organizationName 17
+#define OBJ_organizationName OBJ_X509,10L
+
+#define SN_organizationalUnitName "OU"
+#define LN_organizationalUnitName "organizationalUnitName"
+#define NID_organizationalUnitName 18
+#define OBJ_organizationalUnitName OBJ_X509,11L
+
+#define SN_rsa "RSA"
+#define LN_rsa "rsa"
+#define NID_rsa 19
+#define OBJ_rsa OBJ_X500,8L,1L,1L
+
+#define LN_pkcs7 "pkcs7"
+#define NID_pkcs7 20
+#define OBJ_pkcs7 OBJ_pkcs,7L
+
+#define LN_pkcs7_data "pkcs7-data"
+#define NID_pkcs7_data 21
+#define OBJ_pkcs7_data OBJ_pkcs7,1L
+
+#define LN_pkcs7_signed "pkcs7-signedData"
+#define NID_pkcs7_signed 22
+#define OBJ_pkcs7_signed OBJ_pkcs7,2L
+
+#define LN_pkcs7_enveloped "pkcs7-envelopedData"
+#define NID_pkcs7_enveloped 23
+#define OBJ_pkcs7_enveloped OBJ_pkcs7,3L
+
+#define LN_pkcs7_signedAndEnveloped "pkcs7-signedAndEnvelopedData"
+#define NID_pkcs7_signedAndEnveloped 24
+#define OBJ_pkcs7_signedAndEnveloped OBJ_pkcs7,4L
+
+#define LN_pkcs7_digest "pkcs7-digestData"
+#define NID_pkcs7_digest 25
+#define OBJ_pkcs7_digest OBJ_pkcs7,5L
+
+#define LN_pkcs7_encrypted "pkcs7-encryptedData"
+#define NID_pkcs7_encrypted 26
+#define OBJ_pkcs7_encrypted OBJ_pkcs7,6L
+
+#define LN_pkcs3 "pkcs3"
+#define NID_pkcs3 27
+#define OBJ_pkcs3 OBJ_pkcs,3L
+
+#define LN_dhKeyAgreement "dhKeyAgreement"
+#define NID_dhKeyAgreement 28
+#define OBJ_dhKeyAgreement OBJ_pkcs3,1L
+
+#define SN_des_ecb "DES-ECB"
+#define LN_des_ecb "des-ecb"
+#define NID_des_ecb 29
+#define OBJ_des_ecb OBJ_algorithm,6L
+
+#define SN_des_cfb64 "DES-CFB"
+#define LN_des_cfb64 "des-cfb"
+#define NID_des_cfb64 30
+/* IV + num */
+#define OBJ_des_cfb64 OBJ_algorithm,9L
+
+#define SN_des_cbc "DES-CBC"
+#define LN_des_cbc "des-cbc"
+#define NID_des_cbc 31
+/* IV */
+#define OBJ_des_cbc OBJ_algorithm,7L
+
+#define SN_des_ede "DES-EDE"
+#define LN_des_ede "des-ede"
+#define NID_des_ede 32
+/* ?? */
+#define OBJ_des_ede OBJ_algorithm,17L
+
+#define SN_des_ede3 "DES-EDE3"
+#define LN_des_ede3 "des-ede3"
+#define NID_des_ede3 33
+
+#define SN_idea_cbc "IDEA-CBC"
+#define LN_idea_cbc "idea-cbc"
+#define NID_idea_cbc 34
+
+#define SN_idea_cfb64 "IDEA-CFB"
+#define LN_idea_cfb64 "idea-cfb"
+#define NID_idea_cfb64 35
+
+#define SN_idea_ecb "IDEA-ECB"
+#define LN_idea_ecb "idea-ecb"
+#define NID_idea_ecb 36
+
+#define SN_rc2_cbc "RC2-CBC"
+#define LN_rc2_cbc "rc2-cbc"
+#define NID_rc2_cbc 37
+#define OBJ_rc2_cbc OBJ_rsadsi,3L,2L
+
+#define SN_rc2_ecb "RC2-ECB"
+#define LN_rc2_ecb "rc2-ecb"
+#define NID_rc2_ecb 38
+
+#define SN_rc2_cfb64 "RC2-CFB"
+#define LN_rc2_cfb64 "rc2-cfb"
+#define NID_rc2_cfb64 39
+
+#define SN_rc2_ofb64 "RC2-OFB"
+#define LN_rc2_ofb64 "rc2-ofb"
+#define NID_rc2_ofb64 40
+
+#define SN_sha "SHA"
+#define LN_sha "sha"
+#define NID_sha 41
+#define OBJ_sha OBJ_algorithm,18L
+
+#define SN_shaWithRSAEncryption "RSA-SHA"
+#define LN_shaWithRSAEncryption "shaWithRSAEncryption"
+#define NID_shaWithRSAEncryption 42
+#define OBJ_shaWithRSAEncryption OBJ_algorithm,15L
+
+#define SN_des_ede_cbc "DES-EDE-CBC"
+#define LN_des_ede_cbc "des-ede-cbc"
+#define NID_des_ede_cbc 43
+
+#define SN_des_ede3_cbc "DES-EDE3-CBC"
+#define LN_des_ede3_cbc "des-ede3-cbc"
+#define NID_des_ede3_cbc 44
+#define OBJ_des_ede3_cbc OBJ_rsadsi,3L,7L
+
+#define SN_des_ofb64 "DES-OFB"
+#define LN_des_ofb64 "des-ofb"
+#define NID_des_ofb64 45
+#define OBJ_des_ofb64 OBJ_algorithm,8L
+
+#define SN_idea_ofb64 "IDEA-OFB"
+#define LN_idea_ofb64 "idea-ofb"
+#define NID_idea_ofb64 46
+
+#define LN_pkcs9 "pkcs9"
+#define NID_pkcs9 47
+#define OBJ_pkcs9 OBJ_pkcs,9L
+
+#define SN_pkcs9_emailAddress "Email"
+#define LN_pkcs9_emailAddress "emailAddress"
+#define NID_pkcs9_emailAddress 48
+#define OBJ_pkcs9_emailAddress OBJ_pkcs9,1L
+
+#define LN_pkcs9_unstructuredName "unstructuredName"
+#define NID_pkcs9_unstructuredName 49
+#define OBJ_pkcs9_unstructuredName OBJ_pkcs9,2L
+
+#define LN_pkcs9_contentType "contentType"
+#define NID_pkcs9_contentType 50
+#define OBJ_pkcs9_contentType OBJ_pkcs9,3L
+
+#define LN_pkcs9_messageDigest "messageDigest"
+#define NID_pkcs9_messageDigest 51
+#define OBJ_pkcs9_messageDigest OBJ_pkcs9,4L
+
+#define LN_pkcs9_signingTime "signingTime"
+#define NID_pkcs9_signingTime 52
+#define OBJ_pkcs9_signingTime OBJ_pkcs9,5L
+
+#define LN_pkcs9_countersignature "countersignature"
+#define NID_pkcs9_countersignature 53
+#define OBJ_pkcs9_countersignature OBJ_pkcs9,6L
+
+#define LN_pkcs9_challengePassword "challengePassword"
+#define NID_pkcs9_challengePassword 54
+#define OBJ_pkcs9_challengePassword OBJ_pkcs9,7L
+
+#define LN_pkcs9_unstructuredAddress "unstructuredAddress"
+#define NID_pkcs9_unstructuredAddress 55
+#define OBJ_pkcs9_unstructuredAddress OBJ_pkcs9,8L
+
+#define LN_pkcs9_extCertAttributes "extendedCertificateAttributes"
+#define NID_pkcs9_extCertAttributes 56
+#define OBJ_pkcs9_extCertAttributes OBJ_pkcs9,9L
+
+#define SN_netscape "Netscape"
+#define LN_netscape "Netscape Communications Corp."
+#define NID_netscape 57
+#define OBJ_netscape 2L,16L,840L,1L,113730L
+
+#define SN_netscape_cert_extension "nsCertExt"
+#define LN_netscape_cert_extension "Netscape Certificate Extension"
+#define NID_netscape_cert_extension 58
+#define OBJ_netscape_cert_extension OBJ_netscape,1L
+
+#define SN_netscape_data_type "nsDataType"
+#define LN_netscape_data_type "Netscape Data Type"
+#define NID_netscape_data_type 59
+#define OBJ_netscape_data_type OBJ_netscape,2L
+
+#define SN_des_ede_cfb64 "DES-EDE-CFB"
+#define LN_des_ede_cfb64 "des-ede-cfb"
+#define NID_des_ede_cfb64 60
+
+#define SN_des_ede3_cfb64 "DES-EDE3-CFB"
+#define LN_des_ede3_cfb64 "des-ede3-cfb"
+#define NID_des_ede3_cfb64 61
+
+#define SN_des_ede_ofb64 "DES-EDE-OFB"
+#define LN_des_ede_ofb64 "des-ede-ofb"
+#define NID_des_ede_ofb64 62
+
+#define SN_des_ede3_ofb64 "DES-EDE3-OFB"
+#define LN_des_ede3_ofb64 "des-ede3-ofb"
+#define NID_des_ede3_ofb64 63
+
+/* I'm not sure about the object ID */
+#define SN_sha1 "SHA1"
+#define LN_sha1 "sha1"
+#define NID_sha1 64
+#define OBJ_sha1 OBJ_algorithm,26L
+/* 28 Jun 1996 - eay */
+/* #define OBJ_sha1 1L,3L,14L,2L,26L,05L <- wrong */
+
+#define SN_sha1WithRSAEncryption "RSA-SHA1"
+#define LN_sha1WithRSAEncryption "sha1WithRSAEncryption"
+#define NID_sha1WithRSAEncryption 65
+#define OBJ_sha1WithRSAEncryption OBJ_pkcs,1L,5L
+
+#define SN_dsaWithSHA "DSA-SHA"
+#define LN_dsaWithSHA "dsaWithSHA"
+#define NID_dsaWithSHA 66
+#define OBJ_dsaWithSHA OBJ_algorithm,13L
+
+#define SN_dsa "DSA"
+#define LN_dsa "dsaEncryption"
+#define NID_dsa 67
+#define OBJ_dsa OBJ_algorithm,12L
+
+/* proposed by microsoft to RSA */
+#define LN_pbeWithSHA1AndRC2_CBC "pbeWithSHA1AndRC2-CBC"
+#define NID_pbeWithSHA1AndRC2_CBC 68
+#define OBJ_pbeWithSHA1AndRC2_CBC OBJ_pkcs,5L,11L
+
+/* proposed by microsoft to RSA */
+#define LN_pbeWithSHA1AndRC4 "pbeWithSHA1AndRC4"
+#define NID_pbeWithSHA1AndRC4 69
+#define OBJ_pbeWithSHA1AndRC4 OBJ_pkcs,5L,12L
+
+#define SN_dsaWithSHA1 "DSA-SHA1"
+#define LN_dsaWithSHA1 "dsaWithSHA1"
+#define NID_dsaWithSHA1 70
+/* Got this one from 'sdn706r20.pdf' which is actually an NSA document :-) */
+#define OBJ_dsaWithSHA1 OBJ_algorithm,27L
+
+#define SN_netscape_cert_type "nsCertType"
+#define LN_netscape_cert_type "Netscape Cert Type"
+#define NID_netscape_cert_type 71
+#define OBJ_netscape_cert_type OBJ_netscape_cert_extension,1L
+
+#define SN_netscape_base_url "nsBaseUrl"
+#define LN_netscape_base_url "Netscape Base Url"
+#define NID_netscape_base_url 72
+#define OBJ_netscape_base_url OBJ_netscape_cert_extension,2L
+
+#define SN_netscape_revocation_url "nsRevocationUrl"
+#define LN_netscape_revocation_url "Netscape Revocation Url"
+#define NID_netscape_revocation_url 73
+#define OBJ_netscape_revocation_url OBJ_netscape_cert_extension,3L
+
+#define SN_netscape_ca_revocation_url "nsCaRevocationUrl"
+#define LN_netscape_ca_revocation_url "Netscape CA Revocation Url"
+#define NID_netscape_ca_revocation_url 74
+#define OBJ_netscape_ca_revocation_url OBJ_netscape_cert_extension,4L
+
+#define SN_netscape_renewal_url "nsRenewalUrl"
+#define LN_netscape_renewal_url "Netscape Renewal Url"
+#define NID_netscape_renewal_url 75
+#define OBJ_netscape_renewal_url OBJ_netscape_cert_extension,7L
+
+#define SN_netscape_ca_policy_url "nsCaPolicyUrl"
+#define LN_netscape_ca_policy_url "Netscape CA Policy Url"
+#define NID_netscape_ca_policy_url 76
+#define OBJ_netscape_ca_policy_url OBJ_netscape_cert_extension,8L
+
+#define SN_netscape_ssl_server_name "nsSslServerName"
+#define LN_netscape_ssl_server_name "Netscape SSL Server Name"
+#define NID_netscape_ssl_server_name 77
+#define OBJ_netscape_ssl_server_name OBJ_netscape_cert_extension,12L
+
+#define SN_netscape_comment "nsComment"
+#define LN_netscape_comment "Netscape Comment"
+#define NID_netscape_comment 78
+#define OBJ_netscape_comment OBJ_netscape_cert_extension,13L
+
+#define SN_netscape_cert_sequence "nsCertSequence"
+#define LN_netscape_cert_sequence "Netscape Certificate Sequence"
+#define NID_netscape_cert_sequence 79
+#define OBJ_netscape_cert_sequence OBJ_netscape_data_type,5L
+
+#define SN_desx_cbc "DESX-CBC"
+#define LN_desx_cbc "desx-cbc"
+#define NID_desx_cbc 80
+
+#define SN_ld_ce "ld-ce"
+#define NID_ld_ce 81
+#define OBJ_ld_ce 2L,5L,29L
+
+#define SN_subject_key_identifier "subjectKeyIdentifier"
+#define LN_subject_key_identifier "X509v3 Subject Key Identifier"
+#define NID_subject_key_identifier 82
+#define OBJ_subject_key_identifier OBJ_ld_ce,14L
+
+#define SN_key_usage "keyUsage"
+#define LN_key_usage "X509v3 Key Usage"
+#define NID_key_usage 83
+#define OBJ_key_usage OBJ_ld_ce,15L
+
+#define SN_private_key_usage_period "privateKeyUsagePeriod"
+#define LN_private_key_usage_period "X509v3 Private Key Usage Period"
+#define NID_private_key_usage_period 84
+#define OBJ_private_key_usage_period OBJ_ld_ce,16L
+
+#define SN_subject_alt_name "subjectAltName"
+#define LN_subject_alt_name "X509v3 Subject Alternative Name"
+#define NID_subject_alt_name 85
+#define OBJ_subject_alt_name OBJ_ld_ce,17L
+
+#define SN_issuer_alt_name "issuerAltName"
+#define LN_issuer_alt_name "X509v3 Issuer Alternative Name"
+#define NID_issuer_alt_name 86
+#define OBJ_issuer_alt_name OBJ_ld_ce,18L
+
+#define SN_basic_constraints "basicConstraints"
+#define LN_basic_constraints "X509v3 Basic Constraints"
+#define NID_basic_constraints 87
+#define OBJ_basic_constraints OBJ_ld_ce,19L
+
+#define SN_crl_number "crlNumber"
+#define LN_crl_number "X509v3 CRL Number"
+#define NID_crl_number 88
+#define OBJ_crl_number OBJ_ld_ce,20L
+
+#define SN_certificate_policies "certificatePolicies"
+#define LN_certificate_policies "X509v3 Certificate Policies"
+#define NID_certificate_policies 89
+#define OBJ_certificate_policies OBJ_ld_ce,32L
+
+#define SN_authority_key_identifier "authorityKeyIdentifier"
+#define LN_authority_key_identifier "X509v3 Authority Key Identifier"
+#define NID_authority_key_identifier 90
+#define OBJ_authority_key_identifier OBJ_ld_ce,35L
+
+#define SN_bf_cbc "BF-CBC"
+#define LN_bf_cbc "bf-cbc"
+#define NID_bf_cbc 91
+
+#define SN_bf_ecb "BF-ECB"
+#define LN_bf_ecb "bf-ecb"
+#define NID_bf_ecb 92
+
+#define SN_bf_cfb64 "BF-CFB"
+#define LN_bf_cfb64 "bf-cfb"
+#define NID_bf_cfb64 93
+
+#define SN_bf_ofb64 "BF-OFB"
+#define LN_bf_ofb64 "bf-ofb"
+#define NID_bf_ofb64 94
+
+#define SN_mdc2 "MDC2"
+#define LN_mdc2 "mdc2"
+#define NID_mdc2 95
+#define OBJ_mdc2 2L,5L,8L,3L,101L
+
+#define SN_mdc2WithRSA "RSA-MDC2"
+#define LN_mdc2WithRSA "mdc2withRSA"
+#define NID_mdc2WithRSA 96
+#define OBJ_mdc2WithRSA 2L,5L,8L,3L,100L
+
+#include "asn1.h"
+
+#ifndef NOPROTO
+
+ASN1_OBJECT * OBJ_dup(ASN1_OBJECT *o);
+ASN1_OBJECT * OBJ_nid2obj(int n);
+char * OBJ_nid2ln(int n);
+char * OBJ_nid2sn(int n);
+int OBJ_obj2nid(ASN1_OBJECT *o);
+int OBJ_txt2nid(char *s);
+int OBJ_ln2nid(char *s);
+int OBJ_sn2nid(char *s);
+int OBJ_cmp(ASN1_OBJECT *a,ASN1_OBJECT *b);
+char * OBJ_bsearch(char *key,char *base,int num,int size,int (*cmp)());
+
+void ERR_load_OBJ_strings(void );
+
+int OBJ_new_nid(int num);
+int OBJ_add_object(ASN1_OBJECT *obj);
+int OBJ_create_and_add_object(char *oid,char *sn,char *ln);
+
+void OBJ_cleanup(void );
+
+#else
+
+ASN1_OBJECT * OBJ_dup();
+ASN1_OBJECT * OBJ_nid2obj();
+char * OBJ_nid2ln();
+char * OBJ_nid2sn();
+int OBJ_obj2nid();
+int OBJ_txt2nid();
+int OBJ_ln2nid();
+int OBJ_sn2nid();
+int OBJ_cmp();
+char * OBJ_bsearch();
+
+void ERR_load_OBJ_strings();
+
+int OBJ_new_nid();
+int OBJ_add_object();
+int OBJ_create_and_add_object();
+void OBJ_cleanup();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the OBJ functions. */
+
+/* Function codes. */
+#define OBJ_F_OBJ_CREATE_AND_ADD_OBJECT 100
+#define OBJ_F_OBJ_DUP 101
+#define OBJ_F_OBJ_NID2LN 102
+#define OBJ_F_OBJ_NID2OBJ 103
+#define OBJ_F_OBJ_NID2SN 104
+
+/* Reason codes. */
+#define OBJ_R_MALLOC_FAILURE 100
+#define OBJ_R_UNKNOWN_NID 101
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
new file mode 100644
index 0000000..cb276e9
--- /dev/null
+++ b/crypto/objects/objects.txt
@@ -0,0 +1,40 @@
+1 2 : ISO member bodies
+1 2 840 : US (ANSI)
+1 2 840 113549 : rsadsi : RSA Data Security, Inc.
+1 2 840 113549 1 : pkcs : RSA Data Security, Inc. PKCS
+1 2 840 113549 1 1 1 : rsaEncryption
+1 2 840 113549 1 1 2 : md2withRSAEncryption
+1 2 840 113549 1 1 4 : md5withRSAEncryption
+1 2 840 113549 1 7 : pkcs-7
+1 2 840 113549 1 7 1 : pkcs-7-data
+1 2 840 113549 1 7 2 : pkcs-7-signedData
+1 2 840 113549 1 7 3 : pkcs-7-envelopedData
+1 2 840 113549 1 7 4 : pkcs-7-signedAndEnvelopedData
+1 2 840 113549 1 7 5 : pkcs-7-digestData
+1 2 840 113549 1 7 6 : pkcs-7-encryptedData
+1 2 840 113549 2 2 : md2
+1 2 840 113549 2 4 : md4
+1 2 840 113549 2 5 : md5
+1 2 840 113549 3 4 : rc4
+1 2 840 113549 5 1 : pbeWithMD2AndDES_CBC
+1 2 840 113549 5 3 : pbeWithMD5AndDES_CBC
+2 5 : X500 : directory services (X.500)
+2 5 4 : X509
+2 5 4 3 : commonName
+2 5 4 6 : countryName
+2 5 4 7 : localityName
+2 5 4 8 : stateOrProvinceName
+2 5 4 10 : organizationName
+2 5 4 11 : organizationalUnitName
+2 5 8 : directory services - algorithms
+2 5 8 1 1 : rsa
+
+algorithm 18 : sha
+encryptionAlgorithm 1 : rsa
+algorithm 11 : rsaSignature
+
+algorithm 6 : desECB
+algorithm 7 : desCBC
+algorithm 8 : desOFB
+algorithm 9 : desCFB
+algorithm 17 : desEDE2
diff --git a/crypto/pem/Makefile.ssl b/crypto/pem/Makefile.ssl
new file mode 100644
index 0000000..447fcb4
--- /dev/null
+++ b/crypto/pem/Makefile.ssl
@@ -0,0 +1,96 @@
+#
+# SSLeay/crypto/pem/Makefile
+#
+
+DIR= pem
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=pem
+ERRC=pem_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+CTX_SIZE= ctx_size
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pem_sign.c pem_seal.c pem_info.c pem_lib.c pem_all.c $(ERRC).c
+
+LIBOBJ= pem_sign.o pem_seal.o pem_info.o pem_lib.o pem_all.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pem.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: pem.h lib
+
+pem.h: $(CTX_SIZE)
+ ./$(CTX_SIZE) <pem.org >pem.new
+ if [ -f pem.h ]; then mv -f pem.h pem.old; fi
+ mv -f pem.new pem.h
+
+$(CTX_SIZE): $(CTX_SIZE).o
+ $(CC) $(CFLAGS) -o $(CTX_SIZE) $(CTX_SIZE).o
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(CTX_SIZE).c $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f $(CTX_SIZE) *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).org # SPECIAL CASE .org
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/pem/ctx_size.c b/crypto/pem/ctx_size.c
new file mode 100644
index 0000000..c9e2ce6
--- /dev/null
+++ b/crypto/pem/ctx_size.c
@@ -0,0 +1,122 @@
+/* crypto/pem/ctx_size.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,j;
+ char buf[256];
+
+ for (;;)
+ {
+ char *str;
+ buf[0]='\0';
+ fgets(buf,256,stdin);
+ if (buf[0] == '\0') break;
+
+ str="#define EVP_ENCODE_CTX_SIZE ";
+ if (strncmp(buf,str,strlen(str)) == 0)
+ {
+ printf("%s %d\n",str,(int)sizeof(EVP_ENCODE_CTX));
+ continue;
+ }
+ str="#define EVP_MD_SIZE ";
+ if (strncmp(buf,str,strlen(str)) == 0)
+ {
+ printf("%s %d\n",str,(int)sizeof(EVP_MD));
+ continue;
+ }
+ str="#define EVP_MD_CTX_SIZE ";
+ if (strncmp(buf,str,strlen(str)) == 0)
+ {
+ printf("%s %d\n",str,(int)sizeof(EVP_MD_CTX));
+ continue;
+ }
+ str="#define EVP_CIPHER_SIZE ";
+ if (strncmp(buf,str,strlen(str)) == 0)
+ {
+ printf("%s %d\n",str,(int)sizeof(EVP_CIPHER));
+ continue;
+ }
+ str="#define EVP_CIPHER_CTX_SIZE ";
+ if (strncmp(buf,str,strlen(str)) == 0)
+ {
+ printf("%s %d\n",str,(int)sizeof(EVP_CIPHER_CTX));
+ continue;
+ }
+
+ str="#define EVP_MAX_MD_SIZE ";
+ if (strncmp(buf,str,strlen(str)) == 0)
+ {
+ i=MD2_DIGEST_LENGTH;
+ j=MD5_DIGEST_LENGTH;
+ if (j > i) i=j;
+ j=SHA_DIGEST_LENGTH;
+ if (j > i) i=j;
+ printf("%s %d\n",str,i);
+ continue;
+ }
+ fputs(buf,stdout);
+ }
+ exit(0);
+ }
diff --git a/crypto/pem/message b/crypto/pem/message
new file mode 100644
index 0000000..e8bf9d7
--- /dev/null
+++ b/crypto/pem/message
@@ -0,0 +1,16 @@
+-----BEGIN PRIVACY-ENHANCED MESSAGE-----
+Proc-Type: 4,ENCRYPTED
+Proc-Type: 4,MIC-ONLY
+Proc-Type: 4,MIC-CLEAR
+Content-Domain: RFC822
+DEK-Info: DES-CBC,0123456789abcdef
+Originator-Certificate
+ xxxx
+Issuer-Certificate
+ xxxx
+MIC-Info: RSA-MD5,RSA,
+ xxxx
+
+
+-----END PRIVACY-ENHANCED MESSAGE-----
+
diff --git a/crypto/pem/pem.err b/crypto/pem/pem.err
new file mode 100644
index 0000000..0e523ab
--- /dev/null
+++ b/crypto/pem/pem.err
@@ -0,0 +1,38 @@
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK 100
+#define PEM_F_LOAD_IV 101
+#define PEM_F_PEM_ASN1_READ 102
+#define PEM_F_PEM_ASN1_READ_BIO 103
+#define PEM_F_PEM_ASN1_WRITE 104
+#define PEM_F_PEM_ASN1_WRITE_BIO 105
+#define PEM_F_PEM_DO_HEADER 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+#define PEM_F_PEM_READ 108
+#define PEM_F_PEM_READ_BIO 109
+#define PEM_F_PEM_SEALFINAL 110
+#define PEM_F_PEM_SEALINIT 111
+#define PEM_F_PEM_SIGNFINAL 112
+#define PEM_F_PEM_WRITE 113
+#define PEM_F_PEM_WRITE_BIO 114
+#define PEM_F_PEM_X509_INFO_READ 115
+#define PEM_F_PEM_X509_INFO_READ_BIO 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE 100
+#define PEM_R_BAD_DECRYPT 101
+#define PEM_R_BAD_END_LINE 102
+#define PEM_R_BAD_IV_CHARS 103
+#define PEM_R_BAD_PASSWORD_READ 104
+#define PEM_R_NOT_DEK_INFO 105
+#define PEM_R_NOT_ENCRYPTED 106
+#define PEM_R_NOT_PROC_TYPE 107
+#define PEM_R_NO_START_LINE 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+#define PEM_R_PUBLIC_KEY_NO_RSA 110
+#define PEM_R_READ_KEY 111
+#define PEM_R_SHORT_HEADER 112
+#define PEM_R_UNSUPPORTED_CIPHER 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION 114
diff --git a/crypto/pem/pem.h b/crypto/pem/pem.h
new file mode 100644
index 0000000..3895250
--- /dev/null
+++ b/crypto/pem/pem.h
@@ -0,0 +1,562 @@
+/* crypto/pem/pem.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify pem.org since pem.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_PEM_H
+#define HEADER_PEM_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+#include "x509.h"
+
+#define PEM_OBJ_UNDEF 0
+#define PEM_OBJ_X509 1
+#define PEM_OBJ_X509_REQ 2
+#define PEM_OBJ_CRL 3
+#define PEM_OBJ_SSL_SESSION 4
+#define PEM_OBJ_PRIV_KEY 10
+#define PEM_OBJ_PRIV_RSA 11
+#define PEM_OBJ_PRIV_DSA 12
+#define PEM_OBJ_PRIV_DH 13
+#define PEM_OBJ_PUB_RSA 14
+#define PEM_OBJ_PUB_DSA 15
+#define PEM_OBJ_PUB_DH 16
+#define PEM_OBJ_DHPARAMS 17
+#define PEM_OBJ_DSAPARAMS 18
+#define PEM_OBJ_PRIV_RSA_PUBLIC 19
+
+#define PEM_ERROR 30
+#define PEM_DEK_DES_CBC 40
+#define PEM_DEK_IDEA_CBC 45
+#define PEM_DEK_DES_EDE 50
+#define PEM_DEK_DES_ECB 60
+#define PEM_DEK_RSA 70
+#define PEM_DEK_RSA_MD2 80
+#define PEM_DEK_RSA_MD5 90
+
+#define PEM_MD_MD2 NID_md2
+#define PEM_MD_MD5 NID_md5
+#define PEM_MD_SHA NID_sha
+#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
+#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
+#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
+
+#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
+#define PEM_STRING_X509 "CERTIFICATE"
+#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
+#define PEM_STRING_X509_CRL "X509 CRL"
+#define PEM_STRING_EVP_PKEY "PRIVATE KEY"
+#define PEM_STRING_RSA "RSA PRIVATE KEY"
+#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
+#define PEM_STRING_DSA "DSA PRIVATE KEY"
+#define PEM_STRING_PKCS7 "PKCS7"
+#define PEM_STRING_DHPARAMS "DH PARAMETERS"
+#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
+#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
+
+#ifndef HEADER_ENVELOPE_H
+
+#define EVP_ENCODE_CTX_SIZE 92
+#define EVP_MD_SIZE 48
+#define EVP_MD_CTX_SIZE 152
+#define EVP_CIPHER_SIZE 28
+#define EVP_CIPHER_CTX_SIZE 4212
+#define EVP_MAX_MD_SIZE 20
+
+typedef struct evp_encode_ctx_st
+ {
+ char data[EVP_ENCODE_CTX_SIZE];
+ } EVP_ENCODE_CTX;
+
+typedef struct env_md_ctx_st
+ {
+ char data[EVP_MD_CTX_SIZE];
+ } EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+ {
+ char data[EVP_CIPHER_SIZE];
+ } EVP_CIPHER;
+
+typedef struct evp_cipher_ctx_st
+ {
+ char data[EVP_CIPHER_CTX_SIZE];
+ } EVP_CIPHER_CTX;
+#endif
+
+
+typedef struct PEM_Encode_Seal_st
+ {
+ EVP_ENCODE_CTX encode;
+ EVP_MD_CTX md;
+ EVP_CIPHER_CTX cipher;
+ } PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+#define PEM_TYPE_ENCRYPTED 10
+#define PEM_TYPE_MIC_ONLY 20
+#define PEM_TYPE_MIC_CLEAR 30
+#define PEM_TYPE_CLEAR 40
+
+typedef struct pem_recip_st
+ {
+ char *name;
+ X509_NAME *dn;
+
+ int cipher;
+ int key_enc;
+ char iv[8];
+ } PEM_USER;
+
+typedef struct pem_ctx_st
+ {
+ int type; /* what type of object */
+
+ struct {
+ int version;
+ int mode;
+ } proc_type;
+
+ char *domain;
+
+ struct {
+ int cipher;
+ unsigned char iv[8];
+ } DEK_info;
+
+ PEM_USER *originator;
+
+ int num_recipient;
+ PEM_USER **recipient;
+
+#ifdef HEADER_STACK_H
+ STACK *x509_chain; /* certificate chain */
+#else
+ char *x509_chain; /* certificate chain */
+#endif
+ EVP_MD *md; /* signature type */
+
+ int md_enc; /* is the md encrypted or not? */
+ int md_len; /* length of md_data */
+ char *md_data; /* message digest, could be pkey encrypted */
+
+ EVP_CIPHER *dec; /* date encryption cipher */
+ int key_len; /* key length */
+ unsigned char *key; /* key */
+ unsigned char iv[8]; /* the iv */
+
+
+ int data_enc; /* is the data encrypted */
+ int data_len;
+ unsigned char *data;
+ } PEM_CTX;
+
+#ifdef SSLEAY_MACROS
+
+#define PEM_write_SSL_SESSION(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
+ (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
+ NULL,NULL,0,NULL)
+#define PEM_write_X509_CRL(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
+ fp,(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
+ (char *)x,enc,kstr,klen,cb)
+#define PEM_write_RSAPublicKey(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
+ PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
+ (char *)x,enc,kstr,klen,cb)
+#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_PrivateKey,\
+ (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_PKCS7(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_DHparams(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
+ (char *)x,NULL,NULL,0,NULL)
+
+#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb)
+#define PEM_read_X509_REQ(fp,x,cb) (X509_REQ *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb)
+#define PEM_read_X509_CRL(fp,x,cb) (X509_CRL *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb)
+#define PEM_read_RSAPrivateKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb)
+#define PEM_read_RSAPublicKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)
+#define PEM_read_DSAPrivateKey(fp,x,cb) (DSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb)
+#define PEM_read_PrivateKey(fp,x,cb) (EVP_PKEY *)PEM_ASN1_read( \
+ (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb)
+#define PEM_read_PKCS7(fp,x,cb) (PKCS7 *)PEM_ASN1_read( \
+ (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb)
+#define PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \
+ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb)
+
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
+ (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
+ NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_CRL(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
+ bp,(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_RSAPublicKey(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
+ PEM_STRING_RSA_PUBLIC,\
+ bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
+ (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PKCS7(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_DHparams(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
+ bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAparams(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
+ PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL)
+
+#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb)
+#define PEM_read_bio_X509_REQ(bp,x,cb) (X509_REQ *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb)
+#define PEM_read_bio_X509_CRL(bp,x,cb) (X509_CRL *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb)
+#define PEM_read_bio_RSAPrivateKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb)
+#define PEM_read_bio_RSAPublicKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)
+#define PEM_read_bio_DSAPrivateKey(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb)
+#define PEM_read_bio_PrivateKey(bp,x,cb) (EVP_PKEY *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb)
+
+#define PEM_read_bio_PKCS7(bp,x,cb) (PKCS7 *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb)
+#define PEM_read_bio_DHparams(bp,x,cb) (DH *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb)
+#define PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb)
+
+#endif
+
+#ifndef NOPROTO
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+ int (*callback)());
+
+#ifdef HEADER_BIO_H
+int PEM_read_bio(BIO *bp, char **name, char **header,
+ unsigned char **data,long *len);
+int PEM_write_bio(BIO *bp,char *name,char *hdr,unsigned char *data,
+ long len);
+char * PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,
+ int (*cb)());
+int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK * PEM_X509_INFO_read_bio(BIO *bp, STACK *sk, int (*cb)());
+int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
+ unsigned char *kstr, int klen, int (*cb)());
+#endif
+
+#ifndef WIN16
+int PEM_read(FILE *fp, char **name, char **header,
+ unsigned char **data,long *len);
+int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
+char * PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,
+ int (*cb)());
+int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK * PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+#endif
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+ EVP_MD *md_type, unsigned char **ek, int *ekl,
+ unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+ unsigned char *in, int inl);
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
+ unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey);
+
+void ERR_load_PEM_strings(void);
+
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, char *type, int len, char *str);
+
+#ifndef SSLEAY_MACROS
+
+#ifndef WIN16
+X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)());
+RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)());
+DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
+DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
+DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+int PEM_write_X509(FILE *fp,X509 *x);
+int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
+int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+ int klen,int (*cb)());
+int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
+int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+ int klen,int (*cb)());
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
+int PEM_write_DHparams(FILE *fp,DH *x);
+int PEM_write_DSAparams(FILE *fp,DSA *x);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)());
+RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
+DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
+int PEM_write_bio_X509(BIO *bp,X509 *x);
+int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
+int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x);
+int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
+int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
+int PEM_write_bio_DHparams(BIO *bp,DH *x);
+int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
+#endif
+
+#endif /* SSLEAY_MACROS */
+
+
+#else
+
+int PEM_get_EVP_CIPHER_INFO();
+int PEM_do_header();
+int PEM_read_bio();
+int PEM_write_bio();
+#ifndef WIN16
+int PEM_read();
+int PEM_write();
+STACK * PEM_X509_INFO_read();
+char * PEM_ASN1_read();
+int PEM_ASN1_write();
+#endif
+STACK * PEM_X509_INFO_read_bio();
+int PEM_X509_INFO_write_bio();
+char * PEM_ASN1_read_bio();
+int PEM_ASN1_write_bio();
+int PEM_SealInit();
+void PEM_SealUpdate();
+int PEM_SealFinal();
+int PEM_SignFinal();
+
+void ERR_load_PEM_strings();
+
+void PEM_proc_type();
+void PEM_dek_info();
+
+#ifndef SSLEAY_MACROS
+#ifndef WIN16
+X509 *PEM_read_X509();
+X509_REQ *PEM_read_X509_REQ();
+X509_CRL *PEM_read_X509_CRL();
+RSA *PEM_read_RSAPrivateKey();
+RSA *PEM_read_RSAPublicKey();
+DSA *PEM_read_DSAPrivateKey();
+EVP_PKEY *PEM_read_PrivateKey();
+PKCS7 *PEM_read_PKCS7();
+DH *PEM_read_DHparams();
+DSA *PEM_read_DSAparams();
+int PEM_write_X509();
+int PEM_write_X509_REQ();
+int PEM_write_X509_CRL();
+int PEM_write_RSAPrivateKey();
+int PEM_write_RSAPublicKey();
+int PEM_write_DSAPrivateKey();
+int PEM_write_PrivateKey();
+int PEM_write_PKCS7();
+int PEM_write_DHparams();
+int PEM_write_DSAparams();
+#endif
+
+X509 *PEM_read_bio_X509();
+X509_REQ *PEM_read_bio_X509_REQ();
+X509_CRL *PEM_read_bio_X509_CRL();
+RSA *PEM_read_bio_RSAPrivateKey();
+RSA *PEM_read_bio_RSAPublicKey();
+DSA *PEM_read_bio_DSAPrivateKey();
+EVP_PKEY *PEM_read_bio_PrivateKey();
+PKCS7 *PEM_read_bio_PKCS7();
+DH *PEM_read_bio_DHparams();
+DSA *PEM_read_bio_DSAparams();
+int PEM_write_bio_X509();
+int PEM_write_bio_X509_REQ();
+int PEM_write_bio_X509_CRL();
+int PEM_write_bio_RSAPrivateKey();
+int PEM_write_bio_RSAPublicKey();
+int PEM_write_bio_DSAPrivateKey();
+int PEM_write_bio_PrivateKey();
+int PEM_write_bio_PKCS7();
+int PEM_write_bio_DHparams();
+int PEM_write_bio_DSAparams();
+
+#endif /* SSLEAY_MACROS */
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK 100
+#define PEM_F_LOAD_IV 101
+#define PEM_F_PEM_ASN1_READ 102
+#define PEM_F_PEM_ASN1_READ_BIO 103
+#define PEM_F_PEM_ASN1_WRITE 104
+#define PEM_F_PEM_ASN1_WRITE_BIO 105
+#define PEM_F_PEM_DO_HEADER 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+#define PEM_F_PEM_READ 108
+#define PEM_F_PEM_READ_BIO 109
+#define PEM_F_PEM_SEALFINAL 110
+#define PEM_F_PEM_SEALINIT 111
+#define PEM_F_PEM_SIGNFINAL 112
+#define PEM_F_PEM_WRITE 113
+#define PEM_F_PEM_WRITE_BIO 114
+#define PEM_F_PEM_X509_INFO_READ 115
+#define PEM_F_PEM_X509_INFO_READ_BIO 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE 100
+#define PEM_R_BAD_DECRYPT 101
+#define PEM_R_BAD_END_LINE 102
+#define PEM_R_BAD_IV_CHARS 103
+#define PEM_R_BAD_PASSWORD_READ 104
+#define PEM_R_NOT_DEK_INFO 105
+#define PEM_R_NOT_ENCRYPTED 106
+#define PEM_R_NOT_PROC_TYPE 107
+#define PEM_R_NO_START_LINE 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+#define PEM_R_PUBLIC_KEY_NO_RSA 110
+#define PEM_R_READ_KEY 111
+#define PEM_R_SHORT_HEADER 112
+#define PEM_R_UNSUPPORTED_CIPHER 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION 114
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/pem/pem.org b/crypto/pem/pem.org
new file mode 100644
index 0000000..3895250
--- /dev/null
+++ b/crypto/pem/pem.org
@@ -0,0 +1,562 @@
+/* crypto/pem/pem.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify pem.org since pem.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_PEM_H
+#define HEADER_PEM_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "evp.h"
+#include "x509.h"
+
+#define PEM_OBJ_UNDEF 0
+#define PEM_OBJ_X509 1
+#define PEM_OBJ_X509_REQ 2
+#define PEM_OBJ_CRL 3
+#define PEM_OBJ_SSL_SESSION 4
+#define PEM_OBJ_PRIV_KEY 10
+#define PEM_OBJ_PRIV_RSA 11
+#define PEM_OBJ_PRIV_DSA 12
+#define PEM_OBJ_PRIV_DH 13
+#define PEM_OBJ_PUB_RSA 14
+#define PEM_OBJ_PUB_DSA 15
+#define PEM_OBJ_PUB_DH 16
+#define PEM_OBJ_DHPARAMS 17
+#define PEM_OBJ_DSAPARAMS 18
+#define PEM_OBJ_PRIV_RSA_PUBLIC 19
+
+#define PEM_ERROR 30
+#define PEM_DEK_DES_CBC 40
+#define PEM_DEK_IDEA_CBC 45
+#define PEM_DEK_DES_EDE 50
+#define PEM_DEK_DES_ECB 60
+#define PEM_DEK_RSA 70
+#define PEM_DEK_RSA_MD2 80
+#define PEM_DEK_RSA_MD5 90
+
+#define PEM_MD_MD2 NID_md2
+#define PEM_MD_MD5 NID_md5
+#define PEM_MD_SHA NID_sha
+#define PEM_MD_MD2_RSA NID_md2WithRSAEncryption
+#define PEM_MD_MD5_RSA NID_md5WithRSAEncryption
+#define PEM_MD_SHA_RSA NID_sha1WithRSAEncryption
+
+#define PEM_STRING_X509_OLD "X509 CERTIFICATE"
+#define PEM_STRING_X509 "CERTIFICATE"
+#define PEM_STRING_X509_REQ_OLD "NEW CERTIFICATE REQUEST"
+#define PEM_STRING_X509_REQ "CERTIFICATE REQUEST"
+#define PEM_STRING_X509_CRL "X509 CRL"
+#define PEM_STRING_EVP_PKEY "PRIVATE KEY"
+#define PEM_STRING_RSA "RSA PRIVATE KEY"
+#define PEM_STRING_RSA_PUBLIC "RSA PUBLIC KEY"
+#define PEM_STRING_DSA "DSA PRIVATE KEY"
+#define PEM_STRING_PKCS7 "PKCS7"
+#define PEM_STRING_DHPARAMS "DH PARAMETERS"
+#define PEM_STRING_SSL_SESSION "SSL SESSION PARAMETERS"
+#define PEM_STRING_DSAPARAMS "DSA PARAMETERS"
+
+#ifndef HEADER_ENVELOPE_H
+
+#define EVP_ENCODE_CTX_SIZE 92
+#define EVP_MD_SIZE 48
+#define EVP_MD_CTX_SIZE 152
+#define EVP_CIPHER_SIZE 28
+#define EVP_CIPHER_CTX_SIZE 4212
+#define EVP_MAX_MD_SIZE 20
+
+typedef struct evp_encode_ctx_st
+ {
+ char data[EVP_ENCODE_CTX_SIZE];
+ } EVP_ENCODE_CTX;
+
+typedef struct env_md_ctx_st
+ {
+ char data[EVP_MD_CTX_SIZE];
+ } EVP_MD_CTX;
+
+typedef struct evp_cipher_st
+ {
+ char data[EVP_CIPHER_SIZE];
+ } EVP_CIPHER;
+
+typedef struct evp_cipher_ctx_st
+ {
+ char data[EVP_CIPHER_CTX_SIZE];
+ } EVP_CIPHER_CTX;
+#endif
+
+
+typedef struct PEM_Encode_Seal_st
+ {
+ EVP_ENCODE_CTX encode;
+ EVP_MD_CTX md;
+ EVP_CIPHER_CTX cipher;
+ } PEM_ENCODE_SEAL_CTX;
+
+/* enc_type is one off */
+#define PEM_TYPE_ENCRYPTED 10
+#define PEM_TYPE_MIC_ONLY 20
+#define PEM_TYPE_MIC_CLEAR 30
+#define PEM_TYPE_CLEAR 40
+
+typedef struct pem_recip_st
+ {
+ char *name;
+ X509_NAME *dn;
+
+ int cipher;
+ int key_enc;
+ char iv[8];
+ } PEM_USER;
+
+typedef struct pem_ctx_st
+ {
+ int type; /* what type of object */
+
+ struct {
+ int version;
+ int mode;
+ } proc_type;
+
+ char *domain;
+
+ struct {
+ int cipher;
+ unsigned char iv[8];
+ } DEK_info;
+
+ PEM_USER *originator;
+
+ int num_recipient;
+ PEM_USER **recipient;
+
+#ifdef HEADER_STACK_H
+ STACK *x509_chain; /* certificate chain */
+#else
+ char *x509_chain; /* certificate chain */
+#endif
+ EVP_MD *md; /* signature type */
+
+ int md_enc; /* is the md encrypted or not? */
+ int md_len; /* length of md_data */
+ char *md_data; /* message digest, could be pkey encrypted */
+
+ EVP_CIPHER *dec; /* date encryption cipher */
+ int key_len; /* key length */
+ unsigned char *key; /* key */
+ unsigned char iv[8]; /* the iv */
+
+
+ int data_enc; /* is the data encrypted */
+ int data_len;
+ unsigned char *data;
+ } PEM_CTX;
+
+#ifdef SSLEAY_MACROS
+
+#define PEM_write_SSL_SESSION(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_X509_REQ(fp,x) PEM_ASN1_write( \
+ (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,(char *)x, \
+ NULL,NULL,0,NULL)
+#define PEM_write_X509_CRL(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL, \
+ fp,(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,\
+ (char *)x,enc,kstr,klen,cb)
+#define PEM_write_RSAPublicKey(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_RSAPublicKey,\
+ PEM_STRING_RSA_PUBLIC,fp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,\
+ (char *)x,enc,kstr,klen,cb)
+#define PEM_write_PrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write((int (*)())i2d_PrivateKey,\
+ (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_PKCS7(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_DHparams(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,\
+ (char *)x,NULL,NULL,0,NULL)
+
+#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define PEM_read_X509(fp,x,cb) (X509 *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509,PEM_STRING_X509,fp,(char **)x,cb)
+#define PEM_read_X509_REQ(fp,x,cb) (X509_REQ *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,fp,(char **)x,cb)
+#define PEM_read_X509_CRL(fp,x,cb) (X509_CRL *)PEM_ASN1_read( \
+ (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,fp,(char **)x,cb)
+#define PEM_read_RSAPrivateKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,fp,(char **)x,cb)
+#define PEM_read_RSAPublicKey(fp,x,cb) (RSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb)
+#define PEM_read_DSAPrivateKey(fp,x,cb) (DSA *)PEM_ASN1_read( \
+ (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,fp,(char **)x,cb)
+#define PEM_read_PrivateKey(fp,x,cb) (EVP_PKEY *)PEM_ASN1_read( \
+ (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,fp,(char **)x,cb)
+#define PEM_read_PKCS7(fp,x,cb) (PKCS7 *)PEM_ASN1_read( \
+ (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,fp,(char **)x,cb)
+#define PEM_read_DHparams(fp,x,cb) (DH *)PEM_ASN1_read( \
+ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,fp,(char **)x,cb)
+
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_REQ(bp,x) PEM_ASN1_write_bio( \
+ (int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,bp,(char *)x, \
+ NULL,NULL,0,NULL)
+#define PEM_write_bio_X509_CRL(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,\
+ bp,(char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_RSAPublicKey(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey, \
+ PEM_STRING_RSA_PUBLIC,\
+ bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb) \
+ PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,\
+ (((x)->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),\
+ bp,(char *)x,enc,kstr,klen,cb)
+#define PEM_write_bio_PKCS7(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp, \
+ (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_DHparams(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,\
+ bp,(char *)x,NULL,NULL,0,NULL)
+#define PEM_write_bio_DSAparams(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_DSAparams, \
+ PEM_STRING_DSAPARAMS,bp,(char *)x,NULL,NULL,0,NULL)
+
+#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define PEM_read_bio_X509(bp,x,cb) (X509 *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509,PEM_STRING_X509,bp,(char **)x,cb)
+#define PEM_read_bio_X509_REQ(bp,x,cb) (X509_REQ *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509_REQ,PEM_STRING_X509_REQ,bp,(char **)x,cb)
+#define PEM_read_bio_X509_CRL(bp,x,cb) (X509_CRL *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_X509_CRL,PEM_STRING_X509_CRL,bp,(char **)x,cb)
+#define PEM_read_bio_RSAPrivateKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_RSAPrivateKey,PEM_STRING_RSA,bp,(char **)x,cb)
+#define PEM_read_bio_RSAPublicKey(bp,x,cb) (RSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_RSAPublicKey,PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb)
+#define PEM_read_bio_DSAPrivateKey(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DSAPrivateKey,PEM_STRING_DSA,bp,(char **)x,cb)
+#define PEM_read_bio_PrivateKey(bp,x,cb) (EVP_PKEY *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_PrivateKey,PEM_STRING_EVP_PKEY,bp,(char **)x,cb)
+
+#define PEM_read_bio_PKCS7(bp,x,cb) (PKCS7 *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_PKCS7,PEM_STRING_PKCS7,bp,(char **)x,cb)
+#define PEM_read_bio_DHparams(bp,x,cb) (DH *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DHparams,PEM_STRING_DHPARAMS,bp,(char **)x,cb)
+#define PEM_read_bio_DSAparams(bp,x,cb) (DSA *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_DSAparams,PEM_STRING_DSAPARAMS,bp,(char **)x,cb)
+
+#endif
+
+#ifndef NOPROTO
+int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher);
+int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+ int (*callback)());
+
+#ifdef HEADER_BIO_H
+int PEM_read_bio(BIO *bp, char **name, char **header,
+ unsigned char **data,long *len);
+int PEM_write_bio(BIO *bp,char *name,char *hdr,unsigned char *data,
+ long len);
+char * PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,
+ int (*cb)());
+int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK * PEM_X509_INFO_read_bio(BIO *bp, STACK *sk, int (*cb)());
+int PEM_X509_INFO_write_bio(BIO *bp,X509_INFO *xi, EVP_CIPHER *enc,
+ unsigned char *kstr, int klen, int (*cb)());
+#endif
+
+#ifndef WIN16
+int PEM_read(FILE *fp, char **name, char **header,
+ unsigned char **data,long *len);
+int PEM_write(FILE *fp,char *name,char *hdr,unsigned char *data,long len);
+char * PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,
+ int (*cb)());
+int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK * PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+#endif
+
+int PEM_SealInit(PEM_ENCODE_SEAL_CTX *ctx, EVP_CIPHER *type,
+ EVP_MD *md_type, unsigned char **ek, int *ekl,
+ unsigned char *iv, EVP_PKEY **pubk, int npubk);
+void PEM_SealUpdate(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *out, int *outl,
+ unsigned char *in, int inl);
+int PEM_SealFinal(PEM_ENCODE_SEAL_CTX *ctx, unsigned char *sig,int *sigl,
+ unsigned char *out, int *outl, EVP_PKEY *priv);
+
+void PEM_SignInit(EVP_MD_CTX *ctx, EVP_MD *type);
+void PEM_SignUpdate(EVP_MD_CTX *ctx,unsigned char *d,unsigned int cnt);
+int PEM_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret,
+ unsigned int *siglen, EVP_PKEY *pkey);
+
+void ERR_load_PEM_strings(void);
+
+void PEM_proc_type(char *buf, int type);
+void PEM_dek_info(char *buf, char *type, int len, char *str);
+
+#ifndef SSLEAY_MACROS
+
+#ifndef WIN16
+X509 *PEM_read_X509(FILE *fp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_X509_REQ(FILE *fp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_X509_CRL(FILE *fp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_RSAPrivateKey(FILE *fp,RSA **x,int (*cb)());
+RSA *PEM_read_RSAPublicKey(FILE *fp,RSA **x,int (*cb)());
+DSA *PEM_read_DSAPrivateKey(FILE *fp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_PrivateKey(FILE *fp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_PKCS7(FILE *fp,PKCS7 **x,int (*cb)());
+DH *PEM_read_DHparams(FILE *fp,DH **x,int (*cb)());
+DSA *PEM_read_DSAparams(FILE *fp,DSA **x,int (*cb)());
+int PEM_write_X509(FILE *fp,X509 *x);
+int PEM_write_X509_REQ(FILE *fp,X509_REQ *x);
+int PEM_write_X509_CRL(FILE *fp,X509_CRL *x);
+int PEM_write_RSAPrivateKey(FILE *fp,RSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+ int klen,int (*cb)());
+int PEM_write_RSAPublicKey(FILE *fp,RSA *x);
+int PEM_write_DSAPrivateKey(FILE *fp,DSA *x,EVP_CIPHER *enc,unsigned char *kstr,
+ int klen,int (*cb)());
+int PEM_write_PrivateKey(FILE *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_PKCS7(FILE *fp,PKCS7 *x);
+int PEM_write_DHparams(FILE *fp,DH *x);
+int PEM_write_DSAparams(FILE *fp,DSA *x);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *PEM_read_bio_X509(BIO *bp,X509 **x,int (*cb)());
+X509_REQ *PEM_read_bio_X509_REQ(BIO *bp,X509_REQ **x,int (*cb)());
+X509_CRL *PEM_read_bio_X509_CRL(BIO *bp,X509_CRL **x,int (*cb)());
+RSA *PEM_read_bio_RSAPrivateKey(BIO *bp,RSA **x,int (*cb)());
+RSA *PEM_read_bio_RSAPublicKey(BIO *bp,RSA **x,int (*cb)());
+DSA *PEM_read_bio_DSAPrivateKey(BIO *bp,DSA **x,int (*cb)());
+EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp,EVP_PKEY **x,int (*cb)());
+PKCS7 *PEM_read_bio_PKCS7(BIO *bp,PKCS7 **x,int (*cb)());
+DH *PEM_read_bio_DHparams(BIO *bp,DH **x,int (*cb)());
+DSA *PEM_read_bio_DSAparams(BIO *bp,DSA **x,int (*cb)());
+int PEM_write_bio_X509(BIO *bp,X509 *x);
+int PEM_write_bio_X509_REQ(BIO *bp,X509_REQ *x);
+int PEM_write_bio_X509_CRL(BIO *bp,X509_CRL *x);
+int PEM_write_bio_RSAPrivateKey(BIO *fp,RSA *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_RSAPublicKey(BIO *fp,RSA *x);
+int PEM_write_bio_DSAPrivateKey(BIO *fp,DSA *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PrivateKey(BIO *fp,EVP_PKEY *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*cb)());
+int PEM_write_bio_PKCS7(BIO *bp,PKCS7 *x);
+int PEM_write_bio_DHparams(BIO *bp,DH *x);
+int PEM_write_bio_DSAparams(BIO *bp,DSA *x);
+#endif
+
+#endif /* SSLEAY_MACROS */
+
+
+#else
+
+int PEM_get_EVP_CIPHER_INFO();
+int PEM_do_header();
+int PEM_read_bio();
+int PEM_write_bio();
+#ifndef WIN16
+int PEM_read();
+int PEM_write();
+STACK * PEM_X509_INFO_read();
+char * PEM_ASN1_read();
+int PEM_ASN1_write();
+#endif
+STACK * PEM_X509_INFO_read_bio();
+int PEM_X509_INFO_write_bio();
+char * PEM_ASN1_read_bio();
+int PEM_ASN1_write_bio();
+int PEM_SealInit();
+void PEM_SealUpdate();
+int PEM_SealFinal();
+int PEM_SignFinal();
+
+void ERR_load_PEM_strings();
+
+void PEM_proc_type();
+void PEM_dek_info();
+
+#ifndef SSLEAY_MACROS
+#ifndef WIN16
+X509 *PEM_read_X509();
+X509_REQ *PEM_read_X509_REQ();
+X509_CRL *PEM_read_X509_CRL();
+RSA *PEM_read_RSAPrivateKey();
+RSA *PEM_read_RSAPublicKey();
+DSA *PEM_read_DSAPrivateKey();
+EVP_PKEY *PEM_read_PrivateKey();
+PKCS7 *PEM_read_PKCS7();
+DH *PEM_read_DHparams();
+DSA *PEM_read_DSAparams();
+int PEM_write_X509();
+int PEM_write_X509_REQ();
+int PEM_write_X509_CRL();
+int PEM_write_RSAPrivateKey();
+int PEM_write_RSAPublicKey();
+int PEM_write_DSAPrivateKey();
+int PEM_write_PrivateKey();
+int PEM_write_PKCS7();
+int PEM_write_DHparams();
+int PEM_write_DSAparams();
+#endif
+
+X509 *PEM_read_bio_X509();
+X509_REQ *PEM_read_bio_X509_REQ();
+X509_CRL *PEM_read_bio_X509_CRL();
+RSA *PEM_read_bio_RSAPrivateKey();
+RSA *PEM_read_bio_RSAPublicKey();
+DSA *PEM_read_bio_DSAPrivateKey();
+EVP_PKEY *PEM_read_bio_PrivateKey();
+PKCS7 *PEM_read_bio_PKCS7();
+DH *PEM_read_bio_DHparams();
+DSA *PEM_read_bio_DSAparams();
+int PEM_write_bio_X509();
+int PEM_write_bio_X509_REQ();
+int PEM_write_bio_X509_CRL();
+int PEM_write_bio_RSAPrivateKey();
+int PEM_write_bio_RSAPublicKey();
+int PEM_write_bio_DSAPrivateKey();
+int PEM_write_bio_PrivateKey();
+int PEM_write_bio_PKCS7();
+int PEM_write_bio_DHparams();
+int PEM_write_bio_DSAparams();
+
+#endif /* SSLEAY_MACROS */
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PEM functions. */
+
+/* Function codes. */
+#define PEM_F_DEF_CALLBACK 100
+#define PEM_F_LOAD_IV 101
+#define PEM_F_PEM_ASN1_READ 102
+#define PEM_F_PEM_ASN1_READ_BIO 103
+#define PEM_F_PEM_ASN1_WRITE 104
+#define PEM_F_PEM_ASN1_WRITE_BIO 105
+#define PEM_F_PEM_DO_HEADER 106
+#define PEM_F_PEM_GET_EVP_CIPHER_INFO 107
+#define PEM_F_PEM_READ 108
+#define PEM_F_PEM_READ_BIO 109
+#define PEM_F_PEM_SEALFINAL 110
+#define PEM_F_PEM_SEALINIT 111
+#define PEM_F_PEM_SIGNFINAL 112
+#define PEM_F_PEM_WRITE 113
+#define PEM_F_PEM_WRITE_BIO 114
+#define PEM_F_PEM_X509_INFO_READ 115
+#define PEM_F_PEM_X509_INFO_READ_BIO 116
+#define PEM_F_PEM_X509_INFO_WRITE_BIO 117
+
+/* Reason codes. */
+#define PEM_R_BAD_BASE64_DECODE 100
+#define PEM_R_BAD_DECRYPT 101
+#define PEM_R_BAD_END_LINE 102
+#define PEM_R_BAD_IV_CHARS 103
+#define PEM_R_BAD_PASSWORD_READ 104
+#define PEM_R_NOT_DEK_INFO 105
+#define PEM_R_NOT_ENCRYPTED 106
+#define PEM_R_NOT_PROC_TYPE 107
+#define PEM_R_NO_START_LINE 108
+#define PEM_R_PROBLEMS_GETTING_PASSWORD 109
+#define PEM_R_PUBLIC_KEY_NO_RSA 110
+#define PEM_R_READ_KEY 111
+#define PEM_R_SHORT_HEADER 112
+#define PEM_R_UNSUPPORTED_CIPHER 113
+#define PEM_R_UNSUPPORTED_ENCRYPTION 114
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/pem/pem_all.c b/crypto/pem/pem_all.c
new file mode 100644
index 0000000..5485628
--- /dev/null
+++ b/crypto/pem/pem_all.c
@@ -0,0 +1,487 @@
+/* crypto/pem/pem_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SSLEAY_MACROS
+#include "bio.h"
+#include "evp.h"
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+
+#ifndef WIN16
+/* The X509 functions */
+X509 *PEM_read_X509(fp,x,cb)
+FILE *fp;
+X509 **x;
+int (*cb)();
+ {
+ return((X509 *)PEM_ASN1_read((char *(*)())d2i_X509,
+ PEM_STRING_X509,fp,(char **)x,cb));
+ }
+#endif
+
+X509 *PEM_read_bio_X509(bp,x,cb)
+BIO *bp;
+X509 **x;
+int (*cb)();
+ {
+ return((X509 *)PEM_ASN1_read_bio((char *(*)())d2i_X509,
+ PEM_STRING_X509,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_X509(fp,x)
+FILE *fp;
+X509 *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_X509(bp,x)
+BIO *bp;
+X509 *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_X509,PEM_STRING_X509,bp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef WIN16
+/* The X509_REQ functions */
+X509_REQ *PEM_read_X509_REQ(fp,x,cb)
+FILE *fp;
+X509_REQ **x;
+int (*cb)();
+ {
+ return((X509_REQ *)PEM_ASN1_read((char *(*)())d2i_X509_REQ,
+ PEM_STRING_X509_REQ,fp,(char **)x,cb));
+ }
+#endif
+
+X509_REQ *PEM_read_bio_X509_REQ(bp,x,cb)
+BIO *bp;
+X509_REQ **x;
+int (*cb)();
+ {
+ return((X509_REQ *)PEM_ASN1_read_bio((char *(*)())d2i_X509_REQ,
+ PEM_STRING_X509_REQ,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_X509_REQ(fp,x)
+FILE *fp;
+X509_REQ *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_X509_REQ(bp,x)
+BIO *bp;
+X509_REQ *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_X509_REQ,PEM_STRING_X509_REQ,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef WIN16
+/* The X509_CRL functions */
+X509_CRL *PEM_read_X509_CRL(fp,x,cb)
+FILE *fp;
+X509_CRL **x;
+int (*cb)();
+ {
+ return((X509_CRL *)PEM_ASN1_read((char *(*)())d2i_X509_CRL,
+ PEM_STRING_X509_CRL,fp,(char **)x,cb));
+ }
+#endif
+
+X509_CRL *PEM_read_bio_X509_CRL(bp,x,cb)
+BIO *bp;
+X509_CRL **x;
+int (*cb)();
+ {
+ return((X509_CRL *)PEM_ASN1_read_bio((char *(*)())d2i_X509_CRL,
+ PEM_STRING_X509_CRL,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_X509_CRL(fp,x)
+FILE *fp;
+X509_CRL *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_X509_CRL(bp,x)
+BIO *bp;
+X509_CRL *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_X509_CRL,PEM_STRING_X509_CRL,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef NO_RSA
+#ifndef WIN16
+/* The RSAPrivateKey functions */
+RSA *PEM_read_RSAPrivateKey(fp,x,cb)
+FILE *fp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPrivateKey,
+ PEM_STRING_RSA,fp,(char **)x,cb));
+ }
+
+RSA *PEM_read_RSAPublicKey(fp,x,cb)
+FILE *fp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read((char *(*)())d2i_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,fp,(char **)x,cb));
+ }
+#endif
+
+RSA *PEM_read_bio_RSAPrivateKey(bp,x,cb)
+BIO *bp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPrivateKey,
+ PEM_STRING_RSA,bp,(char **)x,cb));
+ }
+
+RSA *PEM_read_bio_RSAPublicKey(bp,x,cb)
+BIO *bp;
+RSA **x;
+int (*cb)();
+ {
+ return((RSA *)PEM_ASN1_read_bio((char *(*)())d2i_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+RSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,fp,
+ (char *)x,enc,kstr,klen,cb));
+ }
+
+int PEM_write_RSAPublicKey(fp,x)
+FILE *fp;
+RSA *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,fp,
+ (char *)x,NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+RSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_RSAPrivateKey,PEM_STRING_RSA,
+ bp,(char *)x,enc,kstr,klen,cb));
+ }
+
+int PEM_write_bio_RSAPublicKey(bp,x)
+BIO *bp;
+RSA *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_RSAPublicKey,
+ PEM_STRING_RSA_PUBLIC,
+ bp,(char *)x,NULL,NULL,0,NULL));
+ }
+#endif /* !NO_RSA */
+
+#ifndef NO_DSA
+#ifndef WIN16
+/* The DSAPrivateKey functions */
+DSA *PEM_read_DSAPrivateKey(fp,x,cb)
+FILE *fp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAPrivateKey,
+ PEM_STRING_DSA,fp,(char **)x,cb));
+ }
+#endif
+
+DSA *PEM_read_bio_DSAPrivateKey(bp,x,cb)
+BIO *bp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAPrivateKey,
+ PEM_STRING_DSA,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+DSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,fp,
+ (char *)x,enc,kstr,klen,cb));
+ }
+#endif
+
+int PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+DSA *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_DSAPrivateKey,PEM_STRING_DSA,
+ bp,(char *)x,enc,kstr,klen,cb));
+ }
+#endif
+
+#ifndef WIN16
+/* The PrivateKey functions */
+EVP_PKEY *PEM_read_PrivateKey(fp,x,cb)
+FILE *fp;
+EVP_PKEY **x;
+int (*cb)();
+ {
+ return((EVP_PKEY *)PEM_ASN1_read((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,fp,(char **)x,cb));
+ }
+#endif
+
+EVP_PKEY *PEM_read_bio_PrivateKey(bp,x,cb)
+BIO *bp;
+EVP_PKEY **x;
+int (*cb)();
+ {
+ return((EVP_PKEY *)PEM_ASN1_read_bio((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_PrivateKey(fp,x,enc,kstr,klen,cb)
+FILE *fp;
+EVP_PKEY *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write((int (*)())i2d_PrivateKey,
+ ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+ fp,(char *)x,enc,kstr,klen,cb));
+ }
+#endif
+
+int PEM_write_bio_PrivateKey(bp,x,enc,kstr,klen,cb)
+BIO *bp;
+EVP_PKEY *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_PrivateKey,
+ ((x->type == EVP_PKEY_DSA)?PEM_STRING_DSA:PEM_STRING_RSA),
+ bp,(char *)x,enc,kstr,klen,cb));
+ }
+
+#ifndef WIN16
+/* The PKCS7 functions */
+PKCS7 *PEM_read_PKCS7(fp,x,cb)
+FILE *fp;
+PKCS7 **x;
+int (*cb)();
+ {
+ return((PKCS7 *)PEM_ASN1_read((char *(*)())d2i_PKCS7,
+ PEM_STRING_PKCS7,fp,(char **)x,cb));
+ }
+#endif
+
+PKCS7 *PEM_read_bio_PKCS7(bp,x,cb)
+BIO *bp;
+PKCS7 **x;
+int (*cb)();
+ {
+ return((PKCS7 *)PEM_ASN1_read_bio((char *(*)())d2i_PKCS7,
+ PEM_STRING_PKCS7,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_PKCS7(fp,x)
+FILE *fp;
+PKCS7 *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_PKCS7(bp,x)
+BIO *bp;
+PKCS7 *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_PKCS7,PEM_STRING_PKCS7,bp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+
+#ifndef NO_DH
+#ifndef WIN16
+/* The DHparams functions */
+DH *PEM_read_DHparams(fp,x,cb)
+FILE *fp;
+DH **x;
+int (*cb)();
+ {
+ return((DH *)PEM_ASN1_read((char *(*)())d2i_DHparams,
+ PEM_STRING_DHPARAMS,fp,(char **)x,cb));
+ }
+#endif
+
+DH *PEM_read_bio_DHparams(bp,x,cb)
+BIO *bp;
+DH **x;
+int (*cb)();
+ {
+ return((DH *)PEM_ASN1_read_bio((char *(*)())d2i_DHparams,
+ PEM_STRING_DHPARAMS,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_DHparams(fp,x)
+FILE *fp;
+DH *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_DHparams(bp,x)
+BIO *bp;
+DH *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_DHparams,PEM_STRING_DHPARAMS,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+#ifndef NO_DSA
+#ifndef WIN16
+/* The DSAparams functions */
+DSA *PEM_read_DSAparams(fp,x,cb)
+FILE *fp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read((char *(*)())d2i_DSAparams,
+ PEM_STRING_DSAPARAMS,fp,(char **)x,cb));
+ }
+#endif
+
+DSA *PEM_read_bio_DSAparams(bp,x,cb)
+BIO *bp;
+DSA **x;
+int (*cb)();
+ {
+ return((DSA *)PEM_ASN1_read_bio((char *(*)())d2i_DSAparams,
+ PEM_STRING_DSAPARAMS,bp,(char **)x,cb));
+ }
+
+#ifndef WIN16
+int PEM_write_DSAparams(fp,x)
+FILE *fp;
+DSA *x;
+ {
+ return(PEM_ASN1_write((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,fp,
+ (char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
+int PEM_write_bio_DSAparams(bp,x)
+BIO *bp;
+DSA *x;
+ {
+ return(PEM_ASN1_write_bio((int (*)())i2d_DSAparams,PEM_STRING_DSAPARAMS,
+ bp,(char *)x, NULL,NULL,0,NULL));
+ }
+#endif
+
diff --git a/crypto/pem/pem_err.c b/crypto/pem/pem_err.c
new file mode 100644
index 0000000..b8d9520
--- /dev/null
+++ b/crypto/pem/pem_err.c
@@ -0,0 +1,116 @@
+/* lib/pem/pem_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "pem.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA PEM_str_functs[]=
+ {
+{ERR_PACK(0,PEM_F_DEF_CALLBACK,0), "DEF_CALLBACK"},
+{ERR_PACK(0,PEM_F_LOAD_IV,0), "LOAD_IV"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ,0), "PEM_ASN1_read"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_READ_BIO,0), "PEM_ASN1_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE,0), "PEM_ASN1_write"},
+{ERR_PACK(0,PEM_F_PEM_ASN1_WRITE_BIO,0), "PEM_ASN1_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_DO_HEADER,0), "PEM_do_header"},
+{ERR_PACK(0,PEM_F_PEM_GET_EVP_CIPHER_INFO,0), "PEM_get_EVP_CIPHER_INFO"},
+{ERR_PACK(0,PEM_F_PEM_READ,0), "PEM_read"},
+{ERR_PACK(0,PEM_F_PEM_READ_BIO,0), "PEM_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_SEALFINAL,0), "PEM_SealFinal"},
+{ERR_PACK(0,PEM_F_PEM_SEALINIT,0), "PEM_SealInit"},
+{ERR_PACK(0,PEM_F_PEM_SIGNFINAL,0), "PEM_SignFinal"},
+{ERR_PACK(0,PEM_F_PEM_WRITE,0), "PEM_write"},
+{ERR_PACK(0,PEM_F_PEM_WRITE_BIO,0), "PEM_write_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ,0), "PEM_X509_INFO_read"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_READ_BIO,0), "PEM_X509_INFO_read_bio"},
+{ERR_PACK(0,PEM_F_PEM_X509_INFO_WRITE_BIO,0), "PEM_X509_INFO_write_bio"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA PEM_str_reasons[]=
+ {
+{PEM_R_BAD_BASE64_DECODE ,"bad base64 decode"},
+{PEM_R_BAD_DECRYPT ,"bad decrypt"},
+{PEM_R_BAD_END_LINE ,"bad end line"},
+{PEM_R_BAD_IV_CHARS ,"bad iv chars"},
+{PEM_R_BAD_PASSWORD_READ ,"bad password read"},
+{PEM_R_NOT_DEK_INFO ,"not dek info"},
+{PEM_R_NOT_ENCRYPTED ,"not encrypted"},
+{PEM_R_NOT_PROC_TYPE ,"not proc type"},
+{PEM_R_NO_START_LINE ,"no start line"},
+{PEM_R_PROBLEMS_GETTING_PASSWORD ,"problems getting password"},
+{PEM_R_PUBLIC_KEY_NO_RSA ,"public key no rsa"},
+{PEM_R_READ_KEY ,"read key"},
+{PEM_R_SHORT_HEADER ,"short header"},
+{PEM_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{PEM_R_UNSUPPORTED_ENCRYPTION ,"unsupported encryption"},
+{0,NULL},
+ };
+
+void ERR_load_PEM_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_PEM,PEM_str_functs);
+ ERR_load_strings(ERR_LIB_PEM,PEM_str_reasons);
+ }
+ }
diff --git a/crypto/pem/pem_info.c b/crypto/pem/pem_info.c
new file mode 100644
index 0000000..aafd9ce
--- /dev/null
+++ b/crypto/pem/pem_info.c
@@ -0,0 +1,365 @@
+/* crypto/pem/pem_info.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef WIN16
+STACK *PEM_X509_INFO_read(fp,sk,cb)
+FILE *fp;
+STACK *sk;
+int (*cb)();
+ {
+ BIO *b;
+ STACK *ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_READ,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_X509_INFO_read_bio(b,sk,cb);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+STACK *PEM_X509_INFO_read_bio(bp,sk,cb)
+BIO *bp;
+STACK *sk;
+int (*cb)();
+ {
+ X509_INFO *xi=NULL;
+ char *name=NULL,*header=NULL,**pp;
+ unsigned char *data=NULL,*p;
+ long len,error=0;
+ int ok=0;
+ STACK *ret=NULL;
+ unsigned int i,raw;
+ char *(*d2i)();
+
+ if (sk == NULL)
+ {
+ if ((ret=sk_new_null()) == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ else
+ ret=sk;
+
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ for (;;)
+ {
+ raw=0;
+ i=PEM_read_bio(bp,&name,&header,&data,&len);
+ if (i == 0)
+ {
+ error=ERR_GET_REASON(ERR_peek_error());
+ if (error == PEM_R_NO_START_LINE)
+ {
+ ERR_clear_error();
+ break;
+ }
+ goto err;
+ }
+start:
+ if ( (strcmp(name,PEM_STRING_X509) == 0) ||
+ (strcmp(name,PEM_STRING_X509_OLD) == 0))
+ {
+ d2i=(char *(*)())d2i_X509;
+ if (xi->x509 != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+ pp=(char **)&(xi->x509);
+ }
+ else if (strcmp(name,PEM_STRING_X509_CRL) == 0)
+ {
+ d2i=(char *(*)())d2i_X509_CRL;
+ if (xi->crl != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+ pp=(char **)&(xi->crl);
+ }
+ else
+#ifndef NO_RSA
+ if (strcmp(name,PEM_STRING_RSA) == 0)
+ {
+ d2i=(char *(*)())d2i_RSAPrivateKey;
+ if (xi->x_pkey != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+
+ xi->enc_data=NULL;
+ xi->enc_len=0;
+
+ xi->x_pkey=X509_PKEY_new();
+ if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
+ goto err;
+ xi->x_pkey->dec_pkey->type=EVP_PKEY_RSA;
+ pp=(char **)&(xi->x_pkey->dec_pkey->pkey.rsa);
+ if ((int)strlen(header) > 10) /* assume encrypted */
+ raw=1;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (strcmp(name,PEM_STRING_DSA) == 0)
+ {
+ d2i=(char *(*)())d2i_DSAPrivateKey;
+ if (xi->x_pkey != NULL)
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ if ((xi=X509_INFO_new()) == NULL) goto err;
+ goto start;
+ }
+
+ xi->enc_data=NULL;
+ xi->enc_len=0;
+
+ xi->x_pkey=X509_PKEY_new();
+ if ((xi->x_pkey->dec_pkey=EVP_PKEY_new()) == NULL)
+ goto err;
+ xi->x_pkey->dec_pkey->type=EVP_PKEY_DSA;
+ pp=(char **)&(xi->x_pkey->dec_pkey->pkey.dsa);
+ if ((int)strlen(header) > 10) /* assume encrypted */
+ raw=1;
+ }
+ else
+#endif
+ {
+ d2i=NULL;
+ pp=NULL;
+ }
+
+ if (d2i != NULL)
+ {
+ if (!raw)
+ {
+ EVP_CIPHER_INFO cipher;
+
+ if (!PEM_get_EVP_CIPHER_INFO(header,&cipher))
+ goto err;
+ if (!PEM_do_header(&cipher,data,&len,cb))
+ goto err;
+ p=data;
+ if (d2i(pp,&p,len) == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_READ_BIO,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+ else
+ { /* encrypted RSA data */
+ if (!PEM_get_EVP_CIPHER_INFO(header,
+ &xi->enc_cipher)) goto err;
+ xi->enc_data=(char *)data;
+ xi->enc_len=(int)len;
+ data=NULL;
+ }
+ }
+ else {
+ /* unknown */
+ }
+ if (name != NULL) Free(name);
+ if (header != NULL) Free(header);
+ if (data != NULL) Free(data);
+ name=NULL;
+ header=NULL;
+ data=NULL;
+ }
+
+ /* if the last one hasn't been pushed yet and there is anything
+ * in it then add it to the stack ...
+ */
+ if ((xi->x509 != NULL) || (xi->crl != NULL) ||
+ (xi->x_pkey != NULL) || (xi->enc_data != NULL))
+ {
+ if (!sk_push(ret,(char *)xi)) goto err;
+ xi=NULL;
+ }
+ ok=1;
+err:
+ if (xi != NULL) X509_INFO_free(xi);
+ if (!ok)
+ {
+ for (i=0; ((int)i)<sk_num(ret); i++)
+ {
+ xi=(X509_INFO *)sk_value(ret,i);
+ X509_INFO_free(xi);
+ }
+ if (ret != sk) sk_free(ret);
+ ret=NULL;
+ }
+
+ if (name != NULL) Free(name);
+ if (header != NULL) Free(header);
+ if (data != NULL) Free(data);
+ return(ret);
+ }
+
+
+/* A TJH addition */
+int PEM_X509_INFO_write_bio(bp,xi,enc,kstr,klen,cb)
+BIO *bp;
+X509_INFO *xi;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*cb)();
+ {
+ EVP_CIPHER_CTX ctx;
+ int i,ret=0;
+ unsigned char *data=NULL;
+ char *objstr=NULL;
+#define PEM_BUFSIZE 1024
+ char buf[PEM_BUFSIZE];
+ unsigned char *iv=NULL;
+
+ if (enc != NULL)
+ {
+ objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
+ if (objstr == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+ }
+
+ /* now for the fun part ... if we have a private key then
+ * we have to be able to handle a not-yet-decrypted key
+ * being written out correctly ... if it is decrypted or
+ * it is non-encrypted then we use the base code
+ */
+ if (xi->x_pkey!=NULL)
+ {
+ if ( (xi->enc_data!=NULL) && (xi->enc_len>0) )
+ {
+ /* copy from wierdo names into more normal things */
+ iv=xi->enc_cipher.iv;
+ data=(unsigned char *)xi->enc_data;
+ i=xi->enc_len;
+
+ /* we take the encryption data from the
+ * internal stuff rather than what the
+ * user has passed us ... as we have to
+ * match exactly for some strange reason
+ */
+ objstr=OBJ_nid2sn(
+ EVP_CIPHER_nid(xi->enc_cipher.cipher));
+ if (objstr == NULL)
+ {
+ PEMerr(PEM_F_PEM_X509_INFO_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+
+ /* create the right magic header stuff */
+ buf[0]='\0';
+ PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
+ PEM_dek_info(buf,objstr,8,(char *)iv);
+
+ /* use the normal code to write things out */
+ i=PEM_write_bio(bp,PEM_STRING_RSA,buf,data,i);
+ if (i <= 0) goto err;
+ }
+ else
+ {
+ /* Add DSA/DH */
+#ifndef NO_RSA
+ /* normal optionally encrypted stuff */
+ if (PEM_write_bio_RSAPrivateKey(bp,
+ xi->x_pkey->dec_pkey->pkey.rsa,
+ enc,kstr,klen,cb)<=0)
+ goto err;
+#endif
+ }
+ }
+
+ /* if we have a certificate then write it out now */
+ if ((xi->x509 != NULL) || (PEM_write_bio_X509(bp,xi->x509) <= 0))
+ goto err;
+
+ /* we are ignoring anything else that is loaded into the X509_INFO
+ * structure for the moment ... as I don't need it so I'm not
+ * coding it here and Eric can do it when this makes it into the
+ * base library --tjh
+ */
+
+ ret=1;
+
+err:
+ memset((char *)&ctx,0,sizeof(ctx));
+ memset(buf,0,PEM_BUFSIZE);
+ return(ret);
+ }
diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
new file mode 100644
index 0000000..1397d83
--- /dev/null
+++ b/crypto/pem/pem_lib.c
@@ -0,0 +1,757 @@
+/* crypto/pem/pem_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "objects.h"
+#include "evp.h"
+#include "rand.h"
+#include "x509.h"
+#include "pem.h"
+#ifndef NO_DES
+#include "des.h"
+#endif
+
+char *PEM_version="PEM part of SSLeay 0.8.1b 29-Jun-1998";
+
+#define MIN_LENGTH 4
+
+/* PEMerr(PEM_F_PEM_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+ * PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int def_callback(char *buf, int num, int w);
+static int load_iv(unsigned char **fromp,unsigned char *to, int num);
+#else
+static int def_callback();
+static int load_iv();
+#endif
+
+static int def_callback(buf, num, w)
+char *buf;
+int num;
+int w;
+ {
+#ifdef WIN16
+ /* We should not ever call the default callback routine from
+ * windows. */
+ PEMerr(PEM_F_DEF_CALLBACK,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(-1);
+#else
+ int i,j;
+ char *prompt;
+
+ prompt=EVP_get_pw_prompt();
+ if (prompt == NULL)
+ prompt="Enter PEM pass phrase:";
+
+ for (;;)
+ {
+ i=EVP_read_pw_string(buf,num,prompt,w);
+ if (i != 0)
+ {
+ PEMerr(PEM_F_DEF_CALLBACK,PEM_R_PROBLEMS_GETTING_PASSWORD);
+ memset(buf,0,(unsigned int)num);
+ return(-1);
+ }
+ j=strlen(buf);
+ if (j < MIN_LENGTH)
+ {
+ fprintf(stderr,"phrase is too short, needs to be at least %d chars\n",MIN_LENGTH);
+ }
+ else
+ break;
+ }
+ return(j);
+#endif
+ }
+
+void PEM_proc_type(buf, type)
+char *buf;
+int type;
+ {
+ char *str;
+
+ if (type == PEM_TYPE_ENCRYPTED)
+ str="ENCRYPTED";
+ else if (type == PEM_TYPE_MIC_CLEAR)
+ str="MIC-CLEAR";
+ else if (type == PEM_TYPE_MIC_ONLY)
+ str="MIC-ONLY";
+ else
+ str="BAD-TYPE";
+
+ strcat(buf,"Proc-Type: 4,");
+ strcat(buf,str);
+ strcat(buf,"\n");
+ }
+
+void PEM_dek_info(buf, type, len, str)
+char *buf;
+char *type;
+int len;
+char *str;
+ {
+ static unsigned char map[17]="0123456789ABCDEF";
+ long i;
+ int j;
+
+ strcat(buf,"DEK-Info: ");
+ strcat(buf,type);
+ strcat(buf,",");
+ j=strlen(buf);
+ for (i=0; i<len; i++)
+ {
+ buf[j+i*2] =map[(str[i]>>4)&0x0f];
+ buf[j+i*2+1]=map[(str[i] )&0x0f];
+ }
+ buf[j+i*2]='\n';
+ buf[j+i*2+1]='\0';
+ }
+
+#ifndef WIN16
+char *PEM_ASN1_read(d2i,name,fp, x, cb)
+char *(*d2i)();
+char *name;
+FILE *fp;
+char **x;
+int (*cb)();
+ {
+ BIO *b;
+ char *ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_READ,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_ASN1_read_bio(d2i,name,b,x,cb);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+char *PEM_ASN1_read_bio(d2i,name,bp, x, cb)
+char *(*d2i)();
+char *name;
+BIO *bp;
+char **x;
+int (*cb)();
+ {
+ EVP_CIPHER_INFO cipher;
+ char *nm=NULL,*header=NULL;
+ unsigned char *p=NULL,*data=NULL;
+ long len;
+ char *ret=NULL;
+
+ for (;;)
+ {
+ if (!PEM_read_bio(bp,&nm,&header,&data,&len)) return(NULL);
+ if ( (strcmp(nm,name) == 0) ||
+ ((strcmp(nm,PEM_STRING_RSA) == 0) &&
+ (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+ ((strcmp(nm,PEM_STRING_DSA) == 0) &&
+ (strcmp(name,PEM_STRING_EVP_PKEY) == 0)) ||
+ ((strcmp(nm,PEM_STRING_X509_OLD) == 0) &&
+ (strcmp(name,PEM_STRING_X509) == 0)) ||
+ ((strcmp(nm,PEM_STRING_X509_REQ_OLD) == 0) &&
+ (strcmp(name,PEM_STRING_X509_REQ) == 0))
+ )
+ break;
+ Free(nm);
+ Free(header);
+ Free(data);
+ }
+ if (!PEM_get_EVP_CIPHER_INFO(header,&cipher)) goto err;
+ if (!PEM_do_header(&cipher,data,&len,cb)) goto err;
+ p=data;
+ if (strcmp(name,PEM_STRING_EVP_PKEY) == 0)
+ {
+ if (strcmp(nm,PEM_STRING_RSA) == 0)
+ ret=d2i(EVP_PKEY_RSA,x,&p,len);
+ else if (strcmp(nm,PEM_STRING_DSA) == 0)
+ ret=d2i(EVP_PKEY_DSA,x,&p,len);
+ }
+ else
+ ret=d2i(x,&p,len);
+ if (ret == NULL)
+ PEMerr(PEM_F_PEM_ASN1_READ_BIO,ERR_R_ASN1_LIB);
+err:
+ Free(nm);
+ Free(header);
+ Free(data);
+ return(ret);
+ }
+
+#ifndef WIN16
+int PEM_ASN1_write(i2d,name,fp, x, enc, kstr, klen, callback)
+int (*i2d)();
+char *name;
+FILE *fp;
+char *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*callback)();
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_ASN1_write_bio(i2d,name,b,x,enc,kstr,klen,callback);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int PEM_ASN1_write_bio(i2d,name,bp, x, enc, kstr, klen, callback)
+int (*i2d)();
+char *name;
+BIO *bp;
+char *x;
+EVP_CIPHER *enc;
+unsigned char *kstr;
+int klen;
+int (*callback)();
+ {
+ EVP_CIPHER_CTX ctx;
+ int dsize=0,i,j,ret=0;
+ unsigned char *p,*data=NULL;
+ char *objstr=NULL;
+#define PEM_BUFSIZE 1024
+ char buf[PEM_BUFSIZE];
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+
+ if (enc != NULL)
+ {
+ objstr=OBJ_nid2sn(EVP_CIPHER_nid(enc));
+ if (objstr == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_UNSUPPORTED_CIPHER);
+ goto err;
+ }
+ }
+
+ dsize=i2d(x,NULL);
+ /* dzise + 8 bytes are needed */
+ data=(unsigned char *)Malloc((unsigned int)dsize+20);
+ if (data == NULL)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=data;
+ i=i2d(x,&p);
+
+ if (enc != NULL)
+ {
+ if (kstr == NULL)
+ {
+ if (callback == NULL)
+ klen=def_callback(buf,PEM_BUFSIZE,1);
+ else
+ klen=(*callback)(buf,PEM_BUFSIZE,1);
+ if (klen <= 0)
+ {
+ PEMerr(PEM_F_PEM_ASN1_WRITE_BIO,PEM_R_READ_KEY);
+ goto err;
+ }
+ kstr=(unsigned char *)buf;
+ }
+ RAND_seed(data,i);/* put in the RSA key. */
+ RAND_bytes(iv,8); /* Generate a salt */
+ /* The 'iv' is used as the iv and as a salt. It is
+ * NOT taken from the BytesToKey function */
+ EVP_BytesToKey(enc,EVP_md5(),iv,kstr,klen,1,key,NULL);
+
+ if (kstr == (unsigned char *)buf) memset(buf,0,PEM_BUFSIZE);
+
+ buf[0]='\0';
+ PEM_proc_type(buf,PEM_TYPE_ENCRYPTED);
+ PEM_dek_info(buf,objstr,8,(char *)iv);
+ /* k=strlen(buf); */
+
+ EVP_EncryptInit(&ctx,enc,key,iv);
+ EVP_EncryptUpdate(&ctx,data,&j,data,i);
+ EVP_EncryptFinal(&ctx,&(data[j]),&i);
+ i+=j;
+ ret=1;
+ }
+ else
+ {
+ ret=1;
+ buf[0]='\0';
+ }
+ i=PEM_write_bio(bp,name,buf,data,i);
+ if (i <= 0) ret=0;
+err:
+ memset(key,0,sizeof(key));
+ memset(iv,0,sizeof(iv));
+ memset((char *)&ctx,0,sizeof(ctx));
+ memset(buf,0,PEM_BUFSIZE);
+ memset(data,0,(unsigned int)dsize);
+ Free(data);
+ return(ret);
+ }
+
+int PEM_do_header(cipher, data, plen, callback)
+EVP_CIPHER_INFO *cipher;
+unsigned char *data;
+long *plen;
+int (*callback)();
+ {
+ int i,j,o,klen;
+ long len;
+ EVP_CIPHER_CTX ctx;
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ char buf[PEM_BUFSIZE];
+
+ len= *plen;
+
+ if (cipher->cipher == NULL) return(1);
+ if (callback == NULL)
+ klen=def_callback(buf,PEM_BUFSIZE,0);
+ else
+ klen=callback(buf,PEM_BUFSIZE,0);
+ if (klen <= 0)
+ {
+ PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_PASSWORD_READ);
+ return(0);
+ }
+ EVP_BytesToKey(cipher->cipher,EVP_md5(),&(cipher->iv[0]),
+ (unsigned char *)buf,klen,1,key,NULL);
+
+ j=(int)len;
+ EVP_DecryptInit(&ctx,cipher->cipher,key,&(cipher->iv[0]));
+ EVP_DecryptUpdate(&ctx,data,&i,data,j);
+ o=EVP_DecryptFinal(&ctx,&(data[i]),&j);
+ EVP_CIPHER_CTX_cleanup(&ctx);
+ memset((char *)buf,0,sizeof(buf));
+ memset((char *)key,0,sizeof(key));
+ j+=i;
+ if (!o)
+ {
+ PEMerr(PEM_F_PEM_DO_HEADER,PEM_R_BAD_DECRYPT);
+ return(0);
+ }
+ *plen=j;
+ return(1);
+ }
+
+int PEM_get_EVP_CIPHER_INFO(header,cipher)
+char *header;
+EVP_CIPHER_INFO *cipher;
+ {
+ int o;
+ EVP_CIPHER *enc=NULL;
+ char *p,c;
+
+ cipher->cipher=NULL;
+ if ((header == NULL) || (*header == '\0') || (*header == '\n'))
+ return(1);
+ if (strncmp(header,"Proc-Type: ",11) != 0)
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_PROC_TYPE); return(0); }
+ header+=11;
+ if (*header != '4') return(0); header++;
+ if (*header != ',') return(0); header++;
+ if (strncmp(header,"ENCRYPTED",9) != 0)
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_ENCRYPTED); return(0); }
+ for (; (*header != '\n') && (*header != '\0'); header++)
+ ;
+ if (*header == '\0')
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_SHORT_HEADER); return(0); }
+ header++;
+ if (strncmp(header,"DEK-Info: ",10) != 0)
+ { PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_NOT_DEK_INFO); return(0); }
+ header+=10;
+
+ p=header;
+ for (;;)
+ {
+ c= *header;
+ if (!( ((c >= 'A') && (c <= 'Z')) || (c == '-') ||
+ ((c >= '0') && (c <= '9'))))
+ break;
+ header++;
+ }
+ *header='\0';
+ o=OBJ_sn2nid(p);
+ cipher->cipher=enc=EVP_get_cipherbyname(p);
+ *header=c;
+ header++;
+
+ if (enc == NULL)
+ {
+ PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO,PEM_R_UNSUPPORTED_ENCRYPTION);
+ return(0);
+ }
+ if (!load_iv((unsigned char **)&header,&(cipher->iv[0]),8)) return(0);
+
+ return(1);
+ }
+
+static int load_iv(fromp,to,num)
+unsigned char **fromp,*to;
+int num;
+ {
+ int v,i;
+ unsigned char *from;
+
+ from= *fromp;
+ for (i=0; i<num; i++) to[i]=0;
+ num*=2;
+ for (i=0; i<num; i++)
+ {
+ if ((*from >= '0') && (*from <= '9'))
+ v= *from-'0';
+ else if ((*from >= 'A') && (*from <= 'F'))
+ v= *from-'A'+10;
+ else if ((*from >= 'a') && (*from <= 'f'))
+ v= *from-'a'+10;
+ else
+ {
+ PEMerr(PEM_F_LOAD_IV,PEM_R_BAD_IV_CHARS);
+ return(0);
+ }
+ from++;
+ to[i/2]|=v<<(long)((!(i&1))*4);
+ }
+
+ *fromp=from;
+ return(1);
+ }
+
+#ifndef WIN16
+int PEM_write(fp, name, header, data,len)
+FILE *fp;
+char *name;
+char *header;
+unsigned char *data;
+long len;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_WRITE,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_write_bio(b, name, header, data,len);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int PEM_write_bio(bp, name, header, data,len)
+BIO *bp;
+char *name;
+char *header;
+unsigned char *data;
+long len;
+ {
+ int nlen,n,i,j,outl;
+ unsigned char *buf;
+ EVP_ENCODE_CTX ctx;
+ int reason=ERR_R_BUF_LIB;
+
+ EVP_EncodeInit(&ctx);
+ nlen=strlen(name);
+
+ if ( (BIO_write(bp,"-----BEGIN ",11) != 11) ||
+ (BIO_write(bp,name,nlen) != nlen) ||
+ (BIO_write(bp,"-----\n",6) != 6))
+ goto err;
+
+ i=strlen(header);
+ if (i > 0)
+ {
+ if ( (BIO_write(bp,header,i) != i) ||
+ (BIO_write(bp,"\n",1) != 1))
+ goto err;
+ }
+
+ buf=(unsigned char *)Malloc(PEM_BUFSIZE*8);
+ if (buf == NULL)
+ {
+ reason=ERR_R_MALLOC_FAILURE;
+ goto err;
+ }
+
+ i=j=0;
+ while (len > 0)
+ {
+ n=(int)((len>(PEM_BUFSIZE*5))?(PEM_BUFSIZE*5):len);
+ EVP_EncodeUpdate(&ctx,buf,&outl,&(data[j]),n);
+ if ((outl) && (BIO_write(bp,(char *)buf,outl) != outl))
+ goto err;
+ i+=outl;
+ len-=n;
+ j+=n;
+ }
+ EVP_EncodeFinal(&ctx,buf,&outl);
+ if ((outl > 0) && (BIO_write(bp,(char *)buf,outl) != outl)) goto err;
+ Free(buf);
+ if ( (BIO_write(bp,"-----END ",9) != 9) ||
+ (BIO_write(bp,name,nlen) != nlen) ||
+ (BIO_write(bp,"-----\n",6) != 6))
+ goto err;
+ return(i+outl);
+err:
+ PEMerr(PEM_F_PEM_WRITE_BIO,reason);
+ return(0);
+ }
+
+#ifndef WIN16
+int PEM_read(fp, name, header, data,len)
+FILE *fp;
+char **name;
+char **header;
+unsigned char **data;
+long *len;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ PEMerr(PEM_F_PEM_READ,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=PEM_read_bio(b, name, header, data,len);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int PEM_read_bio(bp, name, header, data, len)
+BIO *bp;
+char **name;
+char **header;
+unsigned char **data;
+long *len;
+ {
+ EVP_ENCODE_CTX ctx;
+ int end=0,i,k,bl=0,hl=0,nohead=0;
+ char buf[256];
+ BUF_MEM *nameB;
+ BUF_MEM *headerB;
+ BUF_MEM *dataB,*tmpB;
+
+ nameB=BUF_MEM_new();
+ headerB=BUF_MEM_new();
+ dataB=BUF_MEM_new();
+ if ((nameB == NULL) || (headerB == NULL) || (dataB == NULL))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+ buf[254]='\0';
+ for (;;)
+ {
+ i=BIO_gets(bp,buf,254);
+
+ if (i <= 0)
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_NO_START_LINE);
+ goto err;
+ }
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ if (strncmp(buf,"-----BEGIN ",11) == 0)
+ {
+ i=strlen(&(buf[11]));
+
+ if (strncmp(&(buf[11+i-6]),"-----\n",6) != 0)
+ continue;
+ if (!BUF_MEM_grow(nameB,i+9))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strncpy(nameB->data,&(buf[11]),(unsigned int)i-6);
+ nameB->data[i-6]='\0';
+ break;
+ }
+ }
+ hl=0;
+ if (!BUF_MEM_grow(headerB,256))
+ { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+ headerB->data[0]='\0';
+ for (;;)
+ {
+ i=BIO_gets(bp,buf,254);
+ if (i <= 0) break;
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ if (buf[0] == '\n') break;
+ if (!BUF_MEM_grow(headerB,hl+i+9))
+ { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+ if (strncmp(buf,"-----END ",9) == 0)
+ {
+ nohead=1;
+ break;
+ }
+ strncpy(&(headerB->data[hl]),buf,(unsigned int)i);
+ headerB->data[hl+i]='\0';
+ hl+=i;
+ }
+
+ bl=0;
+ if (!BUF_MEM_grow(dataB,1024))
+ { PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE); goto err; }
+ dataB->data[0]='\0';
+ if (!nohead)
+ {
+ for (;;)
+ {
+ i=BIO_gets(bp,buf,254);
+ if (i <= 0) break;
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ if (i != 65) end=1;
+ if (strncmp(buf,"-----END ",9) == 0)
+ break;
+ if (i > 65) break;
+ if (!BUF_MEM_grow(dataB,i+bl+9))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strncpy(&(dataB->data[bl]),buf,(unsigned int)i);
+ dataB->data[bl+i]='\0';
+ bl+=i;
+ if (end)
+ {
+ buf[0]='\0';
+ i=BIO_gets(bp,buf,254);
+ if (i <= 0) break;
+
+ while ((i >= 0) && (buf[i] <= ' ')) i--;
+ buf[++i]='\n'; buf[++i]='\0';
+
+ break;
+ }
+ }
+ }
+ else
+ {
+ tmpB=headerB;
+ headerB=dataB;
+ dataB=tmpB;
+ bl=hl;
+ }
+ i=strlen(nameB->data);
+ if ( (strncmp(buf,"-----END ",9) != 0) ||
+ (strncmp(nameB->data,&(buf[9]),(unsigned int)i) != 0) ||
+ (strncmp(&(buf[9+i]),"-----\n",6) != 0))
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_END_LINE);
+ goto err;
+ }
+
+ EVP_DecodeInit(&ctx);
+ i=EVP_DecodeUpdate(&ctx,
+ (unsigned char *)dataB->data,&bl,
+ (unsigned char *)dataB->data,bl);
+ if (i < 0)
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
+ goto err;
+ }
+ i=EVP_DecodeFinal(&ctx,(unsigned char *)&(dataB->data[bl]),&k);
+ if (i < 0)
+ {
+ PEMerr(PEM_F_PEM_READ_BIO,PEM_R_BAD_BASE64_DECODE);
+ goto err;
+ }
+ bl+=k;
+
+ if (bl == 0) goto err;
+ *name=nameB->data;
+ *header=headerB->data;
+ *data=(unsigned char *)dataB->data;
+ *len=bl;
+ Free(nameB);
+ Free(headerB);
+ Free(dataB);
+ return(1);
+err:
+ BUF_MEM_free(nameB);
+ BUF_MEM_free(headerB);
+ BUF_MEM_free(dataB);
+ return(0);
+ }
diff --git a/crypto/pem/pem_seal.c b/crypto/pem/pem_seal.c
new file mode 100644
index 0000000..6acb04a
--- /dev/null
+++ b/crypto/pem/pem_seal.c
@@ -0,0 +1,191 @@
+/* crypto/pem/pem_seal.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+int PEM_SealInit(ctx,type,md_type,ek,ekl,iv,pubk,npubk)
+PEM_ENCODE_SEAL_CTX *ctx;
+EVP_CIPHER *type;
+EVP_MD *md_type;
+unsigned char **ek;
+int *ekl;
+unsigned char *iv;
+EVP_PKEY **pubk;
+int npubk;
+ {
+ unsigned char key[EVP_MAX_KEY_LENGTH];
+ int ret= -1;
+ int i,j,max=0;
+ char *s=NULL;
+
+ for (i=0; i<npubk; i++)
+ {
+ if (pubk[i]->type != EVP_PKEY_RSA)
+ {
+ PEMerr(PEM_F_PEM_SEALINIT,PEM_R_PUBLIC_KEY_NO_RSA);
+ goto err;
+ }
+ j=RSA_size(pubk[i]->pkey.rsa);
+ if (j > max) max=j;
+ }
+ s=(char *)Malloc(max*2);
+ if (s == NULL)
+ {
+ PEMerr(PEM_F_PEM_SEALINIT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ EVP_EncodeInit(&(ctx->encode));
+ EVP_SignInit(&(ctx->md),md_type);
+
+ ret=EVP_SealInit(&(ctx->cipher),type,ek,ekl,iv,pubk,npubk);
+ if (!ret) goto err;
+
+ /* base64 encode the keys */
+ for (i=0; i<npubk; i++)
+ {
+ j=EVP_EncodeBlock((unsigned char *)s,ek[i],
+ RSA_size(pubk[i]->pkey.rsa));
+ ekl[i]=j;
+ memcpy(ek[i],s,j+1);
+ }
+
+ ret=npubk;
+err:
+ if (s != NULL) Free(s);
+ memset(key,0,EVP_MAX_KEY_LENGTH);
+ return(ret);
+ }
+
+void PEM_SealUpdate(ctx,out,outl,in,inl)
+PEM_ENCODE_SEAL_CTX *ctx;
+unsigned char *out;
+int *outl;
+unsigned char *in;
+int inl;
+ {
+ unsigned char buffer[1600];
+ int i,j;
+
+ *outl=0;
+ EVP_SignUpdate(&(ctx->md),in,inl);
+ for (;;)
+ {
+ if (inl <= 0) break;
+ if (inl > 1200)
+ i=1200;
+ else
+ i=inl;
+ EVP_EncryptUpdate(&(ctx->cipher),buffer,&j,in,i);
+ EVP_EncodeUpdate(&(ctx->encode),out,&j,buffer,j);
+ *outl+=j;
+ out+=j;
+ in+=i;
+ inl-=i;
+ }
+ }
+
+int PEM_SealFinal(ctx,sig,sigl,out,outl,priv)
+PEM_ENCODE_SEAL_CTX *ctx;
+unsigned char *sig;
+int *sigl;
+unsigned char *out;
+int *outl;
+EVP_PKEY *priv;
+ {
+ unsigned char *s=NULL;
+ int ret=0,j;
+ unsigned int i;
+
+ if (priv->type != EVP_PKEY_RSA)
+ {
+ PEMerr(PEM_F_PEM_SEALFINAL,PEM_R_PUBLIC_KEY_NO_RSA);
+ goto err;
+ }
+ i=RSA_size(priv->pkey.rsa);
+ if (i < 100) i=100;
+ s=(unsigned char *)Malloc(i*2);
+ if (s == NULL)
+ {
+ PEMerr(PEM_F_PEM_SEALFINAL,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ EVP_EncryptFinal(&(ctx->cipher),s,(int *)&i);
+ EVP_EncodeUpdate(&(ctx->encode),out,&j,s,i);
+ *outl=j;
+ out+=j;
+ EVP_EncodeFinal(&(ctx->encode),out,&j);
+ *outl+=j;
+
+ if (!EVP_SignFinal(&(ctx->md),s,&i,priv)) goto err;
+ *sigl=EVP_EncodeBlock(sig,s,i);
+
+ ret=1;
+err:
+ memset((char *)&(ctx->md),0,sizeof(ctx->md));
+ memset((char *)&(ctx->cipher),0,sizeof(ctx->cipher));
+ if (s != NULL) Free(s);
+ return(ret);
+ }
diff --git a/crypto/pem/pem_sign.c b/crypto/pem/pem_sign.c
new file mode 100644
index 0000000..0df99a3
--- /dev/null
+++ b/crypto/pem/pem_sign.c
@@ -0,0 +1,109 @@
+/* crypto/pem/pem_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "rand.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+void PEM_SignInit(ctx,type)
+EVP_MD_CTX *ctx;
+EVP_MD *type;
+ {
+ EVP_DigestInit(ctx,type);
+ }
+
+void PEM_SignUpdate(ctx,data,count)
+EVP_MD_CTX *ctx;
+unsigned char *data;
+unsigned int count;
+ {
+ EVP_DigestUpdate(ctx,data,count);
+ }
+
+int PEM_SignFinal(ctx,sigret,siglen,pkey)
+EVP_MD_CTX *ctx;
+unsigned char *sigret;
+unsigned int *siglen;
+EVP_PKEY *pkey;
+ {
+ unsigned char *m;
+ int i,ret=0;
+ unsigned int m_len;
+
+ m=(unsigned char *)Malloc(EVP_PKEY_size(pkey)+2);
+ if (m == NULL)
+ {
+ PEMerr(PEM_F_PEM_SIGNFINAL,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (EVP_SignFinal(ctx,m,&m_len,pkey) <= 0) goto err;
+
+ i=EVP_EncodeBlock(sigret,m,m_len);
+ *siglen=i;
+ ret=1;
+err:
+ /* ctx has been zeroed by EVP_SignFinal() */
+ if (m != NULL) Free(m);
+ return(ret);
+ }
+
diff --git a/crypto/pem/pkcs7.lis b/crypto/pem/pkcs7.lis
new file mode 100644
index 0000000..be90c5d
--- /dev/null
+++ b/crypto/pem/pkcs7.lis
@@ -0,0 +1,22 @@
+21 0:d=0 hl=2 l= 0 cons: univ: SEQUENCE
+ 00 2:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-signedData
+ 21 13:d=0 hl=2 l= 0 cons: cont: 00 # explicit tag
+ 21 15:d=0 hl=2 l= 0 cons: univ: SEQUENCE
+ 00 17:d=0 hl=2 l= 1 prim: univ: INTEGER # version
+ 20 20:d=0 hl=2 l= 0 cons: univ: SET
+ 21 22:d=0 hl=2 l= 0 cons: univ: SEQUENCE
+ 00 24:d=0 hl=2 l= 9 prim: univ: OBJECT_IDENTIFIER :pkcs-7-data
+ 00 35:d=0 hl=2 l= 0 prim: univ: EOC
+ 21 37:d=0 hl=2 l= 0 cons: cont: 00 # cert tag
+ 20 39:d=0 hl=4 l=545 cons: univ: SEQUENCE
+ 20 588:d=0 hl=4 l=524 cons: univ: SEQUENCE
+ 00 1116:d=0 hl=2 l= 0 prim: univ: EOC
+ 21 1118:d=0 hl=2 l= 0 cons: cont: 01 # crl tag
+ 20 1120:d=0 hl=4 l=653 cons: univ: SEQUENCE
+ 20 1777:d=0 hl=4 l=285 cons: univ: SEQUENCE
+ 00 2066:d=0 hl=2 l= 0 prim: univ: EOC
+ 21 2068:d=0 hl=2 l= 0 cons: univ: SET # signers
+ 00 2070:d=0 hl=2 l= 0 prim: univ: EOC
+ 00 2072:d=0 hl=2 l= 0 prim: univ: EOC
+ 00 2074:d=0 hl=2 l= 0 prim: univ: EOC
+00 2076:d=0 hl=2 l= 0 prim: univ: EOC
diff --git a/crypto/perlasm/x86ms.pl b/crypto/perlasm/x86ms.pl
new file mode 100644
index 0000000..558112e
--- /dev/null
+++ b/crypto/perlasm/x86ms.pl
@@ -0,0 +1,249 @@
+#!/usr/local/bin/perl
+
+package x86ms;
+
+$label="L000";
+
+%lb=( 'eax', 'al',
+ 'ebx', 'bl',
+ 'ecx', 'cl',
+ 'edx', 'dl',
+ 'ax', 'al',
+ 'bx', 'bl',
+ 'cx', 'cl',
+ 'dx', 'dl',
+ );
+
+%hb=( 'eax', 'ah',
+ 'ebx', 'bh',
+ 'ecx', 'ch',
+ 'edx', 'dh',
+ 'ax', 'ah',
+ 'bx', 'bh',
+ 'cx', 'ch',
+ 'dx', 'dh',
+ );
+
+sub main'LB
+ {
+ (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+ return($lb{$_[0]});
+ }
+
+sub main'HB
+ {
+ (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+ return($hb{$_[0]});
+ }
+
+sub main'DWP
+ {
+ local($addr,$reg1,$reg2,$idx)=@_;
+ local($t);
+ local($ret)="DWORD PTR ";
+
+ $addr =~ s/^\s+//;
+ if ($addr =~ /^(.+)\+(.+)$/)
+ {
+ $reg2=&conv($1);
+ $addr="_$2";
+ }
+ elsif ($addr =~ /^[_a-zA-Z]/)
+ {
+ $addr="_$addr";
+ }
+
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ $ret.=$addr if ($addr ne "") && ($addr ne 0);
+ if ($reg2 ne "")
+ {
+ $t="";
+ $t="*$idx" if ($idx != 0);
+ $ret.="[$reg2$t+$reg1]";
+ }
+ else
+ {
+ $ret.="[$reg1]"
+ }
+ return($ret);
+ }
+
+sub main'mov { &out2("mov",@_); }
+sub main'movb { &out2("mov",@_); }
+sub main'and { &out2("and",@_); }
+sub main'or { &out2("or",@_); }
+sub main'shl { &out2("shl",@_); }
+sub main'shr { &out2("shr",@_); }
+sub main'xor { &out2("xor",@_); }
+sub main'add { &out2("add",@_); }
+sub main'sub { &out2("sub",@_); }
+sub main'rotl { &out2("rol",@_); }
+sub main'rotr { &out2("ror",@_); }
+sub main'exch { &out2("xchg",@_); }
+sub main'cmp { &out2("cmp",@_); }
+sub main'dec { &out1("dec",@_); }
+sub main'jmp { &out1("jmp",@_); }
+sub main'je { &out1("je",@_); }
+sub main'jz { &out1("jz",@_); }
+sub main'jnz { &out1("jnz",@_); }
+sub main'push { &out1("push",@_); }
+sub main'call { &out1("call",'_'.$_[0]); }
+
+
+sub out2
+ {
+ local($name,$p1,$p2)=@_;
+ local($l,$t);
+
+ print "\t$name\t";
+ $t=&conv($p1).",";
+ $l=length($t);
+ print $t;
+ $l=4-($l+9)/8;
+ print "\t" x $l;
+ print &conv($p2);
+ print "\n";
+ }
+
+sub out1
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ print "\t$name\t";
+ print &conv($p1);
+ print "\n";
+ }
+
+sub conv
+ {
+ local($p)=@_;
+
+ $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+ return $p;
+ }
+
+sub main'file
+ {
+ local($file)=@_;
+
+ print <<"EOF";
+ TITLE $file.asm
+ .386
+.model FLAT
+EOF
+ }
+
+sub main'function_begin
+ {
+ local($func,$num,$extra)=@_;
+
+ $params=$num*4;
+
+ print <<"EOF";
+_TEXT SEGMENT
+PUBLIC _$func
+$extra
+_$func PROC NEAR
+ push ebp
+ push ebx
+ push esi
+ push edi
+EOF
+ $stack=20;
+ }
+
+sub main'function_end
+ {
+ local($func)=@_;
+
+ print <<"EOF";
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+_$func ENDP
+_TEXT ENDS
+EOF
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_A
+ {
+ local($func)=@_;
+
+ print <<"EOF";
+ pop edi
+ pop esi
+ pop ebx
+ pop ebp
+ ret
+EOF
+ }
+
+sub main'function_end_B
+ {
+ local($func)=@_;
+
+ print <<"EOF";
+_$func ENDP
+_TEXT ENDS
+EOF
+ $stack=0;
+ %label=();
+ }
+
+sub main'file_end
+ {
+ print "END\n"
+ }
+
+sub main'wparam
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$num*4,"esp","",0));
+ }
+
+sub main'wtmp
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$params+$num*4,"esp","",0));
+ }
+
+sub main'comment
+ {
+ foreach (@_)
+ {
+ print "\t; $_\n";
+ }
+ }
+
+sub main'label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}="\$${label}${_[0]}";
+ $label++;
+ }
+ return($label{$_[0]});
+ }
+
+sub main'set_label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}="${label}${_[0]}";
+ $label++;
+ }
+ print "$label{$_[0]}:\n";
+ }
+
+sub main'file_end
+ {
+ print "END\n";
+ }
diff --git a/crypto/perlasm/x86unix.pl b/crypto/perlasm/x86unix.pl
new file mode 100644
index 0000000..3426563
--- /dev/null
+++ b/crypto/perlasm/x86unix.pl
@@ -0,0 +1,313 @@
+#!/usr/local/bin/perl
+
+package x86ms;
+
+$label="L000";
+
+$align=($main'aout)?"4":"16";
+$under=($main'aout)?"_":"";
+$com_start=($main'sol)?"/":"#";
+
+if ($main'cpp)
+ {
+ $align="ALIGN";
+ $under="";
+ $com_start='/*';
+ $com_end='*/';
+ }
+
+%lb=( 'eax', '%al',
+ 'ebx', '%bl',
+ 'ecx', '%cl',
+ 'edx', '%dl',
+ 'ax', '%al',
+ 'bx', '%bl',
+ 'cx', '%cl',
+ 'dx', '%dl',
+ );
+
+%hb=( 'eax', '%ah',
+ 'ebx', '%bh',
+ 'ecx', '%ch',
+ 'edx', '%dh',
+ 'ax', '%ah',
+ 'bx', '%bh',
+ 'cx', '%ch',
+ 'dx', '%dh',
+ );
+
+%regs=( 'eax', '%eax',
+ 'ebx', '%ebx',
+ 'ecx', '%ecx',
+ 'edx', '%edx',
+ 'esi', '%esi',
+ 'edi', '%edi',
+ 'ebp', '%ebp',
+ 'esp', '%esp',
+ );
+
+sub main'LB
+ {
+ (defined($lb{$_[0]})) || die "$_[0] does not have a 'low byte'\n";
+ return($lb{$_[0]});
+ }
+
+sub main'HB
+ {
+ (defined($hb{$_[0]})) || die "$_[0] does not have a 'high byte'\n";
+ return($hb{$_[0]});
+ }
+
+sub main'DWP
+ {
+ local($addr,$reg1,$reg2,$idx)=@_;
+
+
+ $ret="";
+
+ $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ $ret.=$addr if ($addr ne "") && ($addr ne 0);
+ if ($reg2 ne "")
+ {
+ $ret.="($reg1,$reg2,$idx)";
+ }
+ else
+ {
+ $ret.="($reg1)"
+ }
+ return($ret);
+ }
+
+sub main'BP
+ {
+ local($addr,$reg1,$reg2,$idx)=@_;
+
+
+ $ret="";
+
+ $addr =~ s/(^|[+ \t])([A-Za-z_]+)($|[+ \t])/$1$under$2$3/;
+
+ $reg1="$regs{$reg1}" if defined($regs{$reg1});
+ $reg2="$regs{$reg2}" if defined($regs{$reg2});
+ $ret.=$addr if ($addr ne "") && ($addr ne 0);
+ if ($reg2 ne "")
+ {
+ $ret.="($reg1,$reg2,$idx)";
+ }
+ else
+ {
+ $ret.="($reg1)"
+ }
+ return($ret);
+ }
+
+sub main'mov { &out2("movl",@_); }
+sub main'movb { &out2("movb",@_); }
+sub main'and { &out2("andl",@_); }
+sub main'or { &out2("orl",@_); }
+sub main'shl { &out2("sall",@_); }
+sub main'shr { &out2("shrl",@_); }
+sub main'xor { &out2("xorl",@_); }
+sub main'add { &out2("addl",@_); }
+sub main'sub { &out2("subl",@_); }
+sub main'rotl { &out2("roll",@_); }
+sub main'rotr { &out2("rorl",@_); }
+sub main'exch { &out2("xchg",@_); }
+sub main'cmp { &out2("cmpl",@_); }
+sub main'jmp { &out1("jmp",@_); }
+sub main'je { &out1("je",@_); }
+sub main'jne { &out1("jne",@_); }
+sub main'jnz { &out1("jnz",@_); }
+sub main'jz { &out1("jz",@_); }
+sub main'dec { &out1("decl",@_); }
+sub main'push { &out1("pushl",@_); }
+sub main'call { &out1("call",$under.$_[0]); }
+
+
+sub out2
+ {
+ local($name,$p1,$p2)=@_;
+ local($l,$ll,$t);
+
+ print "\t$name\t";
+ $t=&conv($p2).",";
+ $l=length($t);
+ print $t;
+ $ll=4-($l+9)/8;
+ print "\t" x $ll;
+ print &conv($p1);
+ print "\n";
+ }
+
+sub out1
+ {
+ local($name,$p1)=@_;
+ local($l,$t);
+
+ print "\t$name\t";
+ print &conv($p1);
+ print "\n";
+ }
+
+sub conv
+ {
+ local($p)=@_;
+
+# $p =~ s/0x([0-9A-Fa-f]+)/0$1h/;
+
+ $p=$regs{$p} if (defined($regs{$p}));
+
+ $p =~ s/^([0-9A-Fa-f]+)$/\$$1/;
+ $p =~ s/^(0x[0-9A-Fa-f]+)$/\$$1/;
+ return $p;
+ }
+
+sub main'file
+ {
+ local($file)=@_;
+
+ print <<"EOF";
+ .file "$file.s"
+ .version "01.01"
+gcc2_compiled.:
+EOF
+ }
+
+sub main'function_begin
+ {
+ local($func,$num)=@_;
+
+ $params=$num*4;
+
+ $func=$under.$func;
+
+ print <<"EOF";
+.text
+ .align $align
+.globl $func
+EOF
+ if ($main'cpp)
+ { printf("\tTYPE($func,\@function)\n"); }
+ else { printf("\t.type $func,\@function\n"); }
+ print <<"EOF";
+$func:
+ pushl %ebp
+ pushl %ebx
+ pushl %esi
+ pushl %edi
+
+EOF
+ $stack=20;
+ }
+
+sub main'function_end
+ {
+ local($func)=@_;
+
+ $func=$under.$func;
+
+ print <<"EOF";
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+.${func}_end:
+EOF
+ if ($main'cpp)
+ { printf("\tSIZE($func,.${func}_end-$func)\n"); }
+ else { printf("\t.size\t$func,.${func}_end-$func\n"); }
+ print ".ident \"desasm.pl\"\n";
+ $stack=0;
+ %label=();
+ }
+
+sub main'function_end_A
+ {
+ local($func)=@_;
+
+ print <<"EOF";
+ popl %edi
+ popl %esi
+ popl %ebx
+ popl %ebp
+ ret
+EOF
+ }
+
+sub main'function_end_B
+ {
+ local($func)=@_;
+
+ $func=$under.$func;
+
+ print <<"EOF";
+.${func}_end:
+EOF
+ if ($main'cpp)
+ { printf("\tSIZE($func,.${func}_end-$func)\n"); }
+ else { printf("\t.size\t$func,.${func}_end-$func\n"); }
+ print ".ident \"desasm.pl\"\n";
+ $stack=0;
+ %label=();
+ }
+
+sub main'wparam
+ {
+ local($num)=@_;
+
+ return(&main'DWP($stack+$num*4,"esp","",0));
+ }
+
+sub main'wtmp_b
+ {
+ local($num,$b)=@_;
+
+ return(&main'BP(-(($num+1)*4)+$b,"esp","",0));
+ }
+
+sub main'wtmp
+ {
+ local($num)=@_;
+
+ return(&main'DWP(-($num+1)*4,"esp","",0));
+ }
+
+sub main'comment
+ {
+ foreach (@_)
+ {
+ if (/^\s*$/)
+ { print "\n"; }
+ else
+ { print "\t$com_start $_ $com_end\n"; }
+ }
+ }
+
+sub main'label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}=".${label}${_[0]}";
+ $label++;
+ }
+ return($label{$_[0]});
+ }
+
+sub main'set_label
+ {
+ if (!defined($label{$_[0]}))
+ {
+ $label{$_[0]}=".${label}${_[0]}";
+ $label++;
+ }
+ print ".align $align\n";
+ print "$label{$_[0]}:\n";
+ }
+
+sub main'file_end
+ {
+ }
diff --git a/crypto/pkcs7/Makefile.ssl b/crypto/pkcs7/Makefile.ssl
new file mode 100644
index 0000000..64a005a
--- /dev/null
+++ b/crypto/pkcs7/Makefile.ssl
@@ -0,0 +1,86 @@
+#
+# SSLeay/crypto/asn1/Makefile
+#
+
+DIR= pkcs7
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=pkcs7
+ERRC=pkcs7err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= pk7_lib.c pkcs7err.c pk7_doit.c
+LIBOBJ= pk7_lib.o pkcs7err.o pk7_doit.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= pkcs7.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+test:
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/pkcs7/README b/crypto/pkcs7/README
new file mode 100644
index 0000000..27001c6
--- /dev/null
+++ b/crypto/pkcs7/README
@@ -0,0 +1,5 @@
+WARNING
+
+Everything in this directory is experimental and is subject to change.
+
+Do not rely on the stuff in here not changing in the next release
diff --git a/crypto/pkcs7/doc b/crypto/pkcs7/doc
new file mode 100644
index 0000000..d2e8b7b
--- /dev/null
+++ b/crypto/pkcs7/doc
@@ -0,0 +1,24 @@
+int PKCS7_set_content_type(PKCS7 *p7, int type);
+Call to set the type of PKCS7 object we are working on
+
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ EVP_MD *dgst);
+Use this to setup a signer info
+There will also be functions to add signed and unsigned attributes.
+
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+Add a signer info to the content.
+
+int PKCS7_add_certificae(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+
+----
+
+p7=PKCS7_new();
+PKCS7_set_content_type(p7,NID_pkcs7_signed);
+
+signer=PKCS7_SINGNER_INFO_new();
+PKCS7_SIGNER_INFO_set(signer,x509,pkey,EVP_md5());
+PKCS7_add_signer(py,signer);
+
+we are now setup.
diff --git a/crypto/pkcs7/mf.p7 b/crypto/pkcs7/mf.p7
new file mode 100644
index 0000000..524335b
--- /dev/null
+++ b/crypto/pkcs7/mf.p7
@@ -0,0 +1,18 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHAqCAMIIC2QIBATEMMAoGCCqGSIb3DQIFMIAGCSqGSIb3DQEH
+AQAAoIIB7TCCAekwggFSAgEAMA0GCSqGSIb3DQEBBAUAMFsxCzAJBgNVBAYTAkFV
+MRMwEQYDVQQIEwpRdWVlbnNsYW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0
+ZDEbMBkGA1UEAxMSVGVzdCBDQSAoMTAyNCBiaXQpMB4XDTk3MDYwOTEzNTc0NloX
+DTk4MDYwOTEzNTc0NlowYzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xh
+bmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYDVQQDExpTZXJ2ZXIg
+dGVzdCBjZXJ0ICg1MTIgYml0KTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCfs8OE
+J5X/EjFSDxXvRhHErYDmNlsP3YDXYY3g/HJFCTT+VWZFQ0xol2r+qKCl3194/+7X
+ZLg/BMtv/yr+/rntAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAeEzEdgr2nChPcALL
+vY8gl/GIlpoAjPmKD+pLeGZI9s+SEX5u1q8nCrJ6ZzkfrRnqgI5Anmev9+qPZfdU
+bz5zdVSf4sUL9nX9ChXjK9NCJA3UzQHSFqhZErGUwGNkAHYHp2+zAdY6Ho6rmMzt
+g0CDu/sKR4qzm6REsQGS8kgpjz4xgcUwgcICAQEwYDBbMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQx
+GzAZBgNVBAMTElRlc3QgQ0EgKDEwMjQgYml0KQIBADAKBggqhkiG9w0CBTANBgkq
+hkiG9w0BAQQFAARALnrxJiOX9XZf2D+3vL8SKMQmMq55LltomwOLGUru/q1uVXzi
+ARg7FSCegOpA1nunsTURMUGgrPXKK4XmL4IseQAAAAA=
+-----END PKCS7-----
diff --git a/crypto/pkcs7/p7.tst b/crypto/pkcs7/p7.tst
new file mode 100644
index 0000000..6d14dce
--- /dev/null
+++ b/crypto/pkcs7/p7.tst
@@ -0,0 +1,33 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHAqCAMIIFsQIBATELMAkGBSsOAwIaBQAwgAYJKoZIhvcNAQcB
+AACgggQdMIICJTCCAc+gAwIBAgIBIjANBgkqhkiG9w0BAQQFADCBgjELMAkGA1UE
+BhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQxETAPBgNVBAcTCEJyaXNiYW5lMRow
+GAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEUMBIGA1UECxMLZGV2ZWxvcG1lbnQx
+GTAXBgNVBAMTEENyeXB0U29mdCBEZXYgQ0EwHhcNOTcwNjEzMTgxMDE3WhcNOTgw
+NjEzMTgxMDE3WjCBiDELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+ETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEU
+MBIGA1UECxMLSUlTIHRlc3RpbmcxDjAMBgNVBAMTBXRlc3QxMQ8wDQYJKoZIhvcN
+AQkBFgAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAxtWiv59VH42+rotrmFAyDxTc
+J2osFt5uy/zEllx3vvjtwewqQxGUOwf6cjqFOTrnpEdVvwywpEhIQ5364bJqIwID
+AQABoygwJjAkBglghkgBhvhCAQ0EFxYVR2VuZXJhdGVkIHdpdGggU1NMZWF5MA0G
+CSqGSIb3DQEBBAUAA0EAMnYkNV2AdpeHPy/qlcdZx6MDGIJgrLhklhcn6Or6KiAP
+t9+nv9XdOGHyMyQr9ufsweuQfAgJ9yjKPZR2/adTjTCCAfAwggGaAgEAMA0GCSqG
+SIb3DQEBBAUAMIGCMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDER
+MA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRQw
+EgYDVQQLEwtkZXZlbG9wbWVudDEZMBcGA1UEAxMQQ3J5cHRTb2Z0IERldiBDQTAe
+Fw05NzAzMjIxMzM0MDRaFw05ODAzMjIxMzM0MDRaMIGCMQswCQYDVQQGEwJBVTET
+MBEGA1UECBMKUXVlZW5zbGFuZDERMA8GA1UEBxMIQnJpc2JhbmUxGjAYBgNVBAoT
+EUNyeXB0U29mdCBQdHkgTHRkMRQwEgYDVQQLEwtkZXZlbG9wbWVudDEZMBcGA1UE
+AxMQQ3J5cHRTb2Z0IERldiBDQTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDgDgKq
+IBuUMAJi4c8juAqEZ8f8FcuDWT+HcScvNztRJy9K8DnbGpiSrzzix4El6N4A7vbl
+crwn/0CZmQJguZpfAgMBAAEwDQYJKoZIhvcNAQEEBQADQQA0UUvxlXXe6wKkVukn
+ZoCyXbjlNsqt2rwbvfZEam6fQP3S7uq+o1Pnj+KDgE33WxWbQAA9h8fY1LWN7X3a
+yTm/MYIBbTCCAWkCAQEwgYgwgYIxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVl
+bnNsYW5kMREwDwYDVQQHEwhCcmlzYmFuZTEaMBgGA1UEChMRQ3J5cHRTb2Z0IFB0
+eSBMdGQxFDASBgNVBAsTC2RldmVsb3BtZW50MRkwFwYDVQQDExBDcnlwdFNvZnQg
+RGV2IENBAgEiMAkGBSsOAwIaBQCgfTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcB
+MCMGCSqGSIb3DQEJBDEWBBSUVhbGkNE+KGqpOK13+FkfOkaoizAcBgkqhkiG9w0B
+CQUxDxcNOTcwNzAxMDE0MzM0WjAeBgkqhkiG9w0BCQ8xETAPMA0GCCqGSIb3DQMC
+AgEoMA0GCSqGSIb3DQEBAQUABECa9Jpo4w/fZOc3Vy78wZFAVF8kvpn7il99Ldsr
+AQ4JiBmcfiSwEBBY6WuKT+/SYtFwZl1oXkTwB5AVCFIC/IFNAAAAAA==
+-----END PKCS7-----
diff --git a/crypto/pkcs7/pk7_dgst.c b/crypto/pkcs7/pk7_dgst.c
new file mode 100644
index 0000000..fa562a4
--- /dev/null
+++ b/crypto/pkcs7/pk7_dgst.c
@@ -0,0 +1,66 @@
+/* crypto/pkcs7/pk7_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
diff --git a/crypto/pkcs7/pk7_doit.c b/crypto/pkcs7/pk7_doit.c
new file mode 100644
index 0000000..32a2a45
--- /dev/null
+++ b/crypto/pkcs7/pk7_doit.c
@@ -0,0 +1,327 @@
+/* crypto/pkcs7/pk7_doit.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "x509.h"
+
+BIO *PKCS7_dataInit(p7,bio)
+PKCS7 *p7;
+BIO *bio;
+ {
+ int i,j;
+ BIO *out=NULL,*btmp;
+ X509_ALGOR *xa;
+ EVP_MD *evp_md;
+
+ i=OBJ_obj2nid(p7->type);
+ p7->state=PKCS7_S_HEADER;
+
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ for (i=0; i<sk_num(p7->d.sign->md_algs); i++)
+ {
+ xa=(X509_ALGOR *)sk_value(p7->d.sign->md_algs,i);
+ if ((btmp=BIO_new(BIO_f_md())) == NULL) goto err;
+
+ j=OBJ_obj2nid(xa->algorithm);
+ evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
+ if (evp_md == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
+ goto err;
+ }
+
+ BIO_set_md(btmp,evp_md);
+ if (out == NULL)
+ out=btmp;
+ else
+ BIO_push(out,btmp);
+ }
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+ if (bio == NULL)
+ {
+ if (p7->detached)
+ bio=BIO_new(BIO_s_null());
+ else
+ {
+ bio=BIO_new(BIO_s_mem());
+ if (PKCS7_type_is_signed(p7) &&
+ PKCS7_type_is_data(p7->d.sign->contents))
+ {
+ ASN1_OCTET_STRING *os;
+
+ os=p7->d.sign->contents->d.data;
+ if (os->length > 0)
+ BIO_write(bio,os->data,os->length);
+ }
+ }
+ }
+ BIO_push(out,bio);
+ return(out);
+err:
+ return(NULL);
+ }
+
+int PKCS7_dataSign(p7,bio)
+PKCS7 *p7;
+BIO *bio;
+ {
+ int ret=0;
+ int i,j;
+ BIO *btmp;
+ BUF_MEM *buf_mem=NULL;
+ BUF_MEM *buf=NULL;
+ PKCS7_SIGNER_INFO *si;
+ EVP_MD_CTX *mdc,ctx_tmp;
+ STACK *sk;
+ unsigned char *p,*pp=NULL;
+ int x;
+
+ i=OBJ_obj2nid(p7->type);
+ p7->state=PKCS7_S_HEADER;
+
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+
+ if ((buf=BUF_MEM_new()) == NULL) goto err;
+ for (i=0; i<sk_num(p7->d.sign->signer_info); i++)
+ {
+ si=(PKCS7_SIGNER_INFO *)
+ sk_value(p7->d.sign->signer_info,i);
+ if (si->pkey == NULL)
+ continue;
+ j=OBJ_obj2nid(si->digest_enc_alg->algorithm);
+
+ btmp=bio;
+ for (;;)
+ {
+ if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD))
+ == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ goto err;
+ }
+ BIO_get_md_ctx(btmp,&mdc);
+ if (mdc == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j)
+ break;
+ else
+ btmp=btmp->next_bio;
+ }
+
+ /* We now have the EVP_MD_CTX, lets do the
+ * signing. */
+ memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
+ if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
+ goto err;
+
+ sk=si->auth_attr;
+ if ((sk != NULL) && (sk_num(sk) != 0))
+ {
+ x=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ pp=(unsigned char *)Malloc(i);
+ p=pp;
+ i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ EVP_SignUpdate(&ctx_tmp,pp,x);
+ Free(pp);
+ }
+
+ if (!EVP_SignFinal(&ctx_tmp,buf->data,
+ (unsigned int *)&buf->length,si->pkey))
+ goto err;
+ if (!ASN1_STRING_set(si->enc_digest,
+ (unsigned char *)buf->data,buf->length))
+ goto err;
+
+ }
+ if (p7->detached)
+ PKCS7_content_free(p7->d.sign->contents);
+ else
+ {
+ btmp=BIO_find_type(bio,BIO_TYPE_MEM);
+ if (btmp == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
+ goto err;
+ }
+ BIO_get_mem_ptr(btmp,&buf_mem);
+ ASN1_OCTET_STRING_set(p7->d.sign->contents->d.data,
+ (unsigned char *)buf_mem->data,buf_mem->length);
+ }
+ if (pp != NULL) Free(pp);
+ pp=NULL;
+ break;
+ default:
+ PKCS7err(PKCS7_F_PKCS7_DATAFINAL,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+
+ if (p7->detached)
+ {
+
+ }
+ ret=1;
+err:
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(ret);
+ }
+
+int PKCS7_dataVerify(cert_store,ctx,bio,p7,si)
+X509_STORE *cert_store;
+X509_STORE_CTX *ctx;
+BIO *bio;
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *si;
+ {
+ PKCS7_SIGNED *s;
+ ASN1_OCTET_STRING *os;
+ EVP_MD_CTX mdc_tmp,*mdc;
+ unsigned char *pp,*p;
+ PKCS7_ISSUER_AND_SERIAL *ias;
+ int ret=0,md_type,i;
+ STACK *sk;
+ BIO *btmp;
+ X509 *x509;
+
+ if (!PKCS7_type_is_signed(p7)) abort();
+ ias=si->issuer_and_serial;
+ s=p7->d.sign;
+
+ x509=X509_find_by_issuer_and_serial(s->cert,ias->issuer,ias->serial);
+
+ /* were we able to find the cert in passed to us */
+ if (x509 == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
+ goto err;
+ }
+
+ /* Lets verify */
+ X509_STORE_CTX_init(ctx,cert_store,x509,s->cert);
+ i=X509_verify_cert(ctx);
+ if (i <= 0) goto err;
+ X509_STORE_CTX_cleanup(ctx);
+
+ /* So we like 'x509', lets check the signature. */
+ md_type=OBJ_obj2nid(si->digest_alg->algorithm);
+
+ btmp=bio;
+ for (;;)
+ {
+ if ((btmp == NULL) ||
+ ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
+ goto err;
+ }
+ BIO_get_md_ctx(btmp,&mdc);
+ if (mdc == NULL)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == md_type)
+ break;
+ btmp=btmp->next_bio;
+ }
+
+ /* mdc is the digest ctx that we want */
+ memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
+
+ sk=si->auth_attr;
+ if ((sk != NULL) && (sk_num(sk) != 0))
+ {
+ i=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ pp=(unsigned char *)malloc(i);
+ p=pp;
+ i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
+ V_ASN1_SET,V_ASN1_UNIVERSAL);
+ EVP_VerifyUpdate(&mdc_tmp,pp,i);
+ free(pp);
+ }
+
+ os=si->enc_digest;
+ i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length,
+ X509_get_pubkey(x509));
+ if (i <= 0)
+ {
+ PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_SIGNATURE_FAILURE);
+ ret= -1;
+ goto err;
+ }
+ else
+ ret=1;
+err:
+ return(ret);
+ }
+
diff --git a/crypto/pkcs7/pk7_enc.c b/crypto/pkcs7/pk7_enc.c
new file mode 100644
index 0000000..96a6dd9
--- /dev/null
+++ b/crypto/pkcs7/pk7_enc.c
@@ -0,0 +1,76 @@
+/* crypto/pkcs7/pk7_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "rand.h"
+#include "objects.h"
+#include "x509.h"
+#include "pkcs7.h"
+
+PKCS7_in_bio(PKCS7 *p7,BIO *in);
+PKCS7_out_bio(PKCS7 *p7,BIO *out);
+
+PKCS7_add_signer(PKCS7 *p7,X509 *cert,EVP_PKEY *key);
+PKCS7_cipher(PKCS7 *p7,EVP_CIPHER *cipher);
+
+PKCS7_Init(PKCS7 *p7);
+PKCS7_Update(PKCS7 *p7);
+PKCS7_Finish(PKCS7 *p7);
+
diff --git a/crypto/pkcs7/pk7_lib.c b/crypto/pkcs7/pk7_lib.c
new file mode 100644
index 0000000..aac133e
--- /dev/null
+++ b/crypto/pkcs7/pk7_lib.c
@@ -0,0 +1,343 @@
+/* crypto/pkcs7/pk7_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "objects.h"
+#include "x509.h"
+
+long PKCS7_ctrl(p7,cmd,larg,parg)
+PKCS7 *p7;
+int cmd;
+long larg;
+char *parg;
+ {
+ int nid;
+ long ret;
+
+ nid=OBJ_obj2nid(p7->type);
+
+ switch (cmd)
+ {
+ case PKCS7_OP_SET_DETACHED_SIGNATURE:
+ if (nid == NID_pkcs7_signed)
+ {
+ ret=p7->detached=(int)larg;
+ }
+ else
+ {
+ PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+ ret=0;
+ }
+ break;
+ case PKCS7_OP_GET_DETACHED_SIGNATURE:
+ if (nid == NID_pkcs7_signed)
+ {
+ ret=p7->detached;
+ }
+ else
+ {
+ PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
+ ret=0;
+ }
+
+ break;
+ default:
+ abort();
+ }
+ return(ret);
+ }
+
+int PKCS7_content_new(p7,type)
+PKCS7 *p7;
+int type;
+ {
+ PKCS7 *ret=NULL;
+
+ if ((ret=PKCS7_new()) == NULL) goto err;
+ if (!PKCS7_set_type(ret,type)) goto err;
+ if (!PKCS7_set_content(p7,ret)) goto err;
+
+ return(1);
+err:
+ if (ret != NULL) PKCS7_free(ret);
+ return(0);
+ }
+
+int PKCS7_set_content(p7,p7_data)
+PKCS7 *p7;
+PKCS7 *p7_data;
+ {
+ int i;
+
+ i=OBJ_obj2nid(p7->type);
+ switch (i)
+ {
+ case NID_pkcs7_signed:
+ if (p7->d.sign->contents != NULL)
+ PKCS7_content_free(p7->d.sign->contents);
+ p7->d.sign->contents=p7_data;
+ break;
+ case NID_pkcs7_digest:
+ case NID_pkcs7_data:
+ case NID_pkcs7_enveloped:
+ case NID_pkcs7_signedAndEnveloped:
+ case NID_pkcs7_encrypted:
+ default:
+ PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int PKCS7_set_type(p7,type)
+PKCS7 *p7;
+int type;
+ {
+ ASN1_OBJECT *obj;
+
+ PKCS7_content_free(p7);
+ obj=OBJ_nid2obj(type); /* will not fail */
+
+ switch (type)
+ {
+ case NID_pkcs7_signed:
+ p7->type=obj;
+ if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
+ goto err;
+ ASN1_INTEGER_set(p7->d.sign->version,1);
+ break;
+ case NID_pkcs7_data:
+ p7->type=obj;
+ if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL)
+ goto err;
+ break;
+ case NID_pkcs7_digest:
+ case NID_pkcs7_enveloped:
+ case NID_pkcs7_signedAndEnveloped:
+ case NID_pkcs7_encrypted:
+ default:
+ PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
+ goto err;
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+int PKCS7_add_signer(p7,psi)
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *psi;
+ {
+ int i,j,nid;
+ X509_ALGOR *alg;
+ PKCS7_SIGNED *p7s;
+
+ i=OBJ_obj2nid(p7->type);
+ if (i != NID_pkcs7_signed)
+ {
+ PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ p7s=p7->d.sign;
+
+ nid=OBJ_obj2nid(psi->digest_alg->algorithm);
+
+ /* If the digest is not currently listed, add it */
+ j=0;
+ for (i=0; i<sk_num(p7s->md_algs); i++)
+ {
+ alg=(X509_ALGOR *)sk_value(p7s->md_algs,i);
+ if (OBJ_obj2nid(alg->algorithm) == nid)
+ {
+ j=1;
+ break;
+ }
+ }
+ if (!j) /* we need to add another algorithm */
+ {
+ alg=X509_ALGOR_new();
+ alg->algorithm=OBJ_nid2obj(nid);
+ sk_push(p7s->md_algs,(char *)alg);
+ }
+
+ sk_push(p7s->signer_info,(char *)psi);
+ return(1);
+ }
+
+int PKCS7_add_certificate(p7,x509)
+PKCS7 *p7;
+X509 *x509;
+ {
+ int i;
+
+ i=OBJ_obj2nid(p7->type);
+ if (i != NID_pkcs7_signed)
+ {
+ PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ if (p7->d.sign->cert == NULL)
+ p7->d.sign->cert=sk_new_null();
+ CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+ sk_push(p7->d.sign->cert,(char *)x509);
+ return(1);
+ }
+
+int PKCS7_add_crl(p7,crl)
+PKCS7 *p7;
+X509_CRL *crl;
+ {
+ int i;
+ i=OBJ_obj2nid(p7->type);
+ if (i != NID_pkcs7_signed)
+ {
+ PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
+ return(0);
+ }
+
+ if (p7->d.sign->crl == NULL)
+ p7->d.sign->crl=sk_new_null();
+
+ CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
+ sk_push(p7->d.sign->crl,(char *)crl);
+ return(1);
+ }
+
+int PKCS7_SIGNER_INFO_set(p7i,x509,pkey,dgst)
+PKCS7_SIGNER_INFO *p7i;
+X509 *x509;
+EVP_PKEY *pkey;
+EVP_MD *dgst;
+ {
+ /* We now need to add another PKCS7_SIGNER_INFO entry */
+ ASN1_INTEGER_set(p7i->version,1);
+ X509_NAME_set(&p7i->issuer_and_serial->issuer,
+ X509_get_issuer_name(x509));
+
+ /* because ASN1_INTEGER_set is used to set a 'long' we will do
+ * things the ugly way. */
+ ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
+ p7i->issuer_and_serial->serial=
+ ASN1_INTEGER_dup(X509_get_serialNumber(x509));
+
+ /* lets keep the pkey around for a while */
+ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+ p7i->pkey=pkey;
+
+ /* Set the algorithms */
+ p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
+ p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst));
+
+#if 1
+ if (p7i->digest_enc_alg->parameter != NULL)
+ ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
+ if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL)
+ goto err;
+ p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
+#endif
+
+
+ return(1);
+err:
+ return(0);
+ }
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(p7,x509,pkey,dgst)
+PKCS7 *p7;
+X509 *x509;
+EVP_PKEY *pkey;
+EVP_MD *dgst;
+ {
+ PKCS7_SIGNER_INFO *si;
+
+ if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
+ if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
+ if (!PKCS7_add_signer(p7,si)) goto err;
+ return(si);
+err:
+ return(NULL);
+ }
+
+STACK *PKCS7_get_signer_info(p7)
+PKCS7 *p7;
+ {
+ if (PKCS7_type_is_signed(p7))
+ {
+ return(p7->d.sign->signer_info);
+ }
+ else
+ return(NULL);
+ }
+
+X509 *PKCS7_cert_from_signer_info(p7,si)
+PKCS7 *p7;
+PKCS7_SIGNER_INFO *si;
+ {
+ if (PKCS7_type_is_signed(p7))
+ return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
+ si->issuer_and_serial->issuer,
+ si->issuer_and_serial->serial));
+ else
+ return(NULL);
+ }
+
diff --git a/crypto/pkcs7/pkcs7.err b/crypto/pkcs7/pkcs7.err
new file mode 100644
index 0000000..500f9b3
--- /dev/null
+++ b/crypto/pkcs7/pkcs7.err
@@ -0,0 +1,21 @@
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+#define PKCS7_F_PKCS7_ADD_SIGNER 100
+#define PKCS7_F_PKCS7_CTRL 101
+#define PKCS7_F_PKCS7_DATAFINAL 102
+#define PKCS7_F_PKCS7_DATAINIT 103
+#define PKCS7_F_PKCS7_DATAVERIFY 104
+#define PKCS7_F_PKCS7_SET_CONTENT 105
+#define PKCS7_F_PKCS7_SET_TYPE 106
+
+/* Reason codes. */
+#define PKCS7_R_INTERNAL_ERROR 100
+#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101
+#define PKCS7_R_SIGNATURE_FAILURE 102
+#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103
+#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104
+#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105
+#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 107
+#define PKCS7_R_WRONG_CONTENT_TYPE 108
diff --git a/crypto/pkcs7/pkcs7.h b/crypto/pkcs7/pkcs7.h
new file mode 100644
index 0000000..061f1f07
--- /dev/null
+++ b/crypto/pkcs7/pkcs7.h
@@ -0,0 +1,416 @@
+/* crypto/pkcs7/pkcs7.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_PKCS7_H
+#define HEADER_PKCS7_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bio.h"
+#include "x509.h"
+
+/*
+Encryption_ID DES-CBC
+Digest_ID MD5
+Digest_Encryption_ID rsaEncryption
+Key_Encryption_ID rsaEncryption
+*/
+
+typedef struct pkcs7_issuer_and_serial_st
+ {
+ X509_NAME *issuer;
+ ASN1_INTEGER *serial;
+ } PKCS7_ISSUER_AND_SERIAL;
+
+typedef struct pkcs7_signer_info_st
+ {
+ ASN1_INTEGER *version; /* version 1 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *digest_alg;
+ STACK /* X509_ATTRIBUTE */ *auth_attr; /* [ 0 ] */
+ X509_ALGOR *digest_enc_alg;
+ ASN1_OCTET_STRING *enc_digest;
+ STACK /* X509_ATTRIBUTE */ *unauth_attr; /* [ 1 ] */
+
+ /* The private key to sign with */
+ EVP_PKEY *pkey;
+ } PKCS7_SIGNER_INFO;
+
+typedef struct pkcs7_recip_info_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
+ X509_ALGOR *key_enc_algor;
+ ASN1_OCTET_STRING *enc_key;
+ } PKCS7_RECIP_INFO;
+
+typedef struct pkcs7_signed_st
+ {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK /* X509_ALGOR's */ *md_algs; /* md used */
+ struct pkcs7_st *contents;
+ STACK /* X509 */ *cert; /* [ 0 ] */
+ STACK /* X509_CRL */ *crl; /* [ 1 ] */
+ STACK /* PKCS7_SIGNER_INFO */ *signer_info;
+ } PKCS7_SIGNED;
+/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
+ * How about merging the two */
+
+typedef struct pkcs7_enc_content_st
+ {
+ ASN1_OBJECT *content_type;
+ X509_ALGOR *algorithm;
+ ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
+ } PKCS7_ENC_CONTENT;
+
+typedef struct pkcs7_enveloped_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ STACK /* PKCS7_RECIP_INFO */ *recipientinfo;
+ PKCS7_ENC_CONTENT *enc_data;
+ } PKCS7_ENVELOPE;
+
+typedef struct pkcs7_signedandenveloped_st
+ {
+ ASN1_INTEGER *version; /* version 1 */
+ STACK /* PKCS7_RECIP_INFO */ *recipientinfo;
+ STACK /* X509_ALGOR's */ *md_algs; /* md used */
+ PKCS7_ENC_CONTENT *enc_data;
+ STACK /* X509 */ *cert; /* [ 0 ] */
+ STACK /* X509_CRL */ *crl; /* [ 1 ] */
+ STACK /* PKCS7_SIGNER_INFO */ *signer_info;
+ } PKCS7_SIGN_ENVELOPE;
+
+typedef struct pkcs7_digest_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ X509_ALGOR *md; /* md used */
+ struct pkcs7_st *contents;
+ ASN1_OCTET_STRING *digest;
+ } PKCS7_DIGEST;
+
+typedef struct pkcs7_encrypted_st
+ {
+ ASN1_INTEGER *version; /* version 0 */
+ PKCS7_ENC_CONTENT *enc_data;
+ } PKCS7_ENCRYPT;
+
+typedef struct pkcs7_st
+ {
+ /* The following is non NULL if it contains ASN1 encoding of
+ * this structure */
+ unsigned char *asn1;
+ long length;
+
+#define PKCS7_S_HEADER 0
+#define PKCS7_S_BODY 1
+#define PKCS7_S_TAIL 2
+ int state; /* used during processing */
+
+ int detached;
+
+ ASN1_OBJECT *type;
+ /* content as defined by the type */
+ /* all encryption/message digests are applied to the 'contents',
+ * leaving out the 'type' field. */
+ union {
+ char *ptr;
+
+ /* NID_pkcs7_data */
+ ASN1_OCTET_STRING *data;
+
+ /* NID_pkcs7_signed */
+ PKCS7_SIGNED *sign;
+
+ /* NID_pkcs7_enveloped */
+ PKCS7_ENVELOPE *enveloped;
+
+ /* NID_pkcs7_signedAndEnveloped */
+ PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
+
+ /* NID_pkcs7_digest */
+ PKCS7_DIGEST *digest;
+
+ /* NID_pkcs7_encrypted */
+ PKCS7_ENCRYPT *encrypted;
+ } d;
+ } PKCS7;
+
+#define PKCS7_OP_SET_DETACHED_SIGNATURE 1
+#define PKCS7_OP_GET_DETACHED_SIGNATURE 2
+
+#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
+#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
+
+#define PKCS7_set_detached(p,v) \
+ PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
+#define PKCS7_get_detached(p) \
+ PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
+
+#ifndef NOPROTO
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
+void PKCS7_ISSUER_AND_SERIAL_free(
+ PKCS7_ISSUER_AND_SERIAL *a);
+int i2d_PKCS7_ISSUER_AND_SERIAL(
+ PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
+ PKCS7_ISSUER_AND_SERIAL **a,
+ unsigned char **pp, long length);
+
+int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type,
+ unsigned char *md,unsigned int *len);
+
+PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void);
+void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
+int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
+ unsigned char **pp);
+PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
+ unsigned char **pp,long length);
+
+PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void);
+void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
+int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
+ unsigned char **pp);
+PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
+ unsigned char **pp,long length);
+
+PKCS7_SIGNED *PKCS7_SIGNED_new(void);
+void PKCS7_SIGNED_free(PKCS7_SIGNED *a);
+int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
+ unsigned char **pp);
+PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
+ unsigned char **pp,long length);
+
+PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void);
+void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
+int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
+ unsigned char **pp);
+PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
+ unsigned char **pp,long length);
+
+PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void);
+void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
+int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
+ unsigned char **pp);
+PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
+ unsigned char **pp,long length);
+
+PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void);
+void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
+int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
+ unsigned char **pp);
+PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
+ unsigned char **pp,long length);
+
+PKCS7_DIGEST *PKCS7_DIGEST_new(void);
+void PKCS7_DIGEST_free(PKCS7_DIGEST *a);
+int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
+ unsigned char **pp);
+PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
+ unsigned char **pp,long length);
+
+PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void);
+void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
+int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
+ unsigned char **pp);
+PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
+ unsigned char **pp,long length);
+
+PKCS7 *PKCS7_new(void);
+void PKCS7_free(PKCS7 *a);
+void PKCS7_content_free(PKCS7 *a);
+int i2d_PKCS7(PKCS7 *a,
+ unsigned char **pp);
+PKCS7 *d2i_PKCS7(PKCS7 **a,
+ unsigned char **pp,long length);
+
+void ERR_load_PKCS7_strings(void);
+
+#ifndef WIN16
+PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
+int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
+#endif
+PKCS7 *PKCS7_dup(PKCS7 *p7);
+PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
+int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
+
+long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
+
+int PKCS7_set_type(PKCS7 *p7, int type);
+int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
+int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
+ EVP_MD *dgst);
+int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
+int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
+int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
+int PKCS7_content_new(PKCS7 *p7, int nid);
+int PKCS7_dataSign(PKCS7 *p7, BIO *bio);
+int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
+ BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+
+BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
+/*int PKCS7_DataFinal(PKCS7 *p7, BIO *bio); */
+
+PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
+ EVP_PKEY *pkey, EVP_MD *dgst);
+X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
+STACK *PKCS7_get_signer_info(PKCS7 *p7);
+
+#else
+
+PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new();
+void PKCS7_ISSUER_AND_SERIAL_free();
+int i2d_PKCS7_ISSUER_AND_SERIAL();
+PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL();
+
+int PKCS7_ISSUER_AND_SERIAL_digest();
+
+PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new();
+void PKCS7_SIGNER_INFO_free();
+int i2d_PKCS7_SIGNER_INFO();
+PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO();
+PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new();
+void PKCS7_RECIP_INFO_free();
+int i2d_PKCS7_RECIP_INFO();
+PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO();
+PKCS7_SIGNED *PKCS7_SIGNED_new();
+void PKCS7_SIGNED_free();
+int i2d_PKCS7_SIGNED();
+PKCS7_SIGNED *d2i_PKCS7_SIGNED();
+PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new();
+void PKCS7_ENC_CONTENT_free();
+int i2d_PKCS7_ENC_CONTENT();
+PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT();
+PKCS7_ENVELOPE *PKCS7_ENVELOPE_new();
+void PKCS7_ENVELOPE_free();
+int i2d_PKCS7_ENVELOPE();
+PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE();
+PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new();
+void PKCS7_SIGN_ENVELOPE_free();
+int i2d_PKCS7_SIGN_ENVELOPE();
+PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE();
+PKCS7_DIGEST *PKCS7_DIGEST_new();
+void PKCS7_DIGEST_free();
+int i2d_PKCS7_DIGEST();
+PKCS7_DIGEST *d2i_PKCS7_DIGEST();
+PKCS7_ENCRYPT *PKCS7_ENCRYPT_new();
+void PKCS7_ENCRYPT_free();
+int i2d_PKCS7_ENCRYPT();
+PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT();
+PKCS7 *PKCS7_new();
+void PKCS7_free();
+void PKCS7_content_free();
+int i2d_PKCS7();
+PKCS7 *d2i_PKCS7();
+
+void ERR_load_PKCS7_strings();
+
+#ifndef WIN16
+PKCS7 *d2i_PKCS7_fp();
+int i2d_PKCS7_fp();
+#endif
+PKCS7 *PKCS7_dup();
+PKCS7 *d2i_PKCS7_bio();
+int i2d_PKCS7_bio();
+long PKCS7_ctrl();
+int PKCS7_set_type();
+int PKCS7_set_content();
+int PKCS7_SIGNER_INFO_set();
+int PKCS7_add_signer();
+int PKCS7_add_certificate();
+int PKCS7_add_crl();
+int PKCS7_content_new();
+int PKCS7_dataSign();
+int PKCS7_dataVerify();
+BIO *PKCS7_dataInit();
+PKCS7_SIGNER_INFO *PKCS7_add_signature();
+X509 *PKCS7_cert_from_signer_info();
+STACK *PKCS7_get_signer_info();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the PKCS7 functions. */
+
+/* Function codes. */
+#define PKCS7_F_PKCS7_ADD_SIGNER 100
+#define PKCS7_F_PKCS7_CTRL 101
+#define PKCS7_F_PKCS7_DATAFINAL 102
+#define PKCS7_F_PKCS7_DATAINIT 103
+#define PKCS7_F_PKCS7_DATAVERIFY 104
+#define PKCS7_F_PKCS7_SET_CONTENT 105
+#define PKCS7_F_PKCS7_SET_TYPE 106
+
+/* Reason codes. */
+#define PKCS7_R_INTERNAL_ERROR 100
+#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101
+#define PKCS7_R_SIGNATURE_FAILURE 102
+#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103
+#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104
+#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105
+#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106
+#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 107
+#define PKCS7_R_WRONG_CONTENT_TYPE 108
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/pkcs7/pkcs7err.c b/crypto/pkcs7/pkcs7err.c
new file mode 100644
index 0000000..851691d
--- /dev/null
+++ b/crypto/pkcs7/pkcs7err.c
@@ -0,0 +1,99 @@
+/* lib/pkcs7/pkcs7_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "pkcs7.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA PKCS7_str_functs[]=
+ {
+{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"},
+{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAFINAL,0), "PKCS7_DATAFINAL"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"},
+{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"},
+{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA PKCS7_str_reasons[]=
+ {
+{PKCS7_R_INTERNAL_ERROR ,"internal error"},
+{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
+{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"},
+{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"},
+{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"},
+{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"},
+{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"},
+{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"},
+{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"},
+{0,NULL},
+ };
+
+void ERR_load_PKCS7_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
+ ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
+ }
+ }
diff --git a/crypto/pkcs7/server.pem b/crypto/pkcs7/server.pem
new file mode 100644
index 0000000..750aac2
--- /dev/null
+++ b/crypto/pkcs7/server.pem
@@ -0,0 +1,24 @@
+issuer= /C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Test CA (1024 bit)
+subject=/C=AU/ST=Queensland/O=CryptSoft Pty Ltd/CN=Server test cert (512 bit)
+-----BEGIN CERTIFICATE-----
+MIIB6TCCAVICAQAwDQYJKoZIhvcNAQEEBQAwWzELMAkGA1UEBhMCQVUxEzARBgNV
+BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMRswGQYD
+VQQDExJUZXN0IENBICgxMDI0IGJpdCkwHhcNOTcwNjA5MTM1NzQ2WhcNOTgwNjA5
+MTM1NzQ2WjBjMQswCQYDVQQGEwJBVTETMBEGA1UECBMKUXVlZW5zbGFuZDEaMBgG
+A1UEChMRQ3J5cHRTb2Z0IFB0eSBMdGQxIzAhBgNVBAMTGlNlcnZlciB0ZXN0IGNl
+cnQgKDUxMiBiaXQpMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJ+zw4Qnlf8SMVIP
+Fe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVDTGiXav6ooKXfX3j/7tdkuD8Ey2//
+Kv7+ue0CAwEAATANBgkqhkiG9w0BAQQFAAOBgQB4TMR2CvacKE9wAsu9jyCX8YiW
+mgCM+YoP6kt4Zkj2z5IRfm7WrycKsnpnOR+tGeqAjkCeZ6/36o9l91RvPnN1VJ/i
+xQv2df0KFeMr00IkDdTNAdIWqFkSsZTAY2QAdgenb7MB1joejquYzO2DQIO7+wpH
+irObpESxAZLySCmPPg==
+-----END CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAJ+zw4Qnlf8SMVIPFe9GEcStgOY2Ww/dgNdhjeD8ckUJNP5VZkVD
+TGiXav6ooKXfX3j/7tdkuD8Ey2//Kv7+ue0CAwEAAQJAN6W31vDEP2DjdqhzCDDu
+OA4NACqoiFqyblo7yc2tM4h4xMbC3Yx5UKMN9ZkCtX0gzrz6DyF47bdKcWBzNWCj
+gQIhANEoojVt7hq+SQ6MCN6FTAysGgQf56Q3TYoJMoWvdiXVAiEAw3e3rc+VJpOz
+rHuDo6bgpjUAAXM+v3fcpsfZSNO6V7kCIQCtbVjanpUwvZkMI9by02oUk9taki3b
+PzPfAfNPYAbCJQIhAJXNQDWyqwn/lGmR11cqY2y9nZ1+5w3yHGatLrcDnQHxAiEA
+vnlEGo8K85u+KwIOimM48ZG8oTk7iFdkqLJR1utT3aU=
+-----END RSA PRIVATE KEY-----
diff --git a/crypto/pkcs7/sign.c b/crypto/pkcs7/sign.c
new file mode 100644
index 0000000..9400fe3
--- /dev/null
+++ b/crypto/pkcs7/sign.c
@@ -0,0 +1,83 @@
+#include <stdio.h>
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509;
+ EVP_PKEY *pkey;
+ PKCS7 *p7;
+ PKCS7 *p7_data;
+ PKCS7_SIGNER_INFO *si;
+ BIO *in;
+ BIO *data,*p7bio;
+ char buf[1024*4];
+ int i,j;
+ int nodetach=0;
+
+ EVP_add_digest(EVP_md2());
+ EVP_add_digest(EVP_md5());
+ EVP_add_digest(EVP_sha1());
+ EVP_add_digest(EVP_mdc2());
+
+ data=BIO_new(BIO_s_file());
+again:
+ if (argc > 1)
+ {
+ if (strcmp(argv[1],"-nd") == 0)
+ {
+ nodetach=1;
+ argv++; argc--;
+ goto again;
+ }
+ if (!BIO_read_filename(data,argv[1]))
+ goto err;
+ }
+ else
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+ if ((in=BIO_new_file("server.pem","r")) == NULL) goto err;
+ if ((x509=PEM_read_bio_X509(in,NULL,NULL)) == NULL) goto err;
+ BIO_reset(in);
+ if ((pkey=PEM_read_bio_PrivateKey(in,NULL,NULL)) == NULL) goto err;
+ BIO_free(in);
+
+ p7=PKCS7_new();
+ PKCS7_set_type(p7,NID_pkcs7_signed);
+
+ if (PKCS7_add_signature(p7,x509,pkey,EVP_sha1()) == NULL) goto err;
+
+ /* we may want to add more */
+ PKCS7_add_certificate(p7,x509);
+
+ /* Set the content of the signed to 'data' */
+ PKCS7_content_new(p7,NID_pkcs7_data);
+
+ if (!nodetach)
+ PKCS7_set_detached(p7,1);
+
+ if ((p7bio=PKCS7_dataInit(p7,NULL)) == NULL) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(data,buf,sizeof(buf));
+ if (i <= 0) break;
+ BIO_write(p7bio,buf,i);
+ }
+
+ if (!PKCS7_dataSign(p7,p7bio)) goto err;
+ BIO_free(p7bio);
+
+ PEM_write_PKCS7(stdout,p7);
+ PKCS7_free(p7);
+
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
diff --git a/crypto/pkcs7/verify.c b/crypto/pkcs7/verify.c
new file mode 100644
index 0000000..bce20ee
--- /dev/null
+++ b/crypto/pkcs7/verify.c
@@ -0,0 +1,181 @@
+#include <stdio.h>
+#include "asn1.h"
+#include "bio.h"
+#include "x509.h"
+#include "pem.h"
+
+int verify_callback(int ok, X509_STORE_CTX *ctx);
+
+BIO *bio_err=NULL;
+
+main(argc,argv)
+int argc;
+char *argv[];
+ {
+ X509 *x509,*x;
+ PKCS7 *p7;
+ PKCS7_SIGNED *s;
+ PKCS7_SIGNER_INFO *si;
+ PKCS7_ISSUER_AND_SERIAL *ias;
+ X509_STORE_CTX cert_ctx;
+ X509_STORE *cert_store=NULL;
+ X509_LOOKUP *lookup=NULL;
+ BIO *data,*detached=NULL,*p7bio=NULL;
+ char buf[1024*4];
+ unsigned char *p,*pp;
+ int i,j,printit=0;
+ STACK *sk;
+
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ EVP_add_digest(EVP_md2());
+ EVP_add_digest(EVP_md5());
+ EVP_add_digest(EVP_sha1());
+ EVP_add_digest(EVP_mdc2());
+
+ data=BIO_new(BIO_s_file());
+again:
+ pp=NULL;
+ while (argc > 1)
+ {
+ argc--;
+ argv++;
+ if (strcmp(argv[0],"-p") == 0)
+ {
+ printit=1;
+ }
+ else if ((strcmp(argv[0],"-d") == 0) && (argc >= 2))
+ {
+ detached=BIO_new(BIO_s_file());
+ if (!BIO_read_filename(detached,argv[1]))
+ goto err;
+ argc--;
+ argv++;
+ }
+ else
+ {
+ pp=argv[0];
+ if (!BIO_read_filename(data,argv[0]))
+ goto err;
+ }
+ }
+
+ if (pp == NULL)
+ BIO_set_fp(data,stdin,BIO_NOCLOSE);
+
+
+ /* Load the PKCS7 object from a file */
+ if ((p7=PEM_read_bio_PKCS7(data,NULL,NULL)) == NULL) goto err;
+
+ /* This stuff is being setup for certificate verification.
+ * When using SSL, it could be replaced with a
+ * cert_stre=SSL_CTX_get_cert_store(ssl_ctx); */
+ cert_store=X509_STORE_new();
+ X509_STORE_set_default_paths(cert_store);
+ X509_STORE_load_locations(cert_store,NULL,"../../certs");
+ X509_STORE_set_verify_cb_func(cert_store,verify_callback);
+
+ ERR_clear_errors();
+
+ /* We need to process the data */
+ if (PKCS7_get_detached(p7))
+ {
+ if (detached == NULL)
+ {
+ printf("no data to verify the signature on\n");
+ exit(1);
+ }
+ else
+ p7bio=PKCS7_dataInit(p7,detached);
+ }
+ else
+ {
+ p7bio=PKCS7_dataInit(p7,NULL);
+ }
+
+ /* We now have to 'read' from p7bio to calculate digests etc. */
+ for (;;)
+ {
+ i=BIO_read(p7bio,buf,sizeof(buf));
+ /* print it? */
+ if (i <= 0) break;
+ }
+
+ /* We can now verify signatures */
+ sk=PKCS7_get_signer_info(p7);
+ if (sk == NULL)
+ {
+ printf("there are no signatures on this data\n");
+ exit(1);
+ }
+
+ /* Ok, first we need to, for each subject entry, see if we can verify */
+ for (i=0; i<sk_num(sk); i++)
+ {
+ si=(PKCS7_SIGNER_INFO *)sk_value(sk,i);
+ i=PKCS7_dataVerify(cert_store,&cert_ctx,p7bio,p7,si);
+ if (i <= 0)
+ goto err;
+ }
+
+ X509_STORE_free(cert_store);
+
+ printf("done\n");
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ }
+
+/* should be X509 * but we can just have them as char *. */
+int verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char buf[256];
+ X509 *err_cert;
+ int err,depth;
+
+ err_cert=X509_STORE_CTX_get_current_cert(ctx);
+ err= X509_STORE_CTX_get_error(ctx);
+ depth= X509_STORE_CTX_get_error_depth(ctx);
+
+ X509_NAME_oneline(X509_get_subject_name(err_cert),buf,256);
+ BIO_printf(bio_err,"depth=%d %s\n",depth,buf);
+ if (!ok)
+ {
+ BIO_printf(bio_err,"verify error:num=%d:%s\n",err,
+ X509_verify_cert_error_string(err));
+ if (depth < 6)
+ {
+ ok=1;
+ X509_STORE_CTX_set_error(ctx,X509_V_OK);
+ }
+ else
+ {
+ ok=0;
+ X509_STORE_CTX_set_error(ctx,X509_V_ERR_CERT_CHAIN_TOO_LONG);
+ }
+ }
+ switch (ctx->error)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ X509_NAME_oneline(X509_get_issuer_name(ctx->current_cert),buf,256);
+ BIO_printf(bio_err,"issuer= %s\n",buf);
+ break;
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ BIO_printf(bio_err,"notBefore=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notBefore(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ BIO_printf(bio_err,"notAfter=");
+ ASN1_UTCTIME_print(bio_err,X509_get_notAfter(ctx->current_cert));
+ BIO_printf(bio_err,"\n");
+ break;
+ }
+ BIO_printf(bio_err,"verify return:%d\n",ok);
+ return(ok);
+ }
diff --git a/crypto/rand/Makefile.ssl b/crypto/rand/Makefile.ssl
new file mode 100644
index 0000000..d04f0a9
--- /dev/null
+++ b/crypto/rand/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/rand/Makefile
+#
+
+DIR= rand
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST= randtest.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=md_rand.c randfile.c
+LIBOBJ=md_rand.o randfile.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rand.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
new file mode 100644
index 0000000..6c8e65a
--- /dev/null
+++ b/crypto/rand/md_rand.c
@@ -0,0 +1,406 @@
+/* crypto/rand/md_rand.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/types.h>
+#include <time.h>
+
+
+#if !defined(USE_MD5_RAND) && !defined(USE_SHA1_RAND) && !defined(USE_MDC2_RAND) && !defined(USE_MD2_RAND)
+#ifndef NO_MD5
+#define USE_MD5_RAND
+#elif !defined(NO_SHA1)
+#define USE_SHA1_RAND
+#elif !defined(NO_MDC2)
+#define USE_MDC2_RAND
+#elif !defined(NO_MD2)
+#define USE_MD2_RAND
+#else
+We need a message digest of some type
+#endif
+#endif
+
+/* Changed how the state buffer used. I now attempt to 'wrap' such
+ * that I don't run over the same locations the next time go through
+ * the 1023 bytes - many thanks to
+ * Robert J. LeBlanc <rjl@renaissoft.com> for his comments
+ */
+
+#if defined(USE_MD5_RAND)
+#include "md5.h"
+#define MD_DIGEST_LENGTH MD5_DIGEST_LENGTH
+#define MD_CTX MD5_CTX
+#define MD_Init(a) MD5_Init(a)
+#define MD_Update(a,b,c) MD5_Update(a,b,c)
+#define MD_Final(a,b) MD5_Final(a,b)
+#elif defined(USE_SHA1_RAND)
+#include "sha.h"
+#define MD_DIGEST_LENGTH SHA_DIGEST_LENGTH
+#define MD_CTX SHA_CTX
+#define MD_Init(a) SHA1_Init(a)
+#define MD_Update(a,b,c) SHA1_Update(a,b,c)
+#define MD_Final(a,b) SHA1_Final(a,b)
+#elif defined(USE_MDC2_RAND)
+#include "mdc2.h"
+#define MD_DIGEST_LENGTH MDC2_DIGEST_LENGTH
+#define MD_CTX MDC2_CTX
+#define MD_Init(a) MDC2_Init(a)
+#define MD_Update(a,b,c) MDC2_Update(a,b,c)
+#define MD_Final(a,b) MDC2_Final(a,b)
+#elif defined(USE_MD2_RAND)
+#include "md2.h"
+#define MD_DIGEST_LENGTH MD2_DIGEST_LENGTH
+#define MD_CTX MD2_CTX
+#define MD_Init(a) MD2_Init(a)
+#define MD_Update(a,b,c) MD2_Update(a,b,c)
+#define MD_Final(a,b) MD2_Final(a,b)
+#endif
+
+#include "rand.h"
+
+/*#define NORAND 1 */
+/*#define PREDICT 1 */
+
+#define STATE_SIZE 1023
+static int state_num=0,state_index=0;
+static unsigned char state[STATE_SIZE];
+static unsigned char md[MD_DIGEST_LENGTH];
+static int count=0;
+
+char *RAND_version="RAND part of SSLeay 0.8.1b 29-Jun-1998";
+
+void RAND_cleanup()
+ {
+ memset(state,0,STATE_SIZE);
+ state_num=0;
+ state_index=0;
+ memset(md,0,MD_DIGEST_LENGTH);
+ count=0;
+ }
+
+void RAND_seed(buf,num)
+unsigned char *buf;
+int num;
+ {
+ int i,j,k,st_idx,st_num;
+ MD_CTX m;
+
+#ifdef NORAND
+ return;
+#endif
+
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ st_idx=state_index;
+ st_num=state_num;
+
+ state_index=(state_index+num);
+ if (state_index > STATE_SIZE)
+ {
+ state_index%=STATE_SIZE;
+ state_num=STATE_SIZE;
+ }
+ else if (state_num < STATE_SIZE)
+ {
+ if (state_index > state_num)
+ state_num=state_index;
+ }
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+ for (i=0; i<num; i+=MD_DIGEST_LENGTH)
+ {
+ j=(num-i);
+ j=(j > MD_DIGEST_LENGTH)?MD_DIGEST_LENGTH:j;
+
+ MD_Init(&m);
+ MD_Update(&m,md,MD_DIGEST_LENGTH);
+ k=(st_idx+j)-STATE_SIZE;
+ if (k > 0)
+ {
+ MD_Update(&m,&(state[st_idx]),j-k);
+ MD_Update(&m,&(state[0]),k);
+ }
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+
+ MD_Update(&m,buf,j);
+ MD_Final(md,&m);
+
+ buf+=j;
+
+ for (k=0; k<j; k++)
+ {
+ state[st_idx++]^=md[k];
+ if (st_idx >= STATE_SIZE)
+ {
+ st_idx=0;
+ st_num=STATE_SIZE;
+ }
+ }
+ }
+ memset((char *)&m,0,sizeof(m));
+ }
+
+void RAND_bytes(buf,num)
+unsigned char *buf;
+int num;
+ {
+ int i,j,k,st_num,st_idx;
+ MD_CTX m;
+ static int init=1;
+ unsigned long l;
+#ifdef DEVRANDOM
+ FILE *fh;
+#endif
+
+#ifdef PREDICT
+ {
+ static unsigned char val=0;
+
+ for (i=0; i<num; i++)
+ buf[i]=val++;
+ return;
+ }
+#endif
+
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+
+ if (init)
+ {
+ init=0;
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+ /* put in some default random data, we need more than
+ * just this */
+ RAND_seed((unsigned char *)&m,sizeof(m));
+#ifndef MSDOS
+ l=getpid();
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ l=getuid();
+ RAND_seed((unsigned char *)&l,sizeof(l));
+#endif
+ l=time(NULL);
+ RAND_seed((unsigned char *)&l,sizeof(l));
+
+#ifdef DEVRANDOM
+ /*
+ * Use a random entropy pool device.
+ * Linux 1.3.x and FreeBSD-Current has
+ * this. Use /dev/urandom if you can
+ * as /dev/random will block if it runs out
+ * of random entries.
+ */
+ if ((fh = fopen(DEVRANDOM, "r")) != NULL)
+ {
+ unsigned char buf[32];
+
+ fread((unsigned char *)buf,1,32,fh);
+ /* we don't care how many bytes we read,
+ * we will just copy the 'stack' if there is
+ * nothing else :-) */
+ fclose(fh);
+ RAND_seed(buf,32);
+ memset(buf,0,32);
+ }
+#endif
+#ifdef PURIFY
+ memset(state,0,STATE_SIZE);
+ memset(md,0,MD_DIGEST_LENGTH);
+#endif
+ CRYPTO_w_lock(CRYPTO_LOCK_RAND);
+ }
+
+ st_idx=state_index;
+ st_num=state_num;
+ state_index+=num;
+ if (state_index > state_num)
+ state_index=(state_index%state_num);
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
+
+ while (num > 0)
+ {
+ j=(num >= MD_DIGEST_LENGTH/2)?MD_DIGEST_LENGTH/2:num;
+ num-=j;
+ MD_Init(&m);
+ MD_Update(&m,&(md[MD_DIGEST_LENGTH/2]),MD_DIGEST_LENGTH/2);
+#ifndef PURIFY
+ MD_Update(&m,buf,j); /* purify complains */
+#endif
+ k=(st_idx+j)-st_num;
+ if (k > 0)
+ {
+ MD_Update(&m,&(state[st_idx]),j-k);
+ MD_Update(&m,&(state[0]),k);
+ }
+ else
+ MD_Update(&m,&(state[st_idx]),j);
+ MD_Final(md,&m);
+
+ for (i=0; i<j; i++)
+ {
+ if (st_idx >= st_num)
+ st_idx=0;
+ state[st_idx++]^=md[i];
+ *(buf++)=md[i+MD_DIGEST_LENGTH/2];
+ }
+ }
+
+ MD_Init(&m);
+ MD_Update(&m,(unsigned char *)&count,sizeof(count)); count++;
+ MD_Update(&m,md,MD_DIGEST_LENGTH);
+ MD_Final(md,&m);
+ memset(&m,0,sizeof(m));
+ }
+
+#ifdef WINDOWS
+#include <windows.h>
+#include <rand.h>
+
+/*****************************************************************************
+ * Initialisation function for the SSL random generator. Takes the contents
+ * of the screen as random seed.
+ *
+ * Created 960901 by Gertjan van Oosten, gertjan@West.NL, West Consulting B.V.
+ *
+ * Code adapted from
+ * <URL:http://www.microsoft.com/kb/developr/win_dk/q97193.htm>;
+ * the original copyright message is:
+ *
+// (C) Copyright Microsoft Corp. 1993. All rights reserved.
+//
+// You have a royalty-free right to use, modify, reproduce and
+// distribute the Sample Files (and/or any modified version) in
+// any way you find useful, provided that you agree that
+// Microsoft has no warranty obligations or liability for any
+// Sample Application Files which are modified.
+ */
+/*
+ * I have modified the loading of bytes via RAND_seed() mechanism since
+ * the origional would have been very very CPU intensive since RAND_seed()
+ * does an MD5 per 16 bytes of input. The cost to digest 16 bytes is the same
+ * as that to digest 56 bytes. So under the old system, a screen of
+ * 1024*768*256 would have been CPU cost of approximatly 49,000 56 byte MD5
+ * digests or digesting 2.7 mbytes. What I have put in place would
+ * be 48 16k MD5 digests, or efectivly 48*16+48 MD5 bytes or 816 kbytes
+ * or about 3.5 times as much.
+ * - eric
+ */
+void RAND_screen(void)
+{
+ HDC hScrDC; /* screen DC */
+ HDC hMemDC; /* memory DC */
+ HBITMAP hBitmap; /* handle for our bitmap */
+ HBITMAP hOldBitmap; /* handle for previous bitmap */
+ BITMAP bm; /* bitmap properties */
+ unsigned int size; /* size of bitmap */
+ char *bmbits; /* contents of bitmap */
+ int w; /* screen width */
+ int h; /* screen height */
+ int y; /* y-coordinate of screen lines to grab */
+ int n = 16; /* number of screen lines to grab at a time */
+
+ /* Create a screen DC and a memory DC compatible to screen DC */
+ hScrDC = CreateDC("DISPLAY", NULL, NULL, NULL);
+ hMemDC = CreateCompatibleDC(hScrDC);
+
+ /* Get screen resolution */
+ w = GetDeviceCaps(hScrDC, HORZRES);
+ h = GetDeviceCaps(hScrDC, VERTRES);
+
+ /* Create a bitmap compatible with the screen DC */
+ hBitmap = CreateCompatibleBitmap(hScrDC, w, n);
+
+ /* Select new bitmap into memory DC */
+ hOldBitmap = SelectObject(hMemDC, hBitmap);
+
+ /* Get bitmap properties */
+ GetObject(hBitmap, sizeof(BITMAP), (LPSTR)&bm);
+ size = (unsigned int)bm.bmWidthBytes * bm.bmHeight * bm.bmPlanes;
+
+ bmbits = Malloc(size);
+ if (bmbits) {
+ /* Now go through the whole screen, repeatedly grabbing n lines */
+ for (y = 0; y < h-n; y += n)
+ {
+ unsigned char md[MD_DIGEST_LENGTH];
+
+ /* Bitblt screen DC to memory DC */
+ BitBlt(hMemDC, 0, 0, w, n, hScrDC, 0, y, SRCCOPY);
+
+ /* Copy bitmap bits from memory DC to bmbits */
+ GetBitmapBits(hBitmap, size, bmbits);
+
+ /* Get the MD5 of the bitmap */
+ MD5(bmbits,size,md);
+
+ /* Seed the random generator with the MD5 digest */
+ RAND_seed(md, MD_DIGEST_LENGTH);
+ }
+
+ Free(bmbits);
+ }
+
+ /* Select old bitmap back into memory DC */
+ hBitmap = SelectObject(hMemDC, hOldBitmap);
+
+ /* Clean up */
+ DeleteObject(hBitmap);
+ DeleteDC(hMemDC);
+ DeleteDC(hScrDC);
+}
+#endif
diff --git a/crypto/rand/rand.h b/crypto/rand/rand.h
new file mode 100644
index 0000000..99ca47d
--- /dev/null
+++ b/crypto/rand/rand.h
@@ -0,0 +1,92 @@
+/* crypto/rand/rand.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RAND_H
+#define HEADER_RAND_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef NOPROTO
+void RAND_cleanup(void );
+void RAND_bytes( unsigned char *buf,int num);
+void RAND_seed( unsigned char *buf,int num);
+int RAND_load_file(char *file,long max_bytes);
+int RAND_write_file(char *file);
+char *RAND_file_name(char *file,int num);
+#ifdef WINDOWS
+void RAND_screen(void);
+#endif
+#else
+void RAND_cleanup();
+void RAND_bytes();
+void RAND_seed();
+int RAND_load_file();
+int RAND_write_file();
+char *RAND_file_name();
+#ifdef WINDOWS
+void RAND_screen();
+#endif
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rand/randfile.c b/crypto/rand/randfile.c
new file mode 100644
index 0000000..ad0e55d
--- /dev/null
+++ b/crypto/rand/randfile.c
@@ -0,0 +1,166 @@
+/* crypto/rand/randfile.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include <sys/stat.h>
+#include <sys/types.h>
+#include "rand.h"
+
+#undef BUFSIZE
+#define BUFSIZE 1024
+#define RAND_DATA 1024
+
+/* #define RFILE ".rand" - defined in ../../e_os.h */
+
+int RAND_load_file(file,bytes)
+char *file;
+long bytes;
+ {
+ MS_STATIC unsigned char buf[BUFSIZE];
+ struct stat sb;
+ int i,ret=0,n;
+ FILE *in;
+
+ if (file == NULL) return(0);
+
+ i=stat(file,&sb);
+ /* If the state fails, put some crap in anyway */
+ RAND_seed((unsigned char *)&sb,sizeof(sb));
+ ret+=sizeof(sb);
+ if (i < 0) return(0);
+ if (bytes <= 0) return(ret);
+
+ in=fopen(file,"r");
+ if (in == NULL) goto err;
+ for (;;)
+ {
+ n=(bytes < BUFSIZE)?(int)bytes:BUFSIZE;
+ i=fread(buf,1,n,in);
+ if (i <= 0) break;
+ /* even if n != i, use the full array */
+ RAND_seed(buf,n);
+ ret+=i;
+ bytes-=n;
+ if (bytes <= 0) break;
+ }
+ fclose(in);
+ memset(buf,0,BUFSIZE);
+err:
+ return(ret);
+ }
+
+int RAND_write_file(file)
+char *file;
+ {
+ unsigned char buf[BUFSIZE];
+ int i,ret=0;
+ FILE *out;
+ int n;
+
+ out=fopen(file,"w");
+ if (out == NULL) goto err;
+ chmod(file,0600);
+ n=RAND_DATA;
+ for (;;)
+ {
+ i=(n > BUFSIZE)?BUFSIZE:n;
+ n-=BUFSIZE;
+ RAND_bytes(buf,i);
+ i=fwrite(buf,1,i,out);
+ if (i <= 0)
+ {
+ ret=0;
+ break;
+ }
+ ret+=i;
+ if (n <= 0) break;
+ }
+ fclose(out);
+ memset(buf,0,BUFSIZE);
+err:
+ return(ret);
+ }
+
+char *RAND_file_name(buf,size)
+char *buf;
+int size;
+ {
+ char *s;
+ char *ret=NULL;
+
+ s=getenv("RANDFILE");
+ if (s != NULL)
+ {
+ strncpy(buf,s,size-1);
+ buf[size-1]='\0';
+ ret=buf;
+ }
+ else
+ {
+ s=getenv("HOME");
+ if (s == NULL) return(RFILE);
+ if (((int)(strlen(s)+strlen(RFILE)+2)) > size)
+ return(RFILE);
+ strcpy(buf,s);
+ strcat(buf,"/");
+ strcat(buf,RFILE);
+ ret=buf;
+ }
+ return(ret);
+ }
diff --git a/crypto/rand/randtest.c b/crypto/rand/randtest.c
new file mode 100644
index 0000000..ac3f0d7
--- /dev/null
+++ b/crypto/rand/randtest.c
@@ -0,0 +1,207 @@
+/* crypto/rand/randtest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rand.h"
+
+/* some FIPS 140-1 random number test */
+/* some simple tests */
+
+int main()
+ {
+ unsigned char buf[2500];
+ int i,j,k,s,sign,nsign,err=0;
+ unsigned long n1;
+ unsigned long n2[16];
+ unsigned long runs[2][34];
+ /*double d; */
+ long d;
+
+ RAND_bytes(buf,2500);
+
+ n1=0;
+ for (i=0; i<16; i++) n2[i]=0;
+ for (i=0; i<34; i++) runs[0][i]=runs[1][i]=0;
+
+ /* test 1 and 2 */
+ sign=0;
+ nsign=0;
+ for (i=0; i<2500; i++)
+ {
+ j=buf[i];
+
+ n2[j&0x0f]++;
+ n2[(j>>4)&0x0f]++;
+
+ for (k=0; k<8; k++)
+ {
+ s=(j&0x01);
+ if (s == sign)
+ nsign++;
+ else
+ {
+ if (nsign > 34) nsign=34;
+ if (nsign != 0)
+ {
+ runs[sign][nsign-1]++;
+ if (nsign > 6)
+ runs[sign][5]++;
+ }
+ sign=s;
+ nsign=1;
+ }
+
+ if (s) n1++;
+ j>>=1;
+ }
+ }
+ if (nsign > 34) nsign=34;
+ if (nsign != 0) runs[sign][nsign-1]++;
+
+ /* test 1 */
+ if (!((9654 < n1) && (n1 < 10346)))
+ {
+ printf("test 1 failed, X=%ld\n",n1);
+ err++;
+ }
+ printf("test 1 done\n");
+
+ /* test 2 */
+#ifdef undef
+ d=0;
+ for (i=0; i<16; i++)
+ d+=n2[i]*n2[i];
+ d=d*16.0/5000.0-5000.0;
+ if (!((1.03 < d) && (d < 57.4)))
+ {
+ printf("test 2 failed, X=%.2f\n",d);
+ err++;
+ }
+#endif
+ d=0;
+ for (i=0; i<16; i++)
+ d+=n2[i]*n2[i];
+ d=(d*8)/25-500000;
+ if (!((103 < d) && (d < 5740)))
+ {
+ printf("test 2 failed, X=%ld.%02ld\n",d/100L,d%100L);
+ err++;
+ }
+ printf("test 2 done\n");
+
+ /* test 3 */
+ for (i=0; i<2; i++)
+ {
+ if (!((2267 < runs[i][0]) && (runs[i][0] < 2733)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,1,runs[i][0]);
+ err++;
+ }
+ if (!((1079 < runs[i][1]) && (runs[i][1] < 1421)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,2,runs[i][1]);
+ err++;
+ }
+ if (!(( 502 < runs[i][2]) && (runs[i][2] < 748)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,3,runs[i][2]);
+ err++;
+ }
+ if (!(( 223 < runs[i][3]) && (runs[i][3] < 402)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,4,runs[i][3]);
+ err++;
+ }
+ if (!(( 90 < runs[i][4]) && (runs[i][4] < 223)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,5,runs[i][4]);
+ err++;
+ }
+ if (!(( 90 < runs[i][5]) && (runs[i][5] < 223)))
+ {
+ printf("test 3 failed, bit=%d run=%d num=%ld\n",
+ i,6,runs[i][5]);
+ err++;
+ }
+ }
+ printf("test 3 done\n");
+
+ /* test 4 */
+ if (runs[0][33] != 0)
+ {
+ printf("test 4 failed, bit=%d run=%d num=%ld\n",
+ 0,34,runs[0][33]);
+ err++;
+ }
+ if (runs[1][33] != 0)
+ {
+ printf("test 4 failed, bit=%d run=%d num=%ld\n",
+ 1,34,runs[1][33]);
+ err++;
+ }
+ printf("test 4 done\n");
+ err=((err)?1:0);
+ exit(err);
+ return(err);
+ }
diff --git a/crypto/rc2/Makefile.ssl b/crypto/rc2/Makefile.ssl
new file mode 100644
index 0000000..c5138f1
--- /dev/null
+++ b/crypto/rc2/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/rc2/Makefile
+#
+
+DIR= rc2
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc2test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc2_ecb.c rc2_skey.c rc2_cbc.c rc2cfb64.c rc2ofb64.c
+LIBOBJ=rc2_ecb.o rc2_skey.o rc2_cbc.o rc2cfb64.o rc2ofb64.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc2.h
+HEADER= rc2_locl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc2/rc2.h b/crypto/rc2/rc2.h
new file mode 100644
index 0000000..0903417
--- /dev/null
+++ b/crypto/rc2/rc2.h
@@ -0,0 +1,116 @@
+/* crypto/rc2/rc2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc2.org since rc2.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_RC2_H
+#define HEADER_RC2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define RC2_ENCRYPT 1
+#define RC2_DECRYPT 0
+
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned int
+
+#define RC2_BLOCK 8
+#define RC2_KEY_LENGTH 16
+
+typedef struct rc2_key_st
+ {
+ RC2_INT data[64];
+ } RC2_KEY;
+
+#ifndef NOPROTO
+
+void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
+void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
+ int enc);
+void RC2_encrypt(unsigned long *data,RC2_KEY *key,int enc);
+void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *ks, unsigned char *iv, int enc);
+void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC2_set_key();
+void RC2_ecb_encrypt();
+void RC2_encrypt();
+void RC2_cbc_encrypt();
+void RC2_cfb64_encrypt();
+void RC2_ofb64_encrypt();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc2/rc2.org b/crypto/rc2/rc2.org
new file mode 100644
index 0000000..af9310f
--- /dev/null
+++ b/crypto/rc2/rc2.org
@@ -0,0 +1,116 @@
+/* crypto/rc2/rc2.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc2.org since rc2.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_RC2_H
+#define HEADER_RC2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define RC2_ENCRYPT 1
+#define RC2_DECRYPT 0
+
+/* I need to put in a mod for the alpha - eay */
+#define RC2_INT unsigned short
+
+#define RC2_BLOCK 8
+#define RC2_KEY_LENGTH 16
+
+typedef struct rc2_key_st
+ {
+ RC2_INT data[64];
+ } RC2_KEY;
+
+#ifndef NOPROTO
+
+void RC2_set_key(RC2_KEY *key, int len, unsigned char *data,int bits);
+void RC2_ecb_encrypt(unsigned char *in,unsigned char *out,RC2_KEY *key,
+ int enc);
+void RC2_encrypt(unsigned long *data,RC2_KEY *key,int enc);
+void RC2_cbc_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *ks, unsigned char *iv, int enc);
+void RC2_cfb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *schedule, unsigned char *ivec, int *num, int enc);
+void RC2_ofb64_encrypt(unsigned char *in, unsigned char *out, long length,
+ RC2_KEY *schedule, unsigned char *ivec, int *num);
+
+#else
+
+void RC2_set_key();
+void RC2_ecb_encrypt();
+void RC2_encrypt();
+void RC2_cbc_encrypt();
+void RC2_cfb64_encrypt();
+void RC2_ofb64_encrypt();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc2/rc2_cbc.c b/crypto/rc2/rc2_cbc.c
new file mode 100644
index 0000000..24e7759
--- /dev/null
+++ b/crypto/rc2/rc2_cbc.c
@@ -0,0 +1,140 @@
+/* crypto/rc2/rc2_cbc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+void RC2_cbc_encrypt(in, out, length, ks, iv, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *ks;
+unsigned char *iv;
+int encrypt;
+ {
+ register unsigned long tin0,tin1;
+ register unsigned long tout0,tout1,xor0,xor1;
+ register long l=length;
+ unsigned long tin[2];
+
+ if (encrypt)
+ {
+ c2l(iv,tout0);
+ c2l(iv,tout1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0);
+ c2l(in,tin1);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ RC2_encrypt(tin,ks,RC2_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ if (l != -8)
+ {
+ c2ln(in,tin0,tin1,l+8);
+ tin0^=tout0;
+ tin1^=tout1;
+ tin[0]=tin0;
+ tin[1]=tin1;
+ RC2_encrypt(tin,ks,RC2_ENCRYPT);
+ tout0=tin[0]; l2c(tout0,out);
+ tout1=tin[1]; l2c(tout1,out);
+ }
+ l2c(tout0,iv);
+ l2c(tout1,iv);
+ }
+ else
+ {
+ c2l(iv,xor0);
+ c2l(iv,xor1);
+ iv-=8;
+ for (l-=8; l>=0; l-=8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ RC2_encrypt(tin,ks,RC2_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2c(tout0,out);
+ l2c(tout1,out);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ if (l != -8)
+ {
+ c2l(in,tin0); tin[0]=tin0;
+ c2l(in,tin1); tin[1]=tin1;
+ RC2_encrypt(tin,ks,RC2_DECRYPT);
+ tout0=tin[0]^xor0;
+ tout1=tin[1]^xor1;
+ l2cn(tout0,tout1,out,l+8);
+ xor0=tin0;
+ xor1=tin1;
+ }
+ l2c(xor0,iv);
+ l2c(xor1,iv);
+ }
+ tin0=tin1=tout0=tout1=xor0=xor1=0;
+ tin[0]=tin[1]=0;
+ }
+
diff --git a/crypto/rc2/rc2_ecb.c b/crypto/rc2/rc2_ecb.c
new file mode 100644
index 0000000..65b5d35
--- /dev/null
+++ b/crypto/rc2/rc2_ecb.c
@@ -0,0 +1,163 @@
+/* crypto/rc2/rc2_ecb.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+char *RC2_version="RC2 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* RC2 as implemented frm a posting from
+ * Newsgroups: sci.crypt
+ * Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+ * Subject: Specification for Ron Rivests Cipher No.2
+ * Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+ * Date: 11 Feb 1996 06:45:03 GMT
+ */
+
+void RC2_ecb_encrypt(in, out, ks, encrypt)
+unsigned char *in;
+unsigned char *out;
+RC2_KEY *ks;
+int encrypt;
+ {
+ unsigned long l,d[2];
+
+ c2l(in,l); d[0]=l;
+ c2l(in,l); d[1]=l;
+ RC2_encrypt(d,ks,encrypt);
+ l=d[0]; l2c(l,out);
+ l=d[1]; l2c(l,out);
+ l=d[0]=d[1]=0;
+ }
+
+void RC2_encrypt(d,key,encrypt)
+unsigned long *d;
+RC2_KEY *key;
+int encrypt;
+ {
+ int i,n;
+ register RC2_INT *p0,*p1;
+ register RC2_INT x0,x1,x2,x3,t;
+ unsigned long l;
+
+ l=d[0];
+ x0=(RC2_INT)l&0xffff;
+ x1=(RC2_INT)(l>>16L);
+ l=d[1];
+ x2=(RC2_INT)l&0xffff;
+ x3=(RC2_INT)(l>>16L);
+
+ n=3;
+ i=5;
+ if (encrypt)
+ {
+ p0=p1= &(key->data[0]);
+ for (;;)
+ {
+ t=(x0+(x1& ~x3)+(x2&x3)+ *(p0++))&0xffff;
+ x0=(t<<1)|(t>>15);
+ t=(x1+(x2& ~x0)+(x3&x0)+ *(p0++))&0xffff;
+ x1=(t<<2)|(t>>14);
+ t=(x2+(x3& ~x1)+(x0&x1)+ *(p0++))&0xffff;
+ x2=(t<<3)|(t>>13);
+ t=(x3+(x0& ~x2)+(x1&x2)+ *(p0++))&0xffff;
+ x3=(t<<5)|(t>>11);
+
+ if (--i == 0)
+ {
+ if (--n == 0) break;
+ i=(n == 2)?6:5;
+
+ x0+=p1[x3&0x3f];
+ x1+=p1[x0&0x3f];
+ x2+=p1[x1&0x3f];
+ x3+=p1[x2&0x3f];
+ }
+ }
+ }
+ else
+ {
+ p0= &(key->data[63]);
+ p1= &(key->data[0]);
+ for (;;)
+ {
+ t=((x3<<11)|(x3>>5))&0xffff;
+ x3=(t-(x0& ~x2)-(x1&x2)- *(p0--))&0xffff;
+ t=((x2<<13)|(x2>>3))&0xffff;
+ x2=(t-(x3& ~x1)-(x0&x1)- *(p0--))&0xffff;
+ t=((x1<<14)|(x1>>2))&0xffff;
+ x1=(t-(x2& ~x0)-(x3&x0)- *(p0--))&0xffff;
+ t=((x0<<15)|(x0>>1))&0xffff;
+ x0=(t-(x1& ~x3)-(x2&x3)- *(p0--))&0xffff;
+
+ if (--i == 0)
+ {
+ if (--n == 0) break;
+ i=(n == 2)?6:5;
+
+ x3=(x3-p1[x2&0x3f])&0xffff;
+ x2=(x2-p1[x1&0x3f])&0xffff;
+ x1=(x1-p1[x0&0x3f])&0xffff;
+ x0=(x0-p1[x3&0x3f])&0xffff;
+ }
+ }
+ }
+
+ d[0]=(unsigned long)(x0&0xffff)|((unsigned long)(x1&0xffff)<<16L);
+ d[1]=(unsigned long)(x2&0xffff)|((unsigned long)(x3&0xffff)<<16L);
+ }
diff --git a/crypto/rc2/rc2_locl.h b/crypto/rc2/rc2_locl.h
new file mode 100644
index 0000000..05f45b0
--- /dev/null
+++ b/crypto/rc2/rc2_locl.h
@@ -0,0 +1,146 @@
+/* crypto/rc2/rc2_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#undef c2l
+#define c2l(c,l) (l =((unsigned long)(*((c)++))) , \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<<24L)
+
+/* NOTE - c is not incremented as per c2l */
+#undef c2ln
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24L; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16L; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8L; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24L; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16L; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8L; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#undef l2c
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24L)&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#undef l2cn
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24L)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16L)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8L)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24L)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16L)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8L)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+/* NOTE - c is not incremented as per n2l */
+#define n2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c)))) ; \
+ case 7: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 6: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 5: l2|=((unsigned long)(*(--(c))))<<24; \
+ case 4: l1 =((unsigned long)(*(--(c)))) ; \
+ case 3: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 2: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l1|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+/* NOTE - c is not incremented as per l2n */
+#define l2nn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ } \
+ }
+
+#undef n2l
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24L, \
+ l|=((unsigned long)(*((c)++)))<<16L, \
+ l|=((unsigned long)(*((c)++)))<< 8L, \
+ l|=((unsigned long)(*((c)++))))
+
+#undef l2n
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16L)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8L)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
diff --git a/crypto/rc2/rc2_skey.c b/crypto/rc2/rc2_skey.c
new file mode 100644
index 0000000..cfc8a50
--- /dev/null
+++ b/crypto/rc2/rc2_skey.c
@@ -0,0 +1,142 @@
+/* crypto/rc2/rc2_skey.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+static unsigned char key_table[256]={
+ 0xd9,0x78,0xf9,0xc4,0x19,0xdd,0xb5,0xed,0x28,0xe9,0xfd,0x79,
+ 0x4a,0xa0,0xd8,0x9d,0xc6,0x7e,0x37,0x83,0x2b,0x76,0x53,0x8e,
+ 0x62,0x4c,0x64,0x88,0x44,0x8b,0xfb,0xa2,0x17,0x9a,0x59,0xf5,
+ 0x87,0xb3,0x4f,0x13,0x61,0x45,0x6d,0x8d,0x09,0x81,0x7d,0x32,
+ 0xbd,0x8f,0x40,0xeb,0x86,0xb7,0x7b,0x0b,0xf0,0x95,0x21,0x22,
+ 0x5c,0x6b,0x4e,0x82,0x54,0xd6,0x65,0x93,0xce,0x60,0xb2,0x1c,
+ 0x73,0x56,0xc0,0x14,0xa7,0x8c,0xf1,0xdc,0x12,0x75,0xca,0x1f,
+ 0x3b,0xbe,0xe4,0xd1,0x42,0x3d,0xd4,0x30,0xa3,0x3c,0xb6,0x26,
+ 0x6f,0xbf,0x0e,0xda,0x46,0x69,0x07,0x57,0x27,0xf2,0x1d,0x9b,
+ 0xbc,0x94,0x43,0x03,0xf8,0x11,0xc7,0xf6,0x90,0xef,0x3e,0xe7,
+ 0x06,0xc3,0xd5,0x2f,0xc8,0x66,0x1e,0xd7,0x08,0xe8,0xea,0xde,
+ 0x80,0x52,0xee,0xf7,0x84,0xaa,0x72,0xac,0x35,0x4d,0x6a,0x2a,
+ 0x96,0x1a,0xd2,0x71,0x5a,0x15,0x49,0x74,0x4b,0x9f,0xd0,0x5e,
+ 0x04,0x18,0xa4,0xec,0xc2,0xe0,0x41,0x6e,0x0f,0x51,0xcb,0xcc,
+ 0x24,0x91,0xaf,0x50,0xa1,0xf4,0x70,0x39,0x99,0x7c,0x3a,0x85,
+ 0x23,0xb8,0xb4,0x7a,0xfc,0x02,0x36,0x5b,0x25,0x55,0x97,0x31,
+ 0x2d,0x5d,0xfa,0x98,0xe3,0x8a,0x92,0xae,0x05,0xdf,0x29,0x10,
+ 0x67,0x6c,0xba,0xc9,0xd3,0x00,0xe6,0xcf,0xe1,0x9e,0xa8,0x2c,
+ 0x63,0x16,0x01,0x3f,0x58,0xe2,0x89,0xa9,0x0d,0x38,0x34,0x1b,
+ 0xab,0x33,0xff,0xb0,0xbb,0x48,0x0c,0x5f,0xb9,0xb1,0xcd,0x2e,
+ 0xc5,0xf3,0xdb,0x47,0xe5,0xa5,0x9c,0x77,0x0a,0xa6,0x20,0x68,
+ 0xfe,0x7f,0xc1,0xad,
+ };
+
+/* It has come to my attention that there are 2 versions of the RC2
+ * key schedule. One which is normal, and anther which has a hook to
+ * use a reduced key length.
+ * BSAFE uses the 'retarded' version. What I previously shipped is
+ * the same as specifying 1024 for the 'bits' parameter. Bsafe uses
+ * a version where the bits parameter is the same as len*8 */
+void RC2_set_key(key,len,data,bits)
+RC2_KEY *key;
+int len;
+unsigned char *data;
+int bits;
+ {
+ int i,j;
+ unsigned char *k;
+ RC2_INT *ki;
+ unsigned int c,d;
+
+ k= (unsigned char *)&(key->data[0]);
+ *k=0; /* for if there is a zero length key */
+
+ if (len > 128) len=128;
+ if (bits <= 0) bits=1024;
+ if (bits > 1024) bits=1024;
+
+ for (i=0; i<len; i++)
+ k[i]=data[i];
+
+ /* expand table */
+ d=k[len-1];
+ j=0;
+ for (i=len; i < 128; i++,j++)
+ {
+ d=key_table[(k[j]+d)&0xff];
+ k[i]=d;
+ }
+
+ /* hmm.... key reduction to 'bits' bits */
+
+ j=(bits+7)>>3;
+ i=128-j;
+ c= (0xff>>(-bits & 0x07));
+
+ d=key_table[k[i]&c];
+ k[i]=d;
+ while (i--)
+ {
+ d=key_table[k[i+j]^d];
+ k[i]=d;
+ }
+
+ /* copy from bytes into RC2_INT's */
+ ki= &(key->data[63]);
+ for (i=127; i>=0; i-=2)
+ *(ki--)=((k[i]<<8)|k[i-1])&0xffff;
+ }
+
diff --git a/crypto/rc2/rc2cfb64.c b/crypto/rc2/rc2cfb64.c
new file mode 100644
index 0000000..44df3dc
--- /dev/null
+++ b/crypto/rc2/rc2cfb64.c
@@ -0,0 +1,127 @@
+/* crypto/rc2/rc2cfb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+/* The input and output encrypted as though 64bit cfb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+
+void RC2_cfb64_encrypt(in, out, length, schedule, ivec, num, encrypt)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *schedule;
+unsigned char *ivec;
+int *num;
+int encrypt;
+ {
+ register unsigned long v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned long ti[2];
+ unsigned char *iv,c,cc;
+
+ iv=(unsigned char *)ivec;
+ if (encrypt)
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2c(t,iv);
+ t=ti[1]; l2c(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ c= *(in++)^iv[n];
+ *(out++)=c;
+ iv[n]=c;
+ n=(n+1)&0x07;
+ }
+ }
+ else
+ {
+ while (l--)
+ {
+ if (n == 0)
+ {
+ c2l(iv,v0); ti[0]=v0;
+ c2l(iv,v1); ti[1]=v1;
+ RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+ iv=(unsigned char *)ivec;
+ t=ti[0]; l2c(t,iv);
+ t=ti[1]; l2c(t,iv);
+ iv=(unsigned char *)ivec;
+ }
+ cc= *(in++);
+ c=iv[n];
+ iv[n]=cc;
+ *(out++)=c^cc;
+ n=(n+1)&0x07;
+ }
+ }
+ v0=v1=ti[0]=ti[1]=t=c=cc=0;
+ *num=n;
+ }
+
diff --git a/crypto/rc2/rc2ofb64.c b/crypto/rc2/rc2ofb64.c
new file mode 100644
index 0000000..5df004b
--- /dev/null
+++ b/crypto/rc2/rc2ofb64.c
@@ -0,0 +1,115 @@
+/* crypto/rc2/rc2ofb64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include "rc2.h"
+#include "rc2_locl.h"
+
+/* The input and output encrypted as though 64bit ofb mode is being
+ * used. The extra state information to record how much of the
+ * 64bit block we have used is contained in *num;
+ */
+void RC2_ofb64_encrypt(in, out, length, schedule, ivec, num)
+unsigned char *in;
+unsigned char *out;
+long length;
+RC2_KEY *schedule;
+unsigned char *ivec;
+int *num;
+ {
+ register unsigned long v0,v1,t;
+ register int n= *num;
+ register long l=length;
+ unsigned char d[8];
+ register char *dp;
+ unsigned long ti[2];
+ unsigned char *iv;
+ int save=0;
+
+ iv=(unsigned char *)ivec;
+ c2l(iv,v0);
+ c2l(iv,v1);
+ ti[0]=v0;
+ ti[1]=v1;
+ dp=(char *)d;
+ l2c(v0,dp);
+ l2c(v1,dp);
+ while (l--)
+ {
+ if (n == 0)
+ {
+ RC2_encrypt((unsigned long *)ti,schedule,RC2_ENCRYPT);
+ dp=(char *)d;
+ t=ti[0]; l2c(t,dp);
+ t=ti[1]; l2c(t,dp);
+ save++;
+ }
+ *(out++)= *(in++)^d[n];
+ n=(n+1)&0x07;
+ }
+ if (save)
+ {
+ v0=ti[0];
+ v1=ti[1];
+ iv=(unsigned char *)ivec;
+ l2c(v0,iv);
+ l2c(v1,iv);
+ }
+ t=v0=v1=ti[0]=ti[1]=0;
+ *num=n;
+ }
+
diff --git a/crypto/rc2/rc2test.c b/crypto/rc2/rc2test.c
new file mode 100644
index 0000000..00e21dd
--- /dev/null
+++ b/crypto/rc2/rc2test.c
@@ -0,0 +1,270 @@
+/* crypto/rc2/rc2test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* This has been a quickly hacked 'ideatest.c'. When I add tests for other
+ * RC2 modes, more of the code will be uncommented. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "rc2.h"
+
+unsigned char RC2key[4][16]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+ 0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x01,0x02,0x03,0x04,0x05,0x06,0x07,
+ 0x08,0x09,0x0A,0x0B,0x0C,0x0D,0x0E,0x0F},
+ };
+
+unsigned char RC2plain[4][8]={
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF},
+ {0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ };
+
+unsigned char RC2cipher[4][8]={
+ {0x1C,0x19,0x8A,0x83,0x8D,0xF0,0x28,0xB7},
+ {0x21,0x82,0x9C,0x78,0xA9,0xF9,0xC0,0x74},
+ {0x13,0xDB,0x35,0x17,0xD3,0x21,0x86,0x9E},
+ {0x50,0xDC,0x01,0x62,0xBD,0x75,0x7F,0x31},
+ };
+/************/
+#ifdef undef
+unsigned char k[16]={
+ 0x00,0x01,0x00,0x02,0x00,0x03,0x00,0x04,
+ 0x00,0x05,0x00,0x06,0x00,0x07,0x00,0x08};
+
+unsigned char in[8]={0x00,0x00,0x00,0x01,0x00,0x02,0x00,0x03};
+unsigned char c[8]={0x11,0xFB,0xED,0x2B,0x01,0x98,0x6D,0xE5};
+unsigned char out[80];
+
+char *text="Hello to all people out there";
+
+static unsigned char cfb_key[16]={
+ 0xe1,0xf0,0xc3,0xd2,0xa5,0xb4,0x87,0x96,
+ 0x69,0x78,0x4b,0x5a,0x2d,0x3c,0x0f,0x1e,
+ };
+static unsigned char cfb_iv[80]={0x34,0x12,0x78,0x56,0xab,0x90,0xef,0xcd};
+static unsigned char cfb_buf1[40],cfb_buf2[40],cfb_tmp[8];
+#define CFB_TEST_SIZE 24
+static unsigned char plain[CFB_TEST_SIZE]=
+ {
+ 0x4e,0x6f,0x77,0x20,0x69,0x73,
+ 0x20,0x74,0x68,0x65,0x20,0x74,
+ 0x69,0x6d,0x65,0x20,0x66,0x6f,
+ 0x72,0x20,0x61,0x6c,0x6c,0x20
+ };
+static unsigned char cfb_cipher64[CFB_TEST_SIZE]={
+ 0x59,0xD8,0xE2,0x65,0x00,0x58,0x6C,0x3F,
+ 0x2C,0x17,0x25,0xD0,0x1A,0x38,0xB7,0x2A,
+ 0x39,0x61,0x37,0xDC,0x79,0xFB,0x9F,0x45
+
+/* 0xF9,0x78,0x32,0xB5,0x42,0x1A,0x6B,0x38,
+ 0x9A,0x44,0xD6,0x04,0x19,0x43,0xC4,0xD9,
+ 0x3D,0x1E,0xAE,0x47,0xFC,0xCF,0x29,0x0B,*/
+ };
+
+
+#ifndef NOPROTO
+/*static int cfb64_test(unsigned char *cfb_cipher);*/
+static char *pt(unsigned char *p);
+#else
+/*static int cfb64_test(); */
+static char *pt();
+#endif
+
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,n,err=0;
+ RC2_KEY key;
+ unsigned char buf[8],buf2[8];
+
+ for (n=0; n<4; n++)
+ {
+ RC2_set_key(&key,16,&(RC2key[n][0]),0 /* or 1024 */);
+
+ RC2_ecb_encrypt(&(RC2plain[n][0]),buf,&key,RC2_ENCRYPT);
+ if (memcmp(&(RC2cipher[n][0]),buf,8) != 0)
+ {
+ printf("ecb rc2 error encrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",RC2cipher[n][i]);
+ err=20;
+ printf("\n");
+ }
+
+ RC2_ecb_encrypt(buf,buf2,&key,RC2_DECRYPT);
+ if (memcmp(&(RC2plain[n][0]),buf2,8) != 0)
+ {
+ printf("ecb RC2 error decrypting\n");
+ printf("got :");
+ for (i=0; i<8; i++)
+ printf("%02X ",buf[i]);
+ printf("\n");
+ printf("expected:");
+ for (i=0; i<8; i++)
+ printf("%02X ",RC2plain[n][i]);
+ printf("\n");
+ err=3;
+ }
+ }
+
+ if (err == 0) printf("ecb RC2 ok\n");
+#ifdef undef
+ memcpy(iv,k,8);
+ idea_cbc_encrypt((unsigned char *)text,out,strlen(text)+1,&key,iv,1);
+ memcpy(iv,k,8);
+ idea_cbc_encrypt(out,out,8,&dkey,iv,0);
+ idea_cbc_encrypt(&(out[8]),&(out[8]),strlen(text)+1-8,&dkey,iv,0);
+ if (memcmp(text,out,strlen(text)+1) != 0)
+ {
+ printf("cbc idea bad\n");
+ err=4;
+ }
+ else
+ printf("cbc idea ok\n");
+
+ printf("cfb64 idea ");
+ if (cfb64_test(cfb_cipher64))
+ {
+ printf("bad\n");
+ err=5;
+ }
+ else
+ printf("ok\n");
+#endif
+
+ exit(err);
+ return(err);
+ }
+
+#ifdef undef
+static int cfb64_test(cfb_cipher)
+unsigned char *cfb_cipher;
+ {
+ IDEA_KEY_SCHEDULE eks,dks;
+ int err=0,i,n;
+
+ idea_set_encrypt_key(cfb_key,&eks);
+ idea_set_decrypt_key(&eks,&dks);
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(plain,cfb_buf1,(long)12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ idea_cfb64_encrypt(&(plain[12]),&(cfb_buf1[12]),
+ (long)CFB_TEST_SIZE-12,&eks,
+ cfb_tmp,&n,IDEA_ENCRYPT);
+ if (memcmp(cfb_cipher,cfb_buf1,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb64_encrypt encrypt error\n");
+ for (i=0; i<CFB_TEST_SIZE; i+=8)
+ printf("%s\n",pt(&(cfb_buf1[i])));
+ }
+ memcpy(cfb_tmp,cfb_iv,8);
+ n=0;
+ idea_cfb64_encrypt(cfb_buf1,cfb_buf2,(long)17,&eks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ idea_cfb64_encrypt(&(cfb_buf1[17]),&(cfb_buf2[17]),
+ (long)CFB_TEST_SIZE-17,&dks,
+ cfb_tmp,&n,IDEA_DECRYPT);
+ if (memcmp(plain,cfb_buf2,CFB_TEST_SIZE) != 0)
+ {
+ err=1;
+ printf("idea_cfb_encrypt decrypt error\n");
+ for (i=0; i<24; i+=8)
+ printf("%s\n",pt(&(cfb_buf2[i])));
+ }
+ return(err);
+ }
+
+static char *pt(p)
+unsigned char *p;
+ {
+ static char bufs[10][20];
+ static int bnum=0;
+ char *ret;
+ int i;
+ static char *f="0123456789ABCDEF";
+
+ ret= &(bufs[bnum++][0]);
+ bnum%=10;
+ for (i=0; i<8; i++)
+ {
+ ret[i*2]=f[(p[i]>>4)&0xf];
+ ret[i*2+1]=f[p[i]&0xf];
+ }
+ ret[16]='\0';
+ return(ret);
+ }
+
+#endif
diff --git a/crypto/rc2/rrc2.doc b/crypto/rc2/rrc2.doc
new file mode 100644
index 0000000..f93ee00
--- /dev/null
+++ b/crypto/rc2/rrc2.doc
@@ -0,0 +1,219 @@
+>From cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news Mon Feb 12 18:48:17 EST 1996
+Article 23601 of sci.crypt:
+Path: cygnus.mincom.oz.au!minbne.mincom.oz.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!comp.vuw.ac.nz!waikato!auckland.ac.nz!news
+>From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Newsgroups: sci.crypt
+Subject: Specification for Ron Rivests Cipher No.2
+Date: 11 Feb 1996 06:45:03 GMT
+Organization: University of Auckland
+Lines: 203
+Sender: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+NNTP-Posting-Host: cs26.cs.auckland.ac.nz
+X-Newsreader: NN version 6.5.0 #3 (NOV)
+
+
+
+
+ Ron Rivest's Cipher No.2
+ ------------------------
+
+Ron Rivest's Cipher No.2 (hereafter referred to as RRC.2, other people may
+refer to it by other names) is word oriented, operating on a block of 64 bits
+divided into four 16-bit words, with a key table of 64 words. All data units
+are little-endian. This functional description of the algorithm is based in
+the paper "The RC5 Encryption Algorithm" (RC5 is a trademark of RSADSI), using
+the same general layout, terminology, and pseudocode style.
+
+
+Notation and RRC.2 Primitive Operations
+
+RRC.2 uses the following primitive operations:
+
+1. Two's-complement addition of words, denoted by "+". The inverse operation,
+ subtraction, is denoted by "-".
+2. Bitwise exclusive OR, denoted by "^".
+3. Bitwise AND, denoted by "&".
+4. Bitwise NOT, denoted by "~".
+5. A left-rotation of words; the rotation of word x left by y is denoted
+ x <<< y. The inverse operation, right-rotation, is denoted x >>> y.
+
+These operations are directly and efficiently supported by most processors.
+
+
+The RRC.2 Algorithm
+
+RRC.2 consists of three components, a *key expansion* algorithm, an
+*encryption* algorithm, and a *decryption* algorithm.
+
+
+Key Expansion
+
+The purpose of the key-expansion routine is to expand the user's key K to fill
+the expanded key array S, so S resembles an array of random binary words
+determined by the user's secret key K.
+
+Initialising the S-box
+
+RRC.2 uses a single 256-byte S-box derived from the ciphertext contents of
+Beale Cipher No.1 XOR'd with a one-time pad. The Beale Ciphers predate modern
+cryptography by enough time that there should be no concerns about trapdoors
+hidden in the data. They have been published widely, and the S-box can be
+easily recreated from the one-time pad values and the Beale Cipher data taken
+from a standard source. To initialise the S-box:
+
+ for i = 0 to 255 do
+ sBox[ i ] = ( beale[ i ] mod 256 ) ^ pad[ i ]
+
+The contents of Beale Cipher No.1 and the necessary one-time pad are given as
+an appendix at the end of this document. For efficiency, implementors may wish
+to skip the Beale Cipher expansion and store the sBox table directly.
+
+Expanding the Secret Key to 128 Bytes
+
+The secret key is first expanded to fill 128 bytes (64 words). The expansion
+consists of taking the sum of the first and last bytes in the user key, looking
+up the sum (modulo 256) in the S-box, and appending the result to the key. The
+operation is repeated with the second byte and new last byte of the key until
+all 128 bytes have been generated. Note that the following pseudocode treats
+the S array as an array of 128 bytes rather than 64 words.
+
+ for j = 0 to length-1 do
+ S[ j ] = K[ j ]
+ for j = length to 127 do
+ s[ j ] = sBox[ ( S[ j-length ] + S[ j-1 ] ) mod 256 ];
+
+At this point it is possible to perform a truncation of the effective key
+length to ease the creation of espionage-enabled software products. However
+since the author cannot conceive why anyone would want to do this, it will not
+be considered further.
+
+The final phase of the key expansion involves replacing the first byte of S
+with the entry selected from the S-box:
+
+ S[ 0 ] = sBox[ S[ 0 ] ]
+
+
+Encryption
+
+The cipher has 16 full rounds, each divided into 4 subrounds. Two of the full
+rounds perform an additional transformation on the data. Note that the
+following pseudocode treats the S array as an array of 64 words rather than 128
+bytes.
+
+ for i = 0 to 15 do
+ j = i * 4;
+ word0 = ( word0 + ( word1 & ~word3 ) + ( word2 & word3 ) + S[ j+0 ] ) <<< 1
+ word1 = ( word1 + ( word2 & ~word0 ) + ( word3 & word0 ) + S[ j+1 ] ) <<< 2
+ word2 = ( word2 + ( word3 & ~word1 ) + ( word0 & word1 ) + S[ j+2 ] ) <<< 3
+ word3 = ( word3 + ( word0 & ~word2 ) + ( word1 & word2 ) + S[ j+3 ] ) <<< 5
+
+In addition the fifth and eleventh rounds add the contents of the S-box indexed
+by one of the data words to another of the data words following the four
+subrounds as follows:
+
+ word0 = word0 + S[ word3 & 63 ];
+ word1 = word1 + S[ word0 & 63 ];
+ word2 = word2 + S[ word1 & 63 ];
+ word3 = word3 + S[ word2 & 63 ];
+
+
+Decryption
+
+The decryption operation is simply the inverse of the encryption operation.
+Note that the following pseudocode treats the S array as an array of 64 words
+rather than 128 bytes.
+
+ for i = 15 downto 0 do
+ j = i * 4;
+ word3 = ( word3 >>> 5 ) - ( word0 & ~word2 ) - ( word1 & word2 ) - S[ j+3 ]
+ word2 = ( word2 >>> 3 ) - ( word3 & ~word1 ) - ( word0 & word1 ) - S[ j+2 ]
+ word1 = ( word1 >>> 2 ) - ( word2 & ~word0 ) - ( word3 & word0 ) - S[ j+1 ]
+ word0 = ( word0 >>> 1 ) - ( word1 & ~word3 ) - ( word2 & word3 ) - S[ j+0 ]
+
+In addition the fifth and eleventh rounds subtract the contents of the S-box
+indexed by one of the data words from another one of the data words following
+the four subrounds as follows:
+
+ word3 = word3 - S[ word2 & 63 ]
+ word2 = word2 - S[ word1 & 63 ]
+ word1 = word1 - S[ word0 & 63 ]
+ word0 = word0 - S[ word3 & 63 ]
+
+
+Test Vectors
+
+The following test vectors may be used to test the correctness of an RRC.2
+implementation:
+
+ Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Cipher: 0x1C, 0x19, 0x8A, 0x83, 0x8D, 0xF0, 0x28, 0xB7
+
+ Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01
+ Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Cipher: 0x21, 0x82, 0x9C, 0x78, 0xA9, 0xF9, 0xC0, 0x74
+
+ Key: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Plain: 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF
+ Cipher: 0x13, 0xDB, 0x35, 0x17, 0xD3, 0x21, 0x86, 0x9E
+
+ Key: 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+ 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+ Plain: 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ Cipher: 0x50, 0xDC, 0x01, 0x62, 0xBD, 0x75, 0x7F, 0x31
+
+
+Appendix: Beale Cipher No.1, "The Locality of the Vault", and One-time Pad for
+ Creating the S-Box
+
+Beale Cipher No.1.
+
+ 71, 194, 38,1701, 89, 76, 11, 83,1629, 48, 94, 63, 132, 16, 111, 95,
+ 84, 341, 975, 14, 40, 64, 27, 81, 139, 213, 63, 90,1120, 8, 15, 3,
+ 126,2018, 40, 74, 758, 485, 604, 230, 436, 664, 582, 150, 251, 284, 308, 231,
+ 124, 211, 486, 225, 401, 370, 11, 101, 305, 139, 189, 17, 33, 88, 208, 193,
+ 145, 1, 94, 73, 416, 918, 263, 28, 500, 538, 356, 117, 136, 219, 27, 176,
+ 130, 10, 460, 25, 485, 18, 436, 65, 84, 200, 283, 118, 320, 138, 36, 416,
+ 280, 15, 71, 224, 961, 44, 16, 401, 39, 88, 61, 304, 12, 21, 24, 283,
+ 134, 92, 63, 246, 486, 682, 7, 219, 184, 360, 780, 18, 64, 463, 474, 131,
+ 160, 79, 73, 440, 95, 18, 64, 581, 34, 69, 128, 367, 460, 17, 81, 12,
+ 103, 820, 62, 110, 97, 103, 862, 70, 60,1317, 471, 540, 208, 121, 890, 346,
+ 36, 150, 59, 568, 614, 13, 120, 63, 219, 812,2160,1780, 99, 35, 18, 21,
+ 136, 872, 15, 28, 170, 88, 4, 30, 44, 112, 18, 147, 436, 195, 320, 37,
+ 122, 113, 6, 140, 8, 120, 305, 42, 58, 461, 44, 106, 301, 13, 408, 680,
+ 93, 86, 116, 530, 82, 568, 9, 102, 38, 416, 89, 71, 216, 728, 965, 818,
+ 2, 38, 121, 195, 14, 326, 148, 234, 18, 55, 131, 234, 361, 824, 5, 81,
+ 623, 48, 961, 19, 26, 33, 10,1101, 365, 92, 88, 181, 275, 346, 201, 206
+
+One-time Pad.
+
+ 158, 186, 223, 97, 64, 145, 190, 190, 117, 217, 163, 70, 206, 176, 183, 194,
+ 146, 43, 248, 141, 3, 54, 72, 223, 233, 153, 91, 210, 36, 131, 244, 161,
+ 105, 120, 113, 191, 113, 86, 19, 245, 213, 221, 43, 27, 242, 157, 73, 213,
+ 193, 92, 166, 10, 23, 197, 112, 110, 193, 30, 156, 51, 125, 51, 158, 67,
+ 197, 215, 59, 218, 110, 246, 181, 0, 135, 76, 164, 97, 47, 87, 234, 108,
+ 144, 127, 6, 6, 222, 172, 80, 144, 22, 245, 207, 70, 227, 182, 146, 134,
+ 119, 176, 73, 58, 135, 69, 23, 198, 0, 170, 32, 171, 176, 129, 91, 24,
+ 126, 77, 248, 0, 118, 69, 57, 60, 190, 171, 217, 61, 136, 169, 196, 84,
+ 168, 167, 163, 102, 223, 64, 174, 178, 166, 239, 242, 195, 249, 92, 59, 38,
+ 241, 46, 236, 31, 59, 114, 23, 50, 119, 186, 7, 66, 212, 97, 222, 182,
+ 230, 118, 122, 86, 105, 92, 179, 243, 255, 189, 223, 164, 194, 215, 98, 44,
+ 17, 20, 53, 153, 137, 224, 176, 100, 208, 114, 36, 200, 145, 150, 215, 20,
+ 87, 44, 252, 20, 235, 242, 163, 132, 63, 18, 5, 122, 74, 97, 34, 97,
+ 142, 86, 146, 221, 179, 166, 161, 74, 69, 182, 88, 120, 128, 58, 76, 155,
+ 15, 30, 77, 216, 165, 117, 107, 90, 169, 127, 143, 181, 208, 137, 200, 127,
+ 170, 195, 26, 84, 255, 132, 150, 58, 103, 250, 120, 221, 237, 37, 8, 99
+
+
+Implementation
+
+A non-US based programmer who has never seen any encryption code before will
+shortly be implementing RRC.2 based solely on this specification and not on
+knowledge of any other encryption algorithms. Stand by.
+
+
+
diff --git a/crypto/rc2/version b/crypto/rc2/version
new file mode 100644
index 0000000..6f89d59
--- /dev/null
+++ b/crypto/rc2/version
@@ -0,0 +1,22 @@
+1.1 23/08/96 - eay
+ Changed RC2_set_key() so it now takes another argument. Many
+ thanks to Peter Gutmann <pgut01@cs.auckland.ac.nz> for the
+ clarification and origional specification of RC2. BSAFE uses
+ this last parameter, 'bits'. It the key is 128 bits, BSAFE
+ also sets this parameter to 128. The old behaviour can be
+ duplicated by setting this parameter to 1024.
+
+1.0 08/04/96 - eay
+ First version of SSLeay with rc2. This has been written from the spec
+ posted sci.crypt. It is in this directory under rrc2.doc
+ I have no test values for any mode other than ecb, my wrappers for the
+ other modes should be ok since they are basically the same as
+ the ones taken from idea and des :-). I have implemented them as
+ little-endian operators.
+ While rc2 is included because it is used with SSL, I don't know how
+ far I trust it. It is about the same speed as IDEA and DES.
+ So if you are paranoid, used Tripple DES, else IDEA. If RC2
+ does get used more, perhaps more people will look for weaknesses in
+ it.
+
+
diff --git a/crypto/rc4/Makefile.ssl b/crypto/rc4/Makefile.ssl
new file mode 100644
index 0000000..2f40d4e
--- /dev/null
+++ b/crypto/rc4/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/rc4/Makefile
+#
+
+DIR= rc4
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=rc4test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=rc4_enc.c
+LIBOBJ=rc4_enc.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rc4.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rc4/rc4.c b/crypto/rc4/rc4.c
new file mode 100644
index 0000000..37965d5
--- /dev/null
+++ b/crypto/rc4/rc4.c
@@ -0,0 +1,194 @@
+/* crypto/rc4/rc4.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+char *usage[]={
+"usage: rc4 args\n",
+"\n",
+" -in arg - input file - default stdin\n",
+" -out arg - output file - default stdout\n",
+" -key key - password\n",
+NULL
+};
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ FILE *in=NULL,*out=NULL;
+ char *infile=NULL,*outfile=NULL,*keystr=NULL;
+ RC4_KEY key;
+ char buf[BUFSIZ];
+ int badops=0,i;
+ char **pp;
+ unsigned char md[MD5_DIGEST_LENGTH];
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ infile= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-key") == 0)
+ {
+ if (--argc < 1) goto bad;
+ keystr= *(++argv);
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badops=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (badops)
+ {
+bad:
+ for (pp=usage; (*pp != NULL); pp++)
+ fprintf(stderr,*pp);
+ exit(1);
+ }
+
+ if (infile == NULL)
+ in=stdin;
+ else
+ {
+ in=fopen(infile,"r");
+ if (in == NULL)
+ {
+ perror("open");
+ exit(1);
+ }
+
+ }
+ if (outfile == NULL)
+ out=stdout;
+ else
+ {
+ out=fopen(outfile,"w");
+ if (out == NULL)
+ {
+ perror("open");
+ exit(1);
+ }
+ }
+
+#ifdef MSDOS
+ /* This should set the file to binary mode. */
+ {
+#include <fcntl.h>
+ setmode(fileno(in),O_BINARY);
+ setmode(fileno(out),O_BINARY);
+ }
+#endif
+
+ if (keystr == NULL)
+ { /* get key */
+ i=EVP_read_pw_string(buf,BUFSIZ,"Enter RC4 password:",0);
+ if (i != 0)
+ {
+ memset(buf,0,BUFSIZ);
+ fprintf(stderr,"bad password read\n");
+ exit(1);
+ }
+ keystr=buf;
+ }
+
+ MD5((unsigned char *)keystr,(unsigned long)strlen(keystr),md);
+ memset(keystr,0,strlen(keystr));
+ RC4_set_key(&key,MD5_DIGEST_LENGTH,md);
+
+ for(;;)
+ {
+ i=fread(buf,1,BUFSIZ,in);
+ if (i == 0) break;
+ if (i < 0)
+ {
+ perror("read");
+ exit(1);
+ }
+ RC4(&key,(unsigned int)i,(unsigned char *)buf,
+ (unsigned char *)buf);
+ i=fwrite(buf,(unsigned int)i,1,out);
+ if (i != 1)
+ {
+ perror("write");
+ exit(1);
+ }
+ }
+ fclose(out);
+ fclose(in);
+ exit(0);
+ return(1);
+ }
+
diff --git a/crypto/rc4/rc4.h b/crypto/rc4/rc4.h
new file mode 100644
index 0000000..c558651
--- /dev/null
+++ b/crypto/rc4/rc4.h
@@ -0,0 +1,103 @@
+/* crypto/rc4/rc4.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4.org since rc4.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_RC4_H
+#define HEADER_RC4_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+#define RC4_INT unsigned int
+
+typedef struct rc4_key_st
+ {
+ RC4_INT x,y;
+ RC4_INT data[256];
+ } RC4_KEY;
+
+#ifndef NOPROTO
+
+char *RC4_options(void);
+void RC4_set_key(RC4_KEY *key, int len, unsigned char *data);
+void RC4(RC4_KEY *key, unsigned long len, unsigned char *indata,
+ unsigned char *outdata);
+
+#else
+
+char *RC4_options();
+void RC4_set_key();
+void RC4();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc4/rc4.org b/crypto/rc4/rc4.org
new file mode 100644
index 0000000..c558651
--- /dev/null
+++ b/crypto/rc4/rc4.org
@@ -0,0 +1,103 @@
+/* crypto/rc4/rc4.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4.org since rc4.h is automatically generated from
+ * it during SSLeay configuration.
+ *
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#ifndef HEADER_RC4_H
+#define HEADER_RC4_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* using int types make the structure larger but make the code faster
+ * on most boxes I have tested - up to %20 faster. */
+#define RC4_INT unsigned int
+
+typedef struct rc4_key_st
+ {
+ RC4_INT x,y;
+ RC4_INT data[256];
+ } RC4_KEY;
+
+#ifndef NOPROTO
+
+char *RC4_options(void);
+void RC4_set_key(RC4_KEY *key, int len, unsigned char *data);
+void RC4(RC4_KEY *key, unsigned long len, unsigned char *indata,
+ unsigned char *outdata);
+
+#else
+
+char *RC4_options();
+void RC4_set_key();
+void RC4();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/rc4/rc4_enc.c b/crypto/rc4/rc4_enc.c
new file mode 100644
index 0000000..de57a97
--- /dev/null
+++ b/crypto/rc4/rc4_enc.c
@@ -0,0 +1,195 @@
+/* crypto/rc4/rc4_enc.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4_enc.org since rc4_enc.c is automatically generated from
+ * it during SSLeay configuration.
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#include "rc4.h"
+
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#undef RC4_INDEX
+
+char *RC4_version="RC4 part of SSLeay 0.8.1a 24-Jun-1998";
+
+char *RC4_options()
+ {
+#ifdef RC4_INDEX
+ if (sizeof(RC4_INT) == 1)
+ return("rc4(idx,char)");
+ else
+ return("rc4(idx,int)");
+#else
+ if (sizeof(RC4_INT) == 1)
+ return("rc4(ptr,char)");
+ else
+ return("rc4(ptr,int)");
+#endif
+ }
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(key, len, data)
+RC4_KEY *key;
+int len;
+register unsigned char *data;
+ {
+ register RC4_INT tmp;
+ register int id1,id2;
+ register RC4_INT *d;
+ unsigned int i;
+
+ d= &(key->data[0]);
+ for (i=0; i<256; i++)
+ d[i]=i;
+ key->x = 0;
+ key->y = 0;
+ id1=id2=0;
+
+#define SK_LOOP(n) { \
+ tmp=d[(n)]; \
+ id2 = (data[id1] + tmp + id2) & 0xff; \
+ if (++id1 == len) id1=0; \
+ d[(n)]=d[id2]; \
+ d[id2]=tmp; }
+
+ for (i=0; i < 256; i+=4)
+ {
+ SK_LOOP(i+0);
+ SK_LOOP(i+1);
+ SK_LOOP(i+2);
+ SK_LOOP(i+3);
+ }
+ }
+
+void RC4(key, len, indata, outdata)
+RC4_KEY *key;
+unsigned long len;
+unsigned char *indata;
+unsigned char *outdata;
+ {
+ register RC4_INT *d;
+ register RC4_INT x,y,tx,ty;
+ int i;
+
+ x=key->x;
+ y=key->y;
+ d=key->data;
+
+#define LOOP(in,out) \
+ x=((x+1)&0xff); \
+ tx=d[x]; \
+ y=(tx+y)&0xff; \
+ d[x]=ty=d[y]; \
+ d[y]=tx; \
+ (out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
+#else
+#define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
+#endif
+
+ i= -(int)len;
+ i=(int)(len>>3L);
+ if (i)
+ {
+ for (;;)
+ {
+ RC4_LOOP(indata,outdata,0);
+ RC4_LOOP(indata,outdata,1);
+ RC4_LOOP(indata,outdata,2);
+ RC4_LOOP(indata,outdata,3);
+ RC4_LOOP(indata,outdata,4);
+ RC4_LOOP(indata,outdata,5);
+ RC4_LOOP(indata,outdata,6);
+ RC4_LOOP(indata,outdata,7);
+#ifdef RC4_INDEX
+ indata+=8;
+ outdata+=8;
+#endif
+ if (--i == 0) break;
+ }
+ }
+ i=(int)len&0x07;
+ if (i)
+ {
+ for (;;)
+ {
+ RC4_LOOP(indata,outdata,0); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,1); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,2); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,3); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,4); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,5); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,6); if (--i == 0) break;
+ }
+ }
+ key->x=x;
+ key->y=y;
+ }
diff --git a/crypto/rc4/rc4_enc.org b/crypto/rc4/rc4_enc.org
new file mode 100644
index 0000000..c83b9ac
--- /dev/null
+++ b/crypto/rc4/rc4_enc.org
@@ -0,0 +1,195 @@
+/* crypto/rc4/rc4_enc.org */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ *
+ * Always modify rc4_enc.org since rc4_enc.c is automatically generated from
+ * it during SSLeay configuration.
+ * WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING WARNING
+ */
+
+#include "rc4.h"
+
+/* if this is defined data[i] is used instead of *data, this is a %20
+ * speedup on x86 */
+#define RC4_INDEX
+
+char *RC4_version="RC4 part of SSLeay 0.8.1b 29-Jun-1998";
+
+char *RC4_options()
+ {
+#ifdef RC4_INDEX
+ if (sizeof(RC4_INT) == 1)
+ return("rc4(idx,char)");
+ else
+ return("rc4(idx,int)");
+#else
+ if (sizeof(RC4_INT) == 1)
+ return("rc4(ptr,char)");
+ else
+ return("rc4(ptr,int)");
+#endif
+ }
+
+/* RC4 as implemented from a posting from
+ * Newsgroups: sci.crypt
+ * From: sterndark@netcom.com (David Sterndark)
+ * Subject: RC4 Algorithm revealed.
+ * Message-ID: <sternCvKL4B.Hyy@netcom.com>
+ * Date: Wed, 14 Sep 1994 06:35:31 GMT
+ */
+
+void RC4_set_key(key, len, data)
+RC4_KEY *key;
+int len;
+register unsigned char *data;
+ {
+ register RC4_INT tmp;
+ register int id1,id2;
+ register RC4_INT *d;
+ unsigned int i;
+
+ d= &(key->data[0]);
+ for (i=0; i<256; i++)
+ d[i]=i;
+ key->x = 0;
+ key->y = 0;
+ id1=id2=0;
+
+#define SK_LOOP(n) { \
+ tmp=d[(n)]; \
+ id2 = (data[id1] + tmp + id2) & 0xff; \
+ if (++id1 == len) id1=0; \
+ d[(n)]=d[id2]; \
+ d[id2]=tmp; }
+
+ for (i=0; i < 256; i+=4)
+ {
+ SK_LOOP(i+0);
+ SK_LOOP(i+1);
+ SK_LOOP(i+2);
+ SK_LOOP(i+3);
+ }
+ }
+
+void RC4(key, len, indata, outdata)
+RC4_KEY *key;
+unsigned long len;
+unsigned char *indata;
+unsigned char *outdata;
+ {
+ register RC4_INT *d;
+ register RC4_INT x,y,tx,ty;
+ int i;
+
+ x=key->x;
+ y=key->y;
+ d=key->data;
+
+#define LOOP(in,out) \
+ x=((x+1)&0xff); \
+ tx=d[x]; \
+ y=(tx+y)&0xff; \
+ d[x]=ty=d[y]; \
+ d[y]=tx; \
+ (out) = d[(tx+ty)&0xff]^ (in);
+
+#ifndef RC4_INDEX
+#define RC4_LOOP(a,b,i) LOOP(*((a)++),*((b)++))
+#else
+#define RC4_LOOP(a,b,i) LOOP(a[i],b[i])
+#endif
+
+ i= -(int)len;
+ i=(int)(len>>3L);
+ if (i)
+ {
+ for (;;)
+ {
+ RC4_LOOP(indata,outdata,0);
+ RC4_LOOP(indata,outdata,1);
+ RC4_LOOP(indata,outdata,2);
+ RC4_LOOP(indata,outdata,3);
+ RC4_LOOP(indata,outdata,4);
+ RC4_LOOP(indata,outdata,5);
+ RC4_LOOP(indata,outdata,6);
+ RC4_LOOP(indata,outdata,7);
+#ifdef RC4_INDEX
+ indata+=8;
+ outdata+=8;
+#endif
+ if (--i == 0) break;
+ }
+ }
+ i=(int)len&0x07;
+ if (i)
+ {
+ for (;;)
+ {
+ RC4_LOOP(indata,outdata,0); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,1); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,2); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,3); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,4); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,5); if (--i == 0) break;
+ RC4_LOOP(indata,outdata,6); if (--i == 0) break;
+ }
+ }
+ key->x=x;
+ key->y=y;
+ }
diff --git a/crypto/rc4/rc4test.c b/crypto/rc4/rc4test.c
new file mode 100644
index 0000000..aa4053e
--- /dev/null
+++ b/crypto/rc4/rc4test.c
@@ -0,0 +1,124 @@
+/* crypto/rc4/rc4test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "rc4.h"
+
+unsigned char keys[6][11]={
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {4,0xef,0x01,0x23,0x45},
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ };
+
+unsigned char data[6][11]={
+ {8,0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef},
+ {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {8,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {10,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00},
+ {0},
+ };
+
+unsigned char output[6][11]={
+ {0x75,0xb7,0x87,0x80,0x99,0xe0,0xc5,0x96},
+ {0x74,0x94,0xc2,0xe7,0x10,0x4b,0x08,0x79},
+ {0xde,0x18,0x89,0x41,0xa3,0x37,0x5d,0x3a},
+ {0xd6,0xa1,0x41,0xa7,0xec,0x3c,0x38,0xdf,0xbd,0x61},
+ {0},
+ };
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned int j;
+ unsigned char *p;
+ RC4_KEY key;
+ unsigned char buf[512],obuf[512];
+
+ for (i=0; i<512; i++) buf[i]=0x01;
+
+ for (i=0; i<4; i++)
+ {
+ RC4_set_key(&key,keys[i][0],&(keys[i][1]));
+ RC4(&key,data[i][0],&(data[i][1]),obuf);
+ if (memcmp(obuf,output[i],data[i][0]) != 0)
+ {
+ printf("error calculating RC4\n");
+ printf("output:");
+ for (j=0; j<data[i][0]; j++)
+ printf(" %02x",obuf[j]);
+ printf("\n");
+ printf("expect:");
+ p= &(output[i][0]);
+ for (j=0; j<data[i][0]; j++)
+ printf(" %02x",*(p++));
+ printf("\n");
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ }
+ exit(err);
+ return(0);
+ }
+
diff --git a/crypto/rc4/rrc4.doc b/crypto/rc4/rrc4.doc
new file mode 100644
index 0000000..2f9a953
--- /dev/null
+++ b/crypto/rc4/rrc4.doc
@@ -0,0 +1,278 @@
+Newsgroups: sci.crypt,alt.security,comp.security.misc,alt.privacy
+Path: ghost.dsi.unimi.it!univ-lyon1.fr!jussieu.fr!zaphod.crihan.fr!warwick!clyde.open.ac.uk!strath-cs!bnr.co.uk!bt!pipex!howland.reston.ans.net!europa.eng.gtefsd.com!MathWorks.Com!yeshua.marcam.com!charnel.ecst.csuchico.edu!csusac!csus.edu!netcom.com!sterndark
+From: sterndark@netcom.com (David Sterndark)
+Subject: RC4 Algorithm revealed.
+Message-ID: <sternCvKL4B.Hyy@netcom.com>
+Sender: sterndark@netcom.com
+Organization: NETCOM On-line Communication Services (408 261-4700 guest)
+X-Newsreader: TIN [version 1.2 PL1]
+Date: Wed, 14 Sep 1994 06:35:31 GMT
+Lines: 263
+Xref: ghost.dsi.unimi.it sci.crypt:27332 alt.security:14732 comp.security.misc:11701 alt.privacy:16026
+
+I am shocked, shocked, I tell you, shocked, to discover
+that the cypherpunks have illegaly and criminally revealed
+a crucial RSA trade secret and harmed the security of
+America by reverse engineering the RC4 algorithm and
+publishing it to the world.
+
+On Saturday morning an anonymous cypherpunk wrote:
+
+
+ SUBJECT: RC4 Source Code
+
+
+ I've tested this. It is compatible with the RC4 object module
+ that comes in the various RSA toolkits.
+
+ /* rc4.h */
+ typedef struct rc4_key
+ {
+ unsigned char state[256];
+ unsigned char x;
+ unsigned char y;
+ } rc4_key;
+ void prepare_key(unsigned char *key_data_ptr,int key_data_len,
+ rc4_key *key);
+ void rc4(unsigned char *buffer_ptr,int buffer_len,rc4_key * key);
+
+
+ /*rc4.c */
+ #include "rc4.h"
+ static void swap_byte(unsigned char *a, unsigned char *b);
+ void prepare_key(unsigned char *key_data_ptr, int key_data_len,
+ rc4_key *key)
+ {
+ unsigned char swapByte;
+ unsigned char index1;
+ unsigned char index2;
+ unsigned char* state;
+ short counter;
+
+ state = &key->state[0];
+ for(counter = 0; counter < 256; counter++)
+ state[counter] = counter;
+ key->x = 0;
+ key->y = 0;
+ index1 = 0;
+ index2 = 0;
+ for(counter = 0; counter < 256; counter++)
+ {
+ index2 = (key_data_ptr[index1] + state[counter] +
+ index2) % 256;
+ swap_byte(&state[counter], &state[index2]);
+
+ index1 = (index1 + 1) % key_data_len;
+ }
+ }
+
+ void rc4(unsigned char *buffer_ptr, int buffer_len, rc4_key *key)
+ {
+ unsigned char x;
+ unsigned char y;
+ unsigned char* state;
+ unsigned char xorIndex;
+ short counter;
+
+ x = key->x;
+ y = key->y;
+
+ state = &key->state[0];
+ for(counter = 0; counter < buffer_len; counter ++)
+ {
+ x = (x + 1) % 256;
+ y = (state[x] + y) % 256;
+ swap_byte(&state[x], &state[y]);
+
+ xorIndex = (state[x] + state[y]) % 256;
+
+ buffer_ptr[counter] ^= state[xorIndex];
+ }
+ key->x = x;
+ key->y = y;
+ }
+
+ static void swap_byte(unsigned char *a, unsigned char *b)
+ {
+ unsigned char swapByte;
+
+ swapByte = *a;
+ *a = *b;
+ *b = swapByte;
+ }
+
+
+
+Another cypherpunk, this one not anonymous, tested the
+output from this algorithm against the output from
+official RC4 object code
+
+
+ Date: Tue, 13 Sep 94 18:37:56 PDT
+ From: ekr@eit.COM (Eric Rescorla)
+ Message-Id: <9409140137.AA17743@eitech.eit.com>
+ Subject: RC4 compatibility testing
+ Cc: cypherpunks@toad.com
+
+ One data point:
+
+ I can't say anything about the internals of RC4 versus the
+ algorithm that Bill Sommerfeld is rightly calling 'Alleged RC4',
+ since I don't know anything about RC4's internals.
+
+ However, I do have a (legitimately acquired) copy of BSAFE2 and
+ so I'm able to compare the output of this algorithm to the output
+ of genuine RC4 as found in BSAFE. I chose a set of test vectors
+ and ran them through both algorithms. The algorithms appear to
+ give identical results, at least with these key/plaintext pairs.
+
+ I note that this is the algorithm _without_ Hal Finney's
+ proposed modification
+
+ (see <199409130605.XAA24133@jobe.shell.portal.com>).
+
+ The vectors I used (together with the ciphertext they produce)
+ follow at the end of this message.
+
+ -Ekr
+
+ Disclaimer: This posting does not reflect the opinions of EIT.
+
+ --------------------results follow--------------
+ Test vector 0
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ 0 Output: 0x75 0xb7 0x87 0x80 0x99 0xe0 0xc5 0x96
+
+ Test vector 1
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0x74 0x94 0xc2 0xe7 0x10 0x4b 0x08 0x79
+
+ Test vector 2
+ Key: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0xde 0x18 0x89 0x41 0xa3 0x37 0x5d 0x3a
+
+ Test vector 3
+ Key: 0xef 0x01 0x23 0x45
+ Input: 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00 0x00
+ 0 Output: 0xd6 0xa1 0x41 0xa7 0xec 0x3c 0x38 0xdf 0xbd 0x61
+
+ Test vector 4
+ Key: 0x01 0x23 0x45 0x67 0x89 0xab 0xcd 0xef
+ Input: 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01 0x01
+ 0x01
+ 0 Output: 0x75 0x95 0xc3 0xe6 0x11 0x4a 0x09 0x78 0x0c 0x4a 0xd4
+ 0x52 0x33 0x8e 0x1f 0xfd 0x9a 0x1b 0xe9 0x49 0x8f
+ 0x81 0x3d 0x76 0x53 0x34 0x49 0xb6 0x77 0x8d 0xca
+ 0xd8 0xc7 0x8a 0x8d 0x2b 0xa9 0xac 0x66 0x08 0x5d
+ 0x0e 0x53 0xd5 0x9c 0x26 0xc2 0xd1 0xc4 0x90 0xc1
+ 0xeb 0xbe 0x0c 0xe6 0x6d 0x1b 0x6b 0x1b 0x13 0xb6
+ 0xb9 0x19 0xb8 0x47 0xc2 0x5a 0x91 0x44 0x7a 0x95
+ 0xe7 0x5e 0x4e 0xf1 0x67 0x79 0xcd 0xe8 0xbf 0x0a
+ 0x95 0x85 0x0e 0x32 0xaf 0x96 0x89 0x44 0x4f 0xd3
+ 0x77 0x10 0x8f 0x98 0xfd 0xcb 0xd4 0xe7 0x26 0x56
+ 0x75 0x00 0x99 0x0b 0xcc 0x7e 0x0c 0xa3 0xc4 0xaa
+ 0xa3 0x04 0xa3 0x87 0xd2 0x0f 0x3b 0x8f 0xbb 0xcd
+ 0x42 0xa1 0xbd 0x31 0x1d 0x7a 0x43 0x03 0xdd 0xa5
+ 0xab 0x07 0x88 0x96 0xae 0x80 0xc1 0x8b 0x0a 0xf6
+ 0x6d 0xff 0x31 0x96 0x16 0xeb 0x78 0x4e 0x49 0x5a
+ 0xd2 0xce 0x90 0xd7 0xf7 0x72 0xa8 0x17 0x47 0xb6
+ 0x5f 0x62 0x09 0x3b 0x1e 0x0d 0xb9 0xe5 0xba 0x53
+ 0x2f 0xaf 0xec 0x47 0x50 0x83 0x23 0xe6 0x71 0x32
+ 0x7d 0xf9 0x44 0x44 0x32 0xcb 0x73 0x67 0xce 0xc8
+ 0x2f 0x5d 0x44 0xc0 0xd0 0x0b 0x67 0xd6 0x50 0xa0
+ 0x75 0xcd 0x4b 0x70 0xde 0xdd 0x77 0xeb 0x9b 0x10
+ 0x23 0x1b 0x6b 0x5b 0x74 0x13 0x47 0x39 0x6d 0x62
+ 0x89 0x74 0x21 0xd4 0x3d 0xf9 0xb4 0x2e 0x44 0x6e
+ 0x35 0x8e 0x9c 0x11 0xa9 0xb2 0x18 0x4e 0xcb 0xef
+ 0x0c 0xd8 0xe7 0xa8 0x77 0xef 0x96 0x8f 0x13 0x90
+ 0xec 0x9b 0x3d 0x35 0xa5 0x58 0x5c 0xb0 0x09 0x29
+ 0x0e 0x2f 0xcd 0xe7 0xb5 0xec 0x66 0xd9 0x08 0x4b
+ 0xe4 0x40 0x55 0xa6 0x19 0xd9 0xdd 0x7f 0xc3 0x16
+ 0x6f 0x94 0x87 0xf7 0xcb 0x27 0x29 0x12 0x42 0x64
+ 0x45 0x99 0x85 0x14 0xc1 0x5d 0x53 0xa1 0x8c 0x86
+ 0x4c 0xe3 0xa2 0xb7 0x55 0x57 0x93 0x98 0x81 0x26
+ 0x52 0x0e 0xac 0xf2 0xe3 0x06 0x6e 0x23 0x0c 0x91
+ 0xbe 0xe4 0xdd 0x53 0x04 0xf5 0xfd 0x04 0x05 0xb3
+ 0x5b 0xd9 0x9c 0x73 0x13 0x5d 0x3d 0x9b 0xc3 0x35
+ 0xee 0x04 0x9e 0xf6 0x9b 0x38 0x67 0xbf 0x2d 0x7b
+ 0xd1 0xea 0xa5 0x95 0xd8 0xbf 0xc0 0x06 0x6f 0xf8
+ 0xd3 0x15 0x09 0xeb 0x0c 0x6c 0xaa 0x00 0x6c 0x80
+ 0x7a 0x62 0x3e 0xf8 0x4c 0x3d 0x33 0xc1 0x95 0xd2
+ 0x3e 0xe3 0x20 0xc4 0x0d 0xe0 0x55 0x81 0x57 0xc8
+ 0x22 0xd4 0xb8 0xc5 0x69 0xd8 0x49 0xae 0xd5 0x9d
+ 0x4e 0x0f 0xd7 0xf3 0x79 0x58 0x6b 0x4b 0x7f 0xf6
+ 0x84 0xed 0x6a 0x18 0x9f 0x74 0x86 0xd4 0x9b 0x9c
+ 0x4b 0xad 0x9b 0xa2 0x4b 0x96 0xab 0xf9 0x24 0x37
+ 0x2c 0x8a 0x8f 0xff 0xb1 0x0d 0x55 0x35 0x49 0x00
+ 0xa7 0x7a 0x3d 0xb5 0xf2 0x05 0xe1 0xb9 0x9f 0xcd
+ 0x86 0x60 0x86 0x3a 0x15 0x9a 0xd4 0xab 0xe4 0x0f
+ 0xa4 0x89 0x34 0x16 0x3d 0xdd 0xe5 0x42 0xa6 0x58
+ 0x55 0x40 0xfd 0x68 0x3c 0xbf 0xd8 0xc0 0x0f 0x12
+ 0x12 0x9a 0x28 0x4d 0xea 0xcc 0x4c 0xde 0xfe 0x58
+ 0xbe 0x71 0x37 0x54 0x1c 0x04 0x71 0x26 0xc8 0xd4
+ 0x9e 0x27 0x55 0xab 0x18 0x1a 0xb7 0xe9 0x40 0xb0
+ 0xc0
+
+
+
+--
+ ---------------------------------------------------------------------
+We have the right to defend ourselves and our
+property, because of the kind of animals that we James A. Donald
+are. True law derives from this right, not from
+the arbitrary power of the omnipotent state. jamesd@netcom.com
+
+
diff --git a/crypto/rsa/Makefile.ssl b/crypto/rsa/Makefile.ssl
new file mode 100644
index 0000000..5e04ec4
--- /dev/null
+++ b/crypto/rsa/Makefile.ssl
@@ -0,0 +1,84 @@
+#
+# SSLeay/crypto/rsa/Makefile
+#
+
+DIR= rsa
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=rsa
+ERRC=rsa_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= rsa_enc.c rsa_gen.c rsa_lib.c rsa_sign.c rsa_saos.c $(ERRC).c
+LIBOBJ= rsa_enc.o rsa_gen.o rsa_lib.o rsa_sign.o rsa_saos.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= rsa.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o */*.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/rsa/rsa.err b/crypto/rsa/rsa.err
new file mode 100644
index 0000000..29f1496
--- /dev/null
+++ b/crypto/rsa/rsa.err
@@ -0,0 +1,33 @@
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100
+#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101
+#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102
+#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103
+#define RSA_F_RSA_GENERATE_KEY 104
+#define RSA_F_RSA_NEW_METHOD 105
+#define RSA_F_RSA_PRINT 106
+#define RSA_F_RSA_PRINT_FP 107
+#define RSA_F_RSA_SIGN 108
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 109
+#define RSA_F_RSA_VERIFY 110
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 111
+
+/* Reason codes. */
+#define RSA_R_ALGORITHM_MISMATCH 100
+#define RSA_R_BAD_E_VALUE 101
+#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
+#define RSA_R_BAD_PAD_BYTE_COUNT 103
+#define RSA_R_BAD_SIGNATURE 104
+#define RSA_R_BLOCK_TYPE_IS_NOT_01 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_02 106
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN 107
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 108
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 109
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING 110
+#define RSA_R_SSLV3_ROLLBACK_ATTACK 111
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 112
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE 113
+#define RSA_R_UNKNOWN_PADDING_TYPE 114
+#define RSA_R_WRONG_SIGNATURE_LENGTH 115
diff --git a/crypto/rsa/rsa.h b/crypto/rsa/rsa.h
new file mode 100644
index 0000000..821e928
--- /dev/null
+++ b/crypto/rsa/rsa.h
@@ -0,0 +1,243 @@
+/* crypto/rsa/rsa.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RSA_H
+#define HEADER_RSA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "bn.h"
+
+typedef struct rsa_meth_st
+ {
+ char *name;
+ int (*rsa_pub_enc)();
+ int (*rsa_pub_dec)();
+ int (*rsa_priv_enc)();
+ int (*rsa_priv_dec)();
+ int (*rsa_mod_exp)();
+ int (*bn_mod_exp)();
+ int (*init)(/* RSA * */); /* called at new */
+ int (*finish)(/* RSA * */); /* called at free */
+ } RSA_METHOD;
+
+typedef struct rsa_st
+ {
+ /* The first parameter is used to pickup errors where
+ * this is passed instead of aEVP_PKEY, it is set to 0 */
+ int pad;
+ int version;
+ RSA_METHOD *meth;
+ BIGNUM *n;
+ BIGNUM *e;
+ BIGNUM *d;
+ BIGNUM *p;
+ BIGNUM *q;
+ BIGNUM *dmp1;
+ BIGNUM *dmq1;
+ BIGNUM *iqmp;
+ /* be carefull using this if the RSA structure is shared */
+ char *app_data;
+ int references;
+ } RSA;
+
+#define RSA_3 0x3L
+#define RSA_F4 0x10001L
+
+#define RSA_PKCS1_PADDING 11
+#define RSA_SSLV23_PADDING 12
+
+#ifndef NOPROTO
+RSA * RSA_new(void);
+RSA * RSA_new_method(RSA_METHOD *method);
+int RSA_size(RSA *);
+RSA * RSA_generate_key(int bits, unsigned long e,void
+ (*callback)(int,int));
+ /* next 4 return -1 on error */
+int RSA_public_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+int RSA_private_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+int RSA_public_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+int RSA_private_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+void RSA_free (RSA *r);
+
+void RSA_set_default_method(RSA_METHOD *meth);
+
+/* If you have RSAref compiled in. */
+/* RSA_METHOD *RSA_PKCS1_RSAref(void); */
+
+/* these are the actual SSLeay RSA functions */
+RSA_METHOD *RSA_PKCS1_SSLeay(void);
+
+void ERR_load_RSA_strings(void );
+
+RSA * d2i_RSAPublicKey(RSA **a, unsigned char **pp, long length);
+int i2d_RSAPublicKey(RSA *a, unsigned char **pp);
+RSA * d2i_RSAPrivateKey(RSA **a, unsigned char **pp, long length);
+int i2d_RSAPrivateKey(RSA *a, unsigned char **pp);
+#ifndef WIN16
+int RSA_print_fp(FILE *fp, RSA *r,int offset);
+#endif
+
+#ifdef HEADER_BIO_H
+int RSA_print(BIO *bp, RSA *r,int offset);
+#endif
+
+int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+
+/* The following 2 functions sign and verify a X509_SIG ASN1 object
+ * inside PKCS#1 padded RSA encryption */
+int RSA_sign(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+/* The following 2 function sign and verify a ASN1_OCTET_STRING
+ * object inside PKCS#1 padded RSA encryption */
+int RSA_sign_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigret, unsigned int *siglen, RSA *rsa);
+int RSA_verify_ASN1_OCTET_STRING(int type, unsigned char *m, unsigned int m_len,
+ unsigned char *sigbuf, unsigned int siglen, RSA *rsa);
+
+#else
+
+RSA * RSA_new();
+RSA * RSA_new_method();
+int RSA_size();
+RSA * RSA_generate_key();
+int RSA_public_encrypt();
+int RSA_private_encrypt();
+int RSA_public_decrypt();
+int RSA_private_decrypt();
+void RSA_free ();
+
+void RSA_set_default_method();
+
+/* RSA_METHOD *RSA_PKCS1_RSAref(); */
+RSA_METHOD *RSA_PKCS1_SSLeay();
+
+void ERR_load_RSA_strings();
+
+RSA * d2i_RSAPublicKey();
+int i2d_RSAPublicKey();
+RSA * d2i_RSAPrivateKey();
+int i2d_RSAPrivateKey();
+#ifndef WIN16
+int RSA_print_fp();
+#endif
+
+int RSA_print();
+
+int i2d_Netscape_RSA();
+RSA *d2i_Netscape_RSA();
+
+int RSA_sign();
+int RSA_verify();
+
+int RSA_sign_ASN1_OCTET_STRING();
+int RSA_verify_ASN1_OCTET_STRING();
+
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the RSA functions. */
+
+/* Function codes. */
+#define RSA_F_RSA_EAY_PRIVATE_DECRYPT 100
+#define RSA_F_RSA_EAY_PRIVATE_ENCRYPT 101
+#define RSA_F_RSA_EAY_PUBLIC_DECRYPT 102
+#define RSA_F_RSA_EAY_PUBLIC_ENCRYPT 103
+#define RSA_F_RSA_GENERATE_KEY 104
+#define RSA_F_RSA_NEW_METHOD 105
+#define RSA_F_RSA_PRINT 106
+#define RSA_F_RSA_PRINT_FP 107
+#define RSA_F_RSA_SIGN 108
+#define RSA_F_RSA_SIGN_ASN1_OCTET_STRING 109
+#define RSA_F_RSA_VERIFY 110
+#define RSA_F_RSA_VERIFY_ASN1_OCTET_STRING 111
+
+/* Reason codes. */
+#define RSA_R_ALGORITHM_MISMATCH 100
+#define RSA_R_BAD_E_VALUE 101
+#define RSA_R_BAD_FIXED_HEADER_DECRYPT 102
+#define RSA_R_BAD_PAD_BYTE_COUNT 103
+#define RSA_R_BAD_SIGNATURE 104
+#define RSA_R_BLOCK_TYPE_IS_NOT_01 105
+#define RSA_R_BLOCK_TYPE_IS_NOT_02 106
+#define RSA_R_DATA_GREATER_THAN_MOD_LEN 107
+#define RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE 108
+#define RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY 109
+#define RSA_R_NULL_BEFORE_BLOCK_MISSING 110
+#define RSA_R_SSLV3_ROLLBACK_ATTACK 111
+#define RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD 112
+#define RSA_R_UNKNOWN_ALGORITHM_TYPE 113
+#define RSA_R_UNKNOWN_PADDING_TYPE 114
+#define RSA_R_WRONG_SIGNATURE_LENGTH 115
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/rsa/rsa_enc.c b/crypto/rsa/rsa_enc.c
new file mode 100644
index 0000000..c4a4ad5
--- /dev/null
+++ b/crypto/rsa/rsa_enc.c
@@ -0,0 +1,538 @@
+/* crypto/rsa/rsa_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rand.h"
+
+#ifndef NOPROTO
+static int RSA_eay_public_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_encrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_public_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_private_decrypt(int flen, unsigned char *from,
+ unsigned char *to, RSA *rsa,int padding);
+static int RSA_eay_mod_exp(BIGNUM *r0, BIGNUM *i, RSA *rsa);
+#else
+static int RSA_eay_public_encrypt();
+static int RSA_eay_private_encrypt();
+static int RSA_eay_public_decrypt();
+static int RSA_eay_private_decrypt();
+static int RSA_eay_mod_exp();
+#endif
+
+static RSA_METHOD rsa_pkcs1_eay_meth={
+ "Eric Young's PKCS#1 RSA",
+ RSA_eay_public_encrypt,
+ RSA_eay_public_decrypt,
+ RSA_eay_private_encrypt,
+ RSA_eay_private_decrypt,
+ RSA_eay_mod_exp,
+ BN_mod_exp,
+ NULL,
+ NULL,
+ };
+
+RSA_METHOD *RSA_PKCS1_SSLeay()
+ {
+ return(&rsa_pkcs1_eay_meth);
+ }
+
+static int RSA_eay_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,j,k,num=0,r= -1;
+ unsigned char *p;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ if ( (padding != RSA_PKCS1_PADDING) &&
+ (padding != RSA_SSLV23_PADDING))
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+ goto err;
+ }
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ num=BN_num_bytes(rsa->n);
+ if (flen > (num-11))
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ goto err;
+ }
+
+ buf=(unsigned char *)Malloc(num);
+ if (buf == NULL)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_ENCRYPT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=(unsigned char *)buf;
+
+ *(p++)=0;
+ *(p++)=2; /* Public Key BT (Block Type) */
+
+ /* pad out with non-zero random data */
+ j=num-3-flen;
+
+ RAND_bytes(p,j);
+ for (i=0; i<j; i++)
+ {
+ if (*p == '\0')
+ do {
+ RAND_bytes(p,1);
+ } while (*p == '\0');
+ p++;
+ }
+
+ if (padding == RSA_SSLV23_PADDING)
+ memset(&(p[-8]),3,8);
+
+ *(p++)='\0';
+
+ memcpy(p,from,(unsigned int)flen);
+
+ f=BN_new();
+ ret=BN_new();
+ if ((f == NULL) || (ret == NULL)) goto err;
+
+ if (BN_bin2bn(buf,num,f) == NULL) goto err;
+ if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
+
+ /* put in leading 0 bytes if the number is less than the
+ * length of the modulus */
+ j=BN_num_bytes(ret);
+ i=BN_bn2bin(ret,&(to[num-j]));
+ for (k=0; k<(num-i); k++)
+ to[k]=0;
+
+ r=num;
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (f != NULL) BN_free(f);
+ if (ret != NULL) BN_free(ret);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,j,k,num=0,r= -1;
+ unsigned char *p;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ if (padding != RSA_PKCS1_PADDING)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+ goto err;
+ }
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ num=BN_num_bytes(rsa->n);
+ if (flen > (num-11))
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE);
+ goto err;
+ }
+ buf=(unsigned char *)Malloc(num);
+ if (buf == NULL)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_ENCRYPT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ p=buf;
+
+ *(p++)=0;
+ *(p++)=1; /* Private Key BT (Block Type) */
+
+ /* padd out with 0xff data */
+ j=num-3-flen;
+ for (i=0; i<j; i++)
+ *(p++)=0xff;
+ *(p++)='\0';
+ memcpy(p,from,(unsigned int)flen);
+ ret=BN_new();
+ f=BN_new();
+ if ((ret == NULL) || (f == NULL)) goto err;
+ if (BN_bin2bn(buf,num,f) == NULL) goto err;
+ if ( (rsa->p != NULL) &&
+ (rsa->q != NULL) &&
+ (rsa->dmp1 != NULL) &&
+ (rsa->dmq1 != NULL) &&
+ (rsa->iqmp != NULL))
+ { if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
+ else
+ { if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
+
+ p=buf;
+ BN_bn2bin(ret,p);
+
+ /* put in leading 0 bytes if the number is less than the
+ * length of the modulus */
+ j=BN_num_bytes(ret);
+ i=BN_bn2bin(ret,&(to[num-j]));
+ for (k=0; k<(num-i); k++)
+ to[k]=0;
+
+ r=num;
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (ret != NULL) BN_free(ret);
+ if (f != NULL) BN_free(f);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_private_decrypt(flen, from, to, rsa,padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,j,num=0,r= -1;
+ unsigned char *p;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ if ((padding != RSA_PKCS1_PADDING) && (padding != RSA_SSLV23_PADDING))
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+ goto err;
+ }
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ num=BN_num_bytes(rsa->n);
+
+ buf=(unsigned char *)Malloc(num);
+ if (buf == NULL)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* This check was for equallity but PGP does evil things
+ * and chops off the top '0' bytes */
+ if (flen > num)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
+ goto err;
+ }
+
+ /* make data into a big number */
+ ret=BN_new();
+ f=BN_new();
+ if ((ret == NULL) || (f == NULL)) goto err;
+ if (BN_bin2bn(from,(int)flen,f) == NULL) goto err;
+ /* do the decrypt */
+ if ( (rsa->p != NULL) &&
+ (rsa->q != NULL) &&
+ (rsa->dmp1 != NULL) &&
+ (rsa->dmq1 != NULL) &&
+ (rsa->iqmp != NULL))
+ { if (!rsa->meth->rsa_mod_exp(ret,f,rsa)) goto err; }
+ else
+ { if (!rsa->meth->bn_mod_exp(ret,f,rsa->d,rsa->n,ctx)) goto err; }
+
+ p=buf;
+ BN_bn2bin(ret,p);
+
+ /* BT must be 02 */
+ if (*(p++) != 02)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_02);
+ goto err;
+ }
+
+ /* scan over padding data */
+ j=num-2; /* one for type and one for the prepended 0. */
+ for (i=0; i<j; i++)
+ if (*(p++) == 0) break;
+
+ if (i == j)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+ goto err;
+ }
+
+ if (i < 8)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
+ goto err;
+ }
+
+#undef RSA_DEBUG
+#ifdef RSA_DEBUG
+ {
+ int z;
+ unsigned char *q;
+ q= &(p[-9]);
+ fprintf(stderr,"\n");
+ for (z=0; z<8; z++) fprintf(stderr,"%02X",q[z]);
+ fprintf(stderr,"\n");
+ }
+#endif
+
+ if (padding == RSA_SSLV23_PADDING)
+ {
+ int z;
+ unsigned char *q;
+
+ /* -9 because we have jumped the '\0' */
+ q= &(p[-9]);
+ for (z=0; z<8; z++)
+ {
+ if (*(q++) != 0x03)
+ break;
+ }
+ if (z == 8)
+ {
+ RSAerr(RSA_F_RSA_EAY_PRIVATE_DECRYPT,RSA_R_SSLV3_ROLLBACK_ATTACK);
+ goto err;
+ }
+ }
+
+ /* skip over the '\0' */
+ i++;
+ j-=i;
+
+ /* output data */
+ memcpy(to,p,(unsigned int)j);
+ r=j;
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (f != NULL) BN_free(f);
+ if (ret != NULL) BN_free(ret);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ BIGNUM *f=NULL,*ret=NULL;
+ int i,j,num=0,r= -1;
+ unsigned char *p;
+ unsigned char *buf=NULL;
+ BN_CTX *ctx=NULL;
+
+ if (padding != RSA_PKCS1_PADDING)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_UNKNOWN_PADDING_TYPE);
+ goto err;
+ }
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+
+ num=BN_num_bytes(rsa->n);
+ buf=(unsigned char *)Malloc(num);
+ if (buf == NULL)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* This check was for equallity but PGP does evil things
+ * and chops off the top '0' bytes */
+ if (flen > num)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_DATA_GREATER_THAN_MOD_LEN);
+ goto err;
+ }
+
+ /* make data into a big number */
+ f=BN_new();
+ ret=BN_new();
+ if ((f == NULL) || (ret == NULL)) goto err;
+
+ if (BN_bin2bn(from,flen,f) == NULL) goto err;
+ /* do the decrypt */
+ if (!rsa->meth->bn_mod_exp(ret,f,rsa->e,rsa->n,ctx)) goto err;
+
+ p=buf;
+ i=BN_bn2bin(ret,p);
+
+ /* BT must be 01 */
+ if (*(p++) != 01)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BLOCK_TYPE_IS_NOT_01);
+ goto err;
+ }
+
+ /* scan over padding data */
+ j=num-2; /* one for type and one for the prepended 0. */
+ for (i=0; i<j; i++)
+ {
+ if (*p != 0xff) /* should decrypt to 0xff */
+ {
+ if (*p == 0)
+ { p++; break; }
+ else {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_FIXED_HEADER_DECRYPT);
+ goto err;
+ }
+ }
+ p++;
+ }
+ if (i == j)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_NULL_BEFORE_BLOCK_MISSING);
+ goto err;
+ }
+ if (i < 8)
+ {
+ RSAerr(RSA_F_RSA_EAY_PUBLIC_DECRYPT,RSA_R_BAD_PAD_BYTE_COUNT);
+ goto err;
+ }
+
+ /* skip over the '\0' */
+ i++;
+ j-=i;
+
+ /* output data */
+ memcpy(to,p,(unsigned int)j);
+ r=j;
+err:
+ if (ctx != NULL) BN_CTX_free(ctx);
+ if (f != NULL) BN_free(f);
+ if (ret != NULL) BN_free(ret);
+ if (buf != NULL)
+ {
+ memset(buf,0,num);
+ Free(buf);
+ }
+ return(r);
+ }
+
+static int RSA_eay_mod_exp(r0, I, rsa)
+BIGNUM *r0;
+BIGNUM *I;
+RSA *rsa;
+ {
+ BIGNUM *r1=NULL,*m1=NULL;
+ int ret=0;
+ BN_CTX *ctx;
+
+ if ((ctx=BN_CTX_new()) == NULL) goto err;
+ m1=BN_new();
+ r1=BN_new();
+ if ((m1 == NULL) || (r1 == NULL)) goto err;
+
+ if (!BN_mod(r1,I,rsa->q,ctx)) goto err;
+ if (!rsa->meth->bn_mod_exp(m1,r1,rsa->dmq1,rsa->q,ctx)) goto err;
+
+ if (!BN_mod(r1,I,rsa->p,ctx)) goto err;
+ if (!rsa->meth->bn_mod_exp(r0,r1,rsa->dmp1,rsa->p,ctx)) goto err;
+
+ if (!BN_add(r1,r0,rsa->p)) goto err;
+ if (!BN_sub(r0,r1,m1)) goto err;
+
+ if (!BN_mul(r1,r0,rsa->iqmp)) goto err;
+ if (!BN_mod(r0,r1,rsa->p,ctx)) goto err;
+ if (!BN_mul(r1,r0,rsa->q)) goto err;
+ if (!BN_add(r0,r1,m1)) goto err;
+
+ ret=1;
+err:
+ if (m1 != NULL) BN_free(m1);
+ if (r1 != NULL) BN_free(r1);
+ BN_CTX_free(ctx);
+ return(ret);
+ }
+
+
diff --git a/crypto/rsa/rsa_err.c b/crypto/rsa/rsa_err.c
new file mode 100644
index 0000000..04a5ba2
--- /dev/null
+++ b/crypto/rsa/rsa_err.c
@@ -0,0 +1,111 @@
+/* lib/rsa/rsa_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "rsa.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA RSA_str_functs[]=
+ {
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_DECRYPT,0), "RSA_EAY_PRIVATE_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PRIVATE_ENCRYPT,0), "RSA_EAY_PRIVATE_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_DECRYPT,0), "RSA_EAY_PUBLIC_DECRYPT"},
+{ERR_PACK(0,RSA_F_RSA_EAY_PUBLIC_ENCRYPT,0), "RSA_EAY_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,RSA_F_RSA_GENERATE_KEY,0), "RSA_generate_key"},
+{ERR_PACK(0,RSA_F_RSA_NEW_METHOD,0), "RSA_new_method"},
+{ERR_PACK(0,RSA_F_RSA_PRINT,0), "RSA_print"},
+{ERR_PACK(0,RSA_F_RSA_PRINT_FP,0), "RSA_print_fp"},
+{ERR_PACK(0,RSA_F_RSA_SIGN,0), "RSA_sign"},
+{ERR_PACK(0,RSA_F_RSA_SIGN_ASN1_OCTET_STRING,0), "RSA_sign_ASN1_OCTET_STRING"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY,0), "RSA_verify"},
+{ERR_PACK(0,RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,0), "RSA_verify_ASN1_OCTET_STRING"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA RSA_str_reasons[]=
+ {
+{RSA_R_ALGORITHM_MISMATCH ,"algorithm mismatch"},
+{RSA_R_BAD_E_VALUE ,"bad e value"},
+{RSA_R_BAD_FIXED_HEADER_DECRYPT ,"bad fixed header decrypt"},
+{RSA_R_BAD_PAD_BYTE_COUNT ,"bad pad byte count"},
+{RSA_R_BAD_SIGNATURE ,"bad signature"},
+{RSA_R_BLOCK_TYPE_IS_NOT_01 ,"block type is not 01"},
+{RSA_R_BLOCK_TYPE_IS_NOT_02 ,"block type is not 02"},
+{RSA_R_DATA_GREATER_THAN_MOD_LEN ,"data greater than mod len"},
+{RSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE ,"data too large for key size"},
+{RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY ,"digest too big for rsa key"},
+{RSA_R_NULL_BEFORE_BLOCK_MISSING ,"null before block missing"},
+{RSA_R_SSLV3_ROLLBACK_ATTACK ,"sslv3 rollback attack"},
+{RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD,"the asn1 object identifier is not known for this md"},
+{RSA_R_UNKNOWN_ALGORITHM_TYPE ,"unknown algorithm type"},
+{RSA_R_UNKNOWN_PADDING_TYPE ,"unknown padding type"},
+{RSA_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
+{0,NULL},
+ };
+
+void ERR_load_RSA_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_RSA,RSA_str_functs);
+ ERR_load_strings(ERR_LIB_RSA,RSA_str_reasons);
+ }
+ }
diff --git a/crypto/rsa/rsa_gen.c b/crypto/rsa/rsa_gen.c
new file mode 100644
index 0000000..0cab3a5
--- /dev/null
+++ b/crypto/rsa/rsa_gen.c
@@ -0,0 +1,186 @@
+/* crypto/rsa/rsa_gen.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+
+RSA *RSA_generate_key(bits, e_value, callback)
+int bits;
+unsigned long e_value;
+void (*callback)(P_I_I);
+ {
+ RSA *rsa=NULL;
+ BIGNUM *r0=NULL,*r1=NULL,*r2=NULL,*r3=NULL,*tmp;
+ int bitsp,bitsq,ok= -1,n=0;
+ BN_CTX *ctx=NULL,*ctx2=NULL;
+
+ ctx=BN_CTX_new();
+ if (ctx == NULL) goto err;
+ ctx2=BN_CTX_new();
+ if (ctx2 == NULL) goto err;
+ r0=ctx->bn[0];
+ r1=ctx->bn[1];
+ r2=ctx->bn[2];
+ r3=ctx->bn[3];
+ ctx->tos+=4;
+
+ bitsp=(bits+1)/2;
+ bitsq=bits-bitsp;
+ rsa=RSA_new();
+ if (rsa == NULL) goto err;
+
+ /* set e */
+ rsa->e=BN_new();
+ if (rsa->e == NULL) goto err;
+ if (!BN_set_word(rsa->e,e_value)) goto err;
+
+ /* generate p and q */
+ for (;;)
+ {
+ rsa->p=BN_generate_prime(bitsp,0,NULL,NULL,callback);
+ if (rsa->p == NULL) goto err;
+ if (!BN_sub(r2,rsa->p,BN_value_one())) goto err;
+ if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
+ if (BN_is_one(r1)) break;
+ if (callback != NULL) callback(2,n++);
+ BN_free(rsa->p);
+ }
+ if (callback != NULL) callback(3,0);
+ for (;;)
+ {
+ rsa->q=BN_generate_prime(bitsq,0,NULL,NULL,callback);
+ if (rsa->q == NULL) goto err;
+ if (!BN_sub(r2,rsa->q,BN_value_one())) goto err;
+ if (!BN_gcd(r1,r2,rsa->e,ctx)) goto err;
+ if (BN_is_one(r1) && (BN_cmp(rsa->p,rsa->q) != 0))
+ break;
+ if (callback != NULL) callback(2,n++);
+ BN_free(rsa->q);
+ }
+ if (callback != NULL) callback(3,1);
+ if (BN_cmp(rsa->p,rsa->q) < 0)
+ {
+ tmp=rsa->p;
+ rsa->p=rsa->q;
+ rsa->q=tmp;
+ }
+
+ /* calculate n */
+ rsa->n=BN_new();
+ if (rsa->n == NULL) goto err;
+ if (!BN_mul(rsa->n,rsa->p,rsa->q)) goto err;
+
+ /* calculate d */
+ if (!BN_sub(r1,rsa->p,BN_value_one())) goto err; /* p-1 */
+ if (!BN_sub(r2,rsa->q,BN_value_one())) goto err; /* q-1 */
+ if (!BN_mul(r0,r1,r2)) goto err; /* (p-1)(q-1) */
+
+/* should not be needed, since gcd(p-1,e) == 1 and gcd(q-1,e) == 1 */
+/* for (;;)
+ {
+ if (!BN_gcd(r3,r0,rsa->e,ctx)) goto err;
+ if (BN_is_one(r3)) break;
+
+ if (1)
+ {
+ if (!BN_add_word(rsa->e,2L)) goto err;
+ continue;
+ }
+ RSAerr(RSA_F_RSA_GENERATE_KEY,RSA_R_BAD_E_VALUE);
+ goto err;
+ }
+*/
+ rsa->d=(BIGNUM *)BN_mod_inverse(rsa->e,r0,ctx2); /* d */
+ if (rsa->d == NULL) goto err;
+
+ /* calculate d mod (p-1) */
+ rsa->dmp1=BN_new();
+ if (rsa->dmp1 == NULL) goto err;
+ if (!BN_mod(rsa->dmp1,rsa->d,r1,ctx)) goto err;
+
+ /* calculate d mod (q-1) */
+ rsa->dmq1=BN_new();
+ if (rsa->dmq1 == NULL) goto err;
+ if (!BN_mod(rsa->dmq1,rsa->d,r2,ctx)) goto err;
+
+ /* calculate inverse of q mod p */
+ rsa->iqmp=BN_mod_inverse(rsa->q,rsa->p,ctx2);
+ if (rsa->iqmp == NULL) goto err;
+
+ ok=1;
+err:
+ if (ok == -1)
+ {
+ RSAerr(RSA_F_RSA_GENERATE_KEY,ERR_LIB_BN);
+ ok=0;
+ }
+ BN_CTX_free(ctx);
+ BN_CTX_free(ctx2);
+
+ if (!ok)
+ {
+ if (rsa != NULL) RSA_free(rsa);
+ return(NULL);
+ }
+ else
+ return(rsa);
+ }
+
diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
new file mode 100644
index 0000000..c49d0ee
--- /dev/null
+++ b/crypto/rsa/rsa_lib.c
@@ -0,0 +1,200 @@
+/* crypto/rsa/rsa_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+
+char *RSA_version="RSA part of SSLeay 0.8.1b 29-Jun-1998";
+
+static RSA_METHOD *default_RSA_meth=NULL;
+
+RSA *RSA_new()
+ {
+ return(RSA_new_method(NULL));
+ }
+
+void RSA_set_default_method(meth)
+RSA_METHOD *meth;
+ {
+ default_RSA_meth=meth;
+ }
+
+RSA *RSA_new_method(meth)
+RSA_METHOD *meth;
+ {
+ RSA *ret;
+
+ if (default_RSA_meth == NULL)
+ {
+#ifdef RSAref
+ default_RSA_meth=RSA_PKCS1_RSAref();
+#else
+ default_RSA_meth=RSA_PKCS1_SSLeay();
+#endif
+ }
+ ret=(RSA *)Malloc(sizeof(RSA));
+ if (ret == NULL)
+ {
+ RSAerr(RSA_F_RSA_NEW_METHOD,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+ if (meth == NULL)
+ ret->meth=default_RSA_meth;
+ else
+ ret->meth=meth;
+
+ ret->pad=0;
+ ret->version=0;
+ ret->n=NULL;
+ ret->e=NULL;
+ ret->d=NULL;
+ ret->p=NULL;
+ ret->q=NULL;
+ ret->dmp1=NULL;
+ ret->dmq1=NULL;
+ ret->iqmp=NULL;
+ ret->references=1;
+ ret->app_data=NULL;
+ if ((ret->meth->init != NULL) && !ret->meth->init(ret))
+ {
+ Free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
+
+void RSA_free(r)
+RSA *r;
+ {
+ int i;
+
+ if (r == NULL) return;
+
+ i=CRYPTO_add(&r->references,-1,CRYPTO_LOCK_RSA);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"RSA_free, bad reference count\n");
+ abort();
+ }
+#endif
+
+ if (r->meth->finish != NULL)
+ r->meth->finish(r);
+
+ if (r->n != NULL) BN_clear_free(r->n);
+ if (r->e != NULL) BN_clear_free(r->e);
+ if (r->d != NULL) BN_clear_free(r->d);
+ if (r->p != NULL) BN_clear_free(r->p);
+ if (r->q != NULL) BN_clear_free(r->q);
+ if (r->dmp1 != NULL) BN_clear_free(r->dmp1);
+ if (r->dmq1 != NULL) BN_clear_free(r->dmq1);
+ if (r->iqmp != NULL) BN_clear_free(r->iqmp);
+ Free(r);
+ }
+
+int RSA_size(r)
+RSA *r;
+ {
+ return(BN_num_bytes(r->n));
+ }
+
+int RSA_public_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_pub_enc(flen, from, to, rsa, padding));
+ }
+
+int RSA_private_encrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_priv_enc(flen, from, to, rsa, padding));
+ }
+
+int RSA_private_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_priv_dec(flen, from, to, rsa, padding));
+ }
+
+int RSA_public_decrypt(flen, from, to, rsa, padding)
+int flen;
+unsigned char *from;
+unsigned char *to;
+RSA *rsa;
+int padding;
+ {
+ return(rsa->meth->rsa_pub_dec(flen, from, to, rsa, padding));
+ }
+
diff --git a/crypto/rsa/rsa_saos.c b/crypto/rsa/rsa_saos.c
new file mode 100644
index 0000000..62c2112
--- /dev/null
+++ b/crypto/rsa/rsa_saos.c
@@ -0,0 +1,153 @@
+/* crypto/rsa/rsa_saos.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "x509.h"
+
+int RSA_sign_ASN1_OCTET_STRING(type,m,m_len,sigret,siglen,rsa)
+int type;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigret;
+unsigned int *siglen;
+RSA *rsa;
+ {
+ ASN1_OCTET_STRING sig;
+ int i,j,ret=1;
+ unsigned char *p,*s;
+
+ sig.type=V_ASN1_OCTET_STRING;
+ sig.length=m_len;
+ sig.data=m;
+
+ i=i2d_ASN1_OCTET_STRING(&sig,NULL);
+ j=RSA_size(rsa);
+ if ((i-RSA_PKCS1_PADDING) > j)
+ {
+ RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+ return(0);
+ }
+ s=(unsigned char *)Malloc((unsigned int)j+1);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_SIGN_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ p=s;
+ i2d_ASN1_OCTET_STRING(&sig,&p);
+ i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
+ if (i <= 0)
+ ret=0;
+ else
+ *siglen=i;
+
+ memset(s,0,(unsigned int)j+1);
+ Free(s);
+ return(ret);
+ }
+
+int RSA_verify_ASN1_OCTET_STRING(dtype, m, m_len, sigbuf, siglen, rsa)
+int dtype;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigbuf;
+unsigned int siglen;
+RSA *rsa;
+ {
+ int i,ret=0;
+ unsigned char *p,*s;
+ ASN1_OCTET_STRING *sig=NULL;
+
+ if (siglen != (unsigned int)RSA_size(rsa))
+ {
+ RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_WRONG_SIGNATURE_LENGTH);
+ return(0);
+ }
+
+ s=(unsigned char *)Malloc((unsigned int)siglen);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+ if (i <= 0) goto err;
+
+ p=s;
+ sig=d2i_ASN1_OCTET_STRING(NULL,&p,(long)i);
+ if (sig == NULL) goto err;
+
+ if ( ((unsigned int)sig->length != m_len) ||
+ (memcmp(m,sig->data,m_len) != 0))
+ {
+ RSAerr(RSA_F_RSA_VERIFY_ASN1_OCTET_STRING,RSA_R_BAD_SIGNATURE);
+ }
+ else
+ ret=1;
+err:
+ if (sig != NULL) ASN1_OCTET_STRING_free(sig);
+ memset(s,0,(unsigned int)siglen);
+ Free(s);
+ return(ret);
+ }
+
diff --git a/crypto/rsa/rsa_sign.c b/crypto/rsa/rsa_sign.c
new file mode 100644
index 0000000..7c815ed
--- /dev/null
+++ b/crypto/rsa/rsa_sign.c
@@ -0,0 +1,196 @@
+/* crypto/rsa/rsa_sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "objects.h"
+#include "x509.h"
+
+int RSA_sign(type,m,m_len,sigret,siglen,rsa)
+int type;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigret;
+unsigned int *siglen;
+RSA *rsa;
+ {
+ X509_SIG sig;
+ ASN1_TYPE parameter;
+ int i,j,ret=1;
+ unsigned char *p,*s;
+ X509_ALGOR algor;
+ ASN1_OCTET_STRING digest;
+
+ sig.algor= &algor;
+ sig.algor->algorithm=OBJ_nid2obj(type);
+ if (sig.algor->algorithm == NULL)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_UNKNOWN_ALGORITHM_TYPE);
+ return(0);
+ }
+ if (sig.algor->algorithm->length == 0)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_THE_ASN1_OBJECT_IDENTIFIER_IS_NOT_KNOWN_FOR_THIS_MD);
+ return(0);
+ }
+ parameter.type=V_ASN1_NULL;
+ parameter.value.ptr=NULL;
+ sig.algor->parameter= ¶meter;
+
+ sig.digest= &digest;
+ sig.digest->data=m;
+ sig.digest->length=m_len;
+
+ i=i2d_X509_SIG(&sig,NULL);
+ j=RSA_size(rsa);
+ if ((i-RSA_PKCS1_PADDING) > j)
+ {
+ RSAerr(RSA_F_RSA_SIGN,RSA_R_DIGEST_TOO_BIG_FOR_RSA_KEY);
+ return(0);
+ }
+ s=(unsigned char *)Malloc((unsigned int)j+1);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_SIGN,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ p=s;
+ i2d_X509_SIG(&sig,&p);
+ i=RSA_private_encrypt(i,s,sigret,rsa,RSA_PKCS1_PADDING);
+ if (i <= 0)
+ ret=0;
+ else
+ *siglen=i;
+
+ memset(s,0,(unsigned int)j+1);
+ Free(s);
+ return(ret);
+ }
+
+int RSA_verify(dtype, m, m_len, sigbuf, siglen, rsa)
+int dtype;
+unsigned char *m;
+unsigned int m_len;
+unsigned char *sigbuf;
+unsigned int siglen;
+RSA *rsa;
+ {
+ int i,ret=0,sigtype;
+ unsigned char *p,*s;
+ X509_SIG *sig=NULL;
+
+ if (siglen != (unsigned int)RSA_size(rsa))
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_WRONG_SIGNATURE_LENGTH);
+ return(0);
+ }
+
+ s=(unsigned char *)Malloc((unsigned int)siglen);
+ if (s == NULL)
+ {
+ RSAerr(RSA_F_RSA_VERIFY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ i=RSA_public_decrypt((int)siglen,sigbuf,s,rsa,RSA_PKCS1_PADDING);
+
+ if (i <= 0) goto err;
+
+ p=s;
+ sig=d2i_X509_SIG(NULL,&p,(long)i);
+ if (sig == NULL) goto err;
+ sigtype=OBJ_obj2nid(sig->algor->algorithm);
+
+#ifdef RSA_DEBUG
+ /* put a backward compatability flag in EAY */
+ fprintf(stderr,"in(%s) expect(%s)\n",OBJ_nid2ln(sigtype),
+ OBJ_nid2ln(dtype));
+#endif
+ if (sigtype != dtype)
+ {
+ if (((dtype == NID_md5) &&
+ (sigtype == NID_md5WithRSAEncryption)) ||
+ ((dtype == NID_md2) &&
+ (sigtype == NID_md2WithRSAEncryption)))
+ {
+ /* ok, we will let it through */
+#ifndef WIN16
+ fprintf(stderr,"signature has problems, re-make with post SSLeay045\n");
+#endif
+ }
+ else
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_ALGORITHM_MISMATCH);
+ goto err;
+ }
+ }
+ if ( ((unsigned int)sig->digest->length != m_len) ||
+ (memcmp(m,sig->digest->data,m_len) != 0))
+ {
+ RSAerr(RSA_F_RSA_VERIFY,RSA_R_BAD_SIGNATURE);
+ }
+ else
+ ret=1;
+err:
+ if (sig != NULL) X509_SIG_free(sig);
+ memset(s,0,(unsigned int)siglen);
+ Free(s);
+ return(ret);
+ }
+
diff --git a/crypto/sha/Makefile.ssl b/crypto/sha/Makefile.ssl
new file mode 100644
index 0000000..3c3a9ab
--- /dev/null
+++ b/crypto/sha/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/sha/Makefile
+#
+
+DIR= sha
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=shatest.c sha1test.c
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=sha_dgst.c sha1dgst.c sha_one.c sha1_one.c
+LIBOBJ=sha_dgst.o sha1dgst.o sha_one.o sha1_one.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= sha.h
+HEADER= sha_locl.h $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/sha/sha.c b/crypto/sha/sha.c
new file mode 100644
index 0000000..2fcd963
--- /dev/null
+++ b/crypto/sha/sha.c
@@ -0,0 +1,135 @@
+/* crypto/sha/sha.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define BUFSIZE 1024*16
+
+#ifndef NOPROTO
+void do_fp(FILE *f);
+void pt(unsigned char *md);
+int read(int, void *, unsigned int);
+#else
+void do_fp();
+void pt();
+int read();
+#endif
+
+int main(argc, argv)
+int argc;
+char **argv;
+ {
+ int i,err=0;
+ FILE *IN;
+
+ if (argc == 1)
+ {
+ do_fp(stdin);
+ }
+ else
+ {
+ for (i=1; i<argc; i++)
+ {
+ IN=fopen(argv[i],"r");
+ if (IN == NULL)
+ {
+ perror(argv[i]);
+ err++;
+ continue;
+ }
+ printf("SHA(%s)= ",argv[i]);
+ do_fp(IN);
+ fclose(IN);
+ }
+ }
+ exit(err);
+ }
+
+void do_fp(f)
+FILE *f;
+ {
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+ int fd;
+ int i;
+ unsigned char buf[BUFSIZE];
+
+ fd=fileno(f);
+ SHA_Init(&c);
+ for (;;)
+ {
+ i=read(fd,buf,BUFSIZE);
+ if (i <= 0) break;
+ SHA_Update(&c,buf,(unsigned long)i);
+ }
+ SHA_Final(&(md[0]),&c);
+ pt(md);
+ }
+
+void pt(md)
+unsigned char *md;
+ {
+ int i;
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ printf("%02x",md[i]);
+ printf("\n");
+ }
+
diff --git a/crypto/sha/sha.h b/crypto/sha/sha.h
new file mode 100644
index 0000000..9e22fa8
--- /dev/null
+++ b/crypto/sha/sha.h
@@ -0,0 +1,105 @@
+/* crypto/sha/sha.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SHA_H
+#define HEADER_SHA_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define SHA_CBLOCK 64
+#define SHA_LBLOCK 16
+#define SHA_BLOCK 16
+#define SHA_LAST_BLOCK 56
+#define SHA_LENGTH_BLOCK 8
+#define SHA_DIGEST_LENGTH 20
+
+typedef struct SHAstate_st
+ {
+ unsigned long h0,h1,h2,h3,h4;
+ unsigned long Nl,Nh;
+ unsigned long data[SHA_LBLOCK];
+ int num;
+ } SHA_CTX;
+
+#ifndef NOPROTO
+void SHA_Init(SHA_CTX *c);
+void SHA_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
+void SHA_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA(unsigned char *d, unsigned long n,unsigned char *md);
+void SHA1_Init(SHA_CTX *c);
+void SHA1_Update(SHA_CTX *c, unsigned char *data, unsigned long len);
+void SHA1_Final(unsigned char *md, SHA_CTX *c);
+unsigned char *SHA1(unsigned char *d, unsigned long n,unsigned char *md);
+#else
+void SHA_Init();
+void SHA_Update();
+void SHA_Final();
+unsigned char *SHA();
+void SHA1_Init();
+void SHA1_Update();
+void SHA1_Final();
+unsigned char *SHA1();
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/sha/sha1_one.c b/crypto/sha/sha1_one.c
new file mode 100644
index 0000000..cf381fa
--- /dev/null
+++ b/crypto/sha/sha1_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha1_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "sha.h"
+
+unsigned char *SHA1(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ SHA_CTX c;
+ static unsigned char m[SHA_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ SHA1_Init(&c);
+ SHA1_Update(&c,d,n);
+ SHA1_Final(md,&c);
+ memset(&c,0,sizeof(c));
+ return(md);
+ }
diff --git a/crypto/sha/sha1dgst.c b/crypto/sha/sha1dgst.c
new file mode 100644
index 0000000..1a18126
--- /dev/null
+++ b/crypto/sha/sha1dgst.c
@@ -0,0 +1,373 @@
+/* crypto/sha/sha1dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SHA_0
+#define SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA1_version="SHA1 part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from SHA-1 document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19 0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+static void sha1_block(SHA_CTX *c, register unsigned long *p);
+#else
+static void sha1_block();
+#endif
+
+void SHA1_Init(c)
+SHA_CTX *c;
+ {
+ c->h0=INIT_DATA_h0;
+ c->h1=INIT_DATA_h1;
+ c->h2=INIT_DATA_h2;
+ c->h3=INIT_DATA_h3;
+ c->h4=INIT_DATA_h4;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void SHA1_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int ew,ec,sw,sc;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffff;
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= SHA_CBLOCK)
+ {
+ l= p[sw];
+ p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw<SHA_LBLOCK; sw++)
+ {
+ c2nl(data,l);
+ p[sw]=l;
+ }
+ len-=(SHA_CBLOCK-c->num);
+
+ sha1_block(c,p);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ p_c2nl_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { c2nl(data,l); p[sw]=l; }
+ if (ec)
+ {
+ c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of SHA_CBLOCK
+ * chars and save the leftovers to c->data. */
+ p=c->data;
+ while (len >= SHA_CBLOCK)
+ {
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,data,SHA_CBLOCK);
+ data+=SHA_CBLOCK;
+#ifdef L_ENDIAN
+ for (sw=(SHA_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+#endif
+#else
+ for (sw=(SHA_BLOCK/4); sw; sw--)
+ {
+ c2nl(data,l); *(p++)=l;
+ c2nl(data,l); *(p++)=l;
+ c2nl(data,l); *(p++)=l;
+ c2nl(data,l); *(p++)=l;
+ }
+#endif
+ p=c->data;
+ sha1_block(c,p);
+ len-=SHA_CBLOCK;
+ }
+ ec=(int)len;
+ c->num=ec;
+ ew=(ec>>2);
+ ec&=0x03;
+
+ for (sw=0; sw < ew; sw++)
+ { c2nl(data,l); p[sw]=l; }
+ c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+
+static void sha1_block(c, X)
+SHA_CTX *c;
+register unsigned long *X;
+ {
+ register ULONG A,B,C,D,E,T;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ BODY_00_15( 0,A,B,C,D,E,T);
+ BODY_00_15( 1,T,A,B,C,D,E);
+ BODY_00_15( 2,E,T,A,B,C,D);
+ BODY_00_15( 3,D,E,T,A,B,C);
+ BODY_00_15( 4,C,D,E,T,A,B);
+ BODY_00_15( 5,B,C,D,E,T,A);
+ BODY_00_15( 6,A,B,C,D,E,T);
+ BODY_00_15( 7,T,A,B,C,D,E);
+ BODY_00_15( 8,E,T,A,B,C,D);
+ BODY_00_15( 9,D,E,T,A,B,C);
+ BODY_00_15(10,C,D,E,T,A,B);
+ BODY_00_15(11,B,C,D,E,T,A);
+ BODY_00_15(12,A,B,C,D,E,T);
+ BODY_00_15(13,T,A,B,C,D,E);
+ BODY_00_15(14,E,T,A,B,C,D);
+ BODY_00_15(15,D,E,T,A,B,C);
+ BODY_16_19(16,C,D,E,T,A,B);
+ BODY_16_19(17,B,C,D,E,T,A);
+ BODY_16_19(18,A,B,C,D,E,T);
+ BODY_16_19(19,T,A,B,C,D,E);
+
+ BODY_20_39(20,E,T,A,B,C,D);
+ BODY_20_39(21,D,E,T,A,B,C);
+ BODY_20_39(22,C,D,E,T,A,B);
+ BODY_20_39(23,B,C,D,E,T,A);
+ BODY_20_39(24,A,B,C,D,E,T);
+ BODY_20_39(25,T,A,B,C,D,E);
+ BODY_20_39(26,E,T,A,B,C,D);
+ BODY_20_39(27,D,E,T,A,B,C);
+ BODY_20_39(28,C,D,E,T,A,B);
+ BODY_20_39(29,B,C,D,E,T,A);
+ BODY_20_39(30,A,B,C,D,E,T);
+ BODY_20_39(31,T,A,B,C,D,E);
+ BODY_20_39(32,E,T,A,B,C,D);
+ BODY_20_39(33,D,E,T,A,B,C);
+ BODY_20_39(34,C,D,E,T,A,B);
+ BODY_20_39(35,B,C,D,E,T,A);
+ BODY_20_39(36,A,B,C,D,E,T);
+ BODY_20_39(37,T,A,B,C,D,E);
+ BODY_20_39(38,E,T,A,B,C,D);
+ BODY_20_39(39,D,E,T,A,B,C);
+
+ BODY_40_59(40,C,D,E,T,A,B);
+ BODY_40_59(41,B,C,D,E,T,A);
+ BODY_40_59(42,A,B,C,D,E,T);
+ BODY_40_59(43,T,A,B,C,D,E);
+ BODY_40_59(44,E,T,A,B,C,D);
+ BODY_40_59(45,D,E,T,A,B,C);
+ BODY_40_59(46,C,D,E,T,A,B);
+ BODY_40_59(47,B,C,D,E,T,A);
+ BODY_40_59(48,A,B,C,D,E,T);
+ BODY_40_59(49,T,A,B,C,D,E);
+ BODY_40_59(50,E,T,A,B,C,D);
+ BODY_40_59(51,D,E,T,A,B,C);
+ BODY_40_59(52,C,D,E,T,A,B);
+ BODY_40_59(53,B,C,D,E,T,A);
+ BODY_40_59(54,A,B,C,D,E,T);
+ BODY_40_59(55,T,A,B,C,D,E);
+ BODY_40_59(56,E,T,A,B,C,D);
+ BODY_40_59(57,D,E,T,A,B,C);
+ BODY_40_59(58,C,D,E,T,A,B);
+ BODY_40_59(59,B,C,D,E,T,A);
+
+ BODY_60_79(60,A,B,C,D,E,T);
+ BODY_60_79(61,T,A,B,C,D,E);
+ BODY_60_79(62,E,T,A,B,C,D);
+ BODY_60_79(63,D,E,T,A,B,C);
+ BODY_60_79(64,C,D,E,T,A,B);
+ BODY_60_79(65,B,C,D,E,T,A);
+ BODY_60_79(66,A,B,C,D,E,T);
+ BODY_60_79(67,T,A,B,C,D,E);
+ BODY_60_79(68,E,T,A,B,C,D);
+ BODY_60_79(69,D,E,T,A,B,C);
+ BODY_60_79(70,C,D,E,T,A,B);
+ BODY_60_79(71,B,C,D,E,T,A);
+ BODY_60_79(72,A,B,C,D,E,T);
+ BODY_60_79(73,T,A,B,C,D,E);
+ BODY_60_79(74,E,T,A,B,C,D);
+ BODY_60_79(75,D,E,T,A,B,C);
+ BODY_60_79(76,C,D,E,T,A,B);
+ BODY_60_79(77,B,C,D,E,T,A);
+ BODY_60_79(78,A,B,C,D,E,T);
+ BODY_60_79(79,T,A,B,C,D,E);
+
+ c->h0=(c->h0+E)&0xffffffff;
+ c->h1=(c->h1+T)&0xffffffff;
+ c->h2=(c->h2+A)&0xffffffff;
+ c->h3=(c->h3+B)&0xffffffff;
+ c->h4=(c->h4+C)&0xffffffff;
+ }
+
+void SHA1_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ p_c2nl(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= SHA_LAST_BLOCK)
+ {
+ for (; i<SHA_LBLOCK; i++)
+ p[i]=0;
+ sha1_block(c,p);
+ i=0;
+ }
+ for (; i<(SHA_LBLOCK-2); i++)
+ p[i]=0;
+ p[SHA_LBLOCK-2]=c->Nh;
+ p[SHA_LBLOCK-1]=c->Nl;
+ sha1_block(c,p);
+ cp=md;
+ l=c->h0; nl2c(l,cp);
+ l=c->h1; nl2c(l,cp);
+ l=c->h2; nl2c(l,cp);
+ l=c->h3; nl2c(l,cp);
+ l=c->h4; nl2c(l,cp);
+
+ /* clear stuff, sha1_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+ {
+ int i,ii;
+
+ for (i=0; i<2; i++)
+ {
+ for (ii=0; ii<8; ii++)
+ {
+ fprintf(stderr,"%08lx ",l[i*8+ii]);
+ }
+ fprintf(stderr,"\n");
+ }
+ }
+#endif
diff --git a/crypto/sha/sha1test.c b/crypto/sha/sha1test.c
new file mode 100644
index 0000000..9c172c0
--- /dev/null
+++ b/crypto/sha/sha1test.c
@@ -0,0 +1,155 @@
+/* crypto/sha/sha1test.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#undef SHA_0 /* FIPS 180 */
+#define SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+ };
+
+#ifdef SHA_0
+char *ret[]={
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+ };
+char *bigret=
+ "3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ };
+char *bigret=
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ static unsigned char buf[1000];
+ char *p,*r;
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(SHA1(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating SHA1 on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf,'a',1000);
+ SHA1_Init(&c);
+ for (i=0; i<1000; i++)
+ SHA1_Update(&c,buf,1000);
+ SHA1_Final(md,&c);
+ p=pt(md);
+
+ r=bigret;
+ if (strcmp(p,r) != 0)
+ {
+ printf("error calculating SHA1 on '%s'\n",p);
+ printf("got %s instead of %s\n",p,r);
+ err++;
+ }
+ else
+ printf("test 3 ok\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/crypto/sha/sha_dgst.c b/crypto/sha/sha_dgst.c
new file mode 100644
index 0000000..311aa6f
--- /dev/null
+++ b/crypto/sha/sha_dgst.c
@@ -0,0 +1,374 @@
+/* crypto/sha/sha_dgst.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#define SHA_0
+#undef SHA_1
+#include "sha.h"
+#include "sha_locl.h"
+
+char *SHA_version="SHA part of SSLeay 0.8.1b 29-Jun-1998";
+
+/* Implemented from SHA document - The Secure Hash Algorithm
+ */
+
+#define INIT_DATA_h0 (unsigned long)0x67452301L
+#define INIT_DATA_h1 (unsigned long)0xefcdab89L
+#define INIT_DATA_h2 (unsigned long)0x98badcfeL
+#define INIT_DATA_h3 (unsigned long)0x10325476L
+#define INIT_DATA_h4 (unsigned long)0xc3d2e1f0L
+
+#define K_00_19 0x5a827999L
+#define K_20_39 0x6ed9eba1L
+#define K_40_59 0x8f1bbcdcL
+#define K_60_79 0xca62c1d6L
+
+#ifndef NOPROTO
+static void sha_block(SHA_CTX *c, register unsigned long *p);
+#else
+static void sha_block();
+#endif
+
+void SHA_Init(c)
+SHA_CTX *c;
+ {
+ c->h0=INIT_DATA_h0;
+ c->h1=INIT_DATA_h1;
+ c->h2=INIT_DATA_h2;
+ c->h3=INIT_DATA_h3;
+ c->h4=INIT_DATA_h4;
+ c->Nl=0;
+ c->Nh=0;
+ c->num=0;
+ }
+
+void SHA_Update(c, data, len)
+SHA_CTX *c;
+register unsigned char *data;
+unsigned long len;
+ {
+ register ULONG *p;
+ int sw,sc,ew,ec;
+ ULONG l;
+
+ if (len == 0) return;
+
+ l=(c->Nl+(len<<3))&0xffffffff;
+ if (l < c->Nl) /* overflow */
+ c->Nh++;
+ c->Nh+=(len>>29);
+ c->Nl=l;
+
+ if (c->num != 0)
+ {
+ p=c->data;
+ sw=c->num>>2;
+ sc=c->num&0x03;
+
+ if ((c->num+len) >= SHA_CBLOCK)
+ {
+ l= p[sw];
+ p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw<SHA_LBLOCK; sw++)
+ {
+ c2nl(data,l);
+ p[sw]=l;
+ }
+ len-=(SHA_CBLOCK-c->num);
+
+ sha_block(c,p);
+ c->num=0;
+ /* drop through and do the rest */
+ }
+ else
+ {
+ c->num+=(int)len;
+ if ((sc+len) < 4) /* ugly, add char's to a word */
+ {
+ l= p[sw];
+ p_c2nl_p(data,l,sc,len);
+ p[sw]=l;
+ }
+ else
+ {
+ ew=(c->num>>2);
+ ec=(c->num&0x03);
+ l= p[sw];
+ p_c2nl(data,l,sc);
+ p[sw++]=l;
+ for (; sw < ew; sw++)
+ { c2nl(data,l); p[sw]=l; }
+ if (ec)
+ {
+ c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+ }
+ return;
+ }
+ }
+ /* we now can process the input data in blocks of SHA_CBLOCK
+ * chars and save the leftovers to c->data. */
+ p=c->data;
+ while (len >= SHA_CBLOCK)
+ {
+#if defined(B_ENDIAN) || defined(L_ENDIAN)
+ memcpy(p,data,SHA_CBLOCK);
+ data+=SHA_CBLOCK;
+#ifdef L_ENDIAN
+ for (sw=(SHA_LBLOCK/4); sw; sw--)
+ {
+ Endian_Reverse32(p[0]);
+ Endian_Reverse32(p[1]);
+ Endian_Reverse32(p[2]);
+ Endian_Reverse32(p[3]);
+ p+=4;
+ }
+#endif
+#else
+ for (sw=(SHA_LBLOCK/4); sw; sw--)
+ {
+ c2nl(data,l); *(p++)=l;
+ c2nl(data,l); *(p++)=l;
+ c2nl(data,l); *(p++)=l;
+ c2nl(data,l); *(p++)=l;
+ }
+#endif
+ p=c->data;
+ sha_block(c,p);
+ len-=SHA_CBLOCK;
+ }
+ ec=(int)len;
+ c->num=ec;
+ ew=(ec>>2);
+ ec&=0x03;
+
+ for (sw=0; sw < ew; sw++)
+ { c2nl(data,l); p[sw]=l; }
+ c2nl_p(data,l,ec);
+ p[sw]=l;
+ }
+
+static void sha_block(c, X)
+SHA_CTX *c;
+register unsigned long *X;
+ {
+ register ULONG A,B,C,D,E,T;
+
+ A=c->h0;
+ B=c->h1;
+ C=c->h2;
+ D=c->h3;
+ E=c->h4;
+
+ BODY_00_15( 0,A,B,C,D,E,T);
+ BODY_00_15( 1,T,A,B,C,D,E);
+ BODY_00_15( 2,E,T,A,B,C,D);
+ BODY_00_15( 3,D,E,T,A,B,C);
+ BODY_00_15( 4,C,D,E,T,A,B);
+ BODY_00_15( 5,B,C,D,E,T,A);
+ BODY_00_15( 6,A,B,C,D,E,T);
+ BODY_00_15( 7,T,A,B,C,D,E);
+ BODY_00_15( 8,E,T,A,B,C,D);
+ BODY_00_15( 9,D,E,T,A,B,C);
+ BODY_00_15(10,C,D,E,T,A,B);
+ BODY_00_15(11,B,C,D,E,T,A);
+ BODY_00_15(12,A,B,C,D,E,T);
+ BODY_00_15(13,T,A,B,C,D,E);
+ BODY_00_15(14,E,T,A,B,C,D);
+ BODY_00_15(15,D,E,T,A,B,C);
+ BODY_16_19(16,C,D,E,T,A,B);
+ BODY_16_19(17,B,C,D,E,T,A);
+ BODY_16_19(18,A,B,C,D,E,T);
+ BODY_16_19(19,T,A,B,C,D,E);
+
+ BODY_20_39(20,E,T,A,B,C,D);
+ BODY_20_39(21,D,E,T,A,B,C);
+ BODY_20_39(22,C,D,E,T,A,B);
+ BODY_20_39(23,B,C,D,E,T,A);
+ BODY_20_39(24,A,B,C,D,E,T);
+ BODY_20_39(25,T,A,B,C,D,E);
+ BODY_20_39(26,E,T,A,B,C,D);
+ BODY_20_39(27,D,E,T,A,B,C);
+ BODY_20_39(28,C,D,E,T,A,B);
+ BODY_20_39(29,B,C,D,E,T,A);
+ BODY_20_39(30,A,B,C,D,E,T);
+ BODY_20_39(31,T,A,B,C,D,E);
+ BODY_20_39(32,E,T,A,B,C,D);
+ BODY_20_39(33,D,E,T,A,B,C);
+ BODY_20_39(34,C,D,E,T,A,B);
+ BODY_20_39(35,B,C,D,E,T,A);
+ BODY_20_39(36,A,B,C,D,E,T);
+ BODY_20_39(37,T,A,B,C,D,E);
+ BODY_20_39(38,E,T,A,B,C,D);
+ BODY_20_39(39,D,E,T,A,B,C);
+
+ BODY_40_59(40,C,D,E,T,A,B);
+ BODY_40_59(41,B,C,D,E,T,A);
+ BODY_40_59(42,A,B,C,D,E,T);
+ BODY_40_59(43,T,A,B,C,D,E);
+ BODY_40_59(44,E,T,A,B,C,D);
+ BODY_40_59(45,D,E,T,A,B,C);
+ BODY_40_59(46,C,D,E,T,A,B);
+ BODY_40_59(47,B,C,D,E,T,A);
+ BODY_40_59(48,A,B,C,D,E,T);
+ BODY_40_59(49,T,A,B,C,D,E);
+ BODY_40_59(50,E,T,A,B,C,D);
+ BODY_40_59(51,D,E,T,A,B,C);
+ BODY_40_59(52,C,D,E,T,A,B);
+ BODY_40_59(53,B,C,D,E,T,A);
+ BODY_40_59(54,A,B,C,D,E,T);
+ BODY_40_59(55,T,A,B,C,D,E);
+ BODY_40_59(56,E,T,A,B,C,D);
+ BODY_40_59(57,D,E,T,A,B,C);
+ BODY_40_59(58,C,D,E,T,A,B);
+ BODY_40_59(59,B,C,D,E,T,A);
+
+ BODY_60_79(60,A,B,C,D,E,T);
+ BODY_60_79(61,T,A,B,C,D,E);
+ BODY_60_79(62,E,T,A,B,C,D);
+ BODY_60_79(63,D,E,T,A,B,C);
+ BODY_60_79(64,C,D,E,T,A,B);
+ BODY_60_79(65,B,C,D,E,T,A);
+ BODY_60_79(66,A,B,C,D,E,T);
+ BODY_60_79(67,T,A,B,C,D,E);
+ BODY_60_79(68,E,T,A,B,C,D);
+ BODY_60_79(69,D,E,T,A,B,C);
+ BODY_60_79(70,C,D,E,T,A,B);
+ BODY_60_79(71,B,C,D,E,T,A);
+ BODY_60_79(72,A,B,C,D,E,T);
+ BODY_60_79(73,T,A,B,C,D,E);
+ BODY_60_79(74,E,T,A,B,C,D);
+ BODY_60_79(75,D,E,T,A,B,C);
+ BODY_60_79(76,C,D,E,T,A,B);
+ BODY_60_79(77,B,C,D,E,T,A);
+ BODY_60_79(78,A,B,C,D,E,T);
+ BODY_60_79(79,T,A,B,C,D,E);
+
+ c->h0=(c->h0+E)&0xffffffff;
+ c->h1=(c->h1+T)&0xffffffff;
+ c->h2=(c->h2+A)&0xffffffff;
+ c->h3=(c->h3+B)&0xffffffff;
+ c->h4=(c->h4+C)&0xffffffff;
+ }
+
+void SHA_Final(md, c)
+unsigned char *md;
+SHA_CTX *c;
+ {
+ register int i,j;
+ register ULONG l;
+ register ULONG *p;
+ static unsigned char end[4]={0x80,0x00,0x00,0x00};
+ unsigned char *cp=end;
+
+ /* c->num should definitly have room for at least one more byte. */
+ p=c->data;
+ j=c->num;
+ i=j>>2;
+#ifdef PURIFY
+ if ((j&0x03) == 0) p[i]=0;
+#endif
+ l=p[i];
+ p_c2nl(cp,l,j&0x03);
+ p[i]=l;
+ i++;
+ /* i is the next 'undefined word' */
+ if (c->num >= SHA_LAST_BLOCK)
+ {
+ for (; i<SHA_LBLOCK; i++)
+ p[i]=0;
+ sha_block(c,p);
+ i=0;
+ }
+ for (; i<(SHA_LBLOCK-2); i++)
+ p[i]=0;
+ p[SHA_LBLOCK-2]=c->Nh;
+ p[SHA_LBLOCK-1]=c->Nl;
+ sha_block(c,p);
+ cp=md;
+ l=c->h0; nl2c(l,cp);
+ l=c->h1; nl2c(l,cp);
+ l=c->h2; nl2c(l,cp);
+ l=c->h3; nl2c(l,cp);
+ l=c->h4; nl2c(l,cp);
+ /* clear stuff, sha_block may be leaving some stuff on the stack
+ * but I'm not worried :-) */
+ c->num=0;
+/* memset((char *)&c,0,sizeof(c));*/
+ }
+
+
+#ifdef undef
+int printit(l)
+unsigned long *l;
+ {
+ int i,ii;
+
+ for (i=0; i<2; i++)
+ {
+ for (ii=0; ii<8; ii++)
+ {
+ fprintf(stderr,"%08lx ",l[i*8+ii]);
+ }
+ fprintf(stderr,"\n");
+ }
+ }
+#endif
+
diff --git a/crypto/sha/sha_locl.h b/crypto/sha/sha_locl.h
new file mode 100644
index 0000000..0a5cf46
--- /dev/null
+++ b/crypto/sha/sha_locl.h
@@ -0,0 +1,198 @@
+/* crypto/sha/sha_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdlib.h>
+#include <string.h>
+
+#ifdef undef
+/* one or the other needs to be defined */
+#ifndef SHA_1 /* FIPE 180-1 */
+#define SHA_0 /* FIPS 180 */
+#endif
+#endif
+
+#define ULONG unsigned long
+#define UCHAR unsigned char
+#define UINT unsigned int
+
+#ifdef NOCONST
+#define const
+#endif
+
+#undef c2nl
+#define c2nl(c,l) (l =(((unsigned long)(*((c)++)))<<24), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++))) ))
+
+#undef p_c2nl
+#define p_c2nl(c,l,n) { \
+ switch (n) { \
+ case 0: l =((unsigned long)(*((c)++)))<<24; \
+ case 1: l|=((unsigned long)(*((c)++)))<<16; \
+ case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+ case 3: l|=((unsigned long)(*((c)++))); \
+ } \
+ }
+
+#undef c2nl_p
+/* NOTE the pointer is not incremented at the end of this */
+#define c2nl_p(c,l,n) { \
+ l=0; \
+ (c)+=n; \
+ switch (n) { \
+ case 3: l =((unsigned long)(*(--(c))))<< 8; \
+ case 2: l|=((unsigned long)(*(--(c))))<<16; \
+ case 1: l|=((unsigned long)(*(--(c))))<<24; \
+ } \
+ }
+
+#undef p_c2nl_p
+#define p_c2nl_p(c,l,sc,len) { \
+ switch (sc) \
+ { \
+ case 0: l =((unsigned long)(*((c)++)))<<24; \
+ if (--len == 0) break; \
+ case 1: l|=((unsigned long)(*((c)++)))<<16; \
+ if (--len == 0) break; \
+ case 2: l|=((unsigned long)(*((c)++)))<< 8; \
+ } \
+ }
+
+#undef nl2c
+#define nl2c(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* I have taken some of this code from my MD5 implementation */
+
+#undef ROTATE
+#if defined(WIN32)
+#define ROTATE(a,n) _lrotl(a,n)
+#else
+#define ROTATE(a,n) (((a)<<(n))|(((a)&0xffffffff)>>(32-(n))))
+#endif
+
+/* A nice byte order reversal from Wei Dai <weidai@eskimo.com> */
+#if defined(WIN32)
+/* 5 instructions with rotate instruction, else 9 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ (a)=((ROTATE(l,8)&0x00FF00FF)|(ROTATE(l,24)&0xFF00FF00)); \
+ }
+#else
+/* 6 instructions with rotate instruction, else 8 */
+#define Endian_Reverse32(a) \
+ { \
+ unsigned long l=(a); \
+ l=(((l&0xFF00FF00)>>8L)|((l&0x00FF00FF)<<8L)); \
+ (a)=ROTATE(l,16L); \
+ }
+#endif
+
+/* As pointed out by Wei Dai <weidai@eskimo.com>, F() below can be
+ * simplified to the code in F_00_19. Wei attributes these optimisations
+ * to Peter Gutmann's SHS code, and he attributes it to Rich Schroeppel.
+ * #define F(x,y,z) (((x) & (y)) | ((~(x)) & (z)))
+ * I've just become aware of another tweak to be made, again from Wei Dai,
+ * in F_40_59, (x&a)|(y&a) -> (x|y)&a
+ */
+#define F_00_19(b,c,d) ((((c) ^ (d)) & (b)) ^ (d))
+#define F_20_39(b,c,d) ((b) ^ (c) ^ (d))
+#define F_40_59(b,c,d) (((b) & (c)) | (((b)|(c)) & (d)))
+#define F_60_79(b,c,d) F_20_39(b,c,d)
+
+#ifdef SHA_0
+#undef Xupdate
+#define Xupdate(a,i) \
+ X[(i)&0x0f]=(a)=\
+ (X[(i)&0x0f]^X[((i)+2)&0x0f]^X[((i)+8)&0x0f]^X[((i)+13)&0x0f]);
+#endif
+#ifdef SHA_1
+#undef Xupdate
+#define Xupdate(a,i) \
+ (a)=(X[(i)&0x0f]^X[((i)+2)&0x0f]^X[((i)+8)&0x0f]^X[((i)+13)&0x0f]); \
+ X[(i)&0x0f]=(a)=ROTATE((a),1);
+#endif
+
+#define BODY_00_15(i,a,b,c,d,e,f) \
+ (f)=X[i]+(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_16_19(i,a,b,c,d,e,f) \
+ Xupdate(f,i); \
+ (f)+=(e)+K_00_19+ROTATE((a),5)+F_00_19((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_20_39(i,a,b,c,d,e,f) \
+ Xupdate(f,i); \
+ (f)+=(e)+K_20_39+ROTATE((a),5)+F_20_39((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_40_59(i,a,b,c,d,e,f) \
+ Xupdate(f,i); \
+ (f)+=(e)+K_40_59+ROTATE((a),5)+F_40_59((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
+#define BODY_60_79(i,a,b,c,d,e,f) \
+ Xupdate(f,i); \
+ (f)=X[(i)&0x0f]+(e)+K_60_79+ROTATE((a),5)+F_60_79((b),(c),(d)); \
+ (b)=ROTATE((b),30);
+
diff --git a/crypto/sha/sha_one.c b/crypto/sha/sha_one.c
new file mode 100644
index 0000000..87da617
--- /dev/null
+++ b/crypto/sha/sha_one.c
@@ -0,0 +1,77 @@
+/* crypto/sha/sha_one.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "sha.h"
+
+unsigned char *SHA(d, n, md)
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ {
+ SHA_CTX c;
+ static unsigned char m[SHA_DIGEST_LENGTH];
+
+ if (md == NULL) md=m;
+ SHA_Init(&c);
+ SHA_Update(&c,d,n);
+ SHA_Final(md,&c);
+ memset(&c,0,sizeof(c));
+ return(md);
+ }
diff --git a/crypto/sha/shatest.c b/crypto/sha/shatest.c
new file mode 100644
index 0000000..28c2e19
--- /dev/null
+++ b/crypto/sha/shatest.c
@@ -0,0 +1,155 @@
+/* crypto/sha/shatest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include "sha.h"
+
+#define SHA_0 /* FIPS 180 */
+#undef SHA_1 /* FIPS 180-1 */
+
+char *test[]={
+ "abc",
+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
+ NULL,
+ };
+
+#ifdef SHA_0
+char *ret[]={
+ "0164b8a914cd2a5e74c4f7ff082c4d97f1edf880",
+ "d2516ee1acfa5baf33dfc1c471e438449ef134c8",
+ };
+char *bigret=
+ "3232affa48628a26653b5aaa44541fd90d690603";
+#endif
+#ifdef SHA_1
+char *ret[]={
+ "a9993e364706816aba3e25717850c26c9cd0d89d",
+ "84983e441c3bd26ebaae4aa1f95129e5e54670f1",
+ };
+char *bigret=
+ "34aa973cd4c4daa4f61eeb2bdbad27316534016f";
+#endif
+
+#ifndef NOPROTO
+static char *pt(unsigned char *md);
+#else
+static char *pt();
+#endif
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ int i,err=0;
+ unsigned char **P,**R;
+ static unsigned char buf[1000];
+ char *p,*r;
+ SHA_CTX c;
+ unsigned char md[SHA_DIGEST_LENGTH];
+
+ P=(unsigned char **)test;
+ R=(unsigned char **)ret;
+ i=1;
+ while (*P != NULL)
+ {
+ p=pt(SHA(*P,(unsigned long)strlen((char *)*P),NULL));
+ if (strcmp(p,(char *)*R) != 0)
+ {
+ printf("error calculating SHA on '%s'\n",*P);
+ printf("got %s instead of %s\n",p,*R);
+ err++;
+ }
+ else
+ printf("test %d ok\n",i);
+ i++;
+ R++;
+ P++;
+ }
+
+ memset(buf,'a',1000);
+ SHA_Init(&c);
+ for (i=0; i<1000; i++)
+ SHA_Update(&c,buf,1000);
+ SHA_Final(md,&c);
+ p=pt(md);
+
+ r=bigret;
+ if (strcmp(p,r) != 0)
+ {
+ printf("error calculating SHA on '%s'\n",p);
+ printf("got %s instead of %s\n",p,r);
+ err++;
+ }
+ else
+ printf("test 3 ok\n");
+ exit(err);
+ return(0);
+ }
+
+static char *pt(md)
+unsigned char *md;
+ {
+ int i;
+ static char buf[80];
+
+ for (i=0; i<SHA_DIGEST_LENGTH; i++)
+ sprintf(&(buf[i*2]),"%02x",md[i]);
+ return(buf);
+ }
diff --git a/crypto/stack/Makefile.ssl b/crypto/stack/Makefile.ssl
new file mode 100644
index 0000000..0d232c0
--- /dev/null
+++ b/crypto/stack/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/stack/Makefile
+#
+
+DIR= stack
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=stack.c
+LIBOBJ=stack.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= stack.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/stack/stack.c b/crypto/stack/stack.c
new file mode 100644
index 0000000..712089e
--- /dev/null
+++ b/crypto/stack/stack.c
@@ -0,0 +1,299 @@
+/* crypto/stack/stack.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* Code for stacks
+ * Author - Eric Young v 1.0
+ * 1.2 eay 12-Mar-97 - Modified sk_find so that it _DOES_ return the
+ * lowest index for the seached item.
+ *
+ * 1.1 eay - Take from netdb and added to SSLeay
+ *
+ * 1.0 eay - First version 29/07/92
+ */
+#include <stdio.h>
+#include "cryptlib.h"
+#include "stack.h"
+
+#undef MIN_NODES
+#define MIN_NODES 4
+
+char *STACK_version="STACK part of SSLeay 0.8.1b 29-Jun-1998";
+
+#ifndef NOPROTO
+#define FP_ICC (int (*)(const void *,const void *))
+#else
+#define FP_ICC
+#endif
+
+#include <errno.h>
+
+void sk_set_cmp_func(sk,c)
+STACK *sk;
+int (*c)();
+ {
+ if (sk->comp != c)
+ sk->sorted=0;
+ sk->comp=c;
+ }
+
+STACK *sk_dup(sk)
+STACK *sk;
+ {
+ STACK *ret;
+ char **s;
+
+ if ((ret=sk_new(sk->comp)) == NULL) goto err;
+ s=(char **)Realloc((char *)ret->data,
+ (unsigned int)sizeof(char *)*sk->num_alloc);
+ if (s == NULL) goto err;
+ ret->data=s;
+
+ ret->num=sk->num;
+ memcpy(ret->data,sk->data,sizeof(char *)*sk->num);
+ ret->sorted=sk->sorted;
+ ret->num_alloc=sk->num_alloc;
+ ret->comp=sk->comp;
+ return(ret);
+err:
+ return(NULL);
+ }
+
+STACK *sk_new(c)
+int (*c)();
+ {
+ STACK *ret;
+ int i;
+
+ if ((ret=(STACK *)Malloc(sizeof(STACK))) == NULL)
+ goto err0;
+ if ((ret->data=(char **)Malloc(sizeof(char *)*MIN_NODES)) == NULL)
+ goto err1;
+ for (i=0; i<MIN_NODES; i++)
+ ret->data[i]=NULL;
+ ret->comp=c;
+ ret->num_alloc=MIN_NODES;
+ ret->num=0;
+ ret->sorted=0;
+ return(ret);
+err1:
+ Free((char *)ret);
+err0:
+ return(NULL);
+ }
+
+int sk_insert(st,data,loc)
+STACK *st;
+char *data;
+int loc;
+ {
+ char **s;
+
+ if (st->num_alloc <= st->num+1)
+ {
+ s=(char **)Realloc((char *)st->data,
+ (unsigned int)sizeof(char *)*st->num_alloc*2);
+ if (s == NULL)
+ return(0);
+ st->data=s;
+ st->num_alloc*=2;
+ }
+ if ((loc >= (int)st->num) || (loc < 0))
+ st->data[st->num]=data;
+ else
+ {
+ int i;
+ char **f,**t;
+
+ f=(char **)st->data;
+ t=(char **)&(st->data[1]);
+ for (i=st->num; i>loc; i--)
+ t[i]=f[i];
+
+#ifdef undef /* no memmove on sunos :-( */
+ memmove( (char *)&(st->data[loc+1]),
+ (char *)&(st->data[loc]),
+ sizeof(char *)*(st->num-loc));
+#endif
+ st->data[loc]=data;
+ }
+ st->num++;
+ st->sorted=0;
+ return(st->num);
+ }
+
+char *sk_delete_ptr(st,p)
+STACK *st;
+char *p;
+ {
+ int i;
+
+ for (i=0; i<st->num; i++)
+ if (st->data[i] == p)
+ return(sk_delete(st,i));
+ return(NULL);
+ }
+
+char *sk_delete(st,loc)
+STACK *st;
+int loc;
+ {
+ char *ret;
+
+ if ((st->num == 0) || (loc < 0) || (loc >= st->num)) return(NULL);
+
+ ret=st->data[loc];
+ if (loc != st->num-1)
+ memcpy( &(st->data[loc]),
+ &(st->data[loc+1]),
+ sizeof(char *)*(st->num-loc-1));
+ st->num--;
+ return(ret);
+ }
+
+int sk_find(st,data)
+STACK *st;
+char *data;
+ {
+ char **r;
+ int i;
+ int (*comp_func)();
+
+ if (st->comp == NULL)
+ {
+ for (i=0; i<st->num; i++)
+ if (st->data[i] == data)
+ return(i);
+ return(-1);
+ }
+ comp_func=(int (*)())st->comp;
+ if (!st->sorted)
+ {
+ qsort((char *)st->data,st->num,sizeof(char *),FP_ICC comp_func);
+ st->sorted=1;
+ }
+ if (data == NULL) return(-1);
+ r=(char **)bsearch(&data,(char *)st->data,
+ st->num,sizeof(char *),FP_ICC comp_func);
+ if (r == NULL) return(-1);
+ i=(int)(r-st->data);
+ for ( ; i>0; i--)
+ if ((*st->comp)(&(st->data[i-1]),&data) < 0)
+ break;
+ return(i);
+ }
+
+int sk_push(st,data)
+STACK *st;
+char *data;
+ {
+ return(sk_insert(st,data,st->num));
+ }
+
+int sk_unshift(st,data)
+STACK *st;
+char *data;
+ {
+ return(sk_insert(st,data,0));
+ }
+
+char *sk_shift(st)
+STACK *st;
+ {
+ if (st == NULL) return(NULL);
+ if (st->num <= 0) return(NULL);
+ return(sk_delete(st,0));
+ }
+
+char *sk_pop(st)
+STACK *st;
+ {
+ if (st == NULL) return(NULL);
+ if (st->num <= 0) return(NULL);
+ return(sk_delete(st,st->num-1));
+ }
+
+void sk_zero(st)
+STACK *st;
+ {
+ if (st == NULL) return;
+ if (st->num <= 0) return;
+ memset((char *)st->data,0,sizeof(st->data)*st->num);
+ st->num=0;
+ }
+
+void sk_pop_free(st,func)
+STACK *st;
+void (*func)();
+ {
+ int i;
+
+ if (st == NULL) return;
+ for (i=0; i<st->num; i++)
+ if (st->data[i] != NULL)
+ func(st->data[i]);
+ sk_free(st);
+ }
+
+void sk_free(st)
+STACK *st;
+ {
+ if (st == NULL) return;
+ if (st->data != NULL) Free((char *)st->data);
+ Free((char *)st);
+ }
+
diff --git a/crypto/stack/stack.h b/crypto/stack/stack.h
new file mode 100644
index 0000000..66ba83e
--- /dev/null
+++ b/crypto/stack/stack.h
@@ -0,0 +1,120 @@
+/* crypto/stack/stack.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_STACK_H
+#define HEADER_STACK_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+typedef struct stack_st
+ {
+ int num;
+ char **data;
+ int sorted;
+
+ int num_alloc;
+ int (*comp)();
+ } STACK;
+
+#define sk_num(sk) ((sk)->num)
+#define sk_value(sk,n) ((sk)->data[n])
+
+#define sk_new_null() sk_new(NULL)
+#ifndef NOPROTO
+
+STACK *sk_new(int (*cmp)());
+void sk_free(STACK *);
+void sk_pop_free(STACK *st, void (*func)());
+int sk_insert(STACK *sk,char *data,int where);
+char *sk_delete(STACK *st,int loc);
+char *sk_delete_ptr(STACK *st, char *p);
+int sk_find(STACK *st,char *data);
+int sk_push(STACK *st,char *data);
+int sk_unshift(STACK *st,char *data);
+char *sk_shift(STACK *st);
+char *sk_pop(STACK *st);
+void sk_zero(STACK *st);
+void sk_set_cmp_func(STACK *sk, int (*c)());
+STACK *sk_dup(STACK *st);
+
+#else
+
+STACK *sk_new();
+void sk_free();
+void sk_pop_free();
+int sk_insert();
+char *sk_delete();
+char *sk_delete_ptr();
+int sk_find();
+int sk_push();
+int sk_unshift();
+char *sk_shift();
+char *sk_pop();
+void sk_zero();
+void sk_set_cmp_func();
+STACK *sk_dup();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/txt_db/Makefile.ssl b/crypto/txt_db/Makefile.ssl
new file mode 100644
index 0000000..76e5115
--- /dev/null
+++ b/crypto/txt_db/Makefile.ssl
@@ -0,0 +1,80 @@
+#
+# SSLeay/crypto/txt_db/Makefile
+#
+
+DIR= txt_db
+TOP= ../..
+CC= cc
+INCLUDES=
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC=txt_db.c
+LIBOBJ=txt_db.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= txt_db.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/txt_db/txt_db.c b/crypto/txt_db/txt_db.c
new file mode 100644
index 0000000..ae8db39
--- /dev/null
+++ b/crypto/txt_db/txt_db.c
@@ -0,0 +1,394 @@
+/* crypto/txt_db/txt_db.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "cryptlib.h"
+#include "buffer.h"
+#include "txt_db.h"
+
+#undef BUFSIZE
+#define BUFSIZE 512
+
+char *TXT_DB_version="TXT_DB part of SSLeay 0.8.1b 29-Jun-1998";
+
+TXT_DB *TXT_DB_read(in,num)
+BIO *in;
+int num;
+ {
+ TXT_DB *ret=NULL;
+ int er=1;
+ int esc=0;
+ long ln=0;
+ int i,add,n;
+ int size=BUFSIZE;
+ int offset=0;
+ char *p,**pp,*f;
+ BUF_MEM *buf=NULL;
+
+ if ((buf=BUF_MEM_new()) == NULL) goto err;
+ if (!BUF_MEM_grow(buf,size)) goto err;
+
+ if ((ret=(TXT_DB *)Malloc(sizeof(TXT_DB))) == NULL)
+ goto err;
+ ret->num_fields=num;
+ ret->index=NULL;
+ ret->qual=NULL;
+ if ((ret->data=sk_new_null()) == NULL)
+ goto err;
+ if ((ret->index=(LHASH **)Malloc(sizeof(LHASH *)*num)) == NULL)
+ goto err;
+ if ((ret->qual=(int (**)())Malloc(sizeof(int (**)())*num)) == NULL)
+ goto err;
+ for (i=0; i<num; i++)
+ {
+ ret->index[i]=NULL;
+ ret->qual[i]=NULL;
+ }
+
+ add=(num+1)*sizeof(char *);
+ buf->data[size-1]='\0';
+ offset=0;
+ for (;;)
+ {
+ if (offset != 0)
+ {
+ size+=BUFSIZE;
+ if (!BUF_MEM_grow(buf,size)) goto err;
+ }
+ buf->data[offset]='\0';
+ BIO_gets(in,&(buf->data[offset]),size-offset);
+ ln++;
+ if (buf->data[offset] == '\0') break;
+ if ((offset == 0) && (buf->data[0] == '#')) continue;
+ i=strlen(&(buf->data[offset]));
+ offset+=i;
+ if (buf->data[offset-1] != '\n')
+ continue;
+ else
+ {
+ buf->data[offset-1]='\0'; /* blat the '\n' */
+ p=(char *)Malloc(add+offset);
+ offset=0;
+ }
+ pp=(char **)p;
+ p+=add;
+ n=0;
+ pp[n++]=p;
+ i=0;
+ f=buf->data;
+
+ esc=0;
+ for (;;)
+ {
+ if (*f == '\0') break;
+ if (*f == '\t')
+ {
+ if (esc)
+ p--;
+ else
+ {
+ *(p++)='\0';
+ f++;
+ if (n >= num) break;
+ pp[n++]=p;
+ continue;
+ }
+ }
+ esc=(*f == '\\');
+ *(p++)= *(f++);
+ }
+ *(p++)='\0';
+ if ((n != num) || (*f != '\0'))
+ {
+#ifndef WIN16 /* temporaty fix :-( */
+ fprintf(stderr,"wrong number of fields on line %ld\n",ln);
+#endif
+ er=2;
+ goto err;
+ }
+ pp[n]=p;
+ if (!sk_push(ret->data,(char *)pp))
+ {
+#ifndef WIN16 /* temporaty fix :-( */
+ fprintf(stderr,"failure in sk_push\n");
+#endif
+ er=2;
+ goto err;
+ }
+ }
+ er=0;
+err:
+ BUF_MEM_free(buf);
+ if (er)
+ {
+#ifndef WIN16
+ if (er == 1) fprintf(stderr,"Malloc failure\n");
+#endif
+ if (ret->data != NULL) sk_free(ret->data);
+ if (ret->index != NULL) Free(ret->index);
+ if (ret->qual != NULL) Free((char *)ret->qual);
+ if (ret != NULL) Free(ret);
+ return(NULL);
+ }
+ else
+ return(ret);
+ }
+
+char **TXT_DB_get_by_index(db,idx,value)
+TXT_DB *db;
+int idx;
+char **value;
+ {
+ char **ret;
+ LHASH *lh;
+
+ if (idx >= db->num_fields)
+ {
+ db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
+ return(NULL);
+ }
+ lh=db->index[idx];
+ if (lh == NULL)
+ {
+ db->error=DB_ERROR_NO_INDEX;
+ return(NULL);
+ }
+ ret=(char **)lh_retrieve(lh,(char *)value);
+ db->error=DB_ERROR_OK;
+ return(ret);
+ }
+
+int TXT_DB_create_index(db,field,qual,hash,cmp)
+TXT_DB *db;
+int field;
+int (*qual)();
+unsigned long (*hash)();
+int (*cmp)();
+ {
+ LHASH *idx;
+ char *r;
+ int i,n;
+
+ if (field >= db->num_fields)
+ {
+ db->error=DB_ERROR_INDEX_OUT_OF_RANGE;
+ return(0);
+ }
+ if ((idx=lh_new(hash,cmp)) == NULL)
+ {
+ db->error=DB_ERROR_MALLOC;
+ return(0);
+ }
+ n=sk_num(db->data);
+ for (i=0; i<n; i++)
+ {
+ r=(char *)sk_value(db->data,i);
+ if ((qual != NULL) && (qual(r) == 0)) continue;
+ if ((r=lh_insert(idx,r)) != NULL)
+ {
+ db->error=DB_ERROR_INDEX_CLASH;
+ db->arg1=sk_find(db->data,r);
+ db->arg2=i;
+ lh_free(idx);
+ return(0);
+ }
+ }
+ if (db->index[field] != NULL) lh_free(db->index[field]);
+ db->index[field]=idx;
+ db->qual[field]=qual;
+ return(1);
+ }
+
+long TXT_DB_write(out,db)
+BIO *out;
+TXT_DB *db;
+ {
+ long i,j,n,nn,l,tot=0;
+ char *p,**pp,*f;
+ BUF_MEM *buf=NULL;
+ long ret= -1;
+
+ if ((buf=BUF_MEM_new()) == NULL)
+ goto err;
+ n=sk_num(db->data);
+ nn=db->num_fields;
+ for (i=0; i<n; i++)
+ {
+ pp=(char **)sk_value(db->data,i);
+
+ l=0;
+ for (j=0; j<nn; j++)
+ {
+ if (pp[j] != NULL)
+ l+=strlen(pp[j]);
+ }
+ if (!BUF_MEM_grow(buf,(int)(l*2+nn))) goto err;
+
+ p=buf->data;
+ for (j=0; j<nn; j++)
+ {
+ f=pp[j];
+ if (f != NULL)
+ for (;;)
+ {
+ if (*f == '\0') break;
+ if (*f == '\t') *(p++)='\\';
+ *(p++)= *(f++);
+ }
+ *(p++)='\t';
+ }
+ p[-1]='\n';
+ j=p-buf->data;
+ if (BIO_write(out,buf->data,(int)j) != j)
+ goto err;
+ tot+=j;
+ }
+ ret=tot;
+err:
+ if (buf != NULL) BUF_MEM_free(buf);
+ return(ret);
+ }
+
+int TXT_DB_insert(db,row)
+TXT_DB *db;
+char **row;
+ {
+ int i;
+ char **r;
+
+ for (i=0; i<db->num_fields; i++)
+ {
+ if (db->index[i] != NULL)
+ {
+ if ((db->qual[i] != NULL) &&
+ (db->qual[i](row) == 0)) continue;
+ r=(char **)lh_retrieve(db->index[i],(char *)row);
+ if (r != NULL)
+ {
+ db->error=DB_ERROR_INDEX_CLASH;
+ db->arg1=i;
+ db->arg_row=r;
+ goto err;
+ }
+ }
+ }
+ /* We have passed the index checks, now just append and insert */
+ if (!sk_push(db->data,(char *)row))
+ {
+ db->error=DB_ERROR_MALLOC;
+ goto err;
+ }
+
+ for (i=0; i<db->num_fields; i++)
+ {
+ if (db->index[i] != NULL)
+ {
+ if ((db->qual[i] != NULL) &&
+ (db->qual[i](row) == 0)) continue;
+ lh_insert(db->index[i],(char *)row);
+ }
+ }
+ return(1);
+err:
+ return(0);
+ }
+
+void TXT_DB_free(db)
+TXT_DB *db;
+ {
+ int i,n;
+ char **p,*max;
+
+ if (db->index != NULL)
+ {
+ for (i=db->num_fields-1; i>=0; i--)
+ if (db->index[i] != NULL) lh_free(db->index[i]);
+ Free(db->index);
+ }
+ if (db->qual != NULL)
+ Free(db->qual);
+ if (db->data != NULL)
+ {
+ for (i=sk_num(db->data)-1; i>=0; i--)
+ {
+ /* check if any 'fields' have been allocated
+ * from outside of the initial block */
+ p=(char **)sk_value(db->data,i);
+ max=p[db->num_fields]; /* last address */
+ if (max == NULL) /* new row */
+ {
+ for (n=0; n<db->num_fields; n++)
+ if (p[n] != NULL) Free(p[n]);
+ }
+ else
+ {
+ for (n=0; n<db->num_fields; n++)
+ {
+ if (((p[n] < (char *)p) || (p[n] > max))
+ && (p[n] != NULL))
+ Free(p[n]);
+ }
+ }
+ Free(sk_value(db->data,i));
+ }
+ sk_free(db->data);
+ }
+ Free(db);
+ }
diff --git a/crypto/txt_db/txt_db.h b/crypto/txt_db/txt_db.h
new file mode 100644
index 0000000..4775d5e
--- /dev/null
+++ b/crypto/txt_db/txt_db.h
@@ -0,0 +1,117 @@
+/* crypto/txt_db/txt_db.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_TXT_DB_H
+#define HEADER_TXT_DB_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "lhash.h"
+
+#define DB_ERROR_OK 0
+#define DB_ERROR_MALLOC 1
+#define DB_ERROR_INDEX_CLASH 2
+#define DB_ERROR_INDEX_OUT_OF_RANGE 3
+#define DB_ERROR_NO_INDEX 4
+#define DB_ERROR_INSERT_INDEX_CLASH 5
+
+typedef struct txt_db_st
+ {
+ int num_fields;
+ STACK /* char ** */ *data;
+ LHASH **index;
+ int (**qual)();
+ long error;
+ long arg1;
+ long arg2;
+ char **arg_row;
+ } TXT_DB;
+
+#ifndef NOPROTO
+#ifdef HEADER_BIO_H
+TXT_DB *TXT_DB_read(BIO *in, int num);
+long TXT_DB_write(BIO *out, TXT_DB *db);
+#else
+TXT_DB *TXT_DB_read(char *in, int num);
+long TXT_DB_write(char *out, TXT_DB *db);
+#endif
+int TXT_DB_create_index(TXT_DB *db,int field,int (*qual)(),
+ unsigned long (*hash)(),int (*cmp)());
+void TXT_DB_free(TXT_DB *db);
+char **TXT_DB_get_by_index(TXT_DB *db, int idx, char **value);
+int TXT_DB_insert(TXT_DB *db,char **value);
+
+#else
+
+TXT_DB *TXT_DB_read();
+long TXT_DB_write();
+int TXT_DB_create_index();
+void TXT_DB_free();
+char **TXT_DB_get_by_index();
+int TXT_DB_insert();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
diff --git a/crypto/x509/Makefile.ssl b/crypto/x509/Makefile.ssl
new file mode 100644
index 0000000..e54a74d
--- /dev/null
+++ b/crypto/x509/Makefile.ssl
@@ -0,0 +1,96 @@
+#
+# SSLeay/crypto/x509/Makefile
+#
+
+DIR= x509
+TOP= ../..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=x509
+ERRC=x509_err
+GENERAL=Makefile README
+TEST=
+APPS=
+
+LIB=$(TOP)/libcrypto.a
+LIBSRC= x509_def.c x509_d2.c x509_r2x.c x509_cmp.c \
+ x509_obj.c x509_req.c x509_vfy.c \
+ x509_set.c x509rset.c $(ERRC).c \
+ x509name.c x509_v3.c x509_ext.c x509pack.c \
+ x509type.c x509_lu.c x_all.c x509_txt.c \
+ by_file.c by_dir.c \
+ v3_net.c v3_x509.c
+LIBOBJ= x509_def.o x509_d2.o x509_r2x.o x509_cmp.o \
+ x509_obj.o x509_req.o x509_vfy.o \
+ x509_set.o x509rset.o $(ERRC).o \
+ x509name.o x509_v3.o x509_ext.o x509pack.o \
+ x509type.o x509_lu.o x_all.o x509_txt.o \
+ by_file.o by_dir.o \
+ v3_net.o v3_x509.o
+
+SRC= $(LIBSRC)
+
+EXHEADER= x509.h x509_vfy.h
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ../..; $(MAKE) DIRS=crypto SDIRS=$(DIR) sub_all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../../test $(TEST)
+ $(TOP)/util/mklink.sh ../../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/crypto/x509/attrib b/crypto/x509/attrib
new file mode 100644
index 0000000..37f6cd7
--- /dev/null
+++ b/crypto/x509/attrib
@@ -0,0 +1,38 @@
+
+PKCS7
+ STACK of X509_ATTRIBUTES
+ ASN1_OBJECT
+ STACK of ASN1_TYPE
+
+So it is
+
+p7.xa[].obj
+p7.xa[].data[]
+
+get_obj_by_nid(STACK , nid)
+get_num_by_nid(STACK , nid)
+get_data_by_nid(STACK , nid, index)
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_NID(X509_ATTRIBUTE **ex,
+ int nid, STACK *value);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_create_by_OBJ(X509_ATTRIBUTE **ex,
+ int nid, STACK *value);
+
+int X509_ATTRIBUTE_set_object(X509_ATTRIBUTE *ex,ASN1_OBJECT *obj);
+int X509_ATTRIBUTE_add_data(X509_ATTRIBUTE *ex, int index,
+ ASN1_TYPE *value);
+
+ASN1_OBJECT * X509_ATTRIBUTE_get_object(X509_ATTRIBUTE *ex);
+int X509_ATTRIBUTE_get_num(X509_ATTRIBUTE *ne);
+ASN1_TYPE * X509_ATTRIBUTE_get_data(X509_ATTRIBUTE *ne,int index);
+
+ASN1_TYPE * X509_ATTRIBUTE_get_data_by_NID(X509_ATTRIBUTE *ne,
+ ASN1_OBJECT *obj);
+
+X509_ATTRUBUTE *PKCS7_get_s_att_by_NID(PKCS7 *p7,int nid);
+X509_ATTRUBUTE *PKCS7_get_u_att_by_NID(PKCS7 *p7,int nid);
+
diff --git a/crypto/x509/by_dir.c b/crypto/x509/by_dir.c
new file mode 100644
index 0000000..6676a2e
--- /dev/null
+++ b/crypto/x509/by_dir.c
@@ -0,0 +1,320 @@
+/* crypto/x509/by_dir.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+#include "pem.h"
+
+typedef struct lookup_dir_st
+ {
+ BUF_MEM *buffer;
+ int num_dirs;
+ char **dirs;
+ int *dirs_type;
+ int num_dirs_alloced;
+ } BY_DIR;
+
+#ifndef NOPROTO
+static int dir_ctrl(X509_LOOKUP *ctx,int cmd,char *argp,long argl,char **ret);
+static int new_dir(X509_LOOKUP *lu);
+static void free_dir(X509_LOOKUP *lu);
+static int add_cert_dir(BY_DIR *ctx,char *dir,int type);
+static int get_cert_by_subject(X509_LOOKUP *xl,int type,X509_NAME *name,
+ X509_OBJECT *ret);
+#else
+static int dir_ctrl();
+static int new_dir();
+static void free_dir();
+static int add_cert_dir();
+static int get_cert_by_subject();
+#endif
+
+X509_LOOKUP_METHOD x509_dir_lookup=
+ {
+ "Load certs from files in a directory",
+ new_dir, /* new */
+ free_dir, /* free */
+ NULL, /* init */
+ NULL, /* shutdown */
+ dir_ctrl, /* ctrl */
+ get_cert_by_subject, /* get_by_subject */
+ NULL, /* get_by_issuer_serial */
+ NULL, /* get_by_fingerprint */
+ NULL, /* get_by_alias */
+ };
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir()
+ {
+ return(&x509_dir_lookup);
+ }
+
+static int dir_ctrl(ctx,cmd,argp,argl,retp)
+X509_LOOKUP *ctx;
+int cmd;
+long argl;
+char *argp;
+char **retp;
+ {
+ int ret=0;
+ BY_DIR *ld;
+ char *dir;
+
+ ld=(BY_DIR *)ctx->method_data;
+
+ switch (cmd)
+ {
+ case X509_L_ADD_DIR:
+ if (argl == X509_FILETYPE_DEFAULT)
+ {
+ ret=add_cert_dir(ld,X509_get_default_cert_dir(),
+ X509_FILETYPE_PEM);
+ if (!ret)
+ {
+ X509err(X509_F_DIR_CTRL,X509_R_LOADING_CERT_DIR);
+ }
+ else
+ {
+ dir=(char *)Getenv(X509_get_default_cert_dir_env());
+ ret=add_cert_dir(ld,dir,X509_FILETYPE_PEM);
+ }
+ }
+ else
+ ret=add_cert_dir(ld,argp,(int)argl);
+ break;
+ }
+ return(ret);
+ }
+
+static int new_dir(lu)
+X509_LOOKUP *lu;
+ {
+ BY_DIR *a;
+
+ if ((a=(BY_DIR *)Malloc(sizeof(BY_DIR))) == NULL)
+ return(0);
+ if ((a->buffer=BUF_MEM_new()) == NULL)
+ {
+ Free(a);
+ return(0);
+ }
+ a->num_dirs=0;
+ a->dirs=NULL;
+ a->dirs_type=NULL;
+ a->num_dirs_alloced=0;
+ lu->method_data=(char *)a;
+ return(1);
+ }
+
+static void free_dir(lu)
+X509_LOOKUP *lu;
+ {
+ BY_DIR *a;
+ int i;
+
+ a=(BY_DIR *)lu->method_data;
+ for (i=0; i<a->num_dirs; i++)
+ if (a->dirs[i] != NULL) Free(a->dirs[i]);
+ if (a->dirs != NULL) Free(a->dirs);
+ if (a->dirs_type != NULL) Free(a->dirs_type);
+ if (a->buffer != NULL) BUF_MEM_free(a->buffer);
+ Free(a);
+ }
+
+static int add_cert_dir(ctx,dir, type)
+BY_DIR *ctx;
+char *dir;
+int type;
+ {
+ int j,len;
+ int *ip;
+ char *s,*ss,*p;
+ char **pp;
+
+ if (dir == NULL) return(0);
+
+ s=dir;
+ p=s;
+ for (;;)
+ {
+ if ((*p == LIST_SEPARATOR_CHAR) || (*p == '\0'))
+ {
+ ss=s;
+ s=p+1;
+ len=(int)(p-ss);
+ if (len == 0) continue;
+ for (j=0; j<ctx->num_dirs; j++)
+ if (strncmp(ctx->dirs[j],ss,(unsigned int)len) == 0)
+ continue;
+ if (ctx->num_dirs_alloced < (ctx->num_dirs+1))
+ {
+ ctx->num_dirs_alloced+=10;
+ pp=(char **)Malloc(ctx->num_dirs_alloced*
+ sizeof(char *));
+ ip=(int *)Malloc(ctx->num_dirs_alloced*
+ sizeof(int));
+ if ((pp == NULL) || (ip == NULL))
+ {
+ X509err(X509_F_ADD_CERT_DIR,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ memcpy(pp,ctx->dirs,(ctx->num_dirs_alloced-10)*
+ sizeof(char *));
+ memcpy(ip,ctx->dirs_type,(ctx->num_dirs_alloced-10)*
+ sizeof(int));
+ if (ctx->dirs != NULL)
+ Free((char *)ctx->dirs);
+ if (ctx->dirs_type != NULL)
+ Free((char *)ctx->dirs_type);
+ ctx->dirs=pp;
+ ctx->dirs_type=ip;
+ }
+ ctx->dirs_type[ctx->num_dirs]=type;
+ ctx->dirs[ctx->num_dirs]=(char *)Malloc((unsigned int)len+1);
+ if (ctx->dirs[ctx->num_dirs] == NULL) return(0);
+ strncpy(ctx->dirs[ctx->num_dirs],ss,(unsigned int)len);
+ ctx->dirs[ctx->num_dirs][len]='\0';
+ ctx->num_dirs++;
+ }
+ if (*p == '\0') break;
+ p++;
+ }
+ return(1);
+ }
+
+static int get_cert_by_subject(xl,type,name,ret)
+X509_LOOKUP *xl;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+ {
+ BY_DIR *ctx;
+ X509 st_x509;
+ X509_CINF st_x509_cinf;
+ int ok=0;
+ int i,j,k;
+ unsigned long h;
+ BUF_MEM *b=NULL;
+ struct stat st;
+ X509_OBJECT stmp,*tmp;
+
+ if (name == NULL) return(0);
+
+ st_x509.cert_info= &st_x509_cinf;
+ st_x509_cinf.subject=name;
+ stmp.data.x509= &st_x509;
+ stmp.type=type;
+
+ if ((b=BUF_MEM_new()) == NULL)
+ {
+ X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_BUF_LIB);
+ goto finish;
+ }
+
+ ctx=(BY_DIR *)xl->method_data;
+
+ h=X509_NAME_hash(name);
+ for (i=0; i<ctx->num_dirs; i++)
+ {
+ j=strlen(ctx->dirs[i])+1+8+6+1;
+ if (!BUF_MEM_grow(b,j))
+ {
+ X509err(X509_F_GET_CERT_BY_SUBJECT,ERR_R_MALLOC_FAILURE);
+ goto finish;
+ }
+ k=0;
+ for (;;)
+ {
+ sprintf(b->data,"%s/%08lx.%d",ctx->dirs[i],h,k);
+ k++;
+ if (stat(b->data,&st) < 0)
+ break;
+ /* found one. */
+ if ((X509_load_cert_file(xl,b->data,
+ ctx->dirs_type[i])) == 0)
+ break;
+ }
+
+ /* we have added it to the cache so now pull
+ * it out again */
+ CRYPTO_r_lock(CRYPTO_LOCK_X509_STORE);
+ tmp=(X509_OBJECT *)lh_retrieve(xl->store_ctx->certs,
+ (char *)&stmp);
+ CRYPTO_r_unlock(CRYPTO_LOCK_X509_STORE);
+
+ if (tmp != NULL)
+ {
+ ok=1;
+ ret->type=tmp->type;
+ ret->data.x509=tmp->data.x509;
+ /* CRYPTO_add(&tmp->data.x509->references,1,
+ CRYPTO_LOCK_X509);*/
+ goto finish;
+ }
+ }
+finish:
+ if (b != NULL) BUF_MEM_free(b);
+ return(ok);
+ }
+
diff --git a/crypto/x509/by_file.c b/crypto/x509/by_file.c
new file mode 100644
index 0000000..2dac28f
--- /dev/null
+++ b/crypto/x509/by_file.c
@@ -0,0 +1,205 @@
+/* crypto/x509/by_file.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "x509.h"
+#include "pem.h"
+
+#ifndef NOPROTO
+static int by_file_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,
+ long argl,char **ret);
+#else
+static int by_file_ctrl();
+#endif
+
+X509_LOOKUP_METHOD x509_file_lookup=
+ {
+ "Load file into cache",
+ NULL, /* new */
+ NULL, /* free */
+ NULL, /* init */
+ NULL, /* shutdown */
+ by_file_ctrl, /* ctrl */
+ NULL, /* get_by_subject */
+ NULL, /* get_by_issuer_serial */
+ NULL, /* get_by_fingerprint */
+ NULL, /* get_by_alias */
+ };
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file()
+ {
+ return(&x509_file_lookup);
+ }
+
+static int by_file_ctrl(ctx,cmd,argp,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argp;
+long argl;
+char **ret;
+ {
+ int ok=0;
+ char *file;
+
+ switch (cmd)
+ {
+ case X509_L_FILE_LOAD:
+ if (argl == X509_FILETYPE_DEFAULT)
+ {
+ ok=X509_load_cert_file(ctx,X509_get_default_cert_file(),
+ X509_FILETYPE_PEM);
+ if (!ok)
+ {
+ X509err(X509_F_BY_FILE_CTRL,X509_R_LOADING_DEFAULTS);
+ }
+ else
+ {
+ file=(char *)Getenv(X509_get_default_cert_file_env());
+ ok=X509_load_cert_file(ctx,file,
+ X509_FILETYPE_PEM);
+ }
+ }
+ else
+ ok=X509_load_cert_file(ctx,argp,(int)argl);
+ break;
+ }
+ return(ok);
+ }
+
+int X509_load_cert_file(ctx,file,type)
+X509_LOOKUP *ctx;
+char *file;
+int type;
+ {
+ int ret=0;
+ BIO *in=NULL;
+ int i,count=0;
+ X509 *x=NULL;
+
+ if (file == NULL) return(1);
+#ifndef WIN16
+ in=BIO_new(BIO_s_file());
+#else
+ in=BIO_new(BIO_s_file_internal_w16());
+#endif
+
+ if ((in == NULL) || (BIO_read_filename(in,file) <= 0))
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_SYS_LIB);
+ goto err;
+ }
+
+ if (type == X509_FILETYPE_PEM)
+ {
+ for (;;)
+ {
+ x=PEM_read_bio_X509(in,NULL,NULL);
+ if (x == NULL)
+ {
+ if ((ERR_GET_REASON(ERR_peek_error()) ==
+ PEM_R_NO_START_LINE) && (count > 0))
+ {
+ ERR_clear_error();
+ break;
+ }
+ else
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,
+ ERR_R_PEM_LIB);
+ goto err;
+ }
+ }
+ i=X509_STORE_add_cert(ctx->store_ctx,x);
+ if (!i) goto err;
+ count++;
+ X509_free(x);
+ x=NULL;
+ }
+ ret=count;
+ }
+ else if (type == X509_FILETYPE_ASN1)
+ {
+ x=d2i_X509_bio(in,NULL);
+ if (x == NULL)
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ i=X509_STORE_add_cert(ctx->store_ctx,x);
+ if (!i) goto err;
+ ret=i;
+ }
+ else
+ {
+ X509err(X509_F_X509_LOAD_CERT_FILE,X509_R_BAD_X509_FILETYPE);
+ goto err;
+ }
+err:
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
diff --git a/crypto/x509/f b/crypto/x509/f
new file mode 100644
index 0000000..6ec986d
--- /dev/null
+++ b/crypto/x509/f
@@ -0,0 +1,465 @@
+*** x509name.c Wed Jul 2 09:35:35 1997
+--- /home/eay/play/x Sat Jul 5 01:39:56 1997
+***************
+*** 1,202 ****
+! /* crypto/x509/x509name.c */
+! /* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+! * All rights reserved.
+! *
+! * This package is an SSL implementation written
+! * by Eric Young (eay@cryptsoft.com).
+! * The implementation was written so as to conform with Netscapes SSL.
+! *
+! * This library is free for commercial and non-commercial use as long as
+! * the following conditions are aheared to. The following conditions
+! * apply to all code found in this distribution, be it the RC4, RSA,
+! * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+! * included with this distribution is covered by the same copyright terms
+! * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+! *
+! * Copyright remains Eric Young's, and as such any Copyright notices in
+! * the code are not to be removed.
+! * If this package is used in a product, Eric Young should be given attribution
+! * as the author of the parts of the library used.
+! * This can be in the form of a textual message at program startup or
+! * in documentation (online or textual) provided with the package.
+! *
+! * Redistribution and use in source and binary forms, with or without
+! * modification, are permitted provided that the following conditions
+! * are met:
+! * 1. Redistributions of source code must retain the copyright
+! * notice, this list of conditions and the following disclaimer.
+! * 2. Redistributions in binary form must reproduce the above copyright
+! * notice, this list of conditions and the following disclaimer in the
+! * documentation and/or other materials provided with the distribution.
+! * 3. All advertising materials mentioning features or use of this software
+! * must display the following acknowledgement:
+! * "This product includes cryptographic software written by
+! * Eric Young (eay@cryptsoft.com)"
+! * The word 'cryptographic' can be left out if the rouines from the library
+! * being used are not cryptographic related :-).
+! * 4. If you include any Windows specific code (or a derivative thereof) from
+! * the apps directory (application code) you must include an acknowledgement:
+! * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+! *
+! * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+! * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+! * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+! * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+! * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+! * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+! * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+! * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+! * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+! * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+! * SUCH DAMAGE.
+! *
+! * The licence and distribution terms for any publically available version or
+! * derivative of this code cannot be changed. i.e. this code cannot simply be
+! * copied and put under another distribution licence
+! * [including the GNU Public Licence.]
+! */
+!
+! #include <stdio.h>
+! #include "stack.h"
+! #include "cryptlib.h"
+! #include "asn1.h"
+! #include "objects.h"
+! #include "evp.h"
+! #include "x509.h"
+!
+! int X509_NAME_get_text_by_NID(name,nid,buf,len)
+! X509_NAME *name;
+! int nid;
+! char *buf;
+! int len;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+! if (obj == NULL) return(-1);
+! return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
+ }
+
+- int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
+- X509_NAME *name;
+- ASN1_OBJECT *obj;
+- char *buf;
+- int len;
+- {
+- int i;
+- ASN1_STRING *data;
+
+! i=X509_NAME_get_index_by_OBJ(name,obj,0);
+! if (i < 0) return(-1);
+! data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+! i=(data->length > (len-1))?(len-1):data->length;
+! if (buf == NULL) return(data->length);
+! memcpy(buf,data->data,i);
+! buf[i]='\0';
+! return(i);
+! }
+
+! int X509_NAME_entry_count(name)
+! X509_NAME *name;
+ {
+! if (name == NULL) return(0);
+! return(sk_num(name->entries));
+ }
+
+! int X509_NAME_get_index_by_NID(name,nid,oldpos)
+! X509_NAME *name;
+! int nid;
+! int oldpos;
+! {
+! ASN1_OBJECT *obj;
+
+! obj=OBJ_nid2obj(nid);
+! if (obj == NULL) return(-2);
+! return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
+ }
+
+- int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
+- X509_NAME *name;
+- ASN1_OBJECT *obj;
+- int oldpos;
+- {
+- int n;
+- X509_NAME_ENTRY *ne;
+- STACK *sk;
+
+! if (name == NULL) return(-1);
+! if (oldpos < 0)
+! oldpos= -1;
+! sk=name->entries;
+! n=sk_num(sk);
+! for (oldpos++; oldpos < n; oldpos++)
+ {
+! ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
+! if (OBJ_cmp(ne->object,obj) == 0)
+! return(oldpos);
+ }
+! return(-1);
+ }
+
+- X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
+- X509_NAME *name;
+- int loc;
+- {
+- if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+- return(NULL);
+- else
+- return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
+- }
+
+! X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
+! X509_NAME *name;
+! int loc;
+ {
+! X509_NAME_ENTRY *ret;
+! int i,j,n,set_prev,set_next;
+! STACK *sk;
+!
+! if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+! return(NULL);
+! sk=name->entries;
+! ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
+! n=sk_num(sk);
+! name->modified=1;
+! if (loc == n) return(ret);
+!
+! /* else we need to fixup the set field */
+! if (loc != 0)
+! set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+! else
+! set_prev=ret->set-1;
+! set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+
+! /* set_prev is the previous set
+! * set is the current set
+! * set_next is the following
+! * prev 1 1 1 1 1 1 1 1
+! * set 1 1 2 2
+! * next 1 1 2 2 2 2 3 2
+! * so basically only if prev and next differ by 2, then
+! * re-number down by 1 */
+! if (set_prev+1 < set_next)
+! {
+! j=set_next-set_prev-1;
+! for (i=loc; i<n; i++)
+! ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
+! }
+! return(ret);
+ }
+
+ /* if set is -1, append to previous set, 0 'a new one', and 1,
+ * prepend to the guy we are about to stomp on. */
+! int X509_NAME_add_entry(name,ne,loc,set)
+! X509_NAME *name;
+! X509_NAME_ENTRY *ne;
+! int loc;
+! int set;
+ {
+! X509_NAME_ENTRY *new_name=NULL;
+ int n,i,inc;
+ STACK *sk;
+
+--- 1,77 ----
+! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+! int type,unsigned char *bytes, int len)
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+! if (obj == NULL)
+! {
+! X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+! return(NULL);
+! }
+! return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+ }
+
+
+! X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+! ASN1_OBJECT *obj, int type,unsigned char *bytes,
+! int len)
+! {
+! X509_NAME_ENTRY *ret;
+
+! if ((ne == NULL) || (*ne == NULL))
+ {
+! if ((ret=X509_NAME_ENTRY_new()) == NULL)
+! return(NULL);
+ }
++ else
++ ret= *ne;
+
+! if (!X509_NAME_ENTRY_set_object(ret,obj))
+! goto err;
+! if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+! goto err;
+
+! if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+! return(ret);
+! err:
+! if ((ne == NULL) || (ret != *ne))
+! X509_NAME_ENTRY_free(ret);
+! return(NULL);
+ }
+
+
+! int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne, ASN1_OBJECT *obj)
+! {
+! if ((ne == NULL) || (obj == NULL))
+ {
+! X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+! return(0);
+ }
+! ASN1_OBJECT_free(ne->object);
+! ne->object=OBJ_dup(obj);
+! return((ne->object == NULL)?0:1);
+ }
+
+
+! int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne,int type,unsigned char *bytes,int len)
+ {
+! int i;
+
+! if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+! if (len < 0) len=strlen((char *)bytes);
+! i=ASN1_STRING_set(ne->value,bytes,len);
+! if (!i) return(0);
+! ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+! return(1);
+ }
+
+ /* if set is -1, append to previous set, 0 'a new one', and 1,
+ * prepend to the guy we are about to stomp on. */
+! int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,int loc,int set)
+ {
+! /* ERIC: renamed new to nenew for C++ users --tjh */
+! X509_NAME_ENTRY *nenew;
+ int n,i,inc;
+ STACK *sk;
+
+***************
+*** 206,213 ****
+ if (loc > n) loc=n;
+ else if (loc < 0) loc=n;
+
+- name->modified=1;
+-
+ if (set == -1)
+ {
+ if (loc == 0)
+--- 81,86 ----
+***************
+*** 223,245 ****
+ }
+ else /* if (set >= 0) */
+ {
+- inc=(set == 0)?1:0;
+ if (loc >= n)
+ {
+ if (loc != 0)
+ set=((X509_NAME_ENTRY *)
+! sk_value(sk,n-1))->set+1;
+ else
+ set=0;
+ }
+ else
+ set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+ }
+
+! if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
+ goto err;
+! new_name->set=set;
+! if (!sk_insert(sk,(char *)new_name,loc))
+ {
+ X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+ goto err;
+--- 96,122 ----
+ }
+ else /* if (set >= 0) */
+ {
+ if (loc >= n)
+ {
+ if (loc != 0)
+ set=((X509_NAME_ENTRY *)
+! sk_value(sk,loc-1))->set+1;
+ else
+ set=0;
+ }
+ else
+ set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
++ inc=(set == 0)?1:0;
+ }
+
+! if ((nenew=X509_NAME_ENTRY_dup(ne)) == NULL)
+ goto err;
+! /* eric forgot to put this in when he cut the nice
+! * interface so that I don't have to do the icky things
+! * that req.c does --tjh :-)
+! */
+! nenew->set=set;
+! if (!sk_insert(sk,(char *)nenew,loc))
+ {
+ X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+ goto err;
+***************
+*** 252,357 ****
+ }
+ return(1);
+ err:
+! if (new_name != NULL)
+ X509_NAME_ENTRY_free(ne);
+ return(0);
+- }
+-
+- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
+- X509_NAME_ENTRY **ne;
+- int nid;
+- int type;
+- unsigned char *bytes;
+- int len;
+- {
+- ASN1_OBJECT *obj;
+-
+- obj=OBJ_nid2obj(nid);
+- if (obj == NULL)
+- {
+- X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+- return(NULL);
+- }
+- return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+- }
+-
+- X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
+- X509_NAME_ENTRY **ne;
+- ASN1_OBJECT *obj;
+- int type;
+- unsigned char *bytes;
+- int len;
+- {
+- X509_NAME_ENTRY *ret;
+-
+- if ((ne == NULL) || (*ne == NULL))
+- {
+- if ((ret=X509_NAME_ENTRY_new()) == NULL)
+- return(NULL);
+- }
+- else
+- ret= *ne;
+-
+- if (!X509_NAME_ENTRY_set_object(ret,obj))
+- goto err;
+- if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+- goto err;
+-
+- if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+- return(ret);
+- err:
+- if ((ne == NULL) || (ret != *ne))
+- X509_NAME_ENTRY_free(ret);
+- return(NULL);
+- }
+-
+- int X509_NAME_ENTRY_set_object(ne,obj)
+- X509_NAME_ENTRY *ne;
+- ASN1_OBJECT *obj;
+- {
+- if ((ne == NULL) || (obj == NULL))
+- {
+- X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+- return(0);
+- }
+- ASN1_OBJECT_free(ne->object);
+- ne->object=OBJ_dup(obj);
+- return((ne->object == NULL)?0:1);
+- }
+-
+- int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
+- X509_NAME_ENTRY *ne;
+- int type;
+- unsigned char *bytes;
+- int len;
+- {
+- int i;
+-
+- if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+- if (len < 0) len=strlen((char *)bytes);
+- i=ASN1_STRING_set(ne->value,bytes,len);
+- if (!i) return(0);
+- if (type != V_ASN1_UNDEF)
+- {
+- if (type == V_ASN1_APP_CHOOSE)
+- ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+- else
+- ne->value->type=type;
+- }
+- return(1);
+- }
+-
+- ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
+- X509_NAME_ENTRY *ne;
+- {
+- if (ne == NULL) return(NULL);
+- return(ne->object);
+- }
+-
+- ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
+- X509_NAME_ENTRY *ne;
+- {
+- if (ne == NULL) return(NULL);
+- return(ne->value);
+ }
+
+--- 129,136 ----
+ }
+ return(1);
+ err:
+! if (nenew != NULL)
+ X509_NAME_ENTRY_free(ne);
+ return(0);
+ }
+
diff --git a/crypto/x509/v3_net.c b/crypto/x509/v3_net.c
new file mode 100644
index 0000000..5e79a57
--- /dev/null
+++ b/crypto/x509/v3_net.c
@@ -0,0 +1,87 @@
+/* crypto/x509/v3_net.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+#define NETSCAPE_X509_EXT_NUM 8
+
+static X509_EXTENSION_METHOD netscape_x509_ext[NETSCAPE_X509_EXT_NUM]={
+{NID_netscape_ca_policy_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_ssl_server_name,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_base_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_cert_type,V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
+{NID_netscape_ca_revocation_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_renewal_url,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_netscape_comment,V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+ };
+
+int X509v3_add_netscape_extensions()
+ {
+ int i;
+
+ for (i=0; i<NETSCAPE_X509_EXT_NUM; i++)
+ if (!X509v3_add_extension(&(netscape_x509_ext[i])))
+ return(0);
+ return(1);
+ }
diff --git a/crypto/x509/v3_x509.c b/crypto/x509/v3_x509.c
new file mode 100644
index 0000000..57a7b17
--- /dev/null
+++ b/crypto/x509/v3_x509.c
@@ -0,0 +1,88 @@
+/* crypto/x509/v3_x509.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+#define STD_X509_EXT_NUM 9
+
+static X509_EXTENSION_METHOD std_x509_ext[STD_X509_EXT_NUM]={
+{NID_subject_key_identifier, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_key_usage, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_private_key_usage_period, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_subject_alt_name, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_issuer_alt_name, V_ASN1_BIT_STRING,X509_EXT_PACK_STRING},
+{NID_basic_constraints, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_crl_number, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_certificate_policies, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+{NID_authority_key_identifier, V_ASN1_IA5STRING,X509_EXT_PACK_STRING},
+ };
+
+int X509v3_add_standard_extensions()
+ {
+ int i;
+
+ for (i=0; i<STD_X509_EXT_NUM; i++)
+ if (!X509v3_add_extension(&(std_x509_ext[i])))
+ return(0);
+ return(1);
+ }
diff --git a/crypto/x509/x509.doc b/crypto/x509/x509.doc
new file mode 100644
index 0000000..73cfc9f
--- /dev/null
+++ b/crypto/x509/x509.doc
@@ -0,0 +1,27 @@
+X509_verify()
+X509_sign()
+
+X509_get_version()
+X509_get_serialNumber()
+X509_get_issuer()
+X509_get_subject()
+X509_get_notBefore()
+X509_get_notAfter()
+X509_get_pubkey()
+
+X509_set_version()
+X509_set_serialNumber()
+X509_set_issuer()
+X509_set_subject()
+X509_set_notBefore()
+X509_set_notAfter()
+X509_set_pubkey()
+
+X509_get_extensions()
+X509_set_extensions()
+
+X509_EXTENSIONS_clear()
+X509_EXTENSIONS_retrieve()
+X509_EXTENSIONS_add()
+X509_EXTENSIONS_delete()
+
diff --git a/crypto/x509/x509.err b/crypto/x509/x509.err
new file mode 100644
index 0000000..7f8b33e
--- /dev/null
+++ b/crypto/x509/x509.err
@@ -0,0 +1,43 @@
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+#define X509_F_ADD_CERT_DIR 100
+#define X509_F_BY_FILE_CTRL 101
+#define X509_F_DIR_CTRL 102
+#define X509_F_GET_CERT_BY_SUBJECT 103
+#define X509_F_X509V3_ADD_EXT 104
+#define X509_F_X509V3_ADD_EXTENSION 105
+#define X509_F_X509V3_PACK_STRING 106
+#define X509_F_X509V3_UNPACK_STRING 107
+#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
+#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
+#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
+#define X509_F_X509_LOAD_CERT_FILE 111
+#define X509_F_X509_NAME_ADD_ENTRY 112
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 113
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT 114
+#define X509_F_X509_NAME_ONELINE 115
+#define X509_F_X509_NAME_PRINT 116
+#define X509_F_X509_PRINT_FP 117
+#define X509_F_X509_PUBKEY_GET 118
+#define X509_F_X509_PUBKEY_SET 119
+#define X509_F_X509_REQ_PRINT 120
+#define X509_F_X509_REQ_PRINT_FP 121
+#define X509_F_X509_REQ_TO_X509 122
+#define X509_F_X509_STORE_ADD_CERT 123
+#define X509_F_X509_TO_X509_REQ 124
+#define X509_F_X509_VERIFY_CERT 125
+
+/* Reason codes. */
+#define X509_R_BAD_X509_FILETYPE 100
+#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+#define X509_R_ERR_ASN1_LIB 102
+#define X509_R_LOADING_CERT_DIR 103
+#define X509_R_LOADING_DEFAULTS 104
+#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+#define X509_R_SHOULD_RETRY 106
+#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+#define X509_R_UNKNOWN_NID 109
+#define X509_R_UNKNOWN_STRING_TYPE 110
+#define X509_R_UNSUPPORTED_ALGORITHM 111
diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h
new file mode 100644
index 0000000..a1f7556
--- /dev/null
+++ b/crypto/x509/x509.h
@@ -0,0 +1,1113 @@
+/* crypto/x509/x509.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_H
+#define HEADER_X509_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "stack.h"
+#include "asn1.h"
+
+#ifndef NO_RSA
+#include "rsa.h"
+#else
+#define RSA long
+#endif
+
+#ifndef NO_DSA
+#include "dsa.h"
+#else
+#define DSA long
+#endif
+
+#ifndef NO_DH
+#include "dh.h"
+#else
+#define DH long
+#endif
+
+#include "evp.h"
+
+#define X509_FILETYPE_PEM 1
+#define X509_FILETYPE_ASN1 2
+#define X509_FILETYPE_DEFAULT 3
+
+typedef struct X509_algor_st
+ {
+ ASN1_OBJECT *algorithm;
+ ASN1_TYPE *parameter;
+ } X509_ALGOR;
+
+typedef struct X509_val_st
+ {
+ ASN1_UTCTIME *notBefore;
+ ASN1_UTCTIME *notAfter;
+ } X509_VAL;
+
+typedef struct X509_pubkey_st
+ {
+ X509_ALGOR *algor;
+ ASN1_BIT_STRING *public_key;
+ struct evp_pkey_st /* EVP_PKEY*/ *pkey;
+ } X509_PUBKEY;
+
+typedef struct X509_sig_st
+ {
+ X509_ALGOR *algor;
+ ASN1_OCTET_STRING *digest;
+ } X509_SIG;
+
+typedef struct X509_name_entry_st
+ {
+ ASN1_OBJECT *object;
+ ASN1_STRING *value;
+ int set;
+ int size; /* temp variable */
+ } X509_NAME_ENTRY;
+
+/* we always keep X509_NAMEs in 2 forms. */
+typedef struct X509_name_st
+ {
+ STACK *entries; /* of X509_NAME_ENTRY */
+ int modified; /* true if 'bytes' needs to be built */
+#ifdef HEADER_BUFFER_H
+ BUF_MEM *bytes;
+#else
+ char *bytes;
+#endif
+ } X509_NAME;
+
+typedef struct X509_extension_st
+ {
+ ASN1_OBJECT *object;
+ short critical;
+ short netscape_hack;
+ ASN1_OCTET_STRING *value;
+ } X509_EXTENSION;
+
+#define X509_EXT_PACK_UNKNOWN 0
+#define X509_EXT_PACK_STRING 1 /* X509v3_pack_string() */
+
+typedef struct x509_extension_method_st
+ {
+ int nid;
+ int data_type;
+ int pack_type;
+ } X509_EXTENSION_METHOD;
+
+typedef struct X509_req_info_st
+ {
+ ASN1_INTEGER *version;
+ X509_NAME *subject;
+ X509_PUBKEY *pubkey;
+ /* d=2 hl=2 l= 0 cons: cont: 00 */
+ STACK /* X509_ATTRIBUTE */ *attributes; /* [ 0 ] */
+ int req_kludge;
+ } X509_REQ_INFO;
+
+typedef struct X509_req_st
+ {
+ X509_REQ_INFO *req_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ } X509_REQ;
+
+typedef struct x509_cinf_st
+ {
+ ASN1_INTEGER *version; /* [ 0 ] default of v1 */
+ ASN1_INTEGER *serialNumber;
+ X509_ALGOR *signature;
+ X509_NAME *issuer;
+ X509_VAL *validity;
+ X509_NAME *subject;
+ X509_PUBKEY *key;
+ ASN1_BIT_STRING *issuerUID; /* [ 1 ] optional in v2 */
+ ASN1_BIT_STRING *subjectUID; /* [ 2 ] optional in v2 */
+ STACK /* X509_EXTENSION */ *extensions; /* [ 3 ] optional in v3 */
+ } X509_CINF;
+
+typedef struct x509_st
+ {
+ X509_CINF *cert_info;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int valid;
+ int references;
+ char *name;
+ } X509;
+
+typedef struct X509_revoked_st
+ {
+ ASN1_INTEGER *serialNumber;
+ ASN1_UTCTIME *revocationDate;
+ STACK /* optional X509_EXTENSION */ *extensions;
+ int sequence; /* load sequence */
+ } X509_REVOKED;
+
+typedef struct X509_crl_info_st
+ {
+ ASN1_INTEGER *version;
+ X509_ALGOR *sig_alg;
+ X509_NAME *issuer;
+ ASN1_UTCTIME *lastUpdate;
+ ASN1_UTCTIME *nextUpdate;
+ STACK /* X509_REVOKED */ *revoked;
+ STACK /* [0] X509_EXTENSION */ *extensions;
+ } X509_CRL_INFO;
+
+typedef struct X509_crl_st
+ {
+ /* actual signature */
+ X509_CRL_INFO *crl;
+ X509_ALGOR *sig_alg;
+ ASN1_BIT_STRING *signature;
+ int references;
+ } X509_CRL;
+
+/* a sequence of these are used */
+typedef struct x509_attributes_st
+ {
+ ASN1_OBJECT *object;
+ int set; /* 1 for a set, 0 for a single item (which is wrong) */
+ union {
+ char *ptr;
+/* 1 */ STACK /* ASN1_TYPE */ *set;
+/* 0 */ ASN1_TYPE *single;
+ } value;
+ } X509_ATTRIBUTE;
+
+typedef struct private_key_st
+ {
+ int version;
+ /* The PKCS#8 data types */
+ X509_ALGOR *enc_algor;
+ ASN1_OCTET_STRING *enc_pkey; /* encrypted pub key */
+
+ /* When decrypted, the following will not be NULL */
+ EVP_PKEY *dec_pkey;
+
+ /* used to encrypt and decrypt */
+ int key_length;
+ char *key_data;
+ int key_free; /* true if we should auto free key_data */
+
+ /* expanded version of 'enc_algor' */
+ EVP_CIPHER_INFO cipher;
+
+ int references;
+ } X509_PKEY;
+
+#ifdef HEADER_ENVELOPE_H
+typedef struct X509_info_st
+ {
+ X509 *x509;
+ X509_CRL *crl;
+ X509_PKEY *x_pkey;
+
+ EVP_CIPHER_INFO enc_cipher;
+ int enc_len;
+ char *enc_data;
+
+ int references;
+ } X509_INFO;
+#endif
+
+/* The next 2 structures and their 8 routines were sent to me by
+ * Pat Richard <patr@x509.com> and are used to manipulate
+ * Netscapes spki strucutres - usefull if you are writing a CA web page
+ */
+typedef struct Netscape_spkac_st
+ {
+ X509_PUBKEY *pubkey;
+ ASN1_IA5STRING *challenge; /* challenge sent in atlas >= PR2 */
+ } NETSCAPE_SPKAC;
+
+typedef struct Netscape_spki_st
+ {
+ NETSCAPE_SPKAC *spkac; /* signed public key and challenge */
+ X509_ALGOR *sig_algor;
+ ASN1_BIT_STRING *signature;
+ } NETSCAPE_SPKI;
+
+#ifndef HEADER_BN_H
+#define BIGNUM char
+#endif
+
+typedef struct CBCParameter_st
+ {
+ unsigned char iv[8];
+ } CBC_PARAM;
+
+#include "x509_vfy.h"
+#include "pkcs7.h"
+
+#ifdef SSLEAY_MACROS
+#define X509_verify(a,r) ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,\
+ a->signature,(char *)a->cert_info,r)
+#define X509_REQ_verify(a,r) ASN1_verify((int (*)())i2d_X509_REQ_INFO, \
+ a->sig_alg,a->signature,(char *)a->req_info,r)
+#define X509_CRL_verify(a,r) ASN1_verify((int (*)())i2d_X509_CRL_INFO, \
+ a->sig_alg, a->signature,(char *)a->crl,r)
+#define NETSCAPE_SPKI_verify(a,r) ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC, \
+ a->sig_algor,a->signature, (char *)a->spkac,r)
+
+#define X509_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature, \
+ x->sig_alg, x->signature, (char *)x->cert_info,pkey,md)
+#define X509_REQ_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL, \
+ x->signature, (char *)x->req_info,pkey,md)
+#define X509_CRL_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,x->sig_alg, \
+ x->signature, (char *)x->crl,pkey,md)
+#define NETSCAPE_SPKI_sign(x,pkey,md) \
+ ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL, \
+ x->signature, (char *)x->spkac,pkey,md)
+
+#define X509_dup(x509) (X509 *)ASN1_dup((int (*)())i2d_X509, \
+ (char *(*)())d2i_X509,(char *)x509)
+#define X509_EXTENSION_dup(ex) (X509_EXTENSION *)ASN1_dup( \
+ (int (*)())i2d_X509_EXTENSION, \
+ (char *(*)())d2i_X509_EXTENSION,(char *)ex)
+#define d2i_X509_fp(fp,x509) (X509 *)ASN1_d2i_fp((char *(*)())X509_new, \
+ (char *(*)())d2i_X509, (fp),(unsigned char **)(x509))
+#define i2d_X509_fp(fp,x509) ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509)
+#define d2i_X509_bio(bp,x509) (X509 *)ASN1_d2i_bio((char *(*)())X509_new, \
+ (char *(*)())d2i_X509, (bp),(unsigned char **)(x509))
+#define i2d_X509_bio(bp,x509) ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509)
+
+#define X509_CRL_dup(crl) (X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL, \
+ (char *(*)())d2i_X509_CRL,(char *)crl)
+#define d2i_X509_CRL_fp(fp,crl) (X509_CRL *)ASN1_d2i_fp((char *(*)()) \
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),\
+ (unsigned char **)(crl))
+#define i2d_X509_CRL_fp(fp,crl) ASN1_i2d_fp(i2d_X509_CRL,fp,\
+ (unsigned char *)crl)
+#define d2i_X509_CRL_bio(bp,crl) (X509_CRL *)ASN1_d2i_bio((char *(*)()) \
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),\
+ (unsigned char **)(crl))
+#define i2d_X509_CRL_bio(bp,crl) ASN1_i2d_bio(i2d_X509_CRL,bp,\
+ (unsigned char *)crl)
+
+#define PKCS7_dup(p7) (PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7, \
+ (char *(*)())d2i_PKCS7,(char *)p7)
+#define d2i_PKCS7_fp(fp,p7) (PKCS7 *)ASN1_d2i_fp((char *(*)()) \
+ PKCS7_new,(char *(*)())d2i_PKCS7, (fp),\
+ (unsigned char **)(p7))
+#define i2d_PKCS7_fp(fp,p7) ASN1_i2d_fp(i2d_PKCS7,fp,\
+ (unsigned char *)p7)
+#define d2i_PKCS7_bio(bp,p7) (PKCS7 *)ASN1_d2i_bio((char *(*)()) \
+ PKCS7_new,(char *(*)())d2i_PKCS7, (bp),\
+ (unsigned char **)(p7))
+#define i2d_PKCS7_bio(bp,p7) ASN1_i2d_bio(i2d_PKCS7,bp,\
+ (unsigned char *)p7)
+
+#define X509_REQ_dup(req) (X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ, \
+ (char *(*)())d2i_X509_REQ,(char *)req)
+#define d2i_X509_REQ_fp(fp,req) (X509_REQ *)ASN1_d2i_fp((char *(*)())\
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),\
+ (unsigned char **)(req))
+#define i2d_X509_REQ_fp(fp,req) ASN1_i2d_fp(i2d_X509_REQ,fp,\
+ (unsigned char *)req)
+#define d2i_X509_REQ_bio(bp,req) (X509_REQ *)ASN1_d2i_bio((char *(*)())\
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),\
+ (unsigned char **)(req))
+#define i2d_X509_REQ_bio(bp,req) ASN1_i2d_bio(i2d_X509_REQ,bp,\
+ (unsigned char *)req)
+
+#define RSAPublicKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey, \
+ (char *(*)())d2i_RSAPublicKey,(char *)rsa)
+#define RSAPrivateKey_dup(rsa) (RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey, \
+ (char *(*)())d2i_RSAPrivateKey,(char *)rsa)
+
+#define d2i_RSAPrivateKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPrivateKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPrivateKey,fp, \
+ (unsigned char *)rsa)
+#define d2i_RSAPrivateKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPrivateKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPrivateKey,bp, \
+ (unsigned char *)rsa)
+
+#define d2i_RSAPublicKey_fp(fp,rsa) (RSA *)ASN1_d2i_fp((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (fp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPublicKey_fp(fp,rsa) ASN1_i2d_fp(i2d_RSAPublicKey,fp, \
+ (unsigned char *)rsa)
+#define d2i_RSAPublicKey_bio(bp,rsa) (RSA *)ASN1_d2i_bio((char *(*)())\
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (bp), \
+ (unsigned char **)(rsa))
+#define i2d_RSAPublicKey_bio(bp,rsa) ASN1_i2d_bio(i2d_RSAPublicKey,bp, \
+ (unsigned char *)rsa)
+
+#define d2i_DSAPrivateKey_fp(fp,dsa) (DSA *)ASN1_d2i_fp((char *(*)())\
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp), \
+ (unsigned char **)(dsa))
+#define i2d_DSAPrivateKey_fp(fp,dsa) ASN1_i2d_fp(i2d_DSAPrivateKey,fp, \
+ (unsigned char *)dsa)
+#define d2i_DSAPrivateKey_bio(bp,dsa) (DSA *)ASN1_d2i_bio((char *(*)())\
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp), \
+ (unsigned char **)(dsa))
+#define i2d_DSAPrivateKey_bio(bp,dsa) ASN1_i2d_bio(i2d_DSAPrivateKey,bp, \
+ (unsigned char *)dsa)
+
+#define X509_NAME_dup(xn) (X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME, \
+ (char *(*)())d2i_X509_NAME,(char *)xn)
+#define X509_NAME_ENTRY_dup(ne) (X509_NAME_ENTRY *)ASN1_dup( \
+ (int (*)())i2d_X509_NAME_ENTRY, \
+ (char *(*)())d2i_X509_NAME_ENTRY,\
+ (char *)ne)
+
+#define X509_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len)
+#define X509_NAME_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len)
+#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
+ ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
+ (char *)data,md,len)
+#endif
+
+#define X509_get_version(x) ASN1_INTEGER_get((x)->cert_info->version)
+/* #define X509_get_serialNumber(x) ((x)->cert_info->serialNumber) */
+#define X509_get_notBefore(x) ((x)->cert_info->validity->notBefore)
+#define X509_get_notAfter(x) ((x)->cert_info->validity->notAfter)
+#define X509_extract_key(x) X509_get_pubkey(x) /*****/
+#define X509_REQ_get_version(x) ASN1_INTEGER_get((x)->req_info->version)
+#define X509_REQ_get_subject_name(x) ((x)->req_info->subject)
+#define X509_REQ_extract_key(a) X509_REQ_get_pubkey(a)
+#define X509_name_cmp(a,b) X509_NAME_cmp((a),(b))
+#define X509_get_signature_type(x) EVP_PKEY_type(OBJ_obj2nid((x)->sig_alg->algorithm))
+
+/* This one is only used so that a binary form can output, as in
+ * i2d_X509_NAME(X509_get_X509_PUBKEY(x),&buf) */
+#define X509_get_X509_PUBKEY(x) ((x)->cert_info->key)
+
+#ifndef NOPROTO
+
+#ifndef SSLEAY_MACROS
+#ifdef HEADER_ENVELOPE_H
+int X509_verify(X509 *a, EVP_PKEY *r);
+char *X509_verify_cert_error_string(int n);
+
+int X509_REQ_verify(X509_REQ *a, EVP_PKEY *r);
+int X509_CRL_verify(X509_CRL *a, EVP_PKEY *r);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a, EVP_PKEY *r);
+
+int X509_sign(X509 *x, EVP_PKEY *pkey, EVP_MD *md);
+int X509_REQ_sign(X509_REQ *x, EVP_PKEY *pkey, EVP_MD *md);
+int X509_CRL_sign(X509_CRL *x, EVP_PKEY *pkey, EVP_MD *md);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *x, EVP_PKEY *pkey, EVP_MD *md);
+
+int X509_digest(X509 *data,EVP_MD *type,unsigned char *md,unsigned int *len);
+int X509_NAME_digest(X509_NAME *data,EVP_MD *type,
+ unsigned char *md,unsigned int *len);
+#endif
+
+#ifndef WIN16
+X509 *d2i_X509_fp(FILE *fp, X509 *x509);
+int i2d_X509_fp(FILE *fp,X509 *x509);
+X509_CRL *d2i_X509_CRL_fp(FILE *fp,X509_CRL *crl);
+int i2d_X509_CRL_fp(FILE *fp,X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_fp(FILE *fp,X509_REQ *req);
+int i2d_X509_REQ_fp(FILE *fp,X509_REQ *req);
+RSA *d2i_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
+int i2d_RSAPrivateKey_fp(FILE *fp,RSA *rsa);
+DSA *d2i_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+int i2d_DSAPrivateKey_fp(FILE *fp, DSA *dsa);
+RSA *d2i_RSAPublicKey_fp(FILE *fp,RSA *rsa);
+int i2d_RSAPublicKey_fp(FILE *fp,RSA *rsa);
+#endif
+
+#ifdef HEADER_BIO_H
+X509 *d2i_X509_bio(BIO *bp,X509 *x509);
+int i2d_X509_bio(BIO *bp,X509 *x509);
+X509_CRL *d2i_X509_CRL_bio(BIO *bp,X509_CRL *crl);
+int i2d_X509_CRL_bio(BIO *bp,X509_CRL *crl);
+X509_REQ *d2i_X509_REQ_bio(BIO *bp,X509_REQ *req);
+int i2d_X509_REQ_bio(BIO *bp,X509_REQ *req);
+RSA *d2i_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
+int i2d_RSAPrivateKey_bio(BIO *bp,RSA *rsa);
+DSA *d2i_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+int i2d_DSAPrivateKey_bio(BIO *bp, DSA *dsa);
+RSA *d2i_RSAPublicKey_bio(BIO *bp,RSA *rsa);
+int i2d_RSAPublicKey_bio(BIO *bp,RSA *rsa);
+#endif
+
+X509 *X509_dup(X509 *x509);
+X509_EXTENSION *X509_EXTENSION_dup(X509_EXTENSION *ex);
+X509_CRL *X509_CRL_dup(X509_CRL *crl);
+X509_REQ *X509_REQ_dup(X509_REQ *req);
+X509_NAME *X509_NAME_dup(X509_NAME *xn);
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(X509_NAME_ENTRY *ne);
+RSA *RSAPublicKey_dup(RSA *rsa);
+RSA *RSAPrivateKey_dup(RSA *rsa);
+
+#endif /* !SSLEAY_MACROS */
+
+int X509_cmp_current_time(ASN1_UTCTIME *s);
+ASN1_UTCTIME * X509_gmtime_adj(ASN1_UTCTIME *s, long adj);
+
+char * X509_get_default_cert_area(void );
+char * X509_get_default_cert_dir(void );
+char * X509_get_default_cert_file(void );
+char * X509_get_default_cert_dir_env(void );
+char * X509_get_default_cert_file_env(void );
+char * X509_get_default_private_dir(void );
+
+X509_REQ * X509_to_X509_REQ(X509 *x, EVP_PKEY *pkey);
+X509 * X509_REQ_to_X509(X509_REQ *r, int days,EVP_PKEY *pkey);
+void ERR_load_X509_strings(void );
+
+X509_ALGOR * X509_ALGOR_new(void );
+void X509_ALGOR_free(X509_ALGOR *a);
+int i2d_X509_ALGOR(X509_ALGOR *a,unsigned char **pp);
+X509_ALGOR * d2i_X509_ALGOR(X509_ALGOR **a,unsigned char **pp,
+ long length);
+
+X509_VAL * X509_VAL_new(void );
+void X509_VAL_free(X509_VAL *a);
+int i2d_X509_VAL(X509_VAL *a,unsigned char **pp);
+X509_VAL * d2i_X509_VAL(X509_VAL **a,unsigned char **pp,
+ long length);
+
+X509_PUBKEY * X509_PUBKEY_new(void );
+void X509_PUBKEY_free(X509_PUBKEY *a);
+int i2d_X509_PUBKEY(X509_PUBKEY *a,unsigned char **pp);
+X509_PUBKEY * d2i_X509_PUBKEY(X509_PUBKEY **a,unsigned char **pp,
+ long length);
+int X509_PUBKEY_set(X509_PUBKEY **x, EVP_PKEY *pkey);
+EVP_PKEY * X509_PUBKEY_get(X509_PUBKEY *key);
+int X509_get_pubkey_parameters(EVP_PKEY *pkey, STACK *chain);
+
+
+X509_SIG * X509_SIG_new(void );
+void X509_SIG_free(X509_SIG *a);
+int i2d_X509_SIG(X509_SIG *a,unsigned char **pp);
+X509_SIG * d2i_X509_SIG(X509_SIG **a,unsigned char **pp,long length);
+
+X509_REQ_INFO *X509_REQ_INFO_new(void);
+void X509_REQ_INFO_free(X509_REQ_INFO *a);
+int i2d_X509_REQ_INFO(X509_REQ_INFO *a,unsigned char **pp);
+X509_REQ_INFO *d2i_X509_REQ_INFO(X509_REQ_INFO **a,unsigned char **pp,
+ long length);
+
+X509_REQ * X509_REQ_new(void);
+void X509_REQ_free(X509_REQ *a);
+int i2d_X509_REQ(X509_REQ *a,unsigned char **pp);
+X509_REQ * d2i_X509_REQ(X509_REQ **a,unsigned char **pp,long length);
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new(void );
+void X509_ATTRIBUTE_free(X509_ATTRIBUTE *a);
+int i2d_X509_ATTRIBUTE(X509_ATTRIBUTE *a,unsigned char **pp);
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE(X509_ATTRIBUTE **a,unsigned char **pp,
+ long length);
+
+X509_EXTENSION *X509_EXTENSION_new(void );
+void X509_EXTENSION_free(X509_EXTENSION *a);
+int i2d_X509_EXTENSION(X509_EXTENSION *a,unsigned char **pp);
+X509_EXTENSION *d2i_X509_EXTENSION(X509_EXTENSION **a,unsigned char **pp,
+ long length);
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new(void);
+void X509_NAME_ENTRY_free(X509_NAME_ENTRY *a);
+int i2d_X509_NAME_ENTRY(X509_NAME_ENTRY *a,unsigned char **pp);
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY(X509_NAME_ENTRY **a,unsigned char **pp,
+ long length);
+
+X509_NAME * X509_NAME_new(void);
+void X509_NAME_free(X509_NAME *a);
+int i2d_X509_NAME(X509_NAME *a,unsigned char **pp);
+X509_NAME * d2i_X509_NAME(X509_NAME **a,unsigned char **pp,long length);
+int X509_NAME_set(X509_NAME **xn, X509_NAME *name);
+
+
+X509_CINF * X509_CINF_new(void);
+void X509_CINF_free(X509_CINF *a);
+int i2d_X509_CINF(X509_CINF *a,unsigned char **pp);
+X509_CINF * d2i_X509_CINF(X509_CINF **a,unsigned char **pp,long length);
+
+X509 * X509_new(void);
+void X509_free(X509 *a);
+int i2d_X509(X509 *a,unsigned char **pp);
+X509 * d2i_X509(X509 **a,unsigned char **pp,long length);
+
+X509_REVOKED * X509_REVOKED_new(void);
+void X509_REVOKED_free(X509_REVOKED *a);
+int i2d_X509_REVOKED(X509_REVOKED *a,unsigned char **pp);
+X509_REVOKED * d2i_X509_REVOKED(X509_REVOKED **a,unsigned char **pp,long length);
+
+X509_CRL_INFO *X509_CRL_INFO_new(void);
+void X509_CRL_INFO_free(X509_CRL_INFO *a);
+int i2d_X509_CRL_INFO(X509_CRL_INFO *a,unsigned char **pp);
+X509_CRL_INFO *d2i_X509_CRL_INFO(X509_CRL_INFO **a,unsigned char **pp,
+ long length);
+
+X509_CRL * X509_CRL_new(void);
+void X509_CRL_free(X509_CRL *a);
+int i2d_X509_CRL(X509_CRL *a,unsigned char **pp);
+X509_CRL * d2i_X509_CRL(X509_CRL **a,unsigned char **pp,long length);
+
+X509_PKEY * X509_PKEY_new(void );
+void X509_PKEY_free(X509_PKEY *a);
+int i2d_X509_PKEY(X509_PKEY *a,unsigned char **pp);
+X509_PKEY * d2i_X509_PKEY(X509_PKEY **a,unsigned char **pp,long length);
+
+NETSCAPE_SPKI * NETSCAPE_SPKI_new(void );
+void NETSCAPE_SPKI_free(NETSCAPE_SPKI *a);
+int i2d_NETSCAPE_SPKI(NETSCAPE_SPKI *a,unsigned char **pp);
+NETSCAPE_SPKI * d2i_NETSCAPE_SPKI(NETSCAPE_SPKI **a,unsigned char **pp,
+ long length);
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new(void );
+void NETSCAPE_SPKAC_free(NETSCAPE_SPKAC *a);
+int i2d_NETSCAPE_SPKAC(NETSCAPE_SPKAC *a,unsigned char **pp);
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC(NETSCAPE_SPKAC **a,unsigned char **pp,
+ long length);
+
+#ifdef HEADER_ENVELOPE_H
+X509_INFO * X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+char * X509_NAME_oneline(X509_NAME *a,char *buf,int size);
+
+int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature,char *data,EVP_PKEY *pkey);
+
+int ASN1_digest(int (*i2d)(),EVP_MD *type,char *data,
+ unsigned char *md,unsigned int *len);
+
+int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature,
+ char *data,EVP_PKEY *pkey, EVP_MD *type);
+#endif
+
+int X509_set_version(X509 *x,long version);
+int X509_set_serialNumber(X509 *x, ASN1_INTEGER *serial);
+ASN1_INTEGER * X509_get_serialNumber(X509 *x);
+int X509_set_issuer_name(X509 *x, X509_NAME *name);
+X509_NAME * X509_get_issuer_name(X509 *a);
+int X509_set_subject_name(X509 *x, X509_NAME *name);
+X509_NAME * X509_get_subject_name(X509 *a);
+int X509_set_notBefore(X509 *x, ASN1_UTCTIME *tm);
+int X509_set_notAfter(X509 *x, ASN1_UTCTIME *tm);
+int X509_set_pubkey(X509 *x, EVP_PKEY *pkey);
+EVP_PKEY * X509_get_pubkey(X509 *x);
+int X509_certificate_type(X509 *x,EVP_PKEY *pubkey /* optional */);
+
+int X509_REQ_set_version(X509_REQ *x,long version);
+int X509_REQ_set_subject_name(X509_REQ *req,X509_NAME *name);
+int X509_REQ_set_pubkey(X509_REQ *x, EVP_PKEY *pkey);
+EVP_PKEY * X509_REQ_get_pubkey(X509_REQ *req);
+
+int X509_check_private_key(X509 *x509,EVP_PKEY *pkey);
+
+int X509_issuer_and_serial_cmp(X509 *a, X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+int X509_issuer_name_cmp(X509 *a, X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+int X509_subject_name_cmp(X509 *a,X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+int X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
+unsigned long X509_NAME_hash(X509_NAME *x);
+
+int X509_CRL_cmp(X509_CRL *a,X509_CRL *b);
+#ifndef WIN16
+int X509_print_fp(FILE *bp,X509 *x);
+int X509_REQ_print_fp(FILE *bp,X509_REQ *req);
+#endif
+
+#ifdef HEADER_BIO_H
+int X509_NAME_print(BIO *bp, X509_NAME *name, int obase);
+int X509_print(BIO *bp,X509 *x);
+int X509_REQ_print(BIO *bp,X509_REQ *req);
+#endif
+
+int X509_NAME_entry_count(X509_NAME *name);
+int X509_NAME_get_text_by_NID(X509_NAME *name, int nid,
+ char *buf,int len);
+int X509_NAME_get_text_by_OBJ(X509_NAME *name, ASN1_OBJECT *obj,
+ char *buf,int len);
+
+int X509_NAME_get_index_by_NID(X509_NAME *name,int nid,int oldpos);
+int X509_NAME_get_index_by_OBJ(X509_NAME *name,ASN1_OBJECT *obj,
+ int oldpos);
+X509_NAME_ENTRY *X509_NAME_get_entry(X509_NAME *name, int loc);
+X509_NAME_ENTRY *X509_NAME_delete_entry(X509_NAME *name, int loc);
+int X509_NAME_add_entry(X509_NAME *name,X509_NAME_ENTRY *ne,
+ int loc, int set);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(X509_NAME_ENTRY **ne, int nid,
+ int type,unsigned char *bytes, int len);
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(X509_NAME_ENTRY **ne,
+ ASN1_OBJECT *obj, int type,unsigned char *bytes,
+ int len);
+int X509_NAME_ENTRY_set_object(X509_NAME_ENTRY *ne,
+ ASN1_OBJECT *obj);
+int X509_NAME_ENTRY_set_data(X509_NAME_ENTRY *ne, int type,
+ unsigned char *bytes, int len);
+ASN1_OBJECT * X509_NAME_ENTRY_get_object(X509_NAME_ENTRY *ne);
+ASN1_STRING * X509_NAME_ENTRY_get_data(X509_NAME_ENTRY *ne);
+
+int X509v3_get_ext_count(STACK *x);
+int X509v3_get_ext_by_NID(STACK *x, int nid, int oldpos);
+int X509v3_get_ext_by_OBJ(STACK *x,ASN1_OBJECT *obj,int oldpos);
+int X509v3_get_ext_by_critical(STACK *x, int crit, int oldpos);
+X509_EXTENSION *X509v3_get_ext(STACK *x, int loc);
+X509_EXTENSION *X509v3_delete_ext(STACK *x, int loc);
+STACK * X509v3_add_ext(STACK **x, X509_EXTENSION *ex, int loc);
+int X509v3_data_type_by_OBJ(ASN1_OBJECT *obj);
+int X509v3_data_type_by_NID(int nid);
+int X509v3_pack_type_by_OBJ(ASN1_OBJECT *obj);
+int X509v3_pack_type_by_NID(int nid);
+
+int X509_get_ext_count(X509 *x);
+int X509_get_ext_by_NID(X509 *x, int nid, int oldpos);
+int X509_get_ext_by_OBJ(X509 *x,ASN1_OBJECT *obj,int oldpos);
+int X509_get_ext_by_critical(X509 *x, int crit, int oldpos);
+X509_EXTENSION *X509_get_ext(X509 *x, int loc);
+X509_EXTENSION *X509_delete_ext(X509 *x, int loc);
+int X509_add_ext(X509 *x, X509_EXTENSION *ex, int loc);
+
+int X509_CRL_get_ext_count(X509_CRL *x);
+int X509_CRL_get_ext_by_NID(X509_CRL *x, int nid, int oldpos);
+int X509_CRL_get_ext_by_OBJ(X509_CRL *x,ASN1_OBJECT *obj,int oldpos);
+int X509_CRL_get_ext_by_critical(X509_CRL *x, int crit, int oldpos);
+X509_EXTENSION *X509_CRL_get_ext(X509_CRL *x, int loc);
+X509_EXTENSION *X509_CRL_delete_ext(X509_CRL *x, int loc);
+int X509_CRL_add_ext(X509_CRL *x, X509_EXTENSION *ex, int loc);
+
+int X509_REVOKED_get_ext_count(X509_REVOKED *x);
+int X509_REVOKED_get_ext_by_NID(X509_REVOKED *x, int nid, int oldpos);
+int X509_REVOKED_get_ext_by_OBJ(X509_REVOKED *x,ASN1_OBJECT *obj,int oldpos);
+int X509_REVOKED_get_ext_by_critical(X509_REVOKED *x, int crit, int oldpos);
+X509_EXTENSION *X509_REVOKED_get_ext(X509_REVOKED *x, int loc);
+X509_EXTENSION *X509_REVOKED_delete_ext(X509_REVOKED *x, int loc);
+int X509_REVOKED_add_ext(X509_REVOKED *x, X509_EXTENSION *ex, int loc);
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(X509_EXTENSION **ex,
+ int nid, int crit, ASN1_OCTET_STRING *data);
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(X509_EXTENSION **ex,
+ ASN1_OBJECT *obj,int crit,ASN1_OCTET_STRING *data);
+int X509_EXTENSION_set_object(X509_EXTENSION *ex,ASN1_OBJECT *obj);
+int X509_EXTENSION_set_critical(X509_EXTENSION *ex, int crit);
+int X509_EXTENSION_set_data(X509_EXTENSION *ex,
+ ASN1_OCTET_STRING *data);
+ASN1_OBJECT * X509_EXTENSION_get_object(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(X509_EXTENSION *ne);
+int X509_EXTENSION_get_critical(X509_EXTENSION *ex);
+ASN1_OCTET_STRING *X509v3_pack_string(ASN1_OCTET_STRING **ex,int type,
+ unsigned char *bytes, int len);
+ASN1_STRING * X509v3_unpack_string(ASN1_STRING **ex,int type,
+ ASN1_OCTET_STRING *os);
+
+int X509_verify_cert(X509_STORE_CTX *ctx);
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial(STACK *sk,X509_NAME *name,
+ ASN1_INTEGER *serial);
+X509 *X509_find_by_subject(STACK *sk,X509_NAME *name);
+
+#else
+
+#ifndef SSLEAY_MACROS
+#ifdef HEADER_ENVELOPE_H
+int X509_verify();
+int X509_REQ_verify();
+int X509_CRL_verify();
+int NETSCAPE_SPKI_verify();
+
+int X509_sign();
+int X509_REQ_sign();
+int X509_CRL_sign();
+int NETSCAPE_SPKI_sign();
+
+int X509_digest();
+int X509_NAME_digest();
+#endif
+
+#ifndef WIN16
+X509 *d2i_X509_fp();
+int i2d_X509_fp();
+X509_CRL *d2i_X509_CRL_fp();
+int i2d_X509_CRL_fp();
+X509_REQ *d2i_X509_REQ_fp();
+int i2d_X509_REQ_fp();
+RSA *d2i_RSAPrivateKey_fp();
+int i2d_RSAPrivateKey_fp();
+DSA *d2i_DSAPrivateKey_fp();
+int i2d_DSAPrivateKey_fp();
+RSA *d2i_RSAPublicKey_fp();
+int i2d_RSAPublicKey_fp();
+#endif
+
+X509 *d2i_X509_bio();
+int i2d_X509_bio();
+X509_CRL *d2i_X509_CRL_bio();
+int i2d_X509_CRL_bio();
+X509_REQ *d2i_X509_REQ_bio();
+int i2d_X509_REQ_bio();
+RSA *d2i_RSAPrivateKey_bio();
+int i2d_RSAPrivateKey_bio();
+DSA *d2i_DSAPrivateKey_bio();
+int i2d_DSAPrivateKey_bio();
+RSA *d2i_RSAPublicKey_bio();
+int i2d_RSAPublicKey_bio();
+
+X509 *X509_dup();
+X509_EXTENSION *X509_EXTENSION_dup();
+X509_CRL *X509_CRL_dup();
+X509_REQ *X509_REQ_dup();
+X509_NAME *X509_NAME_dup();
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup();
+RSA *RSAPublicKey_dup();
+RSA *RSAPrivateKey_dup();
+
+#endif /* !SSLEAY_MACROS */
+
+int X509_cmp_current_time();
+ASN1_UTCTIME * X509_gmtime_adj();
+
+char * X509_get_default_cert_area();
+char * X509_get_default_cert_dir();
+char * X509_get_default_cert_file();
+char * X509_get_default_cert_dir_env();
+char * X509_get_default_cert_file_env();
+char * X509_get_default_private_dir();
+
+X509_REQ * X509_to_X509_REQ();
+X509 * X509_REQ_to_X509();
+void ERR_load_X509_strings();
+
+X509_ALGOR * X509_ALGOR_new();
+void X509_ALGOR_free();
+int i2d_X509_ALGOR();
+X509_ALGOR * d2i_X509_ALGOR();
+
+X509_VAL * X509_VAL_new();
+void X509_VAL_free();
+int i2d_X509_VAL();
+X509_VAL * d2i_X509_VAL();
+
+X509_PUBKEY * X509_PUBKEY_new();
+void X509_PUBKEY_free();
+int i2d_X509_PUBKEY();
+X509_PUBKEY * d2i_X509_PUBKEY();
+int X509_PUBKEY_set();
+EVP_PKEY * X509_PUBKEY_get();
+int X509_get_pubkey_parameters();
+
+X509_SIG * X509_SIG_new();
+void X509_SIG_free();
+int i2d_X509_SIG();
+X509_SIG * d2i_X509_SIG();
+
+X509_REQ_INFO *X509_REQ_INFO_new();
+void X509_REQ_INFO_free();
+int i2d_X509_REQ_INFO();
+X509_REQ_INFO *d2i_X509_REQ_INFO();
+
+X509_REQ * X509_REQ_new();
+void X509_REQ_free();
+int i2d_X509_REQ();
+X509_REQ * d2i_X509_REQ();
+
+X509_ATTRIBUTE *X509_ATTRIBUTE_new();
+void X509_ATTRIBUTE_free();
+int i2d_X509_ATTRIBUTE();
+X509_ATTRIBUTE *d2i_X509_ATTRIBUTE();
+
+X509_EXTENSION *X509_EXTENSION_new();
+void X509_EXTENSION_free();
+int i2d_X509_EXTENSION();
+X509_EXTENSION *d2i_X509_EXTENSION();
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_new();
+void X509_NAME_ENTRY_free();
+int i2d_X509_NAME_ENTRY();
+X509_NAME_ENTRY *d2i_X509_NAME_ENTRY();
+
+X509_NAME * X509_NAME_new();
+void X509_NAME_free();
+int i2d_X509_NAME();
+X509_NAME * d2i_X509_NAME();
+int X509_NAME_set();
+
+
+X509_CINF * X509_CINF_new();
+void X509_CINF_free();
+int i2d_X509_CINF();
+X509_CINF * d2i_X509_CINF();
+
+X509 * X509_new();
+void X509_free();
+int i2d_X509();
+X509 * d2i_X509();
+
+X509_REVOKED * X509_REVOKED_new();
+void X509_REVOKED_free();
+int i2d_X509_REVOKED();
+X509_REVOKED * d2i_X509_REVOKED();
+
+X509_CRL_INFO *X509_CRL_INFO_new();
+void X509_CRL_INFO_free();
+int i2d_X509_CRL_INFO();
+X509_CRL_INFO *d2i_X509_CRL_INFO();
+
+X509_CRL * X509_CRL_new();
+void X509_CRL_free();
+int i2d_X509_CRL();
+X509_CRL * d2i_X509_CRL();
+
+X509_PKEY * X509_PKEY_new();
+void X509_PKEY_free();
+int i2d_X509_PKEY();
+X509_PKEY * d2i_X509_PKEY();
+
+NETSCAPE_SPKI * NETSCAPE_SPKI_new();
+void NETSCAPE_SPKI_free();
+int i2d_NETSCAPE_SPKI();
+NETSCAPE_SPKI * d2i_NETSCAPE_SPKI();
+
+NETSCAPE_SPKAC *NETSCAPE_SPKAC_new();
+void NETSCAPE_SPKAC_free();
+int i2d_NETSCAPE_SPKAC();
+NETSCAPE_SPKAC *d2i_NETSCAPE_SPKAC();
+
+#ifdef HEADER_ENVELOPE_H
+X509_INFO * X509_INFO_new();
+void X509_INFO_free();
+#endif
+
+char * X509_NAME_oneline();
+
+int ASN1_verify();
+int ASN1_digest();
+int ASN1_sign();
+
+int X509_set_version();
+int X509_set_serialNumber();
+ASN1_INTEGER * X509_get_serialNumber();
+int X509_set_issuer_name();
+X509_NAME * X509_get_issuer_name();
+int X509_set_subject_name();
+X509_NAME * X509_get_subject_name();
+int X509_set_notBefore();
+int X509_set_notAfter();
+int X509_set_pubkey();
+EVP_PKEY * X509_get_pubkey();
+int X509_certificate_type();
+
+int X509_REQ_set_version();
+int X509_REQ_set_subject_name();
+int X509_REQ_set_pubkey();
+EVP_PKEY * X509_REQ_get_pubkey();
+
+int X509_check_private_key();
+
+int X509_issuer_and_serial_cmp();
+unsigned long X509_issuer_and_serial_hash();
+
+int X509_issuer_name_cmp();
+unsigned long X509_issuer_name_hash();
+
+int X509_subject_name_cmp();
+unsigned long X509_subject_name_hash();
+
+int X509_NAME_cmp ();
+unsigned long X509_NAME_hash();
+
+int X509_CRL_cmp();
+#ifndef WIN16
+int X509_print_fp();
+int X509_REQ_print_fp();
+#endif
+
+int X509_NAME_print();
+int X509_print();
+int X509_REQ_print();
+
+int X509_NAME_entry_count();
+int X509_NAME_get_text_by_NID();
+int X509_NAME_get_text_by_OBJ();
+
+int X509_NAME_get_index_by_NID();
+int X509_NAME_get_index_by_OBJ();
+X509_NAME_ENTRY *X509_NAME_get_entry();
+X509_NAME_ENTRY *X509_NAME_delete_entry();
+int X509_NAME_add_entry();
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID();
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ();
+int X509_NAME_ENTRY_set_object();
+int X509_NAME_ENTRY_set_data();
+ASN1_OBJECT * X509_NAME_ENTRY_get_object();
+ASN1_STRING * X509_NAME_ENTRY_get_data();
+
+int X509v3_get_ext_count();
+int X509v3_get_ext_by_NID();
+int X509v3_get_ext_by_OBJ();
+int X509v3_get_ext_by_critical();
+X509_EXTENSION *X509v3_get_ext();
+X509_EXTENSION *X509v3_delete_ext();
+STACK * X509v3_add_ext();
+int X509v3_data_type_by_OBJ();
+int X509v3_data_type_by_NID();
+int X509v3_pack_type_by_OBJ();
+int X509v3_pack_type_by_NID();
+
+
+int X509_get_ext_count();
+int X509_get_ext_by_NID();
+int X509_get_ext_by_OBJ();
+int X509_get_ext_by_critical();
+X509_EXTENSION *X509_get_ext();
+X509_EXTENSION *X509_delete_ext();
+int X509_add_ext();
+
+int X509_CRL_get_ext_count();
+int X509_CRL_get_ext_by_NID();
+int X509_CRL_get_ext_by_OBJ();
+int X509_CRL_get_ext_by_critical();
+X509_EXTENSION *X509_CRL_get_ext();
+X509_EXTENSION *X509_CRL_delete_ext();
+int X509_CRL_add_ext();
+
+int X509_REVOKED_get_ext_count();
+int X509_REVOKED_get_ext_by_NID();
+int X509_REVOKED_get_ext_by_OBJ();
+int X509_REVOKED_get_ext_by_critical();
+X509_EXTENSION *X509_REVOKED_get_ext();
+X509_EXTENSION *X509_REVOKED_delete_ext();
+int X509_REVOKED_add_ext();
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID();
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ();
+int X509_EXTENSION_set_object();
+int X509_EXTENSION_set_critical();
+int X509_EXTENSION_set_data();
+ASN1_OBJECT * X509_EXTENSION_get_object();
+ASN1_OCTET_STRING *X509_EXTENSION_get_data();
+int X509_EXTENSION_get_critical();
+ASN1_OCTET_STRING *X509v3_pack_string();
+ASN1_STRING * X509v3_unpack_string();
+
+int X509_verify_cert();
+char * X509_verify_cert_error_string();
+
+/* lookup a cert from a X509 STACK */
+X509 *X509_find_by_issuer_and_serial();
+X509 *X509_find_by_subject();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the X509 functions. */
+
+/* Function codes. */
+#define X509_F_ADD_CERT_DIR 100
+#define X509_F_BY_FILE_CTRL 101
+#define X509_F_DIR_CTRL 102
+#define X509_F_GET_CERT_BY_SUBJECT 103
+#define X509_F_X509V3_ADD_EXT 104
+#define X509_F_X509V3_ADD_EXTENSION 105
+#define X509_F_X509V3_PACK_STRING 106
+#define X509_F_X509V3_UNPACK_STRING 107
+#define X509_F_X509_EXTENSION_CREATE_BY_NID 108
+#define X509_F_X509_EXTENSION_CREATE_BY_OBJ 109
+#define X509_F_X509_GET_PUBKEY_PARAMETERS 110
+#define X509_F_X509_LOAD_CERT_FILE 111
+#define X509_F_X509_NAME_ADD_ENTRY 112
+#define X509_F_X509_NAME_ENTRY_CREATE_BY_NID 113
+#define X509_F_X509_NAME_ENTRY_SET_OBJECT 114
+#define X509_F_X509_NAME_ONELINE 115
+#define X509_F_X509_NAME_PRINT 116
+#define X509_F_X509_PRINT_FP 117
+#define X509_F_X509_PUBKEY_GET 118
+#define X509_F_X509_PUBKEY_SET 119
+#define X509_F_X509_REQ_PRINT 120
+#define X509_F_X509_REQ_PRINT_FP 121
+#define X509_F_X509_REQ_TO_X509 122
+#define X509_F_X509_STORE_ADD_CERT 123
+#define X509_F_X509_TO_X509_REQ 124
+#define X509_F_X509_VERIFY_CERT 125
+
+/* Reason codes. */
+#define X509_R_BAD_X509_FILETYPE 100
+#define X509_R_CERT_ALREADY_IN_HASH_TABLE 101
+#define X509_R_ERR_ASN1_LIB 102
+#define X509_R_LOADING_CERT_DIR 103
+#define X509_R_LOADING_DEFAULTS 104
+#define X509_R_NO_CERT_SET_FOR_US_TO_VERIFY 105
+#define X509_R_SHOULD_RETRY 106
+#define X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN 107
+#define X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY 108
+#define X509_R_UNKNOWN_NID 109
+#define X509_R_UNKNOWN_STRING_TYPE 110
+#define X509_R_UNSUPPORTED_ALGORITHM 111
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c
new file mode 100644
index 0000000..14eebbf
--- /dev/null
+++ b/crypto/x509/x509_cmp.c
@@ -0,0 +1,247 @@
+/* crypto/x509/x509_cmp.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "x509.h"
+
+int X509_issuer_and_serial_cmp(a,b)
+X509 *a;
+X509 *b;
+ {
+ int i;
+ X509_CINF *ai,*bi;
+
+ ai=a->cert_info;
+ bi=b->cert_info;
+ i=ASN1_INTEGER_cmp(ai->serialNumber,bi->serialNumber);
+ if (i) return(i);
+ return(X509_NAME_cmp(ai->issuer,bi->issuer));
+ }
+
+#ifndef NO_MD5
+unsigned long X509_issuer_and_serial_hash(a)
+X509 *a;
+ {
+ unsigned long ret=0;
+ MD5_CTX ctx;
+ unsigned char md[16];
+ char str[256];
+
+ X509_NAME_oneline(a->cert_info->issuer,str,256);
+ ret=strlen(str);
+ MD5_Init(&ctx);
+ MD5_Update(&ctx,(unsigned char *)str,ret);
+ MD5_Update(&ctx,(unsigned char *)a->cert_info->serialNumber->data,
+ (unsigned long)a->cert_info->serialNumber->length);
+ MD5_Final(&(md[0]),&ctx);
+ ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
+ ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+ )&0xffffffffL;
+ return(ret);
+ }
+#endif
+
+int X509_issuer_name_cmp(a, b)
+X509 *a;
+X509 *b;
+ {
+ return(X509_NAME_cmp(a->cert_info->issuer,b->cert_info->issuer));
+ }
+
+int X509_subject_name_cmp(a, b)
+X509 *a;
+X509 *b;
+ {
+ return(X509_NAME_cmp(a->cert_info->subject,b->cert_info->subject));
+ }
+
+int X509_CRL_cmp(a, b)
+X509_CRL *a;
+X509_CRL *b;
+ {
+ return(X509_NAME_cmp(a->crl->issuer,b->crl->issuer));
+ }
+
+X509_NAME *X509_get_issuer_name(a)
+X509 *a;
+ {
+ return(a->cert_info->issuer);
+ }
+
+unsigned long X509_issuer_name_hash(x)
+X509 *x;
+ {
+ return(X509_NAME_hash(x->cert_info->issuer));
+ }
+
+X509_NAME *X509_get_subject_name(a)
+X509 *a;
+ {
+ return(a->cert_info->subject);
+ }
+
+ASN1_INTEGER *X509_get_serialNumber(a)
+X509 *a;
+ {
+ return(a->cert_info->serialNumber);
+ }
+
+unsigned long X509_subject_name_hash(x)
+X509 *x;
+ {
+ return(X509_NAME_hash(x->cert_info->subject));
+ }
+
+int X509_NAME_cmp(a, b)
+X509_NAME *a;
+X509_NAME *b;
+ {
+ int i,j;
+ X509_NAME_ENTRY *na,*nb;
+
+ if (sk_num(a->entries) != sk_num(b->entries))
+ return(sk_num(a->entries)-sk_num(b->entries));
+ for (i=sk_num(a->entries)-1; i>=0; i--)
+ {
+ na=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+ nb=(X509_NAME_ENTRY *)sk_value(b->entries,i);
+ j=na->value->length-nb->value->length;
+ if (j) return(j);
+ j=memcmp(na->value->data,nb->value->data,
+ na->value->length);
+ if (j) return(j);
+ j=na->set-nb->set;
+ if (j) return(j);
+ }
+
+ /* We will check the object types after checking the values
+ * since the values will more often be different than the object
+ * types. */
+ for (i=sk_num(a->entries)-1; i>=0; i--)
+ {
+ na=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+ nb=(X509_NAME_ENTRY *)sk_value(b->entries,i);
+ j=OBJ_cmp(na->object,nb->object);
+ if (j) return(j);
+ }
+ return(0);
+ }
+
+#ifndef NO_MD5
+/* I should do a DER encoding of the name and then hash it. */
+unsigned long X509_NAME_hash(x)
+X509_NAME *x;
+ {
+ unsigned long ret=0;
+ unsigned char md[16];
+ char str[256];
+
+ X509_NAME_oneline(x,str,256);
+ ret=strlen(str);
+ MD5((unsigned char *)str,ret,&(md[0]));
+ ret=( ((unsigned long)md[0] )|((unsigned long)md[1]<<8L)|
+ ((unsigned long)md[2]<<16L)|((unsigned long)md[3]<<24L)
+ )&0xffffffffL;
+ return(ret);
+ }
+#endif
+
+/* Search a stack of X509 for a match */
+X509 *X509_find_by_issuer_and_serial(sk,name,serial)
+STACK *sk;
+X509_NAME *name;
+ASN1_INTEGER *serial;
+ {
+ int i;
+ X509_CINF cinf;
+ X509 x,*x509=NULL;
+
+ x.cert_info= &cinf;
+ cinf.serialNumber=serial;
+ cinf.issuer=name;
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ x509=(X509 *)sk_value(sk,i);
+ if (X509_issuer_and_serial_cmp(x509,&x) == 0)
+ return(x509);
+ }
+ return(x509);
+ }
+
+X509 *X509_find_by_subject(sk,name)
+STACK *sk;
+X509_NAME *name;
+ {
+ X509 *x509;
+ int i;
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ x509=(X509 *)sk_value(sk,i);
+ if (X509_NAME_cmp(X509_get_subject_name(x509),name) == 0)
+ return(x509);
+ }
+ return(NULL);
+ }
+
diff --git a/crypto/x509/x509_d2.c b/crypto/x509/x509_d2.c
new file mode 100644
index 0000000..235d70f
--- /dev/null
+++ b/crypto/x509/x509_d2.c
@@ -0,0 +1,106 @@
+/* crypto/x509/x509_d2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "x509.h"
+
+int X509_STORE_set_default_paths(ctx)
+X509_STORE *ctx;
+ {
+ X509_LOOKUP *lookup;
+
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_load_file(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_add_dir(lookup,NULL,X509_FILETYPE_DEFAULT);
+
+ /* clear any errors */
+ ERR_clear_error();
+
+ return(1);
+ }
+
+int X509_STORE_load_locations(ctx,file,path)
+X509_STORE *ctx;
+char *file;
+char *path;
+ {
+ X509_LOOKUP *lookup;
+
+ if (file != NULL)
+ {
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_file());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_load_file(lookup,file,X509_FILETYPE_PEM);
+ }
+ if (path != NULL)
+ {
+ lookup=X509_STORE_add_lookup(ctx,X509_LOOKUP_hash_dir());
+ if (lookup == NULL) return(0);
+ X509_LOOKUP_add_dir(lookup,path,X509_FILETYPE_PEM);
+ }
+ return(1);
+ }
+
diff --git a/crypto/x509/x509_def.c b/crypto/x509/x509_def.c
new file mode 100644
index 0000000..4979238
--- /dev/null
+++ b/crypto/x509/x509_def.c
@@ -0,0 +1,83 @@
+/* crypto/x509/x509_def.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+#include "cryptlib.h"
+#include "crypto.h"
+#include "x509.h"
+
+char *X509_get_default_private_dir()
+ { return(X509_PRIVATE_DIR); }
+
+char *X509_get_default_cert_area()
+ { return(X509_CERT_AREA); }
+
+char *X509_get_default_cert_dir()
+ { return(X509_CERT_DIR); }
+
+char *X509_get_default_cert_file()
+ { return(X509_CERT_FILE); }
+
+char *X509_get_default_cert_dir_env()
+ { return(X509_CERT_DIR_EVP); }
+
+char *X509_get_default_cert_file_env()
+ { return(X509_CERT_FILE_EVP); }
+
diff --git a/crypto/x509/x509_err.c b/crypto/x509/x509_err.c
new file mode 100644
index 0000000..bfcc47f
--- /dev/null
+++ b/crypto/x509/x509_err.c
@@ -0,0 +1,121 @@
+/* lib/x509/x509_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "x509.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA X509_str_functs[]=
+ {
+{ERR_PACK(0,X509_F_ADD_CERT_DIR,0), "ADD_CERT_DIR"},
+{ERR_PACK(0,X509_F_BY_FILE_CTRL,0), "BY_FILE_CTRL"},
+{ERR_PACK(0,X509_F_DIR_CTRL,0), "DIR_CTRL"},
+{ERR_PACK(0,X509_F_GET_CERT_BY_SUBJECT,0), "GET_CERT_BY_SUBJECT"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXT,0), "X509v3_add_ext"},
+{ERR_PACK(0,X509_F_X509V3_ADD_EXTENSION,0), "X509V3_ADD_EXTENSION"},
+{ERR_PACK(0,X509_F_X509V3_PACK_STRING,0), "X509v3_pack_string"},
+{ERR_PACK(0,X509_F_X509V3_UNPACK_STRING,0), "X509v3_unpack_string"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_NID,0), "X509_EXTENSION_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_EXTENSION_CREATE_BY_OBJ,0), "X509_EXTENSION_create_by_OBJ"},
+{ERR_PACK(0,X509_F_X509_GET_PUBKEY_PARAMETERS,0), "X509_get_pubkey_parameters"},
+{ERR_PACK(0,X509_F_X509_LOAD_CERT_FILE,0), "X509_LOAD_CERT_FILE"},
+{ERR_PACK(0,X509_F_X509_NAME_ADD_ENTRY,0), "X509_NAME_add_entry"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_CREATE_BY_NID,0), "X509_NAME_ENTRY_create_by_NID"},
+{ERR_PACK(0,X509_F_X509_NAME_ENTRY_SET_OBJECT,0), "X509_NAME_ENTRY_set_object"},
+{ERR_PACK(0,X509_F_X509_NAME_ONELINE,0), "X509_NAME_oneline"},
+{ERR_PACK(0,X509_F_X509_NAME_PRINT,0), "X509_NAME_print"},
+{ERR_PACK(0,X509_F_X509_PRINT_FP,0), "X509_print_fp"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_GET,0), "X509_PUBKEY_get"},
+{ERR_PACK(0,X509_F_X509_PUBKEY_SET,0), "X509_PUBKEY_set"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT,0), "X509_REQ_print"},
+{ERR_PACK(0,X509_F_X509_REQ_PRINT_FP,0), "X509_REQ_print_fp"},
+{ERR_PACK(0,X509_F_X509_REQ_TO_X509,0), "X509_REQ_to_X509"},
+{ERR_PACK(0,X509_F_X509_STORE_ADD_CERT,0), "X509_STORE_ADD_CERT"},
+{ERR_PACK(0,X509_F_X509_TO_X509_REQ,0), "X509_to_X509_REQ"},
+{ERR_PACK(0,X509_F_X509_VERIFY_CERT,0), "X509_verify_cert"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA X509_str_reasons[]=
+ {
+{X509_R_BAD_X509_FILETYPE ,"bad x509 filetype"},
+{X509_R_CERT_ALREADY_IN_HASH_TABLE ,"cert already in hash table"},
+{X509_R_ERR_ASN1_LIB ,"err asn1 lib"},
+{X509_R_LOADING_CERT_DIR ,"loading cert dir"},
+{X509_R_LOADING_DEFAULTS ,"loading defaults"},
+{X509_R_NO_CERT_SET_FOR_US_TO_VERIFY ,"no cert set for us to verify"},
+{X509_R_SHOULD_RETRY ,"should retry"},
+{X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN,"unable to find parameters in chain"},
+{X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY ,"unable to get certs public key"},
+{X509_R_UNKNOWN_NID ,"unknown nid"},
+{X509_R_UNKNOWN_STRING_TYPE ,"unknown string type"},
+{X509_R_UNSUPPORTED_ALGORITHM ,"unsupported algorithm"},
+{0,NULL},
+ };
+
+void ERR_load_X509_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_X509,X509_str_functs);
+ ERR_load_strings(ERR_LIB_X509,X509_str_reasons);
+ }
+ }
diff --git a/crypto/x509/x509_ext.c b/crypto/x509/x509_ext.c
new file mode 100644
index 0000000..7495183
--- /dev/null
+++ b/crypto/x509/x509_ext.c
@@ -0,0 +1,222 @@
+/* crypto/x509/x509_ext.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_CRL_get_ext_count(x)
+X509_CRL *x;
+ {
+ return(X509v3_get_ext_count(x->crl->extensions));
+ }
+
+int X509_CRL_get_ext_by_NID(x,nid,oldpos)
+X509_CRL *x;
+int nid;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_NID(x->crl->extensions,nid,oldpos));
+ }
+
+int X509_CRL_get_ext_by_OBJ(x,obj,oldpos)
+X509_CRL *x;
+ASN1_OBJECT *obj;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_OBJ(x->crl->extensions,obj,oldpos));
+ }
+
+int X509_CRL_get_ext_by_critical(x,crit,oldpos)
+X509_CRL *x;
+int crit;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_critical(x->crl->extensions,crit,oldpos));
+ }
+
+X509_EXTENSION *X509_CRL_get_ext(x,loc)
+X509_CRL *x;
+int loc;
+ {
+ return(X509v3_get_ext(x->crl->extensions,loc));
+ }
+
+X509_EXTENSION *X509_CRL_delete_ext(x,loc)
+X509_CRL *x;
+int loc;
+ {
+ return(X509v3_delete_ext(x->crl->extensions,loc));
+ }
+
+int X509_CRL_add_ext(x,ex,loc)
+X509_CRL *x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ return(X509v3_add_ext(&(x->crl->extensions),ex,loc) != NULL);
+ }
+
+int X509_get_ext_count(x)
+X509 *x;
+ {
+ return(X509v3_get_ext_count(x->cert_info->extensions));
+ }
+
+int X509_get_ext_by_NID(x,nid,oldpos)
+X509 *x;
+int nid;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_NID(x->cert_info->extensions,nid,oldpos));
+ }
+
+int X509_get_ext_by_OBJ(x,obj,oldpos)
+X509 *x;
+ASN1_OBJECT *obj;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_OBJ(x->cert_info->extensions,obj,oldpos));
+ }
+
+int X509_get_ext_by_critical(x,crit,oldpos)
+X509 *x;
+int crit;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_critical(x->cert_info->extensions,crit,oldpos));
+ }
+
+X509_EXTENSION *X509_get_ext(x,loc)
+X509 *x;
+int loc;
+ {
+ return(X509v3_get_ext(x->cert_info->extensions,loc));
+ }
+
+X509_EXTENSION *X509_delete_ext(x,loc)
+X509 *x;
+int loc;
+ {
+ return(X509v3_delete_ext(x->cert_info->extensions,loc));
+ }
+
+int X509_add_ext(x,ex,loc)
+X509 *x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ return(X509v3_add_ext(&(x->cert_info->extensions),ex,loc) != NULL);
+ }
+
+int X509_REVOKED_get_ext_count(x)
+X509_REVOKED *x;
+ {
+ return(X509v3_get_ext_count(x->extensions));
+ }
+
+int X509_REVOKED_get_ext_by_NID(x,nid,oldpos)
+X509_REVOKED *x;
+int nid;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_NID(x->extensions,nid,oldpos));
+ }
+
+int X509_REVOKED_get_ext_by_OBJ(x,obj,oldpos)
+X509_REVOKED *x;
+ASN1_OBJECT *obj;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_OBJ(x->extensions,obj,oldpos));
+ }
+
+int X509_REVOKED_get_ext_by_critical(x,crit,oldpos)
+X509_REVOKED *x;
+int crit;
+int oldpos;
+ {
+ return(X509v3_get_ext_by_critical(x->extensions,crit,oldpos));
+ }
+
+X509_EXTENSION *X509_REVOKED_get_ext(x,loc)
+X509_REVOKED *x;
+int loc;
+ {
+ return(X509v3_get_ext(x->extensions,loc));
+ }
+
+X509_EXTENSION *X509_REVOKED_delete_ext(x,loc)
+X509_REVOKED *x;
+int loc;
+ {
+ return(X509v3_delete_ext(x->extensions,loc));
+ }
+
+int X509_REVOKED_add_ext(x,ex,loc)
+X509_REVOKED *x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ return(X509v3_add_ext(&(x->extensions),ex,loc) != NULL);
+ }
+
diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
new file mode 100644
index 0000000..455ad5a
--- /dev/null
+++ b/crypto/x509/x509_lu.c
@@ -0,0 +1,439 @@
+/* crypto/x509/x509_lu.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "x509.h"
+
+X509_LOOKUP *X509_LOOKUP_new(method)
+X509_LOOKUP_METHOD *method;
+ {
+ X509_LOOKUP *ret;
+
+ ret=(X509_LOOKUP *)Malloc(sizeof(X509_LOOKUP));
+ if (ret == NULL) return(NULL);
+
+ ret->init=0;
+ ret->skip=0;
+ ret->method=method;
+ ret->method_data=NULL;
+ ret->store_ctx=NULL;
+ if ((method->new_item != NULL) && !method->new_item(ret))
+ {
+ Free(ret);
+ return(NULL);
+ }
+ return(ret);
+ }
+
+void X509_LOOKUP_free(ctx)
+X509_LOOKUP *ctx;
+ {
+ if (ctx == NULL) return;
+ if ( (ctx->method != NULL) &&
+ (ctx->method->free != NULL))
+ ctx->method->free(ctx);
+ Free(ctx);
+ }
+
+int X509_LOOKUP_init(ctx)
+X509_LOOKUP *ctx;
+ {
+ if (ctx->method == NULL) return(0);
+ if (ctx->method->init != NULL)
+ return(ctx->method->init(ctx));
+ else
+ return(1);
+ }
+
+int X509_LOOKUP_shutdown(ctx)
+X509_LOOKUP *ctx;
+ {
+ if (ctx->method == NULL) return(0);
+ if (ctx->method->init != NULL)
+ return(ctx->method->shutdown(ctx));
+ else
+ return(1);
+ }
+
+int X509_LOOKUP_ctrl(ctx,cmd,argc,argl,ret)
+X509_LOOKUP *ctx;
+int cmd;
+char *argc;
+long argl;
+char **ret;
+ {
+ if (ctx->method == NULL) return(-1);
+ if (ctx->method->ctrl != NULL)
+ return(ctx->method->ctrl(ctx,cmd,argc,argl,ret));
+ else
+ return(1);
+ }
+
+int X509_LOOKUP_by_subject(ctx,type,name,ret)
+X509_LOOKUP *ctx;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) || (ctx->method->get_by_subject == NULL))
+ return(X509_LU_FAIL);
+ if (ctx->skip) return(0);
+ return(ctx->method->get_by_subject(ctx,type,name,ret));
+ }
+
+int X509_LOOKUP_by_issuer_serial(ctx,type,name,serial,ret)
+X509_LOOKUP *ctx;
+int type;
+X509_NAME *name;
+ASN1_INTEGER *serial;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) ||
+ (ctx->method->get_by_issuer_serial == NULL))
+ return(X509_LU_FAIL);
+ return(ctx->method->get_by_issuer_serial(ctx,type,name,serial,ret));
+ }
+
+int X509_LOOKUP_by_fingerprint(ctx,type,bytes,len,ret)
+X509_LOOKUP *ctx;
+int type;
+unsigned char *bytes;
+int len;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) || (ctx->method->get_by_fingerprint == NULL))
+ return(X509_LU_FAIL);
+ return(ctx->method->get_by_fingerprint(ctx,type,bytes,len,ret));
+ }
+
+int X509_LOOKUP_by_alias(ctx,type,str,len,ret)
+X509_LOOKUP *ctx;
+int type;
+char *str;
+int len;
+X509_OBJECT *ret;
+ {
+ if ((ctx->method == NULL) || (ctx->method->get_by_alias))
+ return(X509_LU_FAIL);
+ return(ctx->method->get_by_alias(ctx,str,len,ret));
+ }
+
+static unsigned long x509_object_hash(a)
+X509_OBJECT *a;
+ {
+ unsigned long h;
+
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ h=X509_NAME_hash(a->data.x509->cert_info->subject);
+ break;
+ case X509_LU_CRL:
+ h=X509_NAME_hash(a->data.crl->crl->issuer);
+ break;
+ default:
+ abort();
+ }
+ return(h);
+ }
+
+static int x509_object_cmp(a,b)
+X509_OBJECT *a,*b;
+ {
+ int ret;
+
+ ret=(a->type - b->type);
+ if (ret) return(ret);
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ ret=X509_subject_name_cmp(a->data.x509,b->data.x509);
+ break;
+ case X509_LU_CRL:
+ ret=X509_CRL_cmp(a->data.crl,b->data.crl);
+ break;
+ default:
+ abort();
+ }
+ return(ret);
+ }
+
+X509_STORE *X509_STORE_new()
+ {
+ X509_STORE *ret;
+
+ if ((ret=(X509_STORE *)Malloc(sizeof(X509_STORE))) == NULL)
+ return(NULL);
+ ret->certs=lh_new(x509_object_hash,x509_object_cmp);
+ ret->cache=1;
+ ret->get_cert_methods=sk_new_null();
+ ret->verify=NULL;
+ ret->verify_cb=NULL;
+ ret->app_data=NULL;
+ ret->references=1;
+ return(ret);
+ }
+
+static void cleanup(a)
+X509_OBJECT *a;
+ {
+ if (a->type == X509_LU_X509)
+ {
+ X509_free(a->data.x509);
+ }
+ else if (a->type == X509_LU_CRL)
+ {
+ X509_CRL_free(a->data.crl);
+ }
+ else
+ abort();
+
+ Free(a);
+ }
+
+void X509_STORE_free(vfy)
+X509_STORE *vfy;
+ {
+ int i;
+ STACK *sk;
+ X509_LOOKUP *lu;
+
+ sk=vfy->get_cert_methods;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ lu=(X509_LOOKUP *)sk_value(sk,i);
+ X509_LOOKUP_shutdown(lu);
+ X509_LOOKUP_free(lu);
+ }
+ sk_free(sk);
+
+ lh_doall(vfy->certs,cleanup);
+ lh_free(vfy->certs);
+ Free(vfy);
+ }
+
+X509_LOOKUP *X509_STORE_add_lookup(v,m)
+X509_STORE *v;
+X509_LOOKUP_METHOD *m;
+ {
+ int i;
+ STACK *sk;
+ X509_LOOKUP *lu;
+
+ sk=v->get_cert_methods;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ lu=(X509_LOOKUP *)sk_value(sk,i);
+ if (m == lu->method)
+ {
+ return(lu);
+ }
+ }
+ /* a new one */
+ lu=X509_LOOKUP_new(m);
+ if (lu == NULL)
+ return(NULL);
+ else
+ {
+ lu->store_ctx=v;
+ if (sk_push(v->get_cert_methods,(char *)lu))
+ return(lu);
+ else
+ {
+ X509_LOOKUP_free(lu);
+ return(NULL);
+ }
+ }
+ }
+
+int X509_STORE_get_by_subject(vs,type,name,ret)
+X509_STORE_CTX *vs;
+int type;
+X509_NAME *name;
+X509_OBJECT *ret;
+ {
+ X509_STORE *ctx=vs->ctx;
+ X509_LOOKUP *lu;
+ X509_OBJECT stmp,*tmp;
+ int i,j;
+
+ tmp=X509_OBJECT_retrive_by_subject(ctx->certs,type,name);
+
+ if (tmp == NULL)
+ {
+ for (i=vs->current_method; i<sk_num(ctx->get_cert_methods); i++)
+ {
+ lu=(X509_LOOKUP *)sk_value(ctx->get_cert_methods,i);
+ j=X509_LOOKUP_by_subject(lu,type,name,&stmp);
+ if (j < 0)
+ {
+ vs->current_method=j;
+ return(j);
+ }
+ else if (j)
+ {
+ tmp= &stmp;
+ break;
+ }
+ }
+ vs->current_method=0;
+ if (tmp == NULL)
+ return(0);
+ }
+
+/* if (ret->data.ptr != NULL)
+ X509_OBJECT_free_contents(ret); */
+
+ ret->type=tmp->type;
+ ret->data.ptr=tmp->data.ptr;
+
+ X509_OBJECT_up_ref_count(ret);
+
+ return(1);
+ }
+
+void X509_OBJECT_up_ref_count(a)
+X509_OBJECT *a;
+ {
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ CRYPTO_add(&a->data.x509->references,1,CRYPTO_LOCK_X509);
+ break;
+ case X509_LU_CRL:
+ CRYPTO_add(&a->data.crl->references,1,CRYPTO_LOCK_X509_CRL);
+ break;
+ }
+ }
+
+void X509_OBJECT_free_contents(a)
+X509_OBJECT *a;
+ {
+ switch (a->type)
+ {
+ case X509_LU_X509:
+ X509_free(a->data.x509);
+ break;
+ case X509_LU_CRL:
+ X509_CRL_free(a->data.crl);
+ break;
+ }
+ }
+
+X509_OBJECT *X509_OBJECT_retrive_by_subject(h,type,name)
+LHASH *h;
+int type;
+X509_NAME *name;
+ {
+ X509_OBJECT stmp,*tmp;
+ X509 x509_s;
+ X509_CINF cinf_s;
+ X509_CRL crl_s;
+ X509_CRL_INFO crl_info_s;
+
+ stmp.type=type;
+ switch (type)
+ {
+ case X509_LU_X509:
+ stmp.data.x509= &x509_s;
+ x509_s.cert_info= &cinf_s;
+ cinf_s.subject=name;
+ break;
+ case X509_LU_CRL:
+ stmp.data.crl= &crl_s;
+ crl_s.crl= &crl_info_s;
+ crl_info_s.issuer=name;
+ break;
+ default:
+ abort();
+ }
+
+ tmp=(X509_OBJECT *)lh_retrieve(h,(char *)&stmp);
+ return(tmp);
+ }
+
+void X509_STORE_CTX_init(ctx,store,x509,chain)
+X509_STORE_CTX *ctx;
+X509_STORE *store;
+X509 *x509;
+STACK *chain;
+ {
+ ctx->ctx=store;
+ ctx->current_method=0;
+ ctx->cert=x509;
+ ctx->untrusted=chain;
+ ctx->last_untrusted=0;
+ ctx->valid=0;
+ ctx->chain=NULL;
+ ctx->depth=10;
+ ctx->error=0;
+ ctx->current_cert=NULL;
+ }
+
+void X509_STORE_CTX_cleanup(ctx)
+X509_STORE_CTX *ctx;
+ {
+ if (ctx->chain != NULL)
+ {
+ sk_pop_free(ctx->chain,X509_free);
+ ctx->chain=NULL;
+ }
+ }
+
diff --git a/crypto/x509/x509_obj.c b/crypto/x509/x509_obj.c
new file mode 100644
index 0000000..2b53af1
--- /dev/null
+++ b/crypto/x509/x509_obj.c
@@ -0,0 +1,180 @@
+/* crypto/x509/x509_obj.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "lhash.h"
+#include "objects.h"
+#include "x509.h"
+#include "buffer.h"
+
+char *X509_NAME_oneline(a,buf,len)
+X509_NAME *a;
+char *buf;
+int len;
+ {
+ X509_NAME_ENTRY *ne;
+ unsigned int i;
+ int n,lold,l,l1,l2,num,j,type;
+ char *s,*p;
+ unsigned char *q;
+ BUF_MEM *b=NULL;
+ static char hex[17]="0123456789ABCDEF";
+ int gs_doit[4];
+
+ if (a == NULL) return("NO X509_NAME");
+ if (buf == NULL)
+ {
+ if ((b=BUF_MEM_new()) == NULL) goto err;
+ if (!BUF_MEM_grow(b,200)) goto err;
+ b->data[0]='\0';
+ len=200;
+ }
+
+ len--; /* space for '\0' */
+ l=0;
+ for (i=0; (int)i<sk_num(a->entries); i++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(a->entries,i);
+ n=OBJ_obj2nid(ne->object);
+ if (n == NID_undef)
+ s="UNKNOWN";
+ else
+ {
+ s=OBJ_nid2sn(n);
+ if (s == NULL) s="UNKNOWN2";
+ }
+ l1=strlen(s);
+
+ type=ne->value->type;
+ num=ne->value->length;
+ q=ne->value->data;
+
+ if ((type == V_ASN1_GENERALSTRING) && ((num%4) == 0))
+ {
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=0;
+ for (j=0; j<num; j++)
+ if (q[j] != 0) gs_doit[j&3]=1;
+
+ if (gs_doit[0]|gs_doit[1]|gs_doit[2])
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
+ else
+ {
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=0;
+ gs_doit[3]=1;
+ }
+ }
+ else
+ gs_doit[0]=gs_doit[1]=gs_doit[2]=gs_doit[3]=1;
+
+ for (l2=j=0; j<num; j++)
+ {
+ if (!gs_doit[j&3]) continue;
+ l2++;
+ if ((q[j] < ' ') || (q[j] > '~')) l2+=3;
+ }
+
+ lold=l;
+ l+=1+l1+1+l2;
+ if (b != NULL)
+ {
+ if (!BUF_MEM_grow(b,l+1)) goto err;
+ p= &(b->data[lold]);
+ }
+ else if (l > len)
+ {
+ break;
+ }
+ else
+ p= &(buf[lold]);
+ *(p++)='/';
+ memcpy(p,s,(unsigned int)l1); p+=l1;
+ *(p++)='=';
+
+ q=ne->value->data;
+
+ for (j=0; j<num; j++)
+ {
+ if (!gs_doit[j&3]) continue;
+ n=q[j];
+ if ((n < ' ') || (n > '~'))
+ {
+ *(p++)='\\';
+ *(p++)='x';
+ *(p++)=hex[(n>>4)&0x0f];
+ *(p++)=hex[n&0x0f];
+ }
+ else
+ *(p++)=n;
+ }
+ *p='\0';
+ }
+ if (b != NULL)
+ {
+ p=b->data;
+ Free((char *)b);
+ }
+ else
+ p=buf;
+ return(p);
+err:
+ X509err(X509_F_X509_NAME_ONELINE,ERR_R_MALLOC_FAILURE);
+ if (b != NULL) BUF_MEM_free(b);
+ return(NULL);
+ }
+
diff --git a/crypto/x509/x509_r2x.c b/crypto/x509/x509_r2x.c
new file mode 100644
index 0000000..7e79959
--- /dev/null
+++ b/crypto/x509/x509_r2x.c
@@ -0,0 +1,122 @@
+/* crypto/x509/x509_r2x.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+X509 *X509_REQ_to_X509(r,days,pkey)
+X509_REQ *r;
+int days;
+EVP_PKEY *pkey;
+ {
+ X509 *ret=NULL;
+ int er=1;
+ X509_REQ_INFO *ri=NULL;
+ X509_CINF *xi=NULL;
+ X509_NAME *xn;
+
+ if ((ret=X509_new()) == NULL)
+ {
+ X509err(X509_F_X509_REQ_TO_X509,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* duplicate the request */
+ ri=(X509_REQ_INFO *)ASN1_dup(i2d_X509_REQ_INFO,
+ (char *(*)())d2i_X509_REQ_INFO,(char *)r->req_info);
+ if (ri == NULL) goto err;
+
+ xi=ret->cert_info;
+
+ if (sk_num(ri->attributes) != 0)
+ {
+ if ((xi->version=ASN1_INTEGER_new()) == NULL) goto err;
+ if (!ASN1_INTEGER_set(xi->version,2)) goto err;
+/* xi->extensions=ri->attributes; <- bad, should not ever be done
+ ri->attributes=NULL; */
+ }
+
+ xn=X509_REQ_get_subject_name(r);
+ X509_set_subject_name(ret,X509_NAME_dup(xn));
+ X509_set_issuer_name(ret,X509_NAME_dup(xn));
+
+ X509_gmtime_adj(xi->validity->notBefore,0);
+ X509_gmtime_adj(xi->validity->notAfter,(long)60*60*24*days);
+
+ X509_set_pubkey(ret,X509_REQ_get_pubkey(r));
+
+ if (!X509_sign(ret,pkey,EVP_md5()))
+ goto err;
+ er=0;
+err:
+ if (er)
+ {
+ X509_free(ret);
+ X509_REQ_INFO_free(ri);
+ return(NULL);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/x509/x509_req.c b/crypto/x509/x509_req.c
new file mode 100644
index 0000000..c1f10c2
--- /dev/null
+++ b/crypto/x509/x509_req.c
@@ -0,0 +1,111 @@
+/* crypto/x509/x509_req.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "buffer.h"
+#include "pem.h"
+
+X509_REQ *X509_to_X509_REQ(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ X509_REQ *ret;
+ X509_REQ_INFO *ri;
+ int i;
+
+ ret=X509_REQ_new();
+ if (ret == NULL)
+ {
+ X509err(X509_F_X509_TO_X509_REQ,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ ri=ret->req_info;
+
+ ri->version->length=1;
+ ri->version->data=(unsigned char *)Malloc(1);
+ if (ri->version->data == NULL) goto err;
+ ri->version->data[0]=0; /* version == 0 */
+
+ if (!X509_REQ_set_subject_name(ret,X509_get_subject_name(x)))
+ goto err;
+
+ i=X509_REQ_set_pubkey(ret,X509_get_pubkey(x));
+ if (!i) goto err;
+
+/* NEEDS FIXING EAY EAY EAY */
+ if (!X509_REQ_sign(ret,pkey,EVP_md5()))
+ goto err;
+ return(ret);
+err:
+ X509_REQ_free(ret);
+ return(NULL);
+ }
+
+EVP_PKEY *X509_REQ_get_pubkey(req)
+X509_REQ *req;
+ {
+ return(X509_PUBKEY_get(req->req_info->pubkey));
+ }
+
diff --git a/crypto/x509/x509_set.c b/crypto/x509/x509_set.c
new file mode 100644
index 0000000..f65ae91
--- /dev/null
+++ b/crypto/x509/x509_set.c
@@ -0,0 +1,164 @@
+/* crypto/x509/x509_set.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_set_version(x,version)
+X509 *x;
+long version;
+ {
+ if (x == NULL) return(0);
+ if (x->cert_info->version == NULL)
+ {
+ if ((x->cert_info->version=ASN1_INTEGER_new()) == NULL)
+ return(0);
+ }
+ return(ASN1_INTEGER_set(x->cert_info->version,version));
+ }
+
+int X509_set_serialNumber(x,serial)
+X509 *x;
+ASN1_INTEGER *serial;
+ {
+ ASN1_INTEGER *in;
+
+ if (x == NULL) return(0);
+ in=x->cert_info->serialNumber;
+ if (in != serial)
+ {
+ in=ASN1_INTEGER_dup(serial);
+ if (in != NULL)
+ {
+ ASN1_INTEGER_free(x->cert_info->serialNumber);
+ x->cert_info->serialNumber=in;
+ }
+ }
+ return(in != NULL);
+ }
+
+int X509_set_issuer_name(x,name)
+X509 *x;
+X509_NAME *name;
+ {
+ if ((x == NULL) || (x->cert_info == NULL)) return(0);
+ return(X509_NAME_set(&x->cert_info->issuer,name));
+ }
+
+int X509_set_subject_name(x,name)
+X509 *x;
+X509_NAME *name;
+ {
+ if ((x == NULL) || (x->cert_info == NULL)) return(0);
+ return(X509_NAME_set(&x->cert_info->subject,name));
+ }
+
+int X509_set_notBefore(x,tm)
+X509 *x;
+ASN1_UTCTIME *tm;
+ {
+ ASN1_UTCTIME *in;
+
+ if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
+ in=x->cert_info->validity->notBefore;
+ if (in != tm)
+ {
+ in=ASN1_UTCTIME_dup(tm);
+ if (in != NULL)
+ {
+ ASN1_UTCTIME_free(x->cert_info->validity->notBefore);
+ x->cert_info->validity->notBefore=in;
+ }
+ }
+ return(in != NULL);
+ }
+
+int X509_set_notAfter(x,tm)
+X509 *x;
+ASN1_UTCTIME *tm;
+ {
+ ASN1_UTCTIME *in;
+
+ if ((x == NULL) || (x->cert_info->validity == NULL)) return(0);
+ in=x->cert_info->validity->notAfter;
+ if (in != tm)
+ {
+ in=ASN1_UTCTIME_dup(tm);
+ if (in != NULL)
+ {
+ ASN1_UTCTIME_free(x->cert_info->validity->notAfter);
+ x->cert_info->validity->notAfter=in;
+ }
+ }
+ return(in != NULL);
+ }
+
+int X509_set_pubkey(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ if ((x == NULL) || (x->cert_info == NULL)) return(0);
+ return(X509_PUBKEY_set(&(x->cert_info->key),pkey));
+ }
+
+
+
diff --git a/crypto/x509/x509_txt.c b/crypto/x509/x509_txt.c
new file mode 100644
index 0000000..d5fc583
--- /dev/null
+++ b/crypto/x509/x509_txt.c
@@ -0,0 +1,130 @@
+/* crypto/x509/x509_txt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+char *X509_verify_cert_error_string(n)
+int n;
+ {
+ static char buf[100];
+
+ switch (n)
+ {
+ case X509_V_OK:
+ return("ok");
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+ return("unable to get issuer certificate");
+ case X509_V_ERR_UNABLE_TO_GET_CRL:
+ return("unable to get certificate CRL");
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+ return("unable to decrypt certificate's signature");
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE:
+ return("unable to decrypt CRL's's signature");
+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+ return("unable to decode issuer public key");
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ return("certificate signature failure");
+ case X509_V_ERR_CRL_SIGNATURE_FAILURE:
+ return("CRL signature failure");
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ return("certificate is not yet valid");
+ case X509_V_ERR_CRL_NOT_YET_VALID:
+ return("CRL is not yet valid");
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ return("Certificate has expired");
+ case X509_V_ERR_CRL_HAS_EXPIRED:
+ return("CRL has expired");
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ return("format error in certificate's notBefore field");
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ return("format error in certificate's notAfter field");
+ case X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FILED:
+ return("format error in CRL's lastUpdate field");
+ case X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FILED:
+ return("format error in CRL's nextUpdate field");
+ case X509_V_ERR_OUT_OF_MEM:
+ return("out of memory");
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ return("self signed certificate");
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+ return("self signed certificate in certificate chain");
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+ return("unable to get local issuer certificate");
+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ return("unable to verify the first certificate");
+ case X509_V_ERR_CERT_CHAIN_TOO_LONG:
+ return("certificate chain too long");
+ default:
+ sprintf(buf,"error number %d",n);
+ return(buf);
+ }
+ }
+
+
diff --git a/crypto/x509/x509_v3.c b/crypto/x509/x509_v3.c
new file mode 100644
index 0000000..388130b
--- /dev/null
+++ b/crypto/x509/x509_v3.c
@@ -0,0 +1,409 @@
+/* crypto/x509/x509_v3.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+#ifndef NOPROTO
+static X509_EXTENSION_METHOD *find_by_nid(int nid);
+static int xem_cmp(X509_EXTENSION_METHOD **a, X509_EXTENSION_METHOD **b);
+#else
+static X509_EXTENSION_METHOD *find_by_nid();
+static int xem_cmp();
+#endif
+
+static STACK *extensions=NULL;
+
+int X509v3_get_ext_count(x)
+STACK *x;
+ {
+ if (x == NULL) return(0);
+ return(sk_num(x));
+ }
+
+int X509v3_get_ext_by_NID(x,nid,oldpos)
+STACK *x;
+int nid;
+int oldpos;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL) return(-2);
+ return(X509v3_get_ext_by_OBJ(x,obj,oldpos));
+ }
+
+int X509v3_get_ext_by_OBJ(sk,obj,oldpos)
+STACK *sk;
+ASN1_OBJECT *obj;
+int oldpos;
+ {
+ int n;
+ X509_EXTENSION *ex;
+
+ if (sk == NULL) return(-1);
+ oldpos++;
+ if (oldpos < 0)
+ oldpos=0;
+ n=sk_num(sk);
+ for ( ; oldpos < n; oldpos++)
+ {
+ ex=(X509_EXTENSION *)sk_value(sk,oldpos);
+ if (OBJ_cmp(ex->object,obj) == 0)
+ return(oldpos);
+ }
+ return(-1);
+ }
+
+int X509v3_get_ext_by_critical(sk,crit,oldpos)
+STACK *sk;
+int crit;
+int oldpos;
+ {
+ int n;
+ X509_EXTENSION *ex;
+
+ if (sk == NULL) return(-1);
+ oldpos++;
+ if (oldpos < 0)
+ oldpos=0;
+ n=sk_num(sk);
+ for ( ; oldpos < n; oldpos++)
+ {
+ ex=(X509_EXTENSION *)sk_value(sk,oldpos);
+ if ( (ex->critical && crit) ||
+ (!ex->critical && !crit))
+ return(oldpos);
+ }
+ return(-1);
+ }
+
+X509_EXTENSION *X509v3_get_ext(x,loc)
+STACK *x;
+int loc;
+ {
+ if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0))
+ return(NULL);
+ else
+ return((X509_EXTENSION *)sk_value(x,loc));
+ }
+
+X509_EXTENSION *X509v3_delete_ext(x,loc)
+STACK *x;
+int loc;
+ {
+ X509_EXTENSION *ret;
+
+ if ((x == NULL) || (sk_num(x) <= loc) || (loc < 0))
+ return(NULL);
+ ret=(X509_EXTENSION *)sk_delete(x,loc);
+ return(ret);
+ }
+
+STACK *X509v3_add_ext(x,ex,loc)
+STACK **x;
+X509_EXTENSION *ex;
+int loc;
+ {
+ X509_EXTENSION *new_ex=NULL;
+ int n;
+ STACK *sk=NULL;
+
+ if ((x != NULL) && (*x == NULL))
+ {
+ if ((sk=sk_new_null()) == NULL)
+ goto err;
+ }
+ else
+ sk= *x;
+
+ n=sk_num(sk);
+ if (loc > n) loc=n;
+ else if (loc < 0) loc=n;
+
+ if ((new_ex=X509_EXTENSION_dup(ex)) == NULL)
+ goto err2;
+ if (!sk_insert(sk,(char *)new_ex,loc))
+ goto err;
+ if ((x != NULL) && (*x == NULL))
+ *x=sk;
+ return(sk);
+err:
+ X509err(X509_F_X509V3_ADD_EXT,ERR_R_MALLOC_FAILURE);
+err2:
+ if (new_ex != NULL) X509_EXTENSION_free(new_ex);
+ if (sk != NULL) sk_free(sk);
+ return(NULL);
+ }
+
+X509_EXTENSION *X509_EXTENSION_create_by_NID(ex,nid,crit,data)
+X509_EXTENSION **ex;
+int nid;
+int crit;
+ASN1_OCTET_STRING *data;
+ {
+ ASN1_OBJECT *obj;
+ X509_EXTENSION *ret;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_EXTENSION_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ ret=X509_EXTENSION_create_by_OBJ(ex,obj,crit,data);
+ if (ret == NULL) ASN1_OBJECT_free(obj);
+ return(ret);
+ }
+
+X509_EXTENSION *X509_EXTENSION_create_by_OBJ(ex,obj,crit,data)
+X509_EXTENSION **ex;
+ASN1_OBJECT *obj;
+int crit;
+ASN1_OCTET_STRING *data;
+ {
+ X509_EXTENSION *ret;
+
+ if ((ex == NULL) || (*ex == NULL))
+ {
+ if ((ret=X509_EXTENSION_new()) == NULL)
+ {
+ X509err(X509_F_X509_EXTENSION_CREATE_BY_OBJ,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ }
+ else
+ ret= *ex;
+
+ if (!X509_EXTENSION_set_object(ret,obj))
+ goto err;
+ if (!X509_EXTENSION_set_critical(ret,crit))
+ goto err;
+ if (!X509_EXTENSION_set_data(ret,data))
+ goto err;
+
+ if ((ex != NULL) && (*ex == NULL)) *ex=ret;
+ return(ret);
+err:
+ if ((ex == NULL) || (ret != *ex))
+ X509_EXTENSION_free(ret);
+ return(NULL);
+ }
+
+int X509_EXTENSION_set_object(ex,obj)
+X509_EXTENSION *ex;
+ASN1_OBJECT *obj;
+ {
+ if ((ex == NULL) || (obj == NULL))
+ return(0);
+ ASN1_OBJECT_free(ex->object);
+ ex->object=OBJ_dup(obj);
+ return(1);
+ }
+
+int X509_EXTENSION_set_critical(ex,crit)
+X509_EXTENSION *ex;
+int crit;
+ {
+ if (ex == NULL) return(0);
+ ex->critical=(crit)?0xFF:0;
+ return(1);
+ }
+
+int X509_EXTENSION_set_data(ex,data)
+X509_EXTENSION *ex;
+ASN1_OCTET_STRING *data;
+ {
+ int i;
+
+ if (ex == NULL) return(0);
+ i=ASN1_OCTET_STRING_set(ex->value,data->data,data->length);
+ if (!i) return(0);
+ return(1);
+ }
+
+ASN1_OBJECT *X509_EXTENSION_get_object(ex)
+X509_EXTENSION *ex;
+ {
+ if (ex == NULL) return(NULL);
+ return(ex->object);
+ }
+
+ASN1_OCTET_STRING *X509_EXTENSION_get_data(ex)
+X509_EXTENSION *ex;
+ {
+ if (ex == NULL) return(NULL);
+ return(ex->value);
+ }
+
+int X509_EXTENSION_get_critical(ex)
+X509_EXTENSION *ex;
+ {
+ if (ex == NULL) return(0);
+ return(ex->critical);
+ }
+
+int X509v3_data_type_by_OBJ(obj)
+ASN1_OBJECT *obj;
+ {
+ int nid;
+
+ nid=OBJ_obj2nid(obj);
+ if (nid == V_ASN1_UNDEF) return(V_ASN1_UNDEF);
+ return(X509v3_data_type_by_NID(nid));
+ }
+
+int X509v3_data_type_by_NID(nid)
+int nid;
+ {
+ X509_EXTENSION_METHOD *x;
+
+ x=find_by_nid(nid);
+ if (x == NULL)
+ return(V_ASN1_UNDEF);
+ else
+ return(x->data_type);
+ }
+
+int X509v3_pack_type_by_OBJ(obj)
+ASN1_OBJECT *obj;
+ {
+ int nid;
+
+ nid=OBJ_obj2nid(obj);
+ if (nid == NID_undef) return(X509_EXT_PACK_UNKNOWN);
+ return(X509v3_pack_type_by_NID(nid));
+ }
+
+int X509v3_pack_type_by_NID(nid)
+int nid;
+ {
+ X509_EXTENSION_METHOD *x;
+
+ x=find_by_nid(nid);
+ if (x == NULL)
+ return(X509_EXT_PACK_UNKNOWN);
+ else
+ return(x->pack_type);
+ }
+
+static X509_EXTENSION_METHOD *find_by_nid(nid)
+int nid;
+ {
+ X509_EXTENSION_METHOD x;
+ int i;
+
+ x.nid=nid;
+ if (extensions == NULL) return(NULL);
+ i=sk_find(extensions,(char *)&x);
+ if (i < 0)
+ return(NULL);
+ else
+ return((X509_EXTENSION_METHOD *)sk_value(extensions,i));
+ }
+
+static int xem_cmp(a,b)
+X509_EXTENSION_METHOD **a,**b;
+ {
+ return((*a)->nid-(*b)->nid);
+ }
+
+void X509v3_cleanup_extensions()
+ {
+ int i;
+
+ if (extensions != NULL)
+ {
+ for (i=0; i<sk_num(extensions); i++)
+ Free(sk_value(extensions,i));
+ sk_free(extensions);
+ extensions=NULL;
+ }
+ }
+
+int X509v3_add_extension(x)
+X509_EXTENSION_METHOD *x;
+ {
+ X509_EXTENSION_METHOD *newx;
+
+ if (extensions == NULL)
+ {
+ extensions=sk_new(xem_cmp);
+ if (extensions == NULL) goto err;
+ }
+ newx=(X509_EXTENSION_METHOD *)Malloc(sizeof(X509_EXTENSION_METHOD));
+ if (newx == NULL) goto err;
+ newx->nid=x->nid;
+ newx->data_type=x->data_type;
+ newx->pack_type=x->pack_type;
+ if (!sk_push(extensions,(char *)newx))
+ {
+ Free(newx);
+ goto err;
+ }
+ return(1);
+err:
+ X509err(X509_F_X509V3_ADD_EXTENSION,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
new file mode 100644
index 0000000..f6dba6f
--- /dev/null
+++ b/crypto/x509/x509_vfy.c
@@ -0,0 +1,585 @@
+/* crypto/x509/x509_vfy.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <time.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+
+#include "cryptlib.h"
+#include "lhash.h"
+#include "buffer.h"
+#include "evp.h"
+#include "asn1.h"
+#include "x509.h"
+#include "objects.h"
+#include "pem.h"
+
+#ifndef NOPROTO
+static int null_callback(int ok,X509_STORE_CTX *e);
+static int internal_verify(X509_STORE_CTX *ctx);
+#else
+static int null_callback();
+static int internal_verify();
+#endif
+
+char *X509_version="X509 part of SSLeay 0.8.1b 29-Jun-1998";
+
+static int null_callback(ok,e)
+int ok;
+X509_STORE_CTX *e;
+ {
+ return(ok);
+ }
+
+#if 0
+static int x509_subject_cmp(a,b)
+X509 **a,**b;
+ {
+ return(X509_subject_name_cmp(*a,*b));
+ }
+#endif
+
+int X509_verify_cert(ctx)
+X509_STORE_CTX *ctx;
+ {
+ X509 *x,*xtmp,*chain_ss=NULL;
+ X509_NAME *xn;
+ X509_OBJECT obj;
+ int depth,i,ok=0;
+ int num;
+ int (*cb)();
+ STACK *sktmp=NULL;
+
+ if (ctx->cert == NULL)
+ {
+ X509err(X509_F_X509_VERIFY_CERT,X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
+ return(-1);
+ }
+
+ cb=ctx->ctx->verify_cb;
+ if (cb == NULL) cb=null_callback;
+
+ /* first we make sure the chain we are going to build is
+ * present and that the first entry is in place */
+ if (ctx->chain == NULL)
+ {
+ if ( ((ctx->chain=sk_new_null()) == NULL) ||
+ (!sk_push(ctx->chain,(char *)ctx->cert)))
+ {
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ CRYPTO_add(&ctx->cert->references,1,CRYPTO_LOCK_X509);
+ ctx->last_untrusted=1;
+ }
+
+ /* We use a temporary so we can chop and hack at it */
+ if ((ctx->untrusted != NULL) && (sktmp=sk_dup(ctx->untrusted)) == NULL)
+ {
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+
+ num=sk_num(ctx->chain);
+ x=(X509 *)sk_value(ctx->chain,num-1);
+ depth=ctx->depth;
+
+
+ for (;;)
+ {
+ /* If we have enough, we break */
+ if (depth <= num) break;
+
+ /* If we are self signed, we break */
+ xn=X509_get_issuer_name(x);
+ if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0)
+ break;
+
+ /* If we were passed a cert chain, use it first */
+ if (ctx->untrusted != NULL)
+ {
+ xtmp=X509_find_by_subject(sktmp,xn);
+ if (xtmp != NULL)
+ {
+ if (!sk_push(ctx->chain,(char *)xtmp))
+ {
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ goto end;
+ }
+ CRYPTO_add(&xtmp->references,1,CRYPTO_LOCK_X509);
+ sk_delete_ptr(sktmp,(char *)xtmp);
+ ctx->last_untrusted++;
+ x=xtmp;
+ num++;
+ /* reparse the full chain for
+ * the next one */
+ continue;
+ }
+ }
+ break;
+ }
+
+ /* at this point, chain should contain a list of untrusted
+ * certificates. We now need to add at least one trusted one,
+ * if possible, otherwise we complain. */
+
+ i=sk_num(ctx->chain);
+ x=(X509 *)sk_value(ctx->chain,i-1);
+ if (X509_NAME_cmp(X509_get_subject_name(x),X509_get_issuer_name(x))
+ == 0)
+ {
+ /* we have a self signed certificate */
+ if (sk_num(ctx->chain) == 1)
+ {
+ ctx->error=X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT;
+ ctx->current_cert=x;
+ ctx->error_depth=i-1;
+ ok=cb(0,ctx);
+ if (!ok) goto end;
+ }
+ else
+ {
+ /* worry more about this one elsewhere */
+ chain_ss=(X509 *)sk_pop(ctx->chain);
+ ctx->last_untrusted--;
+ num--;
+ x=(X509 *)sk_value(ctx->chain,num-1);
+ }
+ }
+
+ /* We now lookup certs from the certificate store */
+ for (;;)
+ {
+ /* If we have enough, we break */
+ if (depth <= num) break;
+
+ /* If we are self signed, we break */
+ xn=X509_get_issuer_name(x);
+ if (X509_NAME_cmp(X509_get_subject_name(x),xn) == 0)
+ break;
+
+ ok=X509_STORE_get_by_subject(ctx,X509_LU_X509,xn,&obj);
+ if (ok != X509_LU_X509)
+ {
+ if (ok == X509_LU_RETRY)
+ {
+ X509_OBJECT_free_contents(&obj);
+ X509err(X509_F_X509_VERIFY_CERT,X509_R_SHOULD_RETRY);
+ return(ok);
+ }
+ else if (ok != X509_LU_FAIL)
+ {
+ X509_OBJECT_free_contents(&obj);
+ /* not good :-(, break anyway */
+ return(ok);
+ }
+ break;
+ }
+ x=obj.data.x509;
+ if (!sk_push(ctx->chain,(char *)obj.data.x509))
+ {
+ X509_OBJECT_free_contents(&obj);
+ X509err(X509_F_X509_VERIFY_CERT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ num++;
+ }
+
+ /* we now have our chain, lets check it... */
+ xn=X509_get_issuer_name(x);
+ if (X509_NAME_cmp(X509_get_subject_name(x),xn) != 0)
+ {
+ if ((chain_ss == NULL) || (X509_NAME_cmp(X509_get_subject_name(chain_ss),xn) != 0))
+ {
+ if (ctx->last_untrusted >= num)
+ ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY;
+ else
+ ctx->error=X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT;
+ ctx->current_cert=x;
+ }
+ else
+ {
+
+ sk_push(ctx->chain,(char *)chain_ss);
+ num++;
+ ctx->last_untrusted=num;
+ ctx->current_cert=chain_ss;
+ ctx->error=X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN;
+ chain_ss=NULL;
+ }
+
+ ctx->error_depth=num-1;
+ ok=cb(0,ctx);
+ if (!ok) goto end;
+ }
+
+ /* We may as well copy down any DSA parameters that are required */
+ X509_get_pubkey_parameters(NULL,ctx->chain);
+
+ /* At this point, we have a chain and just need to verify it */
+ if (ctx->ctx->verify != NULL)
+ ok=ctx->ctx->verify(ctx);
+ else
+ ok=internal_verify(ctx);
+end:
+ if (sktmp != NULL) sk_free(sktmp);
+ if (chain_ss != NULL) X509_free(chain_ss);
+ return(ok);
+ }
+
+static int internal_verify(ctx)
+X509_STORE_CTX *ctx;
+ {
+ int i,ok=0,n;
+ X509 *xs,*xi;
+ EVP_PKEY *pkey=NULL;
+ int (*cb)();
+
+ cb=ctx->ctx->verify_cb;
+ if (cb == NULL) cb=null_callback;
+
+ n=sk_num(ctx->chain);
+ ctx->error_depth=n-1;
+ n--;
+ xi=(X509 *)sk_value(ctx->chain,n);
+ if (X509_NAME_cmp(X509_get_subject_name(xi),
+ X509_get_issuer_name(xi)) == 0)
+ xs=xi;
+ else
+ {
+ if (n <= 0)
+ {
+ ctx->error=X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE;
+ ctx->current_cert=xi;
+ ok=cb(0,ctx);
+ goto end;
+ }
+ else
+ {
+ n--;
+ ctx->error_depth=n;
+ xs=(X509 *)sk_value(ctx->chain,n);
+ }
+ }
+
+/* ctx->error=0; not needed */
+ while (n >= 0)
+ {
+ ctx->error_depth=n;
+ if (!xs->valid)
+ {
+ if ((pkey=X509_get_pubkey(xi)) == NULL)
+ {
+ ctx->error=X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY;
+ ctx->current_cert=xi;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ if (X509_verify(xs,pkey) <= 0)
+ {
+ ctx->error=X509_V_ERR_CERT_SIGNATURE_FAILURE;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ pkey=NULL;
+
+ i=X509_cmp_current_time(X509_get_notBefore(xs));
+ if (i == 0)
+ {
+ ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ if (i > 0)
+ {
+ ctx->error=X509_V_ERR_CERT_NOT_YET_VALID;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+ xs->valid=1;
+ }
+
+ i=X509_cmp_current_time(X509_get_notAfter(xs));
+ if (i == 0)
+ {
+ ctx->error=X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+
+ if (i < 0)
+ {
+ ctx->error=X509_V_ERR_CERT_HAS_EXPIRED;
+ ctx->current_cert=xs;
+ ok=(*cb)(0,ctx);
+ if (!ok) goto end;
+ }
+
+ /* CRL CHECK */
+
+ /* The last error (if any) is still in the error value */
+ ctx->current_cert=xs;
+ ok=(*cb)(1,ctx);
+ if (!ok) goto end;
+
+ n--;
+ if (n >= 0)
+ {
+ xi=xs;
+ xs=(X509 *)sk_value(ctx->chain,n);
+ }
+ }
+ ok=1;
+end:
+ return(ok);
+ }
+
+int X509_cmp_current_time(ctm)
+ASN1_UTCTIME *ctm;
+ {
+ char *str;
+ ASN1_UTCTIME atm;
+ time_t offset;
+ char buff1[24],buff2[24],*p;
+ int i,j;
+
+ p=buff1;
+ i=ctm->length;
+ str=(char *)ctm->data;
+ if ((i < 11) || (i > 17)) return(0);
+ memcpy(p,str,10);
+ p+=10;
+ str+=10;
+
+ if ((*str == 'Z') || (*str == '-') || (*str == '+'))
+ { *(p++)='0'; *(p++)='0'; }
+ else { *(p++)= *(str++); *(p++)= *(str++); }
+ *(p++)='Z';
+ *(p++)='\0';
+
+ if (*str == 'Z')
+ offset=0;
+ else
+ {
+ if ((*str != '+') && (str[5] != '-'))
+ return(0);
+ offset=((str[1]-'0')*10+(str[2]-'0'))*60;
+ offset+=(str[3]-'0')*10+(str[4]-'0');
+ if (*str == '-')
+ offset-=offset;
+ }
+ atm.type=V_ASN1_UTCTIME;
+ atm.length=sizeof(buff2);
+ atm.data=(unsigned char *)buff2;
+
+ X509_gmtime_adj(&atm,offset);
+
+ i=(buff1[0]-'0')*10+(buff1[1]-'0');
+ if (i < 70) i+=100;
+ j=(buff2[0]-'0')*10+(buff2[1]-'0');
+ if (j < 70) j+=100;
+
+ if (i < j) return (-1);
+ if (i > j) return (1);
+ i=strcmp(buff1,buff2);
+ if (i == 0) /* wait a second then return younger :-) */
+ return(-1);
+ else
+ return(i);
+ }
+
+ASN1_UTCTIME *X509_gmtime_adj(s, adj)
+ASN1_UTCTIME *s;
+long adj;
+ {
+ time_t t;
+
+ time(&t);
+ t+=adj;
+ return(ASN1_UTCTIME_set(s,t));
+ }
+
+int X509_get_pubkey_parameters(pkey,chain)
+EVP_PKEY *pkey;
+STACK *chain;
+ {
+ EVP_PKEY *ktmp=NULL,*ktmp2;
+ int i,j;
+
+ if ((pkey != NULL) && !EVP_PKEY_missing_parameters(pkey)) return(1);
+
+ for (i=0; i<sk_num(chain); i++)
+ {
+ ktmp=X509_get_pubkey((X509 *)sk_value(chain,i));
+ if (ktmp == NULL)
+ {
+ X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_GET_CERTS_PUBLIC_KEY);
+ return(0);
+ }
+ if (!EVP_PKEY_missing_parameters(ktmp))
+ break;
+ else
+ {
+ ktmp=NULL;
+ }
+ }
+ if (ktmp == NULL)
+ {
+ X509err(X509_F_X509_GET_PUBKEY_PARAMETERS,X509_R_UNABLE_TO_FIND_PARAMETERS_IN_CHAIN);
+ return(0);
+ }
+
+ /* first, populate the other certs */
+ for (j=i-1; j >= 0; j--)
+ {
+ ktmp2=X509_get_pubkey((X509 *)sk_value(chain,j));
+ EVP_PKEY_copy_parameters(ktmp2,ktmp);
+ }
+
+ if (pkey != NULL)
+ EVP_PKEY_copy_parameters(pkey,ktmp);
+ return(1);
+ }
+
+EVP_PKEY *X509_get_pubkey(x)
+X509 *x;
+ {
+ return(X509_PUBKEY_get(x->cert_info->key));
+ }
+
+int X509_check_private_key(x,k)
+X509 *x;
+EVP_PKEY *k;
+ {
+ EVP_PKEY *xk=NULL;
+ int ok=0;
+
+ xk=X509_get_pubkey(x);
+ if (xk->type != k->type) goto err;
+ switch (k->type)
+ {
+#ifndef NO_RSA
+ case EVP_PKEY_RSA:
+ if (BN_cmp(xk->pkey.rsa->n,k->pkey.rsa->n) != 0) goto err;
+ if (BN_cmp(xk->pkey.rsa->e,k->pkey.rsa->e) != 0) goto err;
+ break;
+#endif
+#ifndef NO_DSA
+ case EVP_PKEY_DSA:
+ if (BN_cmp(xk->pkey.dsa->pub_key,k->pkey.dsa->pub_key) != 0)
+ goto err;
+ break;
+#endif
+#ifndef NO_DH
+ case EVP_PKEY_DH:
+ /* No idea */
+ goto err;
+#endif
+ default:
+ goto err;
+ }
+
+ ok=1;
+err:
+ return(ok);
+ }
+
+int X509_STORE_add_cert(ctx,x)
+X509_STORE *ctx;
+X509 *x;
+ {
+ X509_OBJECT *obj,*r;
+ int ret=1;
+
+ if (x == NULL) return(0);
+ obj=(X509_OBJECT *)Malloc(sizeof(X509_OBJECT));
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_STORE_ADD_CERT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ obj->type=X509_LU_X509;
+ obj->data.x509=x;
+
+ CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
+
+ X509_OBJECT_up_ref_count(obj);
+
+ r=(X509_OBJECT *)lh_insert(ctx->certs,(char *)obj);
+ if (r != NULL)
+ { /* oops, put it back */
+ lh_delete(ctx->certs,(char *)obj);
+ X509_OBJECT_free_contents(obj);
+ Free(obj);
+ lh_insert(ctx->certs,(char *)r);
+ X509err(X509_F_X509_STORE_ADD_CERT,X509_R_CERT_ALREADY_IN_HASH_TABLE);
+ ret=0;
+ }
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+
+ return(ret);
+ }
+
+
diff --git a/crypto/x509/x509_vfy.h b/crypto/x509/x509_vfy.h
new file mode 100644
index 0000000..b92e1ba
--- /dev/null
+++ b/crypto/x509/x509_vfy.h
@@ -0,0 +1,341 @@
+/* crypto/x509/x509_vfy.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_X509_VFY_H
+#define HEADER_X509_VFY_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Outer object */
+typedef struct x509_hash_dir_st
+ {
+ int num_dirs;
+ char **dirs;
+ int *dirs_type;
+ int num_dirs_alloced;
+ } X509_HASH_DIR_CTX;
+
+typedef struct x509_file_st
+ {
+ int num_paths; /* number of paths to files or directories */
+ int num_alloced;
+ char **paths; /* the list of paths or directories */
+ int *path_type;
+ } X509_CERT_FILE_CTX;
+
+/*******************************/
+/*
+SSL_CTX -> X509_STORE
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+ -> X509_LOOKUP
+ ->X509_LOOKUP_METHOD
+
+SSL -> X509_STORE_CTX
+ ->X509_STORE
+
+The X509_STORE holds the tables etc for verification stuff.
+A X509_STORE_CTX is used while validating a single certificate.
+The X509_STORE has X509_LOOKUPs for looking up certs.
+The X509_STORE then calls a function to actually verify the
+certificate chain.
+*/
+
+#define X509_LU_RETRY -1
+#define X509_LU_FAIL 0
+#define X509_LU_X509 1
+#define X509_LU_CRL 2
+#define X509_LU_PKEY 3
+
+typedef struct x509_object_st
+ {
+ /* one of the above types */
+ int type;
+ union {
+ char *ptr;
+ X509 *x509;
+ X509_CRL *crl;
+ EVP_PKEY *pkey;
+ } data;
+ } X509_OBJECT;
+
+/* This is a static that defines the function interface */
+typedef struct x509_lookup_method_st
+ {
+ char *name;
+ int (*new_item)();
+ void (*free)();
+ int (*init)(/* meth, char ** */);
+ int (*shutdown)( /* meth, char ** */);
+ int (*ctrl)( /* meth, char **, int cmd, char *argp, int argi */);
+ int (*get_by_subject)(/* meth, char **, XNAME *, X509 **ret */);
+ int (*get_by_issuer_serial)();
+ int (*get_by_fingerprint)();
+ int (*get_by_alias)();
+ } X509_LOOKUP_METHOD;
+
+/* This is used to hold everything. It is used for all certificate
+ * validation. Once we have a certificate chain, the 'verify'
+ * function is then called to actually check the cert chain. */
+typedef struct x509_store_st
+ {
+ /* The following is a cache of trusted certs */
+ int cache; /* if true, stash any hits */
+#ifdef HEADER_LHASH_H
+ LHASH *certs; /* cached certs; */
+#else
+ char *certs;
+#endif
+
+ /* These are external lookup methods */
+ STACK *get_cert_methods;/* X509_LOOKUP */
+ int (*verify)(); /* called to verify a certificate */
+ int (*verify_cb)(); /* error callback */
+
+ char *app_data;
+ int references;
+ int depth; /* how deep to look */
+ } X509_STORE;
+
+#define X509_STORE_set_depth(ctx,depth) ((ctx)->depth=(depth))
+
+#define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
+#define X509_STORE_set_verify_func(ctx,func) ((ctx)->verify=(func))
+
+/* This is the functions plus an instance of the local variables. */
+typedef struct x509_lookup_st
+ {
+ int init; /* have we been started */
+ int skip; /* don't use us. */
+ X509_LOOKUP_METHOD *method; /* the functions */
+ char *method_data; /* method data */
+
+ X509_STORE *store_ctx; /* who owns us */
+ } X509_LOOKUP;
+
+/* This is a temporary used when processing cert chains. Since the
+ * gathering of the cert chain can take some time (and have to be
+ * 'retried', this needs to be kept and passed around. */
+typedef struct x509_store_state_st
+ {
+ X509_STORE *ctx;
+ int current_method; /* used when looking up certs */
+
+ /* The following are set by the caller */
+ X509 *cert; /* The cert to check */
+ STACK *untrusted; /* chain of X509s - untrusted - passed in */
+
+ /* The following is built up */
+ int depth; /* how far to go looking up certs */
+ int valid; /* if 0, rebuild chain */
+ int last_untrusted; /* index of last untrusted cert */
+ STACK *chain; /* chain of X509s - built up and trusted */
+
+ /* When something goes wrong, this is why */
+ int error_depth;
+ int error;
+ X509 *current_cert;
+
+ char *app_data;
+ } X509_STORE_CTX;
+
+#define X509_STORE_CTX_set_app_data(ctx,data) ((ctx)->app_data=(data))
+#define X509_STORE_CTX_get_app_data(ctx) ((ctx)->app_data)
+#define X509_STORE_CTX_get_error(ctx) ((ctx)->error)
+#define X509_STORE_CTX_set_error(ctx,s) ((ctx)->error=(s))
+#define X509_STORE_CTX_get_error_depth(ctx) ((ctx)->error_depth)
+#define X509_STORE_CTX_get_current_cert(ctx) ((ctx)->current_cert)
+#define X509_STORE_CTX_get_chain(ctx) ((ctx)->chain)
+
+#define X509_STORE_CTX_set_cert(c,ch) ((c)->cert=(ch))
+#define X509_STORE_CTX_set_chain(c,ch) ((c)->untrusted=(ch))
+
+#define X509_L_FILE_LOAD 1
+#define X509_L_ADD_DIR 2
+
+X509_LOOKUP_METHOD *X509_LOOKUP_file();
+#define X509_LOOKUP_load_file(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_FILE_LOAD,(name),(long)(type),NULL)
+
+X509_LOOKUP_METHOD *X509_LOOKUP_dir();
+#define X509_LOOKUP_add_dir(x,name,type) \
+ X509_LOOKUP_ctrl((x),X509_L_ADD_DIR,(name),(long)(type),NULL)
+
+#define X509_V_OK 0
+
+#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT 2
+#define X509_V_ERR_UNABLE_TO_GET_CRL 3
+#define X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE 4
+#define X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE 5
+#define X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY 6
+#define X509_V_ERR_CERT_SIGNATURE_FAILURE 7
+#define X509_V_ERR_CRL_SIGNATURE_FAILURE 8
+#define X509_V_ERR_CERT_NOT_YET_VALID 9
+#define X509_V_ERR_CERT_HAS_EXPIRED 10
+#define X509_V_ERR_CRL_NOT_YET_VALID 11
+#define X509_V_ERR_CRL_HAS_EXPIRED 12
+#define X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD 13
+#define X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD 14
+#define X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FILED 15
+#define X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FILED 16
+#define X509_V_ERR_OUT_OF_MEM 17
+#define X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT 18
+#define X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN 19
+#define X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY 20
+#define X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE 21
+#define X509_V_ERR_CERT_CHAIN_TOO_LONG 22
+
+#ifndef NOPROTO
+#ifdef HEADER_LHASH_H
+X509_OBJECT *X509_OBJECT_retrive_by_subject(LHASH *h,int type,X509_NAME *name);
+#endif
+void X509_OBJECT_up_ref_count(X509_OBJECT *a);
+void X509_OBJECT_free_contents(X509_OBJECT *a);
+X509_STORE *X509_STORE_new(void );
+void X509_STORE_free(X509_STORE *v);
+
+void X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK *chain);
+void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx);
+
+X509_LOOKUP *X509_STORE_add_lookup(X509_STORE *v, X509_LOOKUP_METHOD *m);
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir(void);
+X509_LOOKUP_METHOD *X509_LOOKUP_file(void);
+
+int X509_STORE_add_cert(X509_STORE *ctx, X509 *x);
+
+int X509_STORE_get_by_subject(X509_STORE_CTX *vs,int type,X509_NAME *name,
+ X509_OBJECT *ret);
+
+int X509_LOOKUP_ctrl(X509_LOOKUP *ctx,int cmd,char *argc,long argl,char **ret);
+int X509_load_cert_file(X509_LOOKUP *ctx, char *file, int type);
+
+void X509v3_cleanup_extensions(void );
+int X509v3_add_extension(X509_EXTENSION_METHOD *x);
+int X509v3_add_netscape_extensions(void );
+int X509v3_add_standard_extensions(void );
+
+X509_LOOKUP *X509_LOOKUP_new(X509_LOOKUP_METHOD *method);
+void X509_LOOKUP_free(X509_LOOKUP *ctx);
+int X509_LOOKUP_init(X509_LOOKUP *ctx);
+int X509_LOOKUP_by_subject(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ X509_OBJECT *ret);
+int X509_LOOKUP_by_issuer_serial(X509_LOOKUP *ctx, int type, X509_NAME *name,
+ ASN1_INTEGER *serial, X509_OBJECT *ret);
+int X509_LOOKUP_by_fingerprint(X509_LOOKUP *ctx, int type,
+ unsigned char *bytes, int len, X509_OBJECT *ret);
+int X509_LOOKUP_by_alias(X509_LOOKUP *ctx, int type, char *str,
+ int len, X509_OBJECT *ret);
+int X509_LOOKUP_shutdown(X509_LOOKUP *ctx);
+
+int X509_STORE_load_locations (X509_STORE *ctx,
+ char *file, char *dir);
+int X509_STORE_set_default_paths(X509_STORE *ctx);
+
+#else
+
+#ifdef HEADER_LHASH_H
+X509_OBJECT *X509_OBJECT_retrive_by_subject();
+#endif
+void X509_OBJECT_up_ref_count();
+void X509_OBJECT_free_contents();
+X509_STORE *X509_STORE_new();
+void X509_STORE_free();
+
+void X509_STORE_CTX_init();
+void X509_STORE_CTX_cleanup();
+
+X509_LOOKUP *X509_STORE_add_lookup();
+
+X509_LOOKUP_METHOD *X509_LOOKUP_hash_dir();
+X509_LOOKUP_METHOD *X509_LOOKUP_file();
+
+int X509_STORE_add_cert();
+
+int X509_STORE_get_by_subject();
+
+int X509_LOOKUP_ctrl();
+int X509_load_cert_file();
+
+void X509v3_cleanup_extensions();
+int X509v3_add_extension();
+int X509v3_add_netscape_extensions();
+int X509v3_add_standard_extensions();
+
+X509_LOOKUP *X509_LOOKUP_new();
+void X509_LOOKUP_free();
+int X509_LOOKUP_init();
+int X509_LOOKUP_by_subject();
+int X509_LOOKUP_by_issuer_serial();
+int X509_LOOKUP_by_fingerprint();
+int X509_LOOKUP_by_alias();
+int X509_LOOKUP_shutdown();
+
+int X509_STORE_load_locations ();
+int X509_STORE_set_default_paths();
+
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/crypto/x509/x509name.c b/crypto/x509/x509name.c
new file mode 100644
index 0000000..8223ec0
--- /dev/null
+++ b/crypto/x509/x509name.c
@@ -0,0 +1,357 @@
+/* crypto/x509/x509name.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_NAME_get_text_by_NID(name,nid,buf,len)
+X509_NAME *name;
+int nid;
+char *buf;
+int len;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL) return(-1);
+ return(X509_NAME_get_text_by_OBJ(name,obj,buf,len));
+ }
+
+int X509_NAME_get_text_by_OBJ(name,obj,buf,len)
+X509_NAME *name;
+ASN1_OBJECT *obj;
+char *buf;
+int len;
+ {
+ int i;
+ ASN1_STRING *data;
+
+ i=X509_NAME_get_index_by_OBJ(name,obj,-1);
+ if (i < 0) return(-1);
+ data=X509_NAME_ENTRY_get_data(X509_NAME_get_entry(name,i));
+ i=(data->length > (len-1))?(len-1):data->length;
+ if (buf == NULL) return(data->length);
+ memcpy(buf,data->data,i);
+ buf[i]='\0';
+ return(i);
+ }
+
+int X509_NAME_entry_count(name)
+X509_NAME *name;
+ {
+ if (name == NULL) return(0);
+ return(sk_num(name->entries));
+ }
+
+int X509_NAME_get_index_by_NID(name,nid,oldpos)
+X509_NAME *name;
+int nid;
+int oldpos;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL) return(-2);
+ return(X509_NAME_get_index_by_OBJ(name,obj,oldpos));
+ }
+
+int X509_NAME_get_index_by_OBJ(name,obj,oldpos)
+X509_NAME *name;
+ASN1_OBJECT *obj;
+int oldpos;
+ {
+ int n;
+ X509_NAME_ENTRY *ne;
+ STACK *sk;
+
+ if (name == NULL) return(-1);
+ if (oldpos < 0)
+ oldpos= -1;
+ sk=name->entries;
+ n=sk_num(sk);
+ for (oldpos++; oldpos < n; oldpos++)
+ {
+ ne=(X509_NAME_ENTRY *)sk_value(sk,oldpos);
+ if (OBJ_cmp(ne->object,obj) == 0)
+ return(oldpos);
+ }
+ return(-1);
+ }
+
+X509_NAME_ENTRY *X509_NAME_get_entry(name,loc)
+X509_NAME *name;
+int loc;
+ {
+ if ( (name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+ return(NULL);
+ else
+ return((X509_NAME_ENTRY *)sk_value(name->entries,loc));
+ }
+
+X509_NAME_ENTRY *X509_NAME_delete_entry(name,loc)
+X509_NAME *name;
+int loc;
+ {
+ X509_NAME_ENTRY *ret;
+ int i,j,n,set_prev,set_next;
+ STACK *sk;
+
+ if ((name == NULL) || (sk_num(name->entries) <= loc) || (loc < 0))
+ return(NULL);
+ sk=name->entries;
+ ret=(X509_NAME_ENTRY *)sk_delete(sk,loc);
+ n=sk_num(sk);
+ name->modified=1;
+ if (loc == n) return(ret);
+
+ /* else we need to fixup the set field */
+ if (loc != 0)
+ set_prev=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+ else
+ set_prev=ret->set-1;
+ set_next=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+
+ /* set_prev is the previous set
+ * set is the current set
+ * set_next is the following
+ * prev 1 1 1 1 1 1 1 1
+ * set 1 1 2 2
+ * next 1 1 2 2 2 2 3 2
+ * so basically only if prev and next differ by 2, then
+ * re-number down by 1 */
+ if (set_prev+1 < set_next)
+ {
+ j=set_next-set_prev-1;
+ for (i=loc; i<n; i++)
+ ((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set-=j;
+ }
+ return(ret);
+ }
+
+/* if set is -1, append to previous set, 0 'a new one', and 1,
+ * prepend to the guy we are about to stomp on. */
+int X509_NAME_add_entry(name,ne,loc,set)
+X509_NAME *name;
+X509_NAME_ENTRY *ne;
+int loc;
+int set;
+ {
+ X509_NAME_ENTRY *new_name=NULL;
+ int n,i,inc;
+ STACK *sk;
+
+ if (name == NULL) return(0);
+ sk=name->entries;
+ n=sk_num(sk);
+ if (loc > n) loc=n;
+ else if (loc < 0) loc=n;
+
+ name->modified=1;
+
+ if (set == -1)
+ {
+ if (loc == 0)
+ {
+ set=0;
+ inc=1;
+ }
+ else
+ {
+ set=((X509_NAME_ENTRY *)sk_value(sk,loc-1))->set;
+ inc=0;
+ }
+ }
+ else /* if (set >= 0) */
+ {
+ if (loc >= n)
+ {
+ if (loc != 0)
+ set=((X509_NAME_ENTRY *)
+ sk_value(sk,loc-1))->set+1;
+ else
+ set=0;
+ }
+ else
+ set=((X509_NAME_ENTRY *)sk_value(sk,loc))->set;
+ inc=(set == 0)?1:0;
+ }
+
+ if ((new_name=X509_NAME_ENTRY_dup(ne)) == NULL)
+ goto err;
+ new_name->set=set;
+ if (!sk_insert(sk,(char *)new_name,loc))
+ {
+ X509err(X509_F_X509_NAME_ADD_ENTRY,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ if (inc)
+ {
+ n=sk_num(sk);
+ for (i=loc+1; i<n; i++)
+ ((X509_NAME_ENTRY *)sk_value(sk,i-1))->set+=1;
+ }
+ return(1);
+err:
+ if (new_name != NULL)
+ X509_NAME_ENTRY_free(ne);
+ return(0);
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_NID(ne,nid,type,bytes,len)
+X509_NAME_ENTRY **ne;
+int nid;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ ASN1_OBJECT *obj;
+
+ obj=OBJ_nid2obj(nid);
+ if (obj == NULL)
+ {
+ X509err(X509_F_X509_NAME_ENTRY_CREATE_BY_NID,X509_R_UNKNOWN_NID);
+ return(NULL);
+ }
+ return(X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len));
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_create_by_OBJ(ne,obj,type,bytes,len)
+X509_NAME_ENTRY **ne;
+ASN1_OBJECT *obj;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ X509_NAME_ENTRY *ret;
+
+ if ((ne == NULL) || (*ne == NULL))
+ {
+ if ((ret=X509_NAME_ENTRY_new()) == NULL)
+ return(NULL);
+ }
+ else
+ ret= *ne;
+
+ if (!X509_NAME_ENTRY_set_object(ret,obj))
+ goto err;
+ if (!X509_NAME_ENTRY_set_data(ret,type,bytes,len))
+ goto err;
+
+ if ((ne != NULL) && (*ne == NULL)) *ne=ret;
+ return(ret);
+err:
+ if ((ne == NULL) || (ret != *ne))
+ X509_NAME_ENTRY_free(ret);
+ return(NULL);
+ }
+
+int X509_NAME_ENTRY_set_object(ne,obj)
+X509_NAME_ENTRY *ne;
+ASN1_OBJECT *obj;
+ {
+ if ((ne == NULL) || (obj == NULL))
+ {
+ X509err(X509_F_X509_NAME_ENTRY_SET_OBJECT,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ ASN1_OBJECT_free(ne->object);
+ ne->object=OBJ_dup(obj);
+ return((ne->object == NULL)?0:1);
+ }
+
+int X509_NAME_ENTRY_set_data(ne,type,bytes,len)
+X509_NAME_ENTRY *ne;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ int i;
+
+ if ((ne == NULL) || ((bytes == NULL) && (len != 0))) return(0);
+ if (len < 0) len=strlen((char *)bytes);
+ i=ASN1_STRING_set(ne->value,bytes,len);
+ if (!i) return(0);
+ if (type != V_ASN1_UNDEF)
+ {
+ if (type == V_ASN1_APP_CHOOSE)
+ ne->value->type=ASN1_PRINTABLE_type(bytes,len);
+ else
+ ne->value->type=type;
+ }
+ return(1);
+ }
+
+ASN1_OBJECT *X509_NAME_ENTRY_get_object(ne)
+X509_NAME_ENTRY *ne;
+ {
+ if (ne == NULL) return(NULL);
+ return(ne->object);
+ }
+
+ASN1_STRING *X509_NAME_ENTRY_get_data(ne)
+X509_NAME_ENTRY *ne;
+ {
+ if (ne == NULL) return(NULL);
+ return(ne->value);
+ }
+
diff --git a/crypto/x509/x509pack.c b/crypto/x509/x509pack.c
new file mode 100644
index 0000000..949943f
--- /dev/null
+++ b/crypto/x509/x509pack.c
@@ -0,0 +1,157 @@
+/* crypto/x509/x509pack.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "stack.h"
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+ASN1_OCTET_STRING *X509v3_pack_string(ex,type,bytes,len)
+ASN1_OCTET_STRING **ex;
+int type;
+unsigned char *bytes;
+int len;
+ {
+ ASN1_OCTET_STRING *os;
+ ASN1_STRING str;
+ unsigned char *p;
+ int i;
+
+ if ((ex == NULL) || (*ex == NULL))
+ os=ASN1_OCTET_STRING_new();
+ else
+ os= *ex;
+
+ if (len < 0) len=strlen((char *)bytes);
+ str.length=len;
+ str.type=type;
+ str.data=bytes;
+
+ /* str now holds the data, we just have to copy it into ->value */
+
+ switch (type)
+ {
+ case V_ASN1_BIT_STRING:
+ i=i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,NULL);
+ if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
+ goto err;
+ p=(unsigned char *)os->data;
+ i2d_ASN1_BIT_STRING((ASN1_BIT_STRING *)&str,&p);
+ break;
+ case V_ASN1_OCTET_STRING:
+ i=i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,NULL);
+ if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
+ goto err;
+ p=(unsigned char *)os->data;
+ i2d_ASN1_OCTET_STRING((ASN1_OCTET_STRING *)&str,&p);
+ break;
+ case V_ASN1_IA5STRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ i=i2d_ASN1_bytes(&str,NULL,type,V_ASN1_UNIVERSAL);
+ if (!ASN1_STRING_set((ASN1_STRING *)os,NULL,i))
+ goto err;
+ p=(unsigned char *)os->data;
+ i=i2d_ASN1_bytes(&str,&p,type,V_ASN1_UNIVERSAL);
+ break;
+ default:
+ X509err(X509_F_X509V3_PACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
+ goto err;
+ }
+ os->length=i;
+
+ if ((ex != NULL) && (os != *ex))
+ *ex=os;
+ return(os);
+err:
+ return(NULL);
+ }
+
+ASN1_STRING *X509v3_unpack_string(ex,type,os)
+ASN1_STRING **ex;
+int type;
+ASN1_OCTET_STRING *os;
+ {
+ unsigned char *p;
+ ASN1_STRING *ret=NULL;
+
+ p=os->data;
+ switch (type)
+ {
+ case V_ASN1_BIT_STRING:
+ ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
+ (ASN1_BIT_STRING **)ex,&p,os->length);
+ break;
+ case V_ASN1_OCTET_STRING:
+ ret=(ASN1_STRING *)d2i_ASN1_BIT_STRING(
+ (ASN1_BIT_STRING **)ex,&p,os->length);
+ break;
+ case V_ASN1_IA5STRING:
+ case V_ASN1_PRINTABLESTRING:
+ case V_ASN1_T61STRING:
+ ret=(ASN1_STRING *)d2i_ASN1_PRINTABLE(ex,&p,os->length);
+ break;
+ default:
+ X509err(X509_F_X509V3_UNPACK_STRING,X509_R_UNKNOWN_STRING_TYPE);
+ }
+ return(ret);
+ }
+
diff --git a/crypto/x509/x509rset.c b/crypto/x509/x509rset.c
new file mode 100644
index 0000000..2ff456f
--- /dev/null
+++ b/crypto/x509/x509rset.c
@@ -0,0 +1,89 @@
+/* crypto/x509/x509rset.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_REQ_set_version(x,version)
+X509_REQ *x;
+long version;
+ {
+ if (x == NULL) return(0);
+ return(ASN1_INTEGER_set(x->req_info->version,version));
+ }
+
+int X509_REQ_set_subject_name(x,name)
+X509_REQ *x;
+X509_NAME *name;
+ {
+ if ((x == NULL) || (x->req_info == NULL)) return(0);
+ return(X509_NAME_set(&x->req_info->subject,name));
+ }
+
+int X509_REQ_set_pubkey(x,pkey)
+X509_REQ *x;
+EVP_PKEY *pkey;
+ {
+ if ((x == NULL) || (x->req_info == NULL)) return(0);
+ return(X509_PUBKEY_set(&x->req_info->pubkey,pkey));
+ }
+
diff --git a/crypto/x509/x509type.c b/crypto/x509/x509type.c
new file mode 100644
index 0000000..05d6919
--- /dev/null
+++ b/crypto/x509/x509type.c
@@ -0,0 +1,115 @@
+/* crypto/x509/x509type.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+
+int X509_certificate_type(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ EVP_PKEY *pk;
+ int ret=0,i;
+
+ if (x == NULL) return(0);
+
+ if (pkey == NULL)
+ pk=X509_get_pubkey(x);
+ else
+ pk=pkey;
+
+ if (pk == NULL) return(0);
+
+ switch (pk->type)
+ {
+ case EVP_PKEY_RSA:
+ ret=EVP_PK_RSA|EVP_PKT_SIGN;
+/* if (!sign only extension) */
+ ret|=EVP_PKT_ENC;
+ break;
+ case EVP_PKEY_DSA:
+ ret=EVP_PK_DSA|EVP_PKT_SIGN;
+ break;
+ case EVP_PKEY_DH:
+ ret=EVP_PK_DH|EVP_PKT_EXCH;
+ break;
+ default:
+ break;
+ }
+
+ i=X509_get_signature_type(x);
+ switch (i)
+ {
+ case EVP_PKEY_RSA:
+ ret|=EVP_PKS_RSA;
+ break;
+ case EVP_PKS_DSA:
+ ret|=EVP_PKS_DSA;
+ break;
+ default:
+ break;
+ }
+
+ if (EVP_PKEY_size(pkey) <= 512)
+ ret|=EVP_PKT_EXP;
+ return(ret);
+ }
+
diff --git a/crypto/x509/x_all.c b/crypto/x509/x_all.c
new file mode 100644
index 0000000..2f554f5
--- /dev/null
+++ b/crypto/x509/x_all.c
@@ -0,0 +1,465 @@
+/* crypto/x509/x_all.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#undef SSLEAY_MACROS
+#include "stack.h"
+#include "cryptlib.h"
+#include "buffer.h"
+#include "asn1.h"
+#include "evp.h"
+#include "x509.h"
+
+int X509_verify(a,r)
+X509 *a;
+EVP_PKEY *r;
+ {
+ return(ASN1_verify((int (*)())i2d_X509_CINF,a->sig_alg,
+ a->signature,(char *)a->cert_info,r));
+ }
+
+int X509_REQ_verify(a,r)
+X509_REQ *a;
+EVP_PKEY *r;
+ {
+ return( ASN1_verify((int (*)())i2d_X509_REQ_INFO,
+ a->sig_alg,a->signature,(char *)a->req_info,r));
+ }
+
+int X509_CRL_verify(a,r)
+X509_CRL *a;
+EVP_PKEY *r;
+ {
+ return(ASN1_verify((int (*)())i2d_X509_CRL_INFO,
+ a->sig_alg, a->signature,(char *)a->crl,r));
+ }
+
+int NETSCAPE_SPKI_verify(a,r)
+NETSCAPE_SPKI *a;
+EVP_PKEY *r;
+ {
+ return(ASN1_verify((int (*)())i2d_NETSCAPE_SPKAC,
+ a->sig_algor,a->signature, (char *)a->spkac,r));
+ }
+
+int X509_sign(x,pkey,md)
+X509 *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_X509_CINF, x->cert_info->signature,
+ x->sig_alg, x->signature, (char *)x->cert_info,pkey,md));
+ }
+
+int X509_REQ_sign(x,pkey,md)
+X509_REQ *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_X509_REQ_INFO,x->sig_alg, NULL,
+ x->signature, (char *)x->req_info,pkey,md));
+ }
+
+int X509_CRL_sign(x,pkey,md)
+X509_CRL *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_X509_CRL_INFO,x->crl->sig_alg,
+ x->sig_alg, x->signature, (char *)x->crl,pkey,md));
+ }
+
+int NETSCAPE_SPKI_sign(x,pkey,md)
+NETSCAPE_SPKI *x;
+EVP_PKEY *pkey;
+EVP_MD *md;
+ {
+ return(ASN1_sign((int (*)())i2d_NETSCAPE_SPKAC, x->sig_algor,NULL,
+ x->signature, (char *)x->spkac,pkey,md));
+ }
+
+X509 *X509_dup(x509)
+X509 *x509;
+ {
+ return((X509 *)ASN1_dup((int (*)())i2d_X509,
+ (char *(*)())d2i_X509,(char *)x509));
+ }
+
+X509_EXTENSION *X509_EXTENSION_dup(ex)
+X509_EXTENSION *ex;
+ {
+ return((X509_EXTENSION *)ASN1_dup(
+ (int (*)())i2d_X509_EXTENSION,
+ (char *(*)())d2i_X509_EXTENSION,(char *)ex));
+ }
+
+#ifndef WIN16
+X509 *d2i_X509_fp(fp,x509)
+FILE *fp;
+X509 *x509;
+ {
+ return((X509 *)ASN1_d2i_fp((char *(*)())X509_new,
+ (char *(*)())d2i_X509, (fp),(unsigned char **)(x509)));
+ }
+
+int i2d_X509_fp(fp,x509)
+FILE *fp;
+X509 *x509;
+ {
+ return(ASN1_i2d_fp(i2d_X509,fp,(unsigned char *)x509));
+ }
+#endif
+
+X509 *d2i_X509_bio(bp,x509)
+BIO *bp;
+X509 *x509;
+ {
+ return((X509 *)ASN1_d2i_bio((char *(*)())X509_new,
+ (char *(*)())d2i_X509, (bp),(unsigned char **)(x509)));
+ }
+
+int i2d_X509_bio(bp,x509)
+BIO *bp;
+X509 *x509;
+ {
+ return(ASN1_i2d_bio(i2d_X509,bp,(unsigned char *)x509));
+ }
+
+X509_CRL *X509_CRL_dup(crl)
+X509_CRL *crl;
+ {
+ return((X509_CRL *)ASN1_dup((int (*)())i2d_X509_CRL,
+ (char *(*)())d2i_X509_CRL,(char *)crl));
+ }
+
+#ifndef WIN16
+X509_CRL *d2i_X509_CRL_fp(fp,crl)
+FILE *fp;
+X509_CRL *crl;
+ {
+ return((X509_CRL *)ASN1_d2i_fp((char *(*)())
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (fp),
+ (unsigned char **)(crl)));
+ }
+
+int i2d_X509_CRL_fp(fp,crl)
+FILE *fp;
+X509_CRL *crl;
+ {
+ return(ASN1_i2d_fp(i2d_X509_CRL,fp,(unsigned char *)crl));
+ }
+#endif
+
+X509_CRL *d2i_X509_CRL_bio(bp,crl)
+BIO *bp;
+X509_CRL *crl;
+ {
+ return((X509_CRL *)ASN1_d2i_bio((char *(*)())
+ X509_CRL_new,(char *(*)())d2i_X509_CRL, (bp),
+ (unsigned char **)(crl)));
+ }
+
+int i2d_X509_CRL_bio(bp,crl)
+BIO *bp;
+X509_CRL *crl;
+ {
+ return(ASN1_i2d_bio(i2d_X509_CRL,bp,(unsigned char *)crl));
+ }
+
+PKCS7 *PKCS7_dup(p7)
+PKCS7 *p7;
+ {
+ return((PKCS7 *)ASN1_dup((int (*)())i2d_PKCS7,
+ (char *(*)())d2i_PKCS7,(char *)p7));
+ }
+
+#ifndef WIN16
+PKCS7 *d2i_PKCS7_fp(fp,p7)
+FILE *fp;
+PKCS7 *p7;
+ {
+ return((PKCS7 *)ASN1_d2i_fp((char *(*)())
+ PKCS7_new,(char *(*)())d2i_PKCS7, (fp),
+ (unsigned char **)(p7)));
+ }
+
+int i2d_PKCS7_fp(fp,p7)
+FILE *fp;
+PKCS7 *p7;
+ {
+ return(ASN1_i2d_fp(i2d_PKCS7,fp,(unsigned char *)p7));
+ }
+#endif
+
+PKCS7 *d2i_PKCS7_bio(bp,p7)
+BIO *bp;
+PKCS7 *p7;
+ {
+ return((PKCS7 *)ASN1_d2i_bio((char *(*)())
+ PKCS7_new,(char *(*)())d2i_PKCS7, (bp),
+ (unsigned char **)(p7)));
+ }
+
+int i2d_PKCS7_bio(bp,p7)
+BIO *bp;
+PKCS7 *p7;
+ {
+ return(ASN1_i2d_bio(i2d_PKCS7,bp,(unsigned char *)p7));
+ }
+
+X509_REQ *X509_REQ_dup(req)
+X509_REQ *req;
+ {
+ return((X509_REQ *)ASN1_dup((int (*)())i2d_X509_REQ,
+ (char *(*)())d2i_X509_REQ,(char *)req));
+ }
+
+#ifndef WIN16
+X509_REQ *d2i_X509_REQ_fp(fp,req)
+FILE *fp;
+X509_REQ *req;
+ {
+ return((X509_REQ *)ASN1_d2i_fp((char *(*)())
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (fp),
+ (unsigned char **)(req)));
+ }
+
+int i2d_X509_REQ_fp(fp,req)
+FILE *fp;
+X509_REQ *req;
+ {
+ return(ASN1_i2d_fp(i2d_X509_REQ,fp,(unsigned char *)req));
+ }
+#endif
+
+X509_REQ *d2i_X509_REQ_bio(bp,req)
+BIO *bp;
+X509_REQ *req;
+ {
+ return((X509_REQ *)ASN1_d2i_bio((char *(*)())
+ X509_REQ_new, (char *(*)())d2i_X509_REQ, (bp),
+ (unsigned char **)(req)));
+ }
+
+int i2d_X509_REQ_bio(bp,req)
+BIO *bp;
+X509_REQ *req;
+ {
+ return(ASN1_i2d_bio(i2d_X509_REQ,bp,(unsigned char *)req));
+ }
+
+#ifndef NO_RSA
+RSA *RSAPublicKey_dup(rsa)
+RSA *rsa;
+ {
+ return((RSA *)ASN1_dup((int (*)())i2d_RSAPublicKey,
+ (char *(*)())d2i_RSAPublicKey,(char *)rsa));
+ }
+
+RSA *RSAPrivateKey_dup(rsa)
+RSA *rsa;
+ {
+ return((RSA *)ASN1_dup((int (*)())i2d_RSAPrivateKey,
+ (char *(*)())d2i_RSAPrivateKey,(char *)rsa));
+ }
+
+#ifndef WIN16
+RSA *d2i_RSAPrivateKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_fp((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (fp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPrivateKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_fp(i2d_RSAPrivateKey,fp,(unsigned char *)rsa));
+ }
+
+RSA *d2i_RSAPublicKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_fp((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (fp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPublicKey_fp(fp,rsa)
+FILE *fp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_fp(i2d_RSAPublicKey,fp,(unsigned char *)rsa));
+ }
+#endif
+
+RSA *d2i_RSAPrivateKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_bio((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPrivateKey, (bp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPrivateKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_bio(i2d_RSAPrivateKey,bp,(unsigned char *)rsa));
+ }
+
+RSA *d2i_RSAPublicKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return((RSA *)ASN1_d2i_bio((char *(*)())
+ RSA_new,(char *(*)())d2i_RSAPublicKey, (bp),
+ (unsigned char **)(rsa)));
+ }
+
+int i2d_RSAPublicKey_bio(bp,rsa)
+BIO *bp;
+RSA *rsa;
+ {
+ return(ASN1_i2d_bio(i2d_RSAPublicKey,bp,(unsigned char *)rsa));
+ }
+#endif
+
+#ifndef NO_DSA
+#ifndef WIN16
+DSA *d2i_DSAPrivateKey_fp(fp,dsa)
+FILE *fp;
+DSA *dsa;
+ {
+ return((DSA *)ASN1_d2i_fp((char *(*)())
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (fp),
+ (unsigned char **)(dsa)));
+ }
+
+int i2d_DSAPrivateKey_fp(fp,dsa)
+FILE *fp;
+DSA *dsa;
+ {
+ return(ASN1_i2d_fp(i2d_DSAPrivateKey,fp,(unsigned char *)dsa));
+ }
+#endif
+
+DSA *d2i_DSAPrivateKey_bio(bp,dsa)
+BIO *bp;
+DSA *dsa;
+ {
+ return((DSA *)ASN1_d2i_bio((char *(*)())
+ DSA_new,(char *(*)())d2i_DSAPrivateKey, (bp),
+ (unsigned char **)(dsa)));
+ }
+
+int i2d_DSAPrivateKey_bio(bp,dsa)
+BIO *bp;
+DSA *dsa;
+ {
+ return(ASN1_i2d_bio(i2d_DSAPrivateKey,bp,(unsigned char *)dsa));
+ }
+#endif
+
+X509_NAME *X509_NAME_dup(xn)
+X509_NAME *xn;
+ {
+ return((X509_NAME *)ASN1_dup((int (*)())i2d_X509_NAME,
+ (char *(*)())d2i_X509_NAME,(char *)xn));
+ }
+
+X509_NAME_ENTRY *X509_NAME_ENTRY_dup(ne)
+X509_NAME_ENTRY *ne;
+ {
+ return((X509_NAME_ENTRY *)ASN1_dup((int (*)())i2d_X509_NAME_ENTRY,
+ (char *(*)())d2i_X509_NAME_ENTRY,(char *)ne));
+ }
+
+int X509_digest(data,type,md,len)
+X509 *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+ {
+ return(ASN1_digest((int (*)())i2d_X509,type,(char *)data,md,len));
+ }
+
+int X509_NAME_digest(data,type,md,len)
+X509_NAME *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+ {
+ return(ASN1_digest((int (*)())i2d_X509_NAME,type,(char *)data,md,len));
+ }
+
+int PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len)
+PKCS7_ISSUER_AND_SERIAL *data;
+EVP_MD *type;
+unsigned char *md;
+unsigned int *len;
+ {
+ return(ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,
+ (char *)data,md,len));
+ }
+
diff --git a/demos/README b/demos/README
new file mode 100644
index 0000000..769965a
--- /dev/null
+++ b/demos/README
@@ -0,0 +1,3 @@
+Some demo programs sent to me by various people
+
+eric
diff --git a/demos/b64.c b/demos/b64.c
new file mode 100644
index 0000000..5e3d20e
--- /dev/null
+++ b/demos/b64.c
@@ -0,0 +1,270 @@
+/* demos/b64.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "apps.h"
+#include "buffer.h"
+#include "err.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "pem.h"
+
+#undef SIZE
+#undef BSIZE
+#undef PROG
+
+#define SIZE (512)
+#define BSIZE (8*1024)
+#define PROG enc_main
+
+int main(argc,argv)
+int argc;
+char **argv;
+ {
+ char *strbuf=NULL;
+ unsigned char *buff=NULL,*bufsize=NULL;
+ int bsize=BSIZE,verbose=0;
+ int ret=1,inl;
+ unsigned char key[24],iv[MD5_DIGEST_LENGTH];
+ char *str=NULL;
+ char *hkey=NULL,*hiv=NULL;
+ int enc=1,printkey=0,i,base64=0;
+ int debug=0;
+ EVP_CIPHER *cipher=NULL,*c;
+ char *inf=NULL,*outf=NULL;
+ BIO *in=NULL,*out=NULL,*b64=NULL,*benc=NULL,*rbio=NULL,*wbio=NULL;
+#define PROG_NAME_SIZE 16
+ char pname[PROG_NAME_SIZE];
+
+
+ apps_startup();
+
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ base64=1;
+
+ argc--;
+ argv++;
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-e") == 0)
+ enc=1;
+ if (strcmp(*argv,"-in") == 0)
+ {
+ if (--argc < 1) goto bad;
+ inf= *(++argv);
+ }
+ else if (strcmp(*argv,"-out") == 0)
+ {
+ if (--argc < 1) goto bad;
+ outf= *(++argv);
+ }
+ else if (strcmp(*argv,"-d") == 0)
+ enc=0;
+ else if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-debug") == 0)
+ debug=1;
+ else if (strcmp(*argv,"-bufsize") == 0)
+ {
+ if (--argc < 1) goto bad;
+ bufsize=(unsigned char *)*(++argv);
+ }
+ else
+ {
+ BIO_printf(bio_err,"unknown option '%s'\n",*argv);
+bad:
+ BIO_printf(bio_err,"options are\n");
+ BIO_printf(bio_err,"%-14s input file\n","-in <file>");
+ BIO_printf(bio_err,"%-14s output file\n","-out <file>");
+ BIO_printf(bio_err,"%-14s encode\n","-e");
+ BIO_printf(bio_err,"%-14s decode\n","-d");
+ BIO_printf(bio_err,"%-14s buffer size\n","-bufsize <n>");
+
+ goto end;
+ }
+ argc--;
+ argv++;
+ }
+
+ if (bufsize != NULL)
+ {
+ int i;
+ unsigned long n;
+
+ for (n=0; *bufsize; bufsize++)
+ {
+ i= *bufsize;
+ if ((i <= '9') && (i >= '0'))
+ n=n*10+i-'0';
+ else if (i == 'k')
+ {
+ n*=1024;
+ bufsize++;
+ break;
+ }
+ }
+ if (*bufsize != '\0')
+ {
+ BIO_printf(bio_err,"invalid 'bufsize' specified.\n");
+ goto end;
+ }
+
+ /* It must be large enough for a base64 encoded line */
+ if (n < 80) n=80;
+
+ bsize=(int)n;
+ if (verbose) BIO_printf(bio_err,"bufsize=%d\n",bsize);
+ }
+
+ strbuf=Malloc(SIZE);
+ buff=(unsigned char *)Malloc(EVP_ENCODE_LENGTH(bsize));
+ if ((buff == NULL) || (strbuf == NULL))
+ {
+ BIO_printf(bio_err,"Malloc failure\n");
+ goto end;
+ }
+
+ in=BIO_new(BIO_s_file());
+ out=BIO_new(BIO_s_file());
+ if ((in == NULL) || (out == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+ if (debug)
+ {
+ BIO_set_callback(in,BIO_debug_callback);
+ BIO_set_callback(out,BIO_debug_callback);
+ BIO_set_callback_arg(in,bio_err);
+ BIO_set_callback_arg(out,bio_err);
+ }
+
+ if (inf == NULL)
+ BIO_set_fp(in,stdin,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_read_filename(in,inf) <= 0)
+ {
+ perror(inf);
+ goto end;
+ }
+ }
+
+ if (outf == NULL)
+ BIO_set_fp(out,stdout,BIO_NOCLOSE);
+ else
+ {
+ if (BIO_write_filename(out,outf) <= 0)
+ {
+ perror(outf);
+ goto end;
+ }
+ }
+
+ rbio=in;
+ wbio=out;
+
+ if (base64)
+ {
+ if ((b64=BIO_new(BIO_f_base64())) == NULL)
+ goto end;
+ if (debug)
+ {
+ BIO_set_callback(b64,BIO_debug_callback);
+ BIO_set_callback_arg(b64,bio_err);
+ }
+ if (enc)
+ wbio=BIO_push(b64,wbio);
+ else
+ rbio=BIO_push(b64,rbio);
+ }
+
+ for (;;)
+ {
+ inl=BIO_read(rbio,(char *)buff,bsize);
+ if (inl <= 0) break;
+ if (BIO_write(wbio,(char *)buff,inl) != inl)
+ {
+ BIO_printf(bio_err,"error writing output file\n");
+ goto end;
+ }
+ }
+ BIO_flush(wbio);
+
+ ret=0;
+ if (verbose)
+ {
+ BIO_printf(bio_err,"bytes read :%8ld\n",BIO_number_read(in));
+ BIO_printf(bio_err,"bytes written:%8ld\n",BIO_number_written(out));
+ }
+end:
+ if (strbuf != NULL) Free(strbuf);
+ if (buff != NULL) Free(buff);
+ if (in != NULL) BIO_free(in);
+ if (out != NULL) BIO_free(out);
+ if (benc != NULL) BIO_free(benc);
+ if (b64 != NULL) BIO_free(b64);
+ EXIT(ret);
+ }
+
diff --git a/demos/b64.pl b/demos/b64.pl
new file mode 100644
index 0000000..8aa5fb4
--- /dev/null
+++ b/demos/b64.pl
@@ -0,0 +1,20 @@
+#!/usr/local/bin/perl
+
+#
+# Make PEM encoded data have lines of 64 bytes of data
+#
+
+while (<>)
+ {
+ if (/^-----BEGIN/ .. /^-----END/)
+ {
+ if (/^-----BEGIN/) { $first=$_; next; }
+ if (/^-----END/) { $last=$_; next; }
+ $out.=$_;
+ }
+ }
+$out =~ s/\s//g;
+$out =~ s/(.{64})/$1\n/g;
+print "$first$out\n$last\n";
+
+
diff --git a/demos/bio/README b/demos/bio/README
new file mode 100644
index 0000000..0b24e5b
--- /dev/null
+++ b/demos/bio/README
@@ -0,0 +1,3 @@
+This directory contains some simple examples of the use of BIO's
+to simplify socket programming.
+
diff --git a/demos/bio/saccept.c b/demos/bio/saccept.c
new file mode 100644
index 0000000..81bf353
--- /dev/null
+++ b/demos/bio/saccept.c
@@ -0,0 +1,107 @@
+/* NOCW */
+/* demos/bio/saccept.c */
+
+/* A minimal program to server an SSL connection.
+ * It uses blocking.
+ * saccept host:port
+ * host is the interface IP to use. If any interface, use *:port
+ * The default it *:4433
+ *
+ * cc -I../../include saccept.c -L../.. -lssl -lcrypto
+ */
+
+#include <stdio.h>
+#include <signal.h>
+#include "err.h"
+#include "ssl.h"
+
+#define CERT_FILE "server.pem"
+
+BIO *in=NULL;
+
+void close_up()
+ {
+ if (in != NULL)
+ BIO_free(in);
+ }
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ char *port=NULL;
+ BIO *ssl_bio,*tmp;
+ SSL_CTX *ctx;
+ SSL *ssl;
+ char buf[512];
+ int ret=1,i;
+
+ if (argc <= 1)
+ port="*:4433";
+ else
+ port=argv[1];
+
+ signal(SIGINT,close_up);
+
+ SSL_load_error_strings();
+
+ /* Add ciphers and message digests */
+ SSLeay_add_ssl_algorithms();
+
+ ctx=SSL_CTX_new(SSLv23_server_method());
+ if (!SSL_CTX_use_certificate_file(ctx,CERT_FILE,SSL_FILETYPE_PEM))
+ goto err;
+ if (!SSL_CTX_use_PrivateKey_file(ctx,CERT_FILE,SSL_FILETYPE_PEM))
+ goto err;
+ if (!SSL_CTX_check_private_key(ctx))
+ goto err;
+
+ /* Setup server side SSL bio */
+ ssl=SSL_new(ctx);
+ ssl_bio=BIO_new_ssl(ctx,0);
+
+ if ((in=BIO_new_accept(port)) == NULL) goto err;
+
+ /* This means that when a new connection is acceptede on 'in',
+ * The ssl_bio will be 'dupilcated' and have the new socket
+ * BIO push into it. Basically it means the SSL BIO will be
+ * automatically setup */
+ BIO_set_accept_bios(in,ssl_bio);
+
+again:
+ /* The first call will setup the accept socket, and the second
+ * will get a socket. In this loop, the first actuall accept
+ * will occur in the BIO_read() function. */
+
+ if (BIO_do_accept(in) <= 0) goto err;
+
+ for (;;)
+ {
+ i=BIO_read(in,buf,512);
+ if (i == 0)
+ {
+ /* If we have finished, remove the underlying
+ * BIO stack so the next time we call any function
+ * for this BIO, it will attempt to do an
+ * accept */
+ printf("Done\n");
+ tmp=BIO_pop(in);
+ BIO_free_all(tmp);
+ goto again;
+ }
+ if (i < 0) goto err;
+ fwrite(buf,1,i,stdout);
+ fflush(stdout);
+ }
+
+ ret=0;
+err:
+ if (ret)
+ {
+ ERR_print_errors_fp(stderr);
+ }
+ if (in != NULL) BIO_free(in);
+ exit(ret);
+ return(!ret);
+ }
+
diff --git a/demos/bio/sconnect.c b/demos/bio/sconnect.c
new file mode 100644
index 0000000..8a667f5
--- /dev/null
+++ b/demos/bio/sconnect.c
@@ -0,0 +1,115 @@
+/* NOCW */
+/* demos/bio/sconnect.c */
+
+/* A minimal program to do SSL to a passed host and port.
+ * It is actually using non-blocking IO but in a very simple manner
+ * sconnect host:port - it does a 'GET / HTTP/1.0'
+ *
+ * cc -I../../include sconnect.c -L../.. -lssl -lcrypto
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include "err.h"
+#include "ssl.h"
+
+extern int errno;
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ char *host;
+ BIO *out;
+ char buf[1024*10],*p;
+ SSL_CTX *ssl_ctx=NULL;
+ SSL *ssl;
+ BIO *ssl_bio;
+ int i,len,off,ret=1;
+
+ if (argc <= 1)
+ host="localhost:4433";
+ else
+ host=argv[1];
+
+ /* Lets get nice error messages */
+ SSL_load_error_strings();
+
+ /* Setup all the global SSL stuff */
+ SSLeay_add_ssl_algorithms();
+ ssl_ctx=SSL_CTX_new(SSLv23_client_method());
+
+ /* Lets make a SSL structure */
+ ssl=SSL_new(ssl_ctx);
+ SSL_set_connect_state(ssl);
+
+ /* Use it inside an SSL BIO */
+ ssl_bio=BIO_new(BIO_f_ssl());
+ BIO_set_ssl(ssl_bio,ssl,BIO_CLOSE);
+
+ /* Lets use a connect BIO under the SSL BIO */
+ out=BIO_new(BIO_s_connect());
+ BIO_set_hostname(out,host);
+ BIO_set_nbio(out,1);
+ out=BIO_push(ssl_bio,out);
+
+ p="GET / HTTP/1.0\r\n\r\n";
+ len=strlen(p);
+
+ off=0;
+ for (;;)
+ {
+ i=BIO_write(out,&(p[off]),len);
+ if (i <= 0)
+ {
+ if (BIO_should_retry(out))
+ {
+ fprintf(stderr,"write DELAY\n");
+ sleep(1);
+ continue;
+ }
+ else
+ {
+ goto err;
+ }
+ }
+ off+=i;
+ len-=i;
+ if (len <= 0) break;
+ }
+
+ for (;;)
+ {
+ i=BIO_read(out,buf,sizeof(buf));
+ if (i == 0) break;
+ if (i < 0)
+ {
+ if (BIO_should_retry(out))
+ {
+ fprintf(stderr,"read DELAY\n");
+ sleep(1);
+ continue;
+ }
+ goto err;
+ }
+ fwrite(buf,1,i,stdout);
+ }
+
+ ret=1;
+
+ if (0)
+ {
+err:
+ if (ERR_peek_error() == 0) /* system call error */
+ {
+ fprintf(stderr,"errno=%d ",errno);
+ perror("error");
+ }
+ else
+ ERR_print_errors_fp(stderr);
+ }
+ BIO_free_all(out);
+ if (ssl_ctx != NULL) SSL_CTX_free(ssl_ctx);
+ exit(!ret);
+ return(ret);
+ }
+
diff --git a/demos/bio/server.pem b/demos/bio/server.pem
new file mode 100644
index 0000000..5cf1387
--- /dev/null
+++ b/demos/bio/server.pem
@@ -0,0 +1,30 @@
+subject=/C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+issuer= /C=AU/SP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+-----BEGIN X509 CERTIFICATE-----
+
+MIIBgjCCASwCAQQwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MTAwOTIz
+MzIwNVoXDTk4MDcwNTIzMzIwNVowYDELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRkLjELMAkGA1UECxMCQ1MxGzAZBgNV
+BAMTElNTTGVheSBkZW1vIHNlcnZlcjBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC3
+LCXcScWua0PFLkHBLm2VejqpA1F4RQ8q0VjRiPafjx/Z/aWH3ipdMVvuJGa/wFXb
+/nDFLDlfWp+oCPwhBtVPAgMBAAEwDQYJKoZIhvcNAQEEBQADQQArNFsihWIjBzb0
+DCsU0BvL2bvSwJrPEqFlkDq3F4M6EGutL9axEcANWgbbEdAvNJD1dmEmoWny27Pn
+IMs6ZOZB
+-----END X509 CERTIFICATE-----
+-----BEGIN RSA PRIVATE KEY-----
+
+MIIBPAIBAAJBALcsJdxJxa5rQ8UuQcEubZV6OqkDUXhFDyrRWNGI9p+PH9n9pYfe
+Kl0xW+4kZr/AVdv+cMUsOV9an6gI/CEG1U8CAwEAAQJAXJMBZ34ZXHd1vtgL/3hZ
+hexKbVTx/djZO4imXO/dxPGRzG2ylYZpHmG32/T1kaHpZlCHoEPgHoSzmxYXfxjG
+sQIhAPmZ/bQOjmRUHM/VM2X5zrjjM6z18R1P6l3ObFwt9FGdAiEAu943Yh9SqMRw
+tL0xHGxKmM/YJueUw1gB6sLkETN71NsCIQCeT3RhoqXfrpXDoEcEU+gwzjI1bpxq
+agiNTOLfqGoA5QIhAIQFYjgzONxex7FLrsKBm16N2SFl5pXsN9SpRqqL2n63AiEA
+g9VNIQ3xwpw7og3IbONifeku+J9qGMGQJMKwSTwrFtI=
+-----END RSA PRIVATE KEY-----
+
+-----BEGIN DH PARAMETERS-----
+MEYCQQDaWDwW2YUiidDkr3VvTMqS3UvlM7gE+w/tlO+cikQD7VdGUNNpmdsp13Yn
+a6LT1BLiGPTdHghM9tgAPnxHdOgzAgEC
+-----END DH PARAMETERS-----
+
diff --git a/demos/maurice/Makefile b/demos/maurice/Makefile
new file mode 100644
index 0000000..fa67dcc
--- /dev/null
+++ b/demos/maurice/Makefile
@@ -0,0 +1,23 @@
+CC=cc
+CFLAGS= -g -I../../include
+LIBS= -L/usr/local/ssl/lib -L../.. -lcrypto
+EXAMPLES=example1 example2 example3 example4
+
+all: $(EXAMPLES)
+
+example1: example1.o loadkeys.o
+ $(CC) -o example1 example1.o loadkeys.o $(LIBS)
+
+example2: example2.o loadkeys.o
+ $(CC) -o example2 example2.o loadkeys.o $(LIBS)
+
+example3: example3.o
+ $(CC) -o example3 example3.o $(LIBS)
+
+example4: example4.o
+ $(CC) -o example4 example4.o $(LIBS)
+
+
+clean:
+ rm -f $(EXAMPLES) *.o
+
diff --git a/demos/maurice/README b/demos/maurice/README
new file mode 100644
index 0000000..29778d5
--- /dev/null
+++ b/demos/maurice/README
@@ -0,0 +1,34 @@
+From Maurice Gittens <mgittens@gits.nl>
+--
+ Example programs, demonstrating some basic SSLeay crypto library
+ operations, to help you not to make the same mistakes I did.
+
+ The following files are present.
+ - loadkeys.c Demonstrates the loading and of public and
+ private keys.
+ - loadkeys.h The interface for loadkeys.c
+ - example1.c Demonstrates the sealing and opening API's
+ - example2.c Demonstrates rsa encryption and decryption
+ - example3.c Demonstrates the use of symmetric block ciphers
+ - example4.c Demonstrates base64 and decoding
+ - Makefile A makefile you probably will have to adjust for
+ your environment
+ - README this file
+
+
+ The programs were written by Maurice Gittens <mgittens@gits.nl>
+ with the necesary help from Eric Young <eay@cryptsoft.com>
+
+ You may do as you please with these programs, but please don't
+ pretend that you wrote them.
+
+ To be complete: If you use these programs you acknowlegde that
+ you are aware that there is NO warranty of any kind associated
+ with these programs. I don't even claim that the programs work,
+ they are provided AS-IS.
+
+ January 1997
+
+ Maurice
+
+
diff --git a/demos/maurice/cert.pem b/demos/maurice/cert.pem
new file mode 100644
index 0000000..e31a9ae
--- /dev/null
+++ b/demos/maurice/cert.pem
@@ -0,0 +1,77 @@
+issuer :/C=NL/SP=Brabant/L=Eindhoven/O=Gittens Information Systems B.V./OU=Certification Services/CN=ca.gits.nl/Email=mgittens@gits.nl
+subject:/C=NL/SP=Brabant/O=Gittens Information Systems B.V./OU=Certification Services/CN=caleb.gits.nl/Email=mgittens@gits.nl
+serial :01
+
+Certificate:
+ Data:
+ Version: 0 (0x0)
+ Serial Number: 1 (0x1)
+ Signature Algorithm: md5withRSAEncryption
+ Issuer: C=NL, SP=Brabant, L=Eindhoven, O=Gittens Information Systems B.V., OU=Certification Services, CN=ca.gits.nl/Email=mgittens@gits.nl
+ Validity
+ Not Before: Jan 5 13:21:16 1997 GMT
+ Not After : Jul 24 13:21:16 1997 GMT
+ Subject: C=NL, SP=Brabant, O=Gittens Information Systems B.V., OU=Certification Services, CN=caleb.gits.nl/Email=mgittens@gits.nl
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ Modulus:
+ 00:dd:82:a0:fe:a9:8d:6a:02:7e:78:d6:33:75:9b:
+ 82:01:4b:12:80:ea:6b:9b:83:9e:e3:ae:dc:f3:d0:
+ 71:7c:4b:ea:03:57:b4:cc:ba:44:5b:b8:4b:49:d3:
+ f6:39:cc:3d:12:1f:da:58:26:27:bc:bc:ab:a4:6d:
+ 62:d1:91:5a:47:9f:80:40:c1:b9:fa:e3:1e:ef:52:
+ 78:46:26:43:65:1d:f2:6b:bf:ff:c0:81:66:14:cd:
+ 81:32:91:f1:f8:51:7d:0e:17:1f:27:fc:c7:51:fd:
+ 1c:73:41:e5:66:43:3c:67:a3:09:b9:5e:36:50:50:
+ b1:e8:42:bd:5c:c6:2b:ec:a9:2c:fe:6a:fe:40:26:
+ 64:9e:b9:bf:2d:1d:fb:d0:48:5b:82:2a:8e:ab:a4:
+ d5:7b:5f:26:84:8a:9a:69:5e:c1:71:e2:a9:59:4c:
+ 2a:76:f7:fd:f4:cf:3f:d3:ce:30:72:62:65:1c:e9:
+ e9:ee:d2:fc:44:00:1e:e0:80:57:e9:41:b3:f0:44:
+ e5:0f:77:3b:1a:1f:57:5e:94:1d:c3:a5:fa:af:41:
+ 8c:4c:30:6b:2b:00:84:52:0c:64:0c:a8:5b:17:16:
+ d1:1e:f8:ea:72:01:47:9a:b9:21:95:f9:71:ed:7c:
+ d2:93:54:0c:c5:9c:e8:e5:40:28:c5:a0:ca:b1:a9:
+ 20:f9
+ Exponent: 65537 (0x10001)
+ Signature Algorithm: md5withRSAEncryption
+ 93:08:f9:e0:d4:c5:ca:95:de:4e:38:3b:28:87:e9:d3:b6:ce:
+ 4f:69:2e:c9:09:57:2f:fa:e2:50:9f:39:ec:f3:84:e8:3a:8f:
+ 9b:c3:06:62:90:49:93:6d:23:7a:2b:3d:7b:f9:46:32:18:d3:
+ 87:44:49:f7:29:2f:f3:58:97:70:c3:45:5b:90:52:1c:df:fb:
+ a8:a3:a1:29:53:a3:4c:ed:d2:51:d0:44:98:a4:14:6f:76:9d:
+ 0d:03:76:e5:d3:13:21:ce:a3:4d:2a:77:fe:ad:b3:47:6d:42:
+ b9:4a:0e:ff:61:f4:ec:62:b2:3b:00:9c:ac:16:a2:ec:19:c8:
+ c7:3d:d7:7d:97:cd:4d:1a:d2:00:07:4e:40:3d:b9:ba:1e:e2:
+ fe:81:28:57:b9:ad:2b:74:59:b0:9f:8b:a5:98:d3:75:06:67:
+ 4a:04:11:b2:ea:1a:8c:e0:d4:be:c8:0c:46:76:7f:5f:5a:7b:
+ 72:09:dd:b6:d3:6b:97:70:e8:7e:17:74:1c:f7:3a:5f:e3:fa:
+ c2:f7:95:bd:74:5e:44:4b:9b:bd:27:de:02:7f:87:1f:68:68:
+ 60:b9:f4:1d:2b:7b:ce:ef:b1:7f:3a:be:b9:66:60:54:6f:0c:
+ a0:dd:8c:03:a7:f1:9f:f8:0e:8d:bb:c6:ba:77:61:f7:8e:be:
+ 28:ba:d8:4f
+
+-----BEGIN CERTIFICATE-----
+MIIDzzCCArcCAQEwDQYJKoZIhvcNAQEEBQAwgbUxCzAJBgNVBAYTAk5MMRAwDgYD
+VQQIEwdCcmFiYW50MRIwEAYDVQQHEwlFaW5kaG92ZW4xKTAnBgNVBAoTIEdpdHRl
+bnMgSW5mb3JtYXRpb24gU3lzdGVtcyBCLlYuMR8wHQYDVQQLExZDZXJ0aWZpY2F0
+aW9uIFNlcnZpY2VzMRMwEQYDVQQDEwpjYS5naXRzLm5sMR8wHQYJKoZIhvcNAQkB
+FhBtZ2l0dGVuc0BnaXRzLm5sMB4XDTk3MDEwNTEzMjExNloXDTk3MDcyNDEzMjEx
+NlowgaQxCzAJBgNVBAYTAk5MMRAwDgYDVQQIEwdCcmFiYW50MSkwJwYDVQQKEyBH
+aXR0ZW5zIEluZm9ybWF0aW9uIFN5c3RlbXMgQi5WLjEfMB0GA1UECxMWQ2VydGlm
+aWNhdGlvbiBTZXJ2aWNlczEWMBQGA1UEAxMNY2FsZWIuZ2l0cy5ubDEfMB0GCSqG
+SIb3DQEJARYQbWdpdHRlbnNAZ2l0cy5ubDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAN2CoP6pjWoCfnjWM3WbggFLEoDqa5uDnuOu3PPQcXxL6gNXtMy6
+RFu4S0nT9jnMPRIf2lgmJ7y8q6RtYtGRWkefgEDBufrjHu9SeEYmQ2Ud8mu//8CB
+ZhTNgTKR8fhRfQ4XHyf8x1H9HHNB5WZDPGejCbleNlBQsehCvVzGK+ypLP5q/kAm
+ZJ65vy0d+9BIW4Iqjquk1XtfJoSKmmlewXHiqVlMKnb3/fTPP9POMHJiZRzp6e7S
+/EQAHuCAV+lBs/BE5Q93OxofV16UHcOl+q9BjEwwaysAhFIMZAyoWxcW0R746nIB
+R5q5IZX5ce180pNUDMWc6OVAKMWgyrGpIPkCAwEAATANBgkqhkiG9w0BAQQFAAOC
+AQEAkwj54NTFypXeTjg7KIfp07bOT2kuyQlXL/riUJ857POE6DqPm8MGYpBJk20j
+eis9e/lGMhjTh0RJ9ykv81iXcMNFW5BSHN/7qKOhKVOjTO3SUdBEmKQUb3adDQN2
+5dMTIc6jTSp3/q2zR21CuUoO/2H07GKyOwCcrBai7BnIxz3XfZfNTRrSAAdOQD25
+uh7i/oEoV7mtK3RZsJ+LpZjTdQZnSgQRsuoajODUvsgMRnZ/X1p7cgndttNrl3Do
+fhd0HPc6X+P6wveVvXReREubvSfeAn+HH2hoYLn0HSt7zu+xfzq+uWZgVG8MoN2M
+A6fxn/gOjbvGundh946+KLrYTw==
+-----END CERTIFICATE-----
+
diff --git a/demos/maurice/example1.c b/demos/maurice/example1.c
new file mode 100644
index 0000000..77730d3
--- /dev/null
+++ b/demos/maurice/example1.c
@@ -0,0 +1,200 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+*/
+
+#include <unistd.h>
+#include <stdio.h>
+#include <netinet/in.h>
+#include <fcntl.h>
+#include <strings.h>
+#include <stdlib.h>
+
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+#include "loadkeys.h"
+
+#define PUBFILE "cert.pem"
+#define PRIVFILE "privkey.pem"
+
+#define STDIN 0
+#define STDOUT 1
+
+void main_encrypt(void);
+void main_decrypt(void);
+
+static const char *usage = "Usage: example1 [-d]\n";
+
+int main(int argc, char *argv[])
+{
+
+ ERR_load_crypto_strings();
+
+ if ((argc == 1))
+ {
+ main_encrypt();
+ }
+ else if ((argc == 2) && !strcmp(argv[1],"-d"))
+ {
+ main_decrypt();
+ }
+ else
+ {
+ printf("%s",usage);
+ exit(1);
+ }
+
+ return 0;
+}
+
+void main_encrypt(void)
+{
+ unsigned int ebuflen;
+ EVP_CIPHER_CTX ectx;
+ unsigned char iv[EVP_MAX_IV_LENGTH];
+ unsigned char *ekey[1];
+ int readlen;
+ int ekeylen, net_ekeylen;
+ EVP_PKEY *pubKey[1];
+ char buf[512];
+ char ebuf[512];
+
+ memset(iv, '\0', sizeof(iv));
+
+ pubKey[0] = ReadPublicKey(PUBFILE);
+
+ if(!pubKey)
+ {
+ fprintf(stderr,"Error: can't load public key");
+ exit(1);
+ }
+
+ ekey[0] = malloc(EVP_PKEY_size(pubKey[0]));
+ if (!ekey[0])
+ {
+ EVP_PKEY_free(pubKey[0]);
+ perror("malloc");
+ exit(1);
+ }
+
+ EVP_SealInit(&ectx,
+ EVP_des_ede3_cbc(),
+ ekey,
+ &ekeylen,
+ iv,
+ pubKey,
+ 1);
+
+ net_ekeylen = htonl(ekeylen);
+ write(STDOUT, (char*)&net_ekeylen, sizeof(net_ekeylen));
+ write(STDOUT, ekey[0], ekeylen);
+ write(STDOUT, iv, sizeof(iv));
+
+ while(1)
+ {
+ readlen = read(STDIN, buf, sizeof(buf));
+
+ if (readlen <= 0)
+ {
+ if (readlen < 0)
+ perror("read");
+
+ break;
+ }
+
+ EVP_SealUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_SealFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+
+ EVP_PKEY_free(pubKey[0]);
+ free(ekey[0]);
+}
+
+void main_decrypt(void)
+{
+ char buf[512];
+ char ebuf[512];
+ unsigned int buflen;
+ EVP_CIPHER_CTX ectx;
+ unsigned char iv[8];
+ unsigned char *encryptKey;
+ unsigned int ekeylen;
+ EVP_PKEY *privateKey;
+
+ memset(iv, '\0', sizeof(iv));
+
+ privateKey = ReadPrivateKey(PRIVFILE);
+ if (!privateKey)
+ {
+ fprintf(stderr, "Error: can't load private key");
+ exit(1);
+ }
+
+ read(STDIN, &ekeylen, sizeof(ekeylen));
+ ekeylen = ntohl(ekeylen);
+
+ if (ekeylen != EVP_PKEY_size(privateKey))
+ {
+ EVP_PKEY_free(privateKey);
+ fprintf(stderr, "keylength mismatch");
+ exit(1);
+ }
+
+ encryptKey = malloc(sizeof(char) * ekeylen);
+ if (!encryptKey)
+ {
+ EVP_PKEY_free(privateKey);
+ perror("malloc");
+ exit(1);
+ }
+
+ read(STDIN, encryptKey, ekeylen);
+ read(STDIN, iv, sizeof(iv));
+
+ EVP_OpenInit(&ectx,
+ EVP_des_ede3_cbc(),
+ encryptKey,
+ ekeylen,
+ iv,
+ privateKey);
+
+ while(1)
+ {
+ int readlen = read(STDIN, ebuf, sizeof(ebuf));
+
+ if (readlen <= 0)
+ {
+ if (readlen < 0)
+ perror("read");
+
+ break;
+ }
+
+ EVP_OpenUpdate(&ectx, buf, &buflen, ebuf, readlen);
+
+ write(STDOUT, buf, buflen);
+ }
+
+ EVP_OpenFinal(&ectx, buf, &buflen);
+
+ write(STDOUT, buf, buflen);
+
+ EVP_PKEY_free(privateKey);
+ free(encryptKey);
+}
+
+
diff --git a/demos/maurice/example2.c b/demos/maurice/example2.c
new file mode 100644
index 0000000..99f7b22
--- /dev/null
+++ b/demos/maurice/example2.c
@@ -0,0 +1,77 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+*/
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <strings.h>
+
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+#include "loadkeys.h"
+
+#define PUBFILE "cert.pem"
+#define PRIVFILE "privkey.pem"
+#define STDIN 0
+#define STDOUT 1
+
+int main()
+{
+ char *ct = "This the clear text";
+ char *buf;
+ char *buf2;
+ EVP_PKEY *pubKey;
+ EVP_PKEY *privKey;
+ int len;
+ FILE *fp;
+
+ ERR_load_crypto_strings();
+
+ privKey = ReadPrivateKey(PRIVFILE);
+ if (!privKey)
+ {
+ ERR_print_errors_fp (stderr);
+ exit (1);
+ }
+
+ pubKey = ReadPublicKey(PUBFILE);
+ if(!pubKey)
+ {
+ EVP_PKEY_free(privKey);
+ fprintf(stderr,"Error: can't load public key");
+ exit(1);
+ }
+
+ /* No error checking */
+ buf = malloc(EVP_PKEY_size(pubKey));
+ buf2 = malloc(EVP_PKEY_size(pubKey));
+
+ len = RSA_public_encrypt(strlen(ct)+1, ct, buf, pubKey->pkey.rsa,RSA_PKCS1_PADDING);
+
+ if (len != EVP_PKEY_size(pubKey))
+ {
+ fprintf(stderr,"Error: ciphertext should match length of key\n");
+ exit(1);
+ }
+
+ RSA_private_decrypt(len, buf, buf2, privKey->pkey.rsa,RSA_PKCS1_PADDING);
+
+ printf("%s\n", buf2);
+
+ EVP_PKEY_free(privKey);
+ EVP_PKEY_free(pubKey);
+ free(buf);
+ free(buf2);
+}
+
+
diff --git a/demos/maurice/example3.c b/demos/maurice/example3.c
new file mode 100644
index 0000000..fcaff00
--- /dev/null
+++ b/demos/maurice/example3.c
@@ -0,0 +1,86 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#include <stdio.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <evp.h>
+
+#define STDIN 0
+#define STDOUT 1
+#define BUFLEN 512
+#define INIT_VECTOR "12345678"
+#define ENCRYPT 1
+#define DECRYPT 0
+#define ALG EVP_des_ede3_cbc()
+
+static const char *usage = "Usage: example3 [-d] password\n";
+
+void do_cipher(char *,int);
+
+int main(int argc, char *argv[])
+{
+ if ((argc == 2))
+ {
+ do_cipher(argv[1],ENCRYPT);
+ }
+ else if ((argc == 3) && !strcmp(argv[1],"-d"))
+ {
+ do_cipher(argv[2],DECRYPT);
+ }
+ else
+ {
+ fprintf(stderr,"%s", usage);
+ exit(1);
+ }
+
+ return 0;
+}
+
+void do_cipher(char *pw, int operation)
+{
+ char buf[BUFLEN];
+ char ebuf[BUFLEN + 8];
+ unsigned int ebuflen, rc;
+ unsigned char iv[EVP_MAX_IV_LENGTH], key[EVP_MAX_KEY_LENGTH];
+ unsigned int ekeylen, net_ekeylen;
+ EVP_CIPHER_CTX ectx;
+
+ memcpy(iv, INIT_VECTOR, sizeof(iv));
+
+ EVP_BytesToKey(ALG, EVP_md5(), "salu", pw, strlen(pw), 1, key, iv);
+
+ EVP_CipherInit(&ectx, ALG, key, iv, operation);
+
+ while(1)
+ {
+ int readlen = read(STDIN, buf, sizeof(buf));
+
+ if (readlen <= 0)
+ {
+ if (!readlen)
+ break;
+ else
+ {
+ perror("read");
+ exit(1);
+ }
+ }
+
+ EVP_CipherUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_CipherFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+}
+
+
diff --git a/demos/maurice/example4.c b/demos/maurice/example4.c
new file mode 100644
index 0000000..d436a20
--- /dev/null
+++ b/demos/maurice/example4.c
@@ -0,0 +1,122 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#include <stdio.h>
+#include <fcntl.h>
+#include <sys/stat.h>
+#include <evp.h>
+
+#define STDIN 0
+#define STDOUT 1
+#define BUFLEN 512
+
+static const char *usage = "Usage: example4 [-d]\n";
+
+void do_encode(void);
+void do_decode(void);
+
+int main(int argc, char *argv[])
+{
+ if ((argc == 1))
+ {
+ do_encode();
+ }
+ else if ((argc == 2) && !strcmp(argv[1],"-d"))
+ {
+ do_decode();
+ }
+ else
+ {
+ fprintf(stderr,"%s", usage);
+ exit(1);
+ }
+
+ return 0;
+}
+
+void do_encode()
+{
+ char buf[BUFLEN];
+ char ebuf[BUFLEN+24];
+ unsigned int ebuflen, rc;
+ EVP_ENCODE_CTX ectx;
+
+ EVP_EncodeInit(&ectx);
+
+ while(1)
+ {
+ int readlen = read(STDIN, buf, sizeof(buf));
+
+ if (readlen <= 0)
+ {
+ if (!readlen)
+ break;
+ else
+ {
+ perror("read");
+ exit(1);
+ }
+ }
+
+ EVP_EncodeUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_EncodeFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+}
+
+void do_decode()
+{
+ char buf[BUFLEN];
+ char ebuf[BUFLEN+24];
+ unsigned int ebuflen, rc;
+ EVP_ENCODE_CTX ectx;
+
+ EVP_DecodeInit(&ectx);
+
+ while(1)
+ {
+ int readlen = read(STDIN, buf, sizeof(buf));
+ int rc;
+
+ if (readlen <= 0)
+ {
+ if (!readlen)
+ break;
+ else
+ {
+ perror("read");
+ exit(1);
+ }
+ }
+
+ rc = EVP_DecodeUpdate(&ectx, ebuf, &ebuflen, buf, readlen);
+ if (rc <= 0)
+ {
+ if (!rc)
+ {
+ write(STDOUT, ebuf, ebuflen);
+ break;
+ }
+
+ fprintf(stderr, "Error: decoding message\n");
+ return;
+ }
+
+ write(STDOUT, ebuf, ebuflen);
+ }
+
+ EVP_DecodeFinal(&ectx, ebuf, &ebuflen);
+
+ write(STDOUT, ebuf, ebuflen);
+}
+
diff --git a/demos/maurice/loadkeys.c b/demos/maurice/loadkeys.c
new file mode 100644
index 0000000..7c89f07
--- /dev/null
+++ b/demos/maurice/loadkeys.c
@@ -0,0 +1,77 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#include <unistd.h>
+#include <stdio.h>
+#include <netinet/in.h>
+#include <fcntl.h>
+#include <strings.h>
+#include <stdlib.h>
+
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+EVP_PKEY * ReadPublicKey(const char *certfile)
+{
+ FILE *fp = fopen (certfile, "r");
+ X509 *x509;
+ EVP_PKEY *pkey;
+
+ if (!fp)
+ return NULL;
+
+ x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+ PEM_STRING_X509,
+ fp, NULL, NULL);
+
+ if (x509 == NULL)
+ {
+ ERR_print_errors_fp (stderr);
+ return NULL;
+ }
+
+ fclose (fp);
+
+ pkey=X509_extract_key(x509);
+
+ X509_free(x509);
+
+ if (pkey == NULL)
+ ERR_print_errors_fp (stderr);
+
+ return pkey;
+}
+
+EVP_PKEY *ReadPrivateKey(const char *keyfile)
+{
+ FILE *fp = fopen(keyfile, "r");
+ EVP_PKEY *pkey;
+
+ if (!fp)
+ return NULL;
+
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+
+ fclose (fp);
+
+ if (pkey == NULL)
+ ERR_print_errors_fp (stderr);
+
+ return pkey;
+}
+
+
diff --git a/demos/maurice/loadkeys.h b/demos/maurice/loadkeys.h
new file mode 100644
index 0000000..e42c6f8
--- /dev/null
+++ b/demos/maurice/loadkeys.h
@@ -0,0 +1,19 @@
+/* NOCW */
+/*
+ Please read the README file for condition of use, before
+ using this software.
+
+ Maurice Gittens <mgittens@gits.nl> January 1997
+
+*/
+
+#ifndef LOADKEYS_H_SEEN
+#define LOADKEYS_H_SEEN
+
+#include "evp.h"
+
+EVP_PKEY * ReadPublicKey(const char *certfile);
+EVP_PKEY *ReadPrivateKey(const char *keyfile);
+
+#endif
+
diff --git a/demos/maurice/privkey.pem b/demos/maurice/privkey.pem
new file mode 100644
index 0000000..fc3554e
--- /dev/null
+++ b/demos/maurice/privkey.pem
@@ -0,0 +1,27 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIEpAIBAAKCAQEA3YKg/qmNagJ+eNYzdZuCAUsSgOprm4Oe467c89BxfEvqA1e0
+zLpEW7hLSdP2Ocw9Eh/aWCYnvLyrpG1i0ZFaR5+AQMG5+uMe71J4RiZDZR3ya7//
+wIFmFM2BMpHx+FF9DhcfJ/zHUf0cc0HlZkM8Z6MJuV42UFCx6EK9XMYr7Kks/mr+
+QCZknrm/LR370EhbgiqOq6TVe18mhIqaaV7BceKpWUwqdvf99M8/084wcmJlHOnp
+7tL8RAAe4IBX6UGz8ETlD3c7Gh9XXpQdw6X6r0GMTDBrKwCEUgxkDKhbFxbRHvjq
+cgFHmrkhlflx7XzSk1QMxZzo5UAoxaDKsakg+QIDAQABAoIBAQC0hnh083PnuJ6g
+Flob+B+stCUhYWtPc6ZzgphaMD+9ABV4oescipWZdooNYiyikBwZgFIvUvFBtTXh
+rLBDgUVlZ81beUb7/EvC2aBh818rsotWW0Sw/ARY4d7wetcL/EWBzUA8E5vR6wlb
+uZGelR9OiyYqp2h2bj1/v5yaVnuHxBeBj5clTHtPMXc+/70iUNBDMZ0ruZTdSwll
+e0DH8pp/5USYewlrKtRIJT7elC8LFMqEz4OpNvfaR2OEY0FatYYmSvQPNwV8/Eor
+XlNzRi9qD0uXbVexaAgQZ3/KZuAzUbOgwJZZXEAOGkZ/J1n08jljPXdU0o7bHhNl
+7siHbuEBAoGBAP53IvvJkhnH8Akf6E6sXelZkPKHnwDwfywDAiIhXza9DB1DViRS
+bZUB5gzcxmLGalex5+LcwZmsqFO5NXZ8SQeE9p0YT8yJsX4J1w9JzSvsWJBS2vyW
+Kbt21oG6JAGrWSGMIfxKpuahtWLf4JpGjftti0qIVQ60GKEPc1/xE2PZAoGBAN7Y
+nRPaUaqcIwbnH9kovOKwZ/PWREy1ecr3YXj65VYTnwSJHD0+CJa/DX8eB/G4AoNA
+Y2LPbq0Xu3+7SaUsO45VkaZuJmNwheUQ4tmyd/YdnVZ0AHXx1tvpR7QeO0WjnlNK
+mR+x00fetrff2Ypahs0wtU0Xf3F8ORgVB8jnxBIhAoGAcwf0PpI+g30Im3dbEsWE
+poogpiJ81HXjZ0fs3PTtD9eh9FCOTlkcxHFZR5M980TyqbX4t2tH8WpFpaNh8a/5
+a3bF7PoiiLnuDKXyHC0mnKZ42rU53VkcgGwWSAqXYFHPNwUcD+rHTBbp4kqGQ/eF
+E5XPk9/RY5YyVAyiAUr/kvECgYBvW1Ua75SxqbZDI8mhbZ79tGMt0NtubZz/1KCL
+oOxrGAD1dkJ7Q/1svunSpMIZgvcWeV1wqfFHY72ZNZC2jiTwmkffH9nlBPyTm92Q
+JYOWo/PUmMEGLyRL3gWrtxOtV/as7nEYCndmyZ8KwTxmy5fi/z0J2f0gS5AIPbIX
+LeGnoQKBgQDapjz9K4HWR5AMxyga4eiLIrmADySP846uz3eZIvTJQZ+6TAamvnno
+KbnU21cGq5HBBtxqQvGswLPGW9rZAgykHHJmYBUp0xv4+I4qHfXyD7QNmvq+Vxjj
+V2tgIafEpaf2ZsfM7BZeZz8MzeGcDwyrHtIO1FQiYN5Qz9Hq68XmVA==
+-----END RSA PRIVATE KEY-----
diff --git a/demos/prime/prime.c b/demos/prime/prime.c
new file mode 100644
index 0000000..2587373
--- /dev/null
+++ b/demos/prime/prime.c
@@ -0,0 +1,100 @@
+/* demos/prime/prime.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bn.h"
+
+void callback(type,num)
+int type,num;
+ {
+ if (type == 0)
+ fprintf(stderr,".");
+ else if (type == 1)
+ fprintf(stderr,"+");
+ else if (type == 2)
+ fprintf(stderr,"*");
+ fflush(stderr);
+ }
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ BIGNUM *rand;
+ int num=256;
+
+ /* we should really call RAND_seed(char *bytes,int num);
+ * to fully initalise the random number generator */
+ if (argc >= 2)
+ {
+ num=atoi(argv[1]);
+ if (num == 0) num=256;
+ }
+
+ fprintf(stderr,"generate a strong prime\n");
+ rand=BN_generate_prime(num,1,NULL,NULL,callback);
+ /* change the second parameter to 1 for a strong prime */
+ fprintf(stderr,"\n");
+
+ BN_print_fp(stdout,rand);
+ fprintf(stdout,"\n");
+ BN_free(rand);
+ exit(0);
+ return(0);
+ }
+
diff --git a/demos/privkey.pem b/demos/privkey.pem
new file mode 100644
index 0000000..ddae240
--- /dev/null
+++ b/demos/privkey.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAN+FmbxmHVOp/RxtpMGz0DvQEBz1sDktHp19hIoMSu0YZift5MAu
+4xAEJYvWVCshDiyOTWsUBXwZkrkt87FyctkCAwEAAQJAG/vxBGpQb6IPo1iC0RF/
+F430BnwoBPCGLbeCOXpSgx5X+19vuTSdEqMgeNB6+aNb+XY/7mvVfCjyD6WZ0oxs
+JQIhAPO+uL9cP40lFs62pdL3QSWsh3VNDByvOtr9LpeaxBm/AiEA6sKVfXsDQ5hd
+SHt9U61r2r8Lcxmzi9Kw6JNqjMmzqWcCIQCKoRy+aZ8Tjdas9yDVHh+FZ90bEBkl
+b1xQFNOdEj8aTQIhAOJWrO6INYNsWTPS6+hLYZtLamyUsQj0H+B8kNQge/mtAiEA
+nBfvUl243qbqN8gF7Az1u33uc9FsPVvQPiBzLxZ4ixw=
+-----END RSA PRIVATE KEY-----
diff --git a/demos/selfsign.c b/demos/selfsign.c
new file mode 100644
index 0000000..72146fc
--- /dev/null
+++ b/demos/selfsign.c
@@ -0,0 +1,168 @@
+/* NOCW */
+/* cc -o ssdemo -I../include selfsign.c ../libcrypto.a */
+
+#include <stdio.h>
+#include <stdlib.h>
+
+#include "buffer.h"
+#include "crypto.h"
+#include "objects.h"
+#include "asn1.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+int mkit(X509 **x509p, EVP_PKEY **pkeyp, int bits, int serial, int days);
+
+int main()
+ {
+ BIO *bio_err;
+ X509 *x509=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ X509v3_add_netscape_extensions();
+
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+
+ mkit(&x509,&pkey,512,0,365);
+
+ RSA_print_fp(stdout,pkey->pkey.rsa,0);
+ X509_print_fp(stdout,x509);
+
+ PEM_write_RSAPrivateKey(stdout,pkey->pkey.rsa,NULL,NULL,0,NULL);
+ PEM_write_X509(stdout,x509);
+
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
+ BIO_free(bio_err);
+
+ X509_cleanup_extensions();
+
+ CRYPTO_mem_leaks(bio_err);
+ return(0);
+ }
+
+#ifdef WIN16
+# define MS_CALLBACK _far _loadds
+# define MS_FAR _far
+#else
+# define MS_CALLBACK
+# define MS_FAR
+#endif
+
+static void MS_CALLBACK callback(p, n)
+int p;
+int n;
+ {
+ char c='B';
+
+ if (p == 0) c='.';
+ if (p == 1) c='+';
+ if (p == 2) c='*';
+ if (p == 3) c='\n';
+ fputc(c,stderr);
+ }
+
+int mkit(x509p,pkeyp,bits,serial,days)
+X509 **x509p;
+EVP_PKEY **pkeyp;
+int bits;
+int serial;
+int days;
+ {
+ X509 *x;
+ EVP_PKEY *pk;
+ RSA *rsa;
+ char *s;
+ X509_NAME *name=NULL;
+ X509_NAME_ENTRY *ne=NULL;
+ X509_EXTENSION *ex=NULL;
+ ASN1_OCTET_STRING *data=NULL;
+
+
+ if ((pkeyp == NULL) || (*pkeyp == NULL))
+ {
+ if ((pk=EVP_PKEY_new()) == NULL)
+ {
+ abort();
+ return(0);
+ }
+ }
+ else
+ pk= *pkeyp;
+
+ if ((x509p == NULL) || (*x509p == NULL))
+ {
+ if ((x=X509_new()) == NULL)
+ goto err;
+ }
+ else
+ x= *x509p;
+
+ rsa=RSA_generate_key(bits,RSA_F4,callback);
+ if (!EVP_PKEY_assign_RSA(pk,rsa))
+ {
+ abort();
+ goto err;
+ }
+ rsa=NULL;
+
+ X509_set_version(x,3);
+ ASN1_INTEGER_set(X509_get_serialNumber(x),serial);
+ X509_gmtime_adj(X509_get_notBefore(x),0);
+ X509_gmtime_adj(X509_get_notAfter(x),(long)60*60*24*days);
+ X509_set_pubkey(x,pk);
+
+ name=X509_NAME_new();
+
+ ne=X509_NAME_ENTRY_create_by_NID(NULL,NID_countryName,
+ V_ASN1_APP_CHOOSE,"AU",-1);
+ X509_NAME_add_entry(name,ne,0,0);
+
+ X509_NAME_ENTRY_create_by_NID(&ne,NID_commonName,
+ V_ASN1_APP_CHOOSE,"Eric Young",-1);
+ X509_NAME_add_entry(name,ne,1,0);
+
+ /* finished with structure */
+ X509_NAME_ENTRY_free(ne);
+
+ X509_set_subject_name(x,name);
+ X509_set_issuer_name(x,name);
+
+ /* finished with structure */
+ X509_NAME_free(name);
+
+ data=X509v3_pack_string(NULL,V_ASN1_BIT_STRING,
+ "\001",1);
+ ex=X509_EXTENSION_create_by_NID(NULL,NID_netscape_cert_type,0,data);
+ X509_add_ext(x,ex,-1);
+
+ X509v3_pack_string(&data,V_ASN1_IA5STRING,
+ "example comment extension",-1);
+ X509_EXTENSION_create_by_NID(&ex,NID_netscape_comment,0,data);
+ X509_add_ext(x,ex,-1);
+
+ X509v3_pack_string(&data,V_ASN1_BIT_STRING,
+ "www.cryptsoft.com",-1);
+ X509_EXTENSION_create_by_NID(&ex,NID_netscape_ssl_server_name,0,data);
+ X509_add_ext(x,ex,-1);
+
+ X509_EXTENSION_free(ex);
+ ASN1_OCTET_STRING_free(data);
+
+ if (!X509_sign(x,pk,EVP_md5()))
+ goto err;
+
+ *x509p=x;
+ *pkeyp=pk;
+ return(1);
+err:
+ return(0);
+ }
+
+
+
+
diff --git a/demos/sign/cert.pem b/demos/sign/cert.pem
new file mode 100644
index 0000000..9d7ac23
--- /dev/null
+++ b/demos/sign/cert.pem
@@ -0,0 +1,14 @@
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
diff --git a/demos/sign/key.pem b/demos/sign/key.pem
new file mode 100644
index 0000000..239ad66
--- /dev/null
+++ b/demos/sign/key.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
diff --git a/demos/sign/sig.txt b/demos/sign/sig.txt
new file mode 100644
index 0000000..5613c0e
--- /dev/null
+++ b/demos/sign/sig.txt
@@ -0,0 +1,158 @@
+From ssl-lists-owner@mincom.com Mon Sep 30 02:37:40 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA11782
+ (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 11:46:21 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id LAA18980 for ssl-users-outgoing; Mon, 30 Sep 1996 11:44:56 +1000 (EST)
+Received: from minbne.mincom.oz.au (minbne.mincom.oz.au [192.55.196.247]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id LAA18962 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 11:44:51 +1000 (EST)
+Received: by minbne.mincom.oz.au id AA22230
+ (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 11:38:41 +1000
+Received: from brutus.neuronio.pt (brutus.neuronio.pt [193.126.253.2]) by bunyip.cc.uq.oz.au (8.7.6/8.7.3) with SMTP id LAA15824 for <ssl-users@mincom.com>; Mon, 30 Sep 1996 11:40:07 +1000
+Received: (from sampo@localhost) by brutus.neuronio.pt (8.6.11/8.6.11) id BAA08729; Mon, 30 Sep 1996 01:37:40 +0100
+Date: Mon, 30 Sep 1996 01:37:40 +0100
+Message-Id: <199609300037.BAA08729@brutus.neuronio.pt>
+From: Sampo Kellomaki <sampo@neuronio.pt>
+To: ssl-users@mincom.com
+Cc: sampo@brutus.neuronio.pt
+Subject: Signing with envelope routines
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: RO
+X-Status: D
+
+
+I have been trying to figure out how to produce signatures with EVP_
+routines. I seem to be able to read in private key and sign some
+data ok, but I can't figure out how I am supposed to read in
+public key so that I could verify my signature. I use self signed
+certificate.
+
+I figured I should use
+ EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
+ fp, NULL, NULL);
+to read in private key and this seems to work Ok.
+
+However when I try analogous
+ EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
+ fp, NULL, NULL);
+the program fails with
+
+error:0D09508D:asn1 encoding routines:D2I_PUBLICKEY:unknown public key type:d2i_pu.c:93
+error:0906700D:PEM routines:PEM_ASN1_read_bio:ASN1 lib:pem_lib.c:232
+
+I figured that the second argument to PEM_ASN1_read should match the
+name in my PEM encoded object, hence PEM_STRING_X509.
+PEM_STRING_EVP_PKEY seems to be somehow magical
+because it matches whatever private key there happens to be. I could
+not find a similar constant to use with getting the certificate, however.
+
+Is my approach of using PEM_ASN1_read correct? What should I pass in
+as name? Can I use normal (or even self signed) X509 certificate for
+verifying the signature?
+
+When will SSLeay documentation be written ;-)? If I would contribute
+comments to the code, would Eric take time to review them and include
+them in distribution?
+
+I'm using SSLeay-0.6.4. My program is included below along with the
+key and cert that I use.
+
+--Sampo
+
+-----------------------------------
+/* sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ 29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+ int err;
+ int sig_len;
+ unsigned char sig_buf [4096];
+ const char certfile[] = "plain-cert.pem";
+ const char keyfile[] = "plain-key.pem";
+ const char data[] = "I owe you...";
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY* pkey;
+ FILE* fp;
+
+ SSL_load_error_strings();
+
+ /* Read private key */
+
+ fp = fopen (keyfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Do the signature */
+
+ EVP_SignInit (&md_ctx, EVP_md5());
+ EVP_SignUpdate (&md_ctx, data, strlen(data));
+ sig_len = sizeof(sig_buf);
+ err = EVP_SignFinal (&md_ctx,
+ sig_buf,
+ &sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+
+ /* Read public key */
+
+ fp = fopen (certfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PublicKey,
+ PEM_STRING_X509,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Verify the signature */
+
+ EVP_VerifyInit (&md_ctx, EVP_md5());
+ EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+ err = EVP_VerifyFinal (&md_ctx,
+ sig_buf,
+ sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+ printf ("Signature Verified Ok.\n");
+}
+/* EOF */
+--------------- plain-cert.pem -----------------
+-----BEGIN CERTIFICATE-----
+MIICLDCCAdYCAQAwDQYJKoZIhvcNAQEEBQAwgaAxCzAJBgNVBAYTAlBUMRMwEQYD
+VQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5ldXJv
+bmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMTEmJy
+dXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZpMB4X
+DTk2MDkwNTAzNDI0M1oXDTk2MTAwNTAzNDI0M1owgaAxCzAJBgNVBAYTAlBUMRMw
+EQYDVQQIEwpRdWVlbnNsYW5kMQ8wDQYDVQQHEwZMaXNib2ExFzAVBgNVBAoTDk5l
+dXJvbmlvLCBMZGEuMRgwFgYDVQQLEw9EZXNlbnZvbHZpbWVudG8xGzAZBgNVBAMT
+EmJydXR1cy5uZXVyb25pby5wdDEbMBkGCSqGSIb3DQEJARYMc2FtcG9AaWtpLmZp
+MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNw
+L4lYKbpzzlmC5beaQXeQ2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAATAN
+BgkqhkiG9w0BAQQFAANBAFqPEKFjk6T6CKTHvaQeEAsX0/8YHPHqH/9AnhSjrwuX
+9EBc0n6bVGhN7XaXd6sJ7dym9sbsWxb+pJdurnkxjx4=
+-----END CERTIFICATE-----
+---------------- plain-key.pem -----------------
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAL7+aty3S1iBA/+yxjxv4q1MUTd1kjNwL4lYKbpzzlmC5beaQXeQ
+2RmGMTXU+mDvuqItjVHOK3DvPK7lTcSGftUCAwEAAQJBALjkK+jc2+iihI98riEF
+oudmkNziSRTYjnwjx8mCoAjPWviB3c742eO3FG4/soi1jD9A5alihEOXfUzloenr
+8IECIQD3B5+0l+68BA/6d76iUNqAAV8djGTzvxnCxycnxPQydQIhAMXt4trUI3nc
+a+U8YL2HPFA3gmhBsSICbq2OptOCnM7hAiEA6Xi3JIQECob8YwkRj29DU3/4WYD7
+WLPgsQpwo1GuSpECICGsnWH5oaeD9t9jbFoSfhJvv0IZmxdcLpRcpslpeWBBAiEA
+6/5B8J0GHdJq89FHwEG/H2eVVUYu5y/aD6sgcm+0Avg=
+-----END RSA PRIVATE KEY-----
+------------------------------------------------
+
diff --git a/demos/sign/sign.c b/demos/sign/sign.c
new file mode 100644
index 0000000..280cc63
--- /dev/null
+++ b/demos/sign/sign.c
@@ -0,0 +1,137 @@
+/* demos/sign/sign.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ 29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+/* converted to C - eay :-) */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+ int err;
+ int sig_len;
+ unsigned char sig_buf [4096];
+ static char certfile[] = "cert.pem";
+ static char keyfile[] = "key.pem";
+ static char data[] = "I owe you...";
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY * pkey;
+ FILE * fp;
+ X509 * x509;
+
+ /* Just load the crypto library error strings,
+ * SSL_load_error_strings() loads the crypto AND the SSL ones */
+ /* SSL_load_error_strings();*/
+ ERR_load_crypto_strings();
+
+ /* Read private key */
+
+ fp = fopen (keyfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Do the signature */
+
+ EVP_SignInit (&md_ctx, EVP_md5());
+ EVP_SignUpdate (&md_ctx, data, strlen(data));
+ sig_len = sizeof(sig_buf);
+ err = EVP_SignFinal (&md_ctx,
+ sig_buf,
+ &sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+
+ /* Read public key */
+
+ fp = fopen (certfile, "r"); if (fp == NULL) exit (1);
+ x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+ PEM_STRING_X509,
+ fp, NULL, NULL);
+ if (x509 == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Get public key - eay */
+ pkey=X509_extract_key(x509);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+
+ /* Verify the signature */
+
+ EVP_VerifyInit (&md_ctx, EVP_md5());
+ EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+ err = EVP_VerifyFinal (&md_ctx,
+ sig_buf,
+ sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+ printf ("Signature Verified Ok.\n");
+}
diff --git a/demos/sign/sign.txt b/demos/sign/sign.txt
new file mode 100644
index 0000000..2aa2b46
--- /dev/null
+++ b/demos/sign/sign.txt
@@ -0,0 +1,170 @@
+From ssl-lists-owner@mincom.com Mon Sep 30 22:43:15 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA12802
+ (5.65c/IDA-1.4.4 for eay); Mon, 30 Sep 1996 12:45:43 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id MAA25922 for ssl-users-outgoing; Mon, 30 Sep 1996 12:43:43 +1000 (EST)
+Received: from orb.mincom.oz.au (eay@orb.mincom.oz.au [192.55.197.1]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id MAA25900 for <ssl-users@listserv.mincom.oz.au>; Mon, 30 Sep 1996 12:43:39 +1000 (EST)
+Received: by orb.mincom.oz.au id AA12688
+ (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Mon, 30 Sep 1996 12:43:16 +1000
+Date: Mon, 30 Sep 1996 12:43:15 +1000 (EST)
+From: Eric Young <eay@mincom.com>
+X-Sender: eay@orb
+To: Sampo Kellomaki <sampo@neuronio.pt>
+Cc: ssl-users@mincom.com, sampo@brutus.neuronio.pt
+Subject: Re: Signing with envelope routines
+In-Reply-To: <199609300037.BAA08729@brutus.neuronio.pt>
+Message-Id: <Pine.SOL.3.91.960930121504.11800Y-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: O
+X-Status:
+
+
+On Mon, 30 Sep 1996, Sampo Kellomaki wrote:
+> I have been trying to figure out how to produce signatures with EVP_
+> routines. I seem to be able to read in private key and sign some
+> data ok, but I can't figure out how I am supposed to read in
+> public key so that I could verify my signature. I use self signed
+> certificate.
+
+hmm... a rather poorly documented are of the library at this point in time.
+
+> I figured I should use
+> EVP_PKEY* pkey = PEM_ASN1_read(d2i_PrivateKey, PEM_STRING_EVP_PKEY,
+> fp, NULL, NULL);
+> to read in private key and this seems to work Ok.
+>
+> However when I try analogous
+> EVP_PKEY* pkey = PEM_ASN1_read(d2i_PublicKey, PEM_STRING_X509,
+> fp, NULL, NULL);
+
+What you should do is
+ X509 *x509=PEM_read_X509(fp,NULL,NULL);
+ /* which is the same as PEM_ASN1_read(d2i_X509,PEM_STRING_X509,fp,
+ * NULL,NULL); */
+Then
+ EVP_PKEY *pkey=X509_extract_key(x509);
+
+There is also a X509_REQ_extract_key(req);
+which gets the public key from a certificate request.
+
+I re-worked quite a bit of this when I cleaned up the dependancy on
+RSA as the private key.
+
+> I figured that the second argument to PEM_ASN1_read should match the
+> name in my PEM encoded object, hence PEM_STRING_X509.
+> PEM_STRING_EVP_PKEY seems to be somehow magical
+> because it matches whatever private key there happens to be. I could
+> not find a similar constant to use with getting the certificate, however.
+
+:-), PEM_STRING_EVP_PKEY is 'magical' :-). In theory I should be using a
+standard such as PKCS#8 to store the private key so that the type is
+encoded in the asn.1 encoding of the object.
+
+> Is my approach of using PEM_ASN1_read correct? What should I pass in
+> as name? Can I use normal (or even self signed) X509 certificate for
+> verifying the signature?
+
+The actual public key is kept in the certificate, so basically you have
+to load the certificate and then 'unpack' the public key from the
+certificate.
+
+> When will SSLeay documentation be written ;-)? If I would contribute
+> comments to the code, would Eric take time to review them and include
+> them in distribution?
+
+:-) After SSLv3 and PKCS#7 :-). I actually started doing a function list
+but what I really need to do is do quite a few 'this is how you do xyz'
+type documents. I suppose the current method is to post to ssl-users and
+I'll respond :-).
+
+I'll add a 'demo' directory for the next release, I've appended a
+modified version of your program that works, you were very close :-).
+
+eric
+
+/* sign-it.cpp - Simple test app using SSLeay envelopes to sign data
+ 29.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+/* converted to C - eay :-) */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "evp.h"
+#include "objects.h"
+#include "x509.h"
+#include "err.h"
+#include "pem.h"
+#include "ssl.h"
+
+void main ()
+{
+ int err;
+ int sig_len;
+ unsigned char sig_buf [4096];
+ static char certfile[] = "plain-cert.pem";
+ static char keyfile[] = "plain-key.pem";
+ static char data[] = "I owe you...";
+ EVP_MD_CTX md_ctx;
+ EVP_PKEY * pkey;
+ FILE * fp;
+ X509 * x509;
+
+ /* Just load the crypto library error strings,
+ * SSL_load_error_strings() loads the crypto AND the SSL ones */
+ /* SSL_load_error_strings();*/
+ ERR_load_crypto_strings();
+
+ /* Read private key */
+
+ fp = fopen (keyfile, "r"); if (fp == NULL) exit (1);
+ pkey = (EVP_PKEY*)PEM_ASN1_read ((char *(*)())d2i_PrivateKey,
+ PEM_STRING_EVP_PKEY,
+ fp,
+ NULL, NULL);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Do the signature */
+
+ EVP_SignInit (&md_ctx, EVP_md5());
+ EVP_SignUpdate (&md_ctx, data, strlen(data));
+ sig_len = sizeof(sig_buf);
+ err = EVP_SignFinal (&md_ctx,
+ sig_buf,
+ &sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+
+ /* Read public key */
+
+ fp = fopen (certfile, "r"); if (fp == NULL) exit (1);
+ x509 = (X509 *)PEM_ASN1_read ((char *(*)())d2i_X509,
+ PEM_STRING_X509,
+ fp, NULL, NULL);
+ if (x509 == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+ fclose (fp);
+
+ /* Get public key - eay */
+ pkey=X509_extract_key(x509);
+ if (pkey == NULL) { ERR_print_errors_fp (stderr); exit (1); }
+
+ /* Verify the signature */
+
+ EVP_VerifyInit (&md_ctx, EVP_md5());
+ EVP_VerifyUpdate (&md_ctx, data, strlen((char*)data));
+ err = EVP_VerifyFinal (&md_ctx,
+ sig_buf,
+ sig_len,
+ pkey);
+ if (err != 1) { ERR_print_errors_fp (stderr); exit (1); }
+ EVP_PKEY_free (pkey);
+ printf ("Signature Verified Ok.\n");
+}
+
+
+
+
+
diff --git a/demos/spkigen.c b/demos/spkigen.c
new file mode 100644
index 0000000..01fe625
--- /dev/null
+++ b/demos/spkigen.c
@@ -0,0 +1,160 @@
+/* NOCW */
+/* demos/spkigen.c
+ * 18-Mar-1997 - eay - A quick hack :-)
+ * version 1.1, it would probably help to save or load the
+ * private key :-)
+ */
+#include <stdio.h>
+#include <stdlib.h>
+#include "err.h"
+#include "asn1.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+
+/* The following two don't exist in SSLeay but they are in here as
+ * examples */
+#define PEM_write_SPKI(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_NETSCAPE_SPKI,"SPKI",fp,\
+ (char *)x,NULL,NULL,0,NULL)
+int SPKI_set_pubkey(NETSCAPE_SPKI *x, EVP_PKEY *pkey);
+
+/* These are defined in the next version of SSLeay */
+int EVP_PKEY_assign(EVP_PKEY *pkey, int type,char *key);
+#define RSA_F4 0x10001
+#define EVP_PKEY_assign_RSA(pkey,rsa) EVP_PKEY_assign((pkey),EVP_PKEY_RSA,\
+ (char *)(rsa))
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ RSA *rsa=NULL;
+ NETSCAPE_SPKI *spki=NULL;
+ EVP_PKEY *pkey=NULL;
+ char buf[128];
+ int ok=0,i;
+ FILE *fp;
+
+ pkey=EVP_PKEY_new();
+
+ if (argc < 2)
+ {
+ /* Generate an RSA key, the random state should have been seeded
+ * with lots of calls to RAND_seed(....) */
+ fprintf(stderr,"generating RSA key, could take some time...\n");
+ if ((rsa=RSA_generate_key(512,RSA_F4,NULL)) == NULL) goto err;
+ }
+ else
+ {
+ if ((fp=fopen(argv[1],"r")) == NULL)
+ { perror(argv[1]); goto err; }
+ if ((rsa=PEM_read_RSAPrivateKey(fp,NULL,NULL)) == NULL)
+ goto err;
+ fclose(fp);
+ }
+
+ if (!EVP_PKEY_assign_RSA(pkey,rsa)) goto err;
+ rsa=NULL;
+
+ /* lets make the spki and set the public key and challenge */
+ if ((spki=NETSCAPE_SPKI_new()) == NULL) goto err;
+
+ if (!SPKI_set_pubkey(spki,pkey)) goto err;
+
+ fprintf(stderr,"please enter challenge string:");
+ fflush(stderr);
+ fgets(buf,120,stdin);
+ i=strlen(buf);
+ if (i > 0) buf[--i]='\0';
+ if (!ASN1_STRING_set((ASN1_STRING *)spki->spkac->challenge,
+ buf,i)) goto err;
+
+ if (!NETSCAPE_SPKI_sign(spki,pkey,EVP_md5())) goto err;
+ PEM_write_SPKI(stdout,spki);
+ if (argc < 2)
+ PEM_write_RSAPrivateKey(stdout,pkey->pkey.rsa,NULL,NULL,0,NULL);
+
+ ok=1;
+err:
+ if (!ok)
+ {
+ fprintf(stderr,"something bad happened....");
+ ERR_print_errors_fp(stderr);
+ }
+ NETSCAPE_SPKI_free(spki);
+ EVP_PKEY_free(pkey);
+ exit(!ok);
+ }
+
+/* This function is in the next version of SSLeay */
+int EVP_PKEY_assign(pkey,type,key)
+EVP_PKEY *pkey;
+int type;
+char *key;
+ {
+ if (pkey == NULL) return(0);
+ if (pkey->pkey.ptr != NULL)
+ {
+ if (pkey->type == EVP_PKEY_RSA)
+ RSA_free(pkey->pkey.rsa);
+ /* else memory leak */
+ }
+ pkey->type=type;
+ pkey->pkey.ptr=key;
+ return(1);
+ }
+
+/* While I have a
+ * X509_set_pubkey() and X509_REQ_set_pubkey(), SPKI_set_pubkey() does
+ * not currently exist so here is a version of it.
+ * The next SSLeay release will probably have
+ * X509_set_pubkey(),
+ * X509_REQ_set_pubkey() and
+ * NETSCAPE_SPKI_set_pubkey()
+ * as macros calling the same function */
+int SPKI_set_pubkey(x,pkey)
+NETSCAPE_SPKI *x;
+EVP_PKEY *pkey;
+ {
+ int ok=0;
+ X509_PUBKEY *pk;
+ X509_ALGOR *a;
+ ASN1_OBJECT *o;
+ unsigned char *s,*p;
+ int i;
+
+ if (x == NULL) return(0);
+
+ if ((pk=X509_PUBKEY_new()) == NULL) goto err;
+ a=pk->algor;
+
+ /* set the algorithm id */
+ if ((o=OBJ_nid2obj(pkey->type)) == NULL) goto err;
+ ASN1_OBJECT_free(a->algorithm);
+ a->algorithm=o;
+
+ /* Set the parameter list */
+ if ((a->parameter == NULL) || (a->parameter->type != V_ASN1_NULL))
+ {
+ ASN1_TYPE_free(a->parameter);
+ a->parameter=ASN1_TYPE_new();
+ a->parameter->type=V_ASN1_NULL;
+ }
+ i=i2d_PublicKey(pkey,NULL);
+ if ((s=(unsigned char *)malloc(i+1)) == NULL) goto err;
+ p=s;
+ i2d_PublicKey(pkey,&p);
+ if (!ASN1_BIT_STRING_set(pk->public_key,s,i)) goto err;
+ free(s);
+
+ X509_PUBKEY_free(x->spkac->pubkey);
+ x->spkac->pubkey=pk;
+ pk=NULL;
+ ok=1;
+err:
+ if (pk != NULL) X509_PUBKEY_free(pk);
+ return(ok);
+ }
+
diff --git a/demos/ssl/cli.cpp b/demos/ssl/cli.cpp
new file mode 100644
index 0000000..f52a9c0
--- /dev/null
+++ b/demos/ssl/cli.cpp
@@ -0,0 +1,102 @@
+/* cli.cpp - Minimal ssleay client for Unix
+ 30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include "rsa.h" /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+ int err;
+ int sd;
+ struct sockaddr_in sa;
+ SSL_CTX* ctx;
+ SSL* ssl;
+ X509* server_cert;
+ char* str;
+ char buf [4096];
+
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new (); CHK_NULL(ctx);
+
+ /* ----------------------------------------------- */
+ /* Create a socket and connect to server using normal socket calls. */
+
+ sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(sd, "socket");
+
+ memset (&sa, '\0', sizeof(sa));
+ sa.sin_family = AF_INET;
+ sa.sin_addr.s_addr = inet_addr ("127.0.0.1"); /* Server IP */
+ sa.sin_port = htons (1111); /* Server Port number */
+
+ err = connect(sd, (struct sockaddr*) &sa,
+ sizeof(sa)); CHK_ERR(err, "connect");
+
+ /* ----------------------------------------------- */
+ /* Now we have TCP conncetion. Start SSL negotiation. */
+
+ ssl = SSL_new (ctx); CHK_NULL(ssl);
+ SSL_set_fd (ssl, sd);
+ err = SSL_connect (ssl); CHK_SSL(err);
+
+ /* Following two steps are optional and not required for
+ data exchange to be successful. */
+
+ /* Get the cipher - opt */
+
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get server's certificate (note: beware of dynamic allocation) - opt */
+
+ server_cert = SSL_get_peer_certificate (ssl); CHK_NULL(server_cert);
+ printf ("Server certificate:\n");
+
+ str = X509_NAME_oneline (X509_get_subject_name (server_cert));
+ CHK_NULL(str);
+ printf ("\t subject: %s\n", str);
+ Free (str);
+
+ str = X509_NAME_oneline (X509_get_issuer_name (server_cert));
+ CHK_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ Free (str);
+
+ /* We could do all sorts of certificate verification stuff here before
+ deallocating the certificate. */
+
+ X509_free (server_cert);
+
+ /* --------------------------------------------------- */
+ /* DATA EXCHANGE - Send a message and receive a reply. */
+
+ err = SSL_write (ssl, "Hello World!", strlen("Hello World!")); CHK_SSL(err);
+
+ shutdown (sd, 1); /* Half close, send EOF to server. */
+
+ err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ /* Clean up. */
+
+ close (sd);
+ SSL_free (ssl);
+ SSL_CTX_free (ctx);
+}
+/* EOF - cli.cpp */
diff --git a/demos/ssl/inetdsrv.cpp b/demos/ssl/inetdsrv.cpp
new file mode 100644
index 0000000..b09c8b6
--- /dev/null
+++ b/demos/ssl/inetdsrv.cpp
@@ -0,0 +1,98 @@
+/* inetdserv.cpp - Minimal ssleay server for Unix inetd.conf
+ * 30.9.1996, Sampo Kellomaki <sampo@iki.fi>
+ * From /etc/inetd.conf:
+ * 1111 stream tcp nowait sampo /usr/users/sampo/demo/inetdserv inetdserv
+ */
+
+#include <stdio.h>
+#include <errno.h>
+
+#include "rsa.h" /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define HOME "/usr/users/sampo/demo/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF HOME "plain-key.pem"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) \
+ { fprintf(log, "%s %d\n", (s), errno); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(log); exit(2); }
+
+void main ()
+{
+ int err;
+ SSL_CTX* ctx;
+ SSL* ssl;
+ X509* client_cert;
+ char* str;
+ char buf [4096];
+ FILE* log;
+
+ log = fopen ("/dev/console", "a"); CHK_NULL(log);
+ fprintf (log, "inetdserv %ld\n", (long)getpid());
+
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new (); CHK_NULL(ctx);
+
+ err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM);
+ CHK_SSL (err);
+
+ err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM);
+ CHK_SSL (err);
+
+ /* inetd has already opened the TCP connection, so we can get right
+ down to business. */
+
+ ssl = SSL_new (ctx); CHK_NULL(ssl);
+ SSL_set_fd (ssl, fileno(stdin));
+ err = SSL_accept (ssl); CHK_SSL(err);
+
+ /* Get the cipher - opt */
+
+ fprintf (log, "SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+ client_cert = SSL_get_peer_certificate (ssl);
+ if (client_cert != NULL) {
+ fprintf (log, "Client certificate:\n");
+
+ str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+ CHK_NULL(str);
+ fprintf (log, "\t subject: %s\n", str);
+ Free (str);
+
+ str = X509_NAME_oneline (X509_get_issuer_name (client_cert));
+ CHK_NULL(str);
+ fprintf (log, "\t issuer: %s\n", str);
+ Free (str);
+
+ /* We could do all sorts of certificate verification stuff here before
+ deallocating the certificate. */
+
+ X509_free (client_cert);
+ } else
+ fprintf (log, "Client doe not have certificate.\n");
+
+ /* ------------------------------------------------- */
+ /* DATA EXCHANGE: Receive message and send reply */
+
+ err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
+ buf[err] = '\0';
+ fprintf (log, "Got %d chars:'%s'\n", err, buf);
+
+ err = SSL_write (ssl, "Loud and clear.", strlen("Loud and clear."));
+ CHK_SSL(err);
+
+ /* Clean up. */
+
+ fclose (log);
+ SSL_free (ssl);
+ SSL_CTX_free (ctx);
+}
+/* EOF - inetdserv.cpp */
diff --git a/demos/ssl/serv.cpp b/demos/ssl/serv.cpp
new file mode 100644
index 0000000..8681f2f
--- /dev/null
+++ b/demos/ssl/serv.cpp
@@ -0,0 +1,126 @@
+/* serv.cpp - Minimal ssleay server for Unix
+ 30.9.1996, Sampo Kellomaki <sampo@iki.fi> */
+
+#include <stdio.h>
+#include <memory.h>
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
+#include <netdb.h>
+
+#include "rsa.h" /* SSLeay stuff */
+#include "crypto.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl.h"
+#include "err.h"
+
+#define HOME "/usr/users/sampo/sibs/tim/"
+#define CERTF HOME "plain-cert.pem"
+#define KEYF HOME "plain-key.pem"
+
+#define CHK_NULL(x) if ((x)==NULL) exit (1)
+#define CHK_ERR(err,s) if ((err)==-1) { perror(s); exit(1); }
+#define CHK_SSL(err) if ((err)==-1) { ERR_print_errors_fp(stderr); exit(2); }
+
+void main ()
+{
+ int err;
+ int listen_sd;
+ int sd;
+ struct sockaddr_in sa_serv;
+ struct sockaddr_in sa_cli;
+ int client_len;
+ SSL_CTX* ctx;
+ SSL* ssl;
+ X509* client_cert;
+ char* str;
+ char buf [4096];
+
+ /* SSL preliminaries. We keep the certificate and key with the context. */
+
+ SSL_load_error_strings();
+ ctx = SSL_CTX_new (); CHK_NULL(ctx);
+
+ err = SSL_CTX_use_RSAPrivateKey_file (ctx, KEYF, SSL_FILETYPE_PEM);
+ CHK_SSL(err);
+
+ err = SSL_CTX_use_certificate_file (ctx, CERTF, SSL_FILETYPE_PEM);
+ CHK_SSL(err);
+
+ /* ----------------------------------------------- */
+ /* Prepare TCP socket for receiving connections */
+
+ listen_sd = socket (AF_INET, SOCK_STREAM, 0); CHK_ERR(listen_sd, "socket");
+
+ memset (&sa_serv, '\0', sizeof(sa_serv));
+ sa_serv.sin_family = AF_INET;
+ sa_serv.sin_addr.s_addr = INADDR_ANY;
+ sa_serv.sin_port = htons (1111); /* Server Port number */
+
+ err = bind(listen_sd, (struct sockaddr*) &sa_serv,
+ sizeof (sa_serv)); CHK_ERR(err, "bind");
+
+ /* Receive a TCP connection. */
+
+ err = listen (listen_sd, 5); CHK_ERR(err, "listen");
+
+ client_len = sizeof(sa_cli);
+ sd = accept (listen_sd, (struct sockaddr*) &sa_cli, &client_len);
+ CHK_ERR(sd, "accept");
+ close (listen_sd);
+
+ printf ("Connection from %lx, port %x\n",
+ sa_cli.sin_addr.s_addr, sa_cli.sin_port);
+
+ /* ----------------------------------------------- */
+ /* TCP connection is ready. Do server side SSL. */
+
+ ssl = SSL_new (ctx); CHK_NULL(ssl);
+ SSL_set_fd (ssl, sd);
+ err = SSL_accept (ssl); CHK_SSL(err);
+
+ /* Get the cipher - opt */
+
+ printf ("SSL connection using %s\n", SSL_get_cipher (ssl));
+
+ /* Get client's certificate (note: beware of dynamic allocation) - opt */
+
+ client_cert = SSL_get_peer_certificate (ssl);
+ if (client_cert != NULL) {
+ printf ("Client certificate:\n");
+
+ str = X509_NAME_oneline (X509_get_subject_name (client_cert));
+ CHK_NULL(str);
+ printf ("\t subject: %s\n", str);
+ Free (str);
+
+ str = X509_NAME_oneline (X509_get_issuer_name (client_cert));
+ CHK_NULL(str);
+ printf ("\t issuer: %s\n", str);
+ Free (str);
+
+ /* We could do all sorts of certificate verification stuff here before
+ deallocating the certificate. */
+
+ X509_free (client_cert);
+ } else
+ printf ("Client does not have certificate.\n");
+
+ /* DATA EXCHANGE - Receive message and send reply. */
+
+ err = SSL_read (ssl, buf, sizeof(buf) - 1); CHK_SSL(err);
+ buf[err] = '\0';
+ printf ("Got %d chars:'%s'\n", err, buf);
+
+ err = SSL_write (ssl, "I hear you.", strlen("I hear you.")); CHK_SSL(err);
+
+ /* Clean up. */
+
+ close (sd);
+ SSL_free (ssl);
+ SSL_CTX_free (ctx);
+}
+/* EOF - serv.cpp */
diff --git a/doc/API.doc b/doc/API.doc
new file mode 100644
index 0000000..fe28202
--- /dev/null
+++ b/doc/API.doc
@@ -0,0 +1,24 @@
+SSL - SSLv2/v3/v23 etc.
+
+BIO - methods and how they plug together
+
+MEM - memory allocation callback
+
+CRYPTO - locking for threads
+
+EVP - Ciphers/Digests/signatures
+
+RSA - methods
+
+X509 - certificate retrieval
+
+X509 - validation
+
+X509 - X509v3 extensions
+
+Objects - adding object identifiers
+
+ASN.1 - parsing
+
+PEM - parsing
+
diff --git a/doc/a_verify.doc b/doc/a_verify.doc
new file mode 100644
index 0000000..06eec17
--- /dev/null
+++ b/doc/a_verify.doc
@@ -0,0 +1,85 @@
+From eay@mincom.com Fri Oct 4 18:29:06 1996
+Received: by orb.mincom.oz.au id AA29080
+ (5.65c/IDA-1.4.4 for eay); Fri, 4 Oct 1996 08:29:07 +1000
+Date: Fri, 4 Oct 1996 08:29:06 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: wplatzer <wplatzer@iaik.tu-graz.ac.at>
+Cc: Eric Young <eay@mincom.oz.au>, SSL Mailing List <ssl-users@mincom.com>
+Subject: Re: Netscape's Public Key
+In-Reply-To: <19961003134837.NTM0049@iaik.tu-graz.ac.at>
+Message-Id: <Pine.SOL.3.91.961004081346.8018K-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: RO
+X-Status:
+
+On Thu, 3 Oct 1996, wplatzer wrote:
+> I get Public Key from Netscape (Gold 3.0b4), but cannot do anything
+> with it... It looks like (asn1parse):
+>
+> 0:d=0 hl=3 l=180 cons: SEQUENCE
+> 3:d=1 hl=2 l= 96 cons: SEQUENCE
+> 5:d=2 hl=2 l= 92 cons: SEQUENCE
+> 7:d=3 hl=2 l= 13 cons: SEQUENCE
+> 9:d=4 hl=2 l= 9 prim: OBJECT :rsaEncryption
+> 20:d=4 hl=2 l= 0 prim: NULL
+> 22:d=3 hl=2 l= 75 prim: BIT STRING
+> 99:d=2 hl=2 l= 0 prim: IA5STRING :
+> 101:d=1 hl=2 l= 13 cons: SEQUENCE
+> 103:d=2 hl=2 l= 9 prim: OBJECT :md5withRSAEncryption
+> 114:d=2 hl=2 l= 0 prim: NULL
+> 116:d=1 hl=2 l= 65 prim: BIT STRING
+>
+> The first BIT STRING is the public key and the second BIT STRING is
+> the signature.
+> But a public key consists of the public exponent and the modulus. Are
+> both numbers in the first BIT STRING?
+> Is there a document simply describing this coding stuff (checking
+> signature, get the public key, etc.)?
+
+Minimal in SSLeay. If you want to see what the modulus and exponent are,
+try asn1parse -offset 25 -length 75 <key.pem
+asn1parse will currently stuff up on the 'length 75' part (fixed in next
+release) but it will print the stuff. If you are after more
+documentation on ASN.1, have a look at www.rsa.com and get their PKCS
+documents, most of my initial work on SSLeay was done using them.
+
+As for SSLeay,
+util/crypto.num and util/ssl.num are lists of all exported functions in
+the library (but not macros :-(.
+
+The ones for extracting public keys from certificates and certificate
+requests are EVP_PKEY * X509_REQ_extract_key(X509_REQ *req);
+EVP_PKEY * X509_extract_key(X509 *x509);
+
+To verify a signature on a signed ASN.1 object
+int X509_verify(X509 *a,EVP_PKEY *key);
+int X509_REQ_verify(X509_REQ *a,EVP_PKEY *key);
+int X509_CRL_verify(X509_CRL *a,EVP_PKEY *key);
+int NETSCAPE_SPKI_verify(NETSCAPE_SPKI *a,EVP_PKEY *key);
+
+I should mention that EVP_PKEY can be used to hold a public or a private key,
+since for things like RSA and DSS, a public key is just a subset of what
+is stored for the private key.
+
+To sign any of the above structures
+
+int X509_sign(X509 *a,EVP_PKEY *key,EVP_MD *md);
+int X509_REQ_sign(X509_REQ *a,EVP_PKEY *key,EVP_MD *md);
+int X509_CRL_sign(X509_CRL *a,EVP_PKEY *key,EVP_MD *md);
+int NETSCAPE_SPKI_sign(NETSCAPE_SPKI *a,EVP_PKEY *key,EVP_MD *md);
+
+where md is the message digest to sign with.
+
+There are all defined in x509.h and all the _sign and _verify functions are
+actually macros to the ASN1_sign() and ASN1_verify() functions.
+These functions will put the correct algorithm identifiers in the correct
+places in the structures.
+
+eric
+--
+Eric Young | BOOL is tri-state according to Bill Gates.
+AARNet: eay@mincom.oz.au | RTFM Win32 GetMessage().
+
+
diff --git a/doc/apps.doc b/doc/apps.doc
new file mode 100644
index 0000000..a2a4e0d
--- /dev/null
+++ b/doc/apps.doc
@@ -0,0 +1,53 @@
+The applications
+
+Ok, where to begin....
+In the begining, when SSLeay was small (April 1995), there
+were but few applications, they did happily cohabit in
+the one bin directory. Then over time, they did multiply and grow,
+and they started to look like microsoft software; 500k to print 'hello world'.
+A new approach was needed. They were coalessed into one 'Monolithic'
+application, ssleay. This one program is composed of many programs that
+can all be compiled independantly.
+
+ssleay has 3 modes of operation.
+1) If the ssleay binaray has the name of one of its component programs, it
+executes that program and then exits. This can be achieve by using hard or
+symbolic links, or failing that, just renaming the binary.
+2) If the first argument to ssleay is the name of one of the component
+programs, that program runs that program and then exits.
+3) If there are no arguments, ssleay enters a 'command' mode. Each line is
+interpreted as a program name plus arguments. After each 'program' is run,
+ssleay returns to the comand line.
+
+dgst - message digests
+enc - encryption and base64 encoding
+
+ans1parse - 'pulls' appart ASN.1 encoded objects like certificates.
+
+dh - Diffle-Hellman parameter manipulation.
+rsa - RSA manipulations.
+crl - Certificate revokion list manipulations
+x509 - X509 cert fiddles, including signing.
+pkcs7 - pkcs7 manipulation, only DER versions right now.
+
+genrsa - generate an RSA private key.
+gendh - Generate a set of Diffle-Hellman parameters.
+req - Generate a PKCS#10 object, a certificate request.
+
+s_client - SSL client program
+s_server - SSL server program
+s_time - A SSL protocol timing program
+s_mult - Another SSL server, but it multiplexes
+ connections.
+s_filter - under development
+
+errstr - Convert SSLeay error numbers to strings.
+ca - Sign certificate requests, and generate
+ certificate revokion lists
+crl2pkcs7 - put a crl and certifcates into a pkcs7 object.
+speed - Benchmark the ciphers.
+verify - Check certificates
+hashdir - under development
+
+[ there a now a few more options, play with the program to see what they
+ are ]
diff --git a/doc/asn1.doc b/doc/asn1.doc
new file mode 100644
index 0000000..fdad17c
--- /dev/null
+++ b/doc/asn1.doc
@@ -0,0 +1,401 @@
+The ASN.1 Routines.
+
+ASN.1 is a specification for how to encode structured 'data' in binary form.
+The approach I have take to the manipulation of structures and their encoding
+into ASN.1 is as follows.
+
+For each distinct structure there are 4 function of the following form
+TYPE *TYPE_new(void);
+void TYPE_free(TYPE *);
+TYPE *d2i_TYPE(TYPE **a,unsigned char **pp,long length);
+long i2d_TYPE(TYPE *a,unsigned char **pp); /* CHECK RETURN VALUE */
+
+where TYPE is the type of the 'object'. The TYPE that have these functions
+can be in one of 2 forms, either the internal C malloc()ed data structure
+or in the DER (a variant of ASN.1 encoding) binary encoding which is just
+an array of unsigned bytes. The 'i2d' functions converts from the internal
+form to the DER form and the 'd2i' functions convert from the DER form to
+the internal form.
+
+The 'new' function returns a malloc()ed version of the structure with all
+substructures either created or left as NULL pointers. For 'optional'
+fields, they are normally left as NULL to indicate no value. For variable
+size sub structures (often 'SET OF' or 'SEQUENCE OF' in ASN.1 syntax) the
+STACK data type is used to hold the values. Have a read of stack.doc
+and have a look at the relevant header files to see what I mean. If there
+is an error while malloc()ing the structure, NULL is returned.
+
+The 'free' function will free() all the sub components of a particular
+structure. If any of those sub components have been 'removed', replace
+them with NULL pointers, the 'free' functions are tolerant of NULL fields.
+
+The 'd2i' function copies a binary representation into a C structure. It
+operates as follows. 'a' is a pointer to a pointer to
+the structure to populate, 'pp' is a pointer to a pointer to where the DER
+byte string is located and 'length' is the length of the '*pp' data.
+If there are no errors, a pointer to the populated structure is returned.
+If there is an error, NULL is returned. Errors can occur because of
+malloc() failures but normally they will be due to syntax errors in the DER
+encoded data being parsed. It is also an error if there was an
+attempt to read more that 'length' bytes from '*p'. If
+everything works correctly, the value in '*p' is updated
+to point at the location just beyond where the DER
+structure was read from. In this way, chained calls to 'd2i' type
+functions can be made, with the pointer into the 'data' array being
+'walked' along the input byte array.
+Depending on the value passed for 'a', different things will be done. If
+'a' is NULL, a new structure will be malloc()ed and returned. If '*a' is
+NULL, a new structure will be malloc()ed and put into '*a' and returned.
+If '*a' is not NULL, the structure in '*a' will be populated, or in the
+case of an error, free()ed and then returned.
+Having these semantics means that a structure
+can call a 'd2i' function to populate a field and if the field is currently
+NULL, the structure will be created.
+
+The 'i2d' function type is used to copy a C structure to a byte array.
+The parameter 'a' is the structure to convert and '*p' is where to put it.
+As for the 'd2i' type structure, 'p' is updated to point after the last
+byte written. If p is NULL, no data is written. The function also returns
+the number of bytes written. Where this becomes useful is that if the
+function is called with a NULL 'p' value, the length is returned. This can
+then be used to malloc() an array of bytes and then the same function can
+be recalled passing the malloced array to be written to. e.g.
+
+int len;
+unsigned char *bytes,*p;
+len=i2d_X509(x,NULL); /* get the size of the ASN1 encoding of 'x' */
+if ((bytes=(unsigned char *)malloc(len)) == NULL)
+ goto err;
+p=bytes;
+i2d_X509(x,&p);
+
+Please note that a new variable, 'p' was passed to i2d_X509. After the
+call to i2d_X509 p has been incremented by len bytes.
+
+Now the reason for this functional organisation is that it allows nested
+structures to be built up by calling these functions as required. There
+are various macros used to help write the general 'i2d', 'd2i', 'new' and
+'free' functions. They are discussed in another file and would only be
+used by some-one wanting to add new structures to the library. As you
+might be able to guess, the process of writing ASN.1 files can be a bit CPU
+expensive for complex structures. I'm willing to live with this since the
+simpler library code make my life easier and hopefully most programs using
+these routines will have their execution profiles dominated by cipher or
+message digest routines.
+What follows is a list of 'TYPE' values and the corresponding ASN.1
+structure and where it is used.
+
+TYPE ASN.1
+ASN1_INTEGER INTEGER
+ASN1_BIT_STRING BIT STRING
+ASN1_OCTET_STRING OCTET STRING
+ASN1_OBJECT OBJECT IDENTIFIER
+ASN1_PRINTABLESTRING PrintableString
+ASN1_T61STRING T61String
+ASN1_IA5STRING IA5String
+ASN1_UTCTIME UTCTime
+ASN1_TYPE Any of the above mentioned types plus SEQUENCE and SET
+
+Most of the above mentioned types are actualled stored in the
+ASN1_BIT_STRING type and macros are used to differentiate between them.
+The 3 types used are
+
+typedef struct asn1_object_st
+ {
+ /* both null if a dynamic ASN1_OBJECT, one is
+ * defined if a 'static' ASN1_OBJECT */
+ char *sn,*ln;
+ int nid;
+ int length;
+ unsigned char *data;
+ } ASN1_OBJECT;
+This is used to store ASN1 OBJECTS. Read 'objects.doc' for details ono
+routines to manipulate this structure. 'sn' and 'ln' are used to hold text
+strings that represent the object (short name and long or lower case name).
+These are used by the 'OBJ' library. 'nid' is a number used by the OBJ
+library to uniquely identify objects. The ASN1 routines will populate the
+'length' and 'data' fields which will contain the bit string representing
+the object.
+
+typedef struct asn1_bit_string_st
+ {
+ int length;
+ int type;
+ unsigned char *data;
+ } ASN1_BIT_STRING;
+This structure is used to hold all the other base ASN1 types except for
+ASN1_UTCTIME (which is really just a 'char *'). Length is the number of
+bytes held in data and type is the ASN1 type of the object (there is a list
+in asn1.h).
+
+typedef struct asn1_type_st
+ {
+ int type;
+ union {
+ char *ptr;
+ ASN1_INTEGER * integer;
+ ASN1_BIT_STRING * bit_string;
+ ASN1_OCTET_STRING * octet_string;
+ ASN1_OBJECT * object;
+ ASN1_PRINTABLESTRING * printablestring;
+ ASN1_T61STRING * t61string;
+ ASN1_IA5STRING * ia5string;
+ ASN1_UTCTIME * utctime;
+ ASN1_BIT_STRING * set;
+ ASN1_BIT_STRING * sequence;
+ } value;
+ } ASN1_TYPE;
+This structure is used in a few places when 'any' type of object can be
+expected.
+
+X509 Certificate
+X509_CINF CertificateInfo
+X509_ALGOR AlgorithmIdentifier
+X509_NAME Name
+X509_NAME_ENTRY A single sub component of the name.
+X509_VAL Validity
+X509_PUBKEY SubjectPublicKeyInfo
+The above mentioned types are declared in x509.h. They are all quite
+straight forward except for the X509_NAME/X509_NAME_ENTRY pair.
+A X509_NAME is a STACK (see stack.doc) of X509_NAME_ENTRY's.
+typedef struct X509_name_entry_st
+ {
+ ASN1_OBJECT *object;
+ ASN1_BIT_STRING *value;
+ int set;
+ int size; /* temp variable */
+ } X509_NAME_ENTRY;
+The size is a temporary variable used by i2d_NAME and set is the set number
+for the particular NAME_ENTRY. A X509_NAME is encoded as a sequence of
+sequence of sets. Normally each set contains only a single item.
+Sometimes it contains more. Normally throughout this library there will be
+only one item per set. The set field contains the 'set' that this entry is
+a member of. So if you have just created a X509_NAME structure and
+populated it with X509_NAME_ENTRYs, you should then traverse the X509_NAME
+(which is just a STACK) and set the 'set/' field to incrementing numbers.
+For more details on why this is done, read the ASN.1 spec for Distinguished
+Names.
+
+X509_REQ CertificateRequest
+X509_REQ_INFO CertificateRequestInfo
+These are used to hold certificate requests.
+
+X509_CRL CertificateRevocationList
+These are used to hold a certificate revocation list
+
+RSAPrivateKey PrivateKeyInfo
+RSAPublicKey PublicKeyInfo
+Both these 'function groups' operate on 'RSA' structures (see rsa.doc).
+The difference is that the RSAPublicKey operations only manipulate the m
+and e fields in the RSA structure.
+
+DSAPrivateKey DSS private key
+DSAPublicKey DSS public key
+Both these 'function groups' operate on 'DSS' structures (see dsa.doc).
+The difference is that the RSAPublicKey operations only manipulate the
+XXX fields in the DSA structure.
+
+DHparams DHParameter
+This is used to hold the p and g value for The Diffie-Hellman operation.
+The function deal with the 'DH' strucure (see dh.doc).
+
+Now all of these function types can be used with several other functions to give
+quite useful set of general manipulation routines. Normally one would
+not uses these functions directly but use them via macros.
+
+char *ASN1_dup(int (*i2d)(),char *(*d2i)(),char *x);
+'x' is the input structure case to a 'char *', 'i2d' is the 'i2d_TYPE'
+function for the type that 'x' is and d2i is the 'd2i_TYPE' function for the
+type that 'x' is. As is obvious from the parameters, this function
+duplicates the strucutre by transforming it into the DER form and then
+re-loading it into a new strucutre and returning the new strucutre. This
+is obviously a bit cpu intensive but when faced with a complex dynamic
+structure this is the simplest programming approach. There are macros for
+duplicating the major data types but is simple to add extras.
+
+char *ASN1_d2i_fp(char *(*new)(),char *(*d2i)(),FILE *fp,unsigned char **x);
+'x' is a pointer to a pointer of the 'desired type'. new and d2i are the
+corresponding 'TYPE_new' and 'd2i_TYPE' functions for the type and 'fp' is
+an open file pointer to read from. This function reads from 'fp' as much
+data as it can and then uses 'd2i' to parse the bytes to load and return
+the parsed strucutre in 'x' (if it was non-NULL) and to actually return the
+strucutre. The behavior of 'x' is as per all the other d2i functions.
+
+char *ASN1_d2i_bio(char *(*new)(),char *(*d2i)(),BIO *fp,unsigned char **x);
+The 'BIO' is the new IO type being used in SSLeay (see bio.doc). This
+function is the same as ASN1_d2i_fp() except for the BIO argument.
+ASN1_d2i_fp() actually calls this function.
+
+int ASN1_i2d_fp(int (*i2d)(),FILE *out,unsigned char *x);
+'x' is converted to bytes by 'i2d' and then written to 'out'. ASN1_i2d_fp
+and ASN1_d2i_fp are not really symetric since ASN1_i2d_fp will read all
+available data from the file pointer before parsing a single item while
+ASN1_i2d_fp can be used to write a sequence of data objects. To read a
+series of objects from a file I would sugest loading the file into a buffer
+and calling the relevent 'd2i' functions.
+
+char *ASN1_d2i_bio(char *(*new)(),char *(*d2i)(),BIO *fp,unsigned char **x);
+This function is the same as ASN1_i2d_fp() except for the BIO argument.
+ASN1_i2d_fp() actually calls this function.
+
+char * PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,int (*cb)());
+This function will read the next PEM encoded (base64) object of the same
+type as 'x' (loaded by the d2i function). 'name' is the name that is in
+the '-----BEGIN name-----' that designates the start of that object type.
+If the data is encrypted, 'cb' will be called to prompt for a password. If
+it is NULL a default function will be used to prompt from the password.
+'x' is delt with as per the standard 'd2i' function interface. This
+function can be used to read a series of objects from a file. While any
+data type can be encrypted (see PEM_ASN1_write) only RSA private keys tend
+to be encrypted.
+
+char * PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *fp,
+ char **x,int (*cb)());
+Same as PEM_ASN1_read() except using a BIO. This is called by
+PEM_ASN1_read().
+
+int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,EVP_CIPHER *enc,
+ unsigned char *kstr,int klen,int (*callback)());
+
+int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *fp,
+ char *x,EVP_CIPHER *enc,unsigned char *kstr,int klen,
+ int (*callback)());
+
+int ASN1_sign(int (*i2d)(), X509_ALGOR *algor1, X509_ALGOR *algor2,
+ ASN1_BIT_STRING *signature, char *data, RSA *rsa, EVP_MD *type);
+int ASN1_verify(int (*i2d)(), X509_ALGOR *algor1,
+ ASN1_BIT_STRING *signature,char *data, RSA *rsa);
+
+int ASN1_BIT_STRING_cmp(ASN1_BIT_STRING *a, ASN1_BIT_STRING *b);
+ASN1_BIT_STRING *ASN1_BIT_STRING_type_new(int type );
+
+int ASN1_UTCTIME_check(ASN1_UTCTIME *a);
+void ASN1_UTCTIME_print(BIO *fp,ASN1_UTCTIME *a);
+ASN1_UTCTIME *ASN1_UTCTIME_dup(ASN1_UTCTIME *a);
+
+ASN1_BIT_STRING *d2i_asn1_print_type(ASN1_BIT_STRING **a,unsigned char **pp,
+ long length,int type);
+
+int i2d_ASN1_SET(STACK *a, unsigned char **pp,
+ int (*func)(), int ex_tag, int ex_class);
+STACK * d2i_ASN1_SET(STACK **a, unsigned char **pp, long length,
+ char *(*func)(), int ex_tag, int ex_class);
+
+int i2a_ASN1_OBJECT(BIO *bp,ASN1_OBJECT *object);
+int i2a_ASN1_INTEGER(BIO *bp, ASN1_INTEGER *a);
+int a2i_ASN1_INTEGER(BIO *bp,ASN1_INTEGER *bs,char *buf,int size);
+
+int ASN1_INTEGER_set(ASN1_INTEGER *a, long v);
+long ASN1_INTEGER_get(ASN1_INTEGER *a);
+ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+
+/* given a string, return the correct type. Max is the maximum number
+ * of bytes to parse. It stops parsing when 'max' bytes have been
+ * processed or a '\0' is hit */
+int ASN1_PRINTABLE_type(unsigned char *s,int max);
+
+void ASN1_parse(BIO *fp,unsigned char *pp,long len);
+
+int i2d_ASN1_bytes(ASN1_BIT_STRING *a, unsigned char **pp, int tag, int class);
+ASN1_BIT_STRING *d2i_ASN1_bytes(ASN1_OCTET_STRING **a, unsigned char **pp,
+ long length, int Ptag, int Pclass);
+
+/* PARSING */
+int asn1_Finish(ASN1_CTX *c);
+
+/* SPECIALS */
+int ASN1_get_object(unsigned char **pp, long *plength, int *ptag,
+ int *pclass, long omax);
+int ASN1_check_infinite_end(unsigned char **p,long len);
+void ASN1_put_object(unsigned char **pp, int constructed, int length,
+ int tag, int class);
+int ASN1_object_size(int constructed, int length, int tag);
+
+X509 * X509_get_cert(CERTIFICATE_CTX *ctx,X509_NAME * name,X509 *tmp_x509);
+int X509_add_cert(CERTIFICATE_CTX *ctx,X509 *);
+
+char * X509_cert_verify_error_string(int n);
+int X509_add_cert_file(CERTIFICATE_CTX *c,char *file, int type);
+char * X509_gmtime (char *s, long adj);
+int X509_add_cert_dir (CERTIFICATE_CTX *c,char *dir, int type);
+int X509_load_verify_locations (CERTIFICATE_CTX *ctx,
+ char *file_env, char *dir_env);
+int X509_set_default_verify_paths(CERTIFICATE_CTX *cts);
+X509 * X509_new_D2i_X509(int len, unsigned char *p);
+char * X509_get_default_cert_area(void );
+char * X509_get_default_cert_dir(void );
+char * X509_get_default_cert_file(void );
+char * X509_get_default_cert_dir_env(void );
+char * X509_get_default_cert_file_env(void );
+char * X509_get_default_private_dir(void );
+X509_REQ *X509_X509_TO_req(X509 *x, RSA *rsa);
+int X509_cert_verify(CERTIFICATE_CTX *ctx,X509 *xs, int (*cb)());
+
+CERTIFICATE_CTX *CERTIFICATE_CTX_new();
+void CERTIFICATE_CTX_free(CERTIFICATE_CTX *c);
+
+void X509_NAME_print(BIO *fp, X509_NAME *name, int obase);
+int X509_print_fp(FILE *fp,X509 *x);
+int X509_print(BIO *fp,X509 *x);
+
+X509_INFO * X509_INFO_new(void);
+void X509_INFO_free(X509_INFO *a);
+
+char * X509_NAME_oneline(X509_NAME *a);
+
+#define X509_verify(x,rsa)
+#define X509_REQ_verify(x,rsa)
+#define X509_CRL_verify(x,rsa)
+
+#define X509_sign(x,rsa,md)
+#define X509_REQ_sign(x,rsa,md)
+#define X509_CRL_sign(x,rsa,md)
+
+#define X509_dup(x509)
+#define d2i_X509_fp(fp,x509)
+#define i2d_X509_fp(fp,x509)
+#define d2i_X509_bio(bp,x509)
+#define i2d_X509_bio(bp,x509)
+
+#define X509_CRL_dup(crl)
+#define d2i_X509_CRL_fp(fp,crl)
+#define i2d_X509_CRL_fp(fp,crl)
+#define d2i_X509_CRL_bio(bp,crl)
+#define i2d_X509_CRL_bio(bp,crl)
+
+#define X509_REQ_dup(req)
+#define d2i_X509_REQ_fp(fp,req)
+#define i2d_X509_REQ_fp(fp,req)
+#define d2i_X509_REQ_bio(bp,req)
+#define i2d_X509_REQ_bio(bp,req)
+
+#define RSAPrivateKey_dup(rsa)
+#define d2i_RSAPrivateKey_fp(fp,rsa)
+#define i2d_RSAPrivateKey_fp(fp,rsa)
+#define d2i_RSAPrivateKey_bio(bp,rsa)
+#define i2d_RSAPrivateKey_bio(bp,rsa)
+
+#define X509_NAME_dup(xn)
+#define X509_NAME_ENTRY_dup(ne)
+
+void X509_REQ_print_fp(FILE *fp,X509_REQ *req);
+void X509_REQ_print(BIO *fp,X509_REQ *req);
+
+RSA *X509_REQ_extract_key(X509_REQ *req);
+RSA *X509_extract_key(X509 *x509);
+
+int X509_issuer_and_serial_cmp(X509 *a, X509 *b);
+unsigned long X509_issuer_and_serial_hash(X509 *a);
+
+X509_NAME * X509_get_issuer_name(X509 *a);
+int X509_issuer_name_cmp(X509 *a, X509 *b);
+unsigned long X509_issuer_name_hash(X509 *a);
+
+X509_NAME * X509_get_subject_name(X509 *a);
+int X509_subject_name_cmp(X509 *a,X509 *b);
+unsigned long X509_subject_name_hash(X509 *x);
+
+int X509_NAME_cmp (X509_NAME *a, X509_NAME *b);
+unsigned long X509_NAME_hash(X509_NAME *x);
+
diff --git a/doc/bio.doc b/doc/bio.doc
new file mode 100644
index 0000000..545a57c
--- /dev/null
+++ b/doc/bio.doc
@@ -0,0 +1,423 @@
+BIO Routines
+
+This documentation is rather sparse, you are probably best
+off looking at the code for specific details.
+
+The BIO library is a IO abstraction that was originally
+inspired by the need to have callbacks to perform IO to FILE
+pointers when using Windows 3.1 DLLs. There are two types
+of BIO; a source/sink type and a filter type.
+The source/sink methods are as follows:
+- BIO_s_mem() memory buffer - a read/write byte array that
+ grows until memory runs out :-).
+- BIO_s_file() FILE pointer - A wrapper around the normal
+ 'FILE *' commands, good for use with stdin/stdout.
+- BIO_s_fd() File descriptor - A wrapper around file
+ descriptors, often used with pipes.
+- BIO_s_socket() Socket - Used around sockets. It is
+ mostly in the Microsoft world that sockets are different
+ from file descriptors and there are all those ugly winsock
+ commands.
+- BIO_s_null() Null - read nothing and write nothing.; a
+ useful endpoint for filter type BIO's specifically things
+ like the message digest BIO.
+
+The filter types are
+- BIO_f_buffer() IO buffering - does output buffering into
+ larger chunks and performs input buffering to allow gets()
+ type functions.
+- BIO_f_md() Message digest - a transparent filter that can
+ be asked to return a message digest for the data that has
+ passed through it.
+- BIO_f_cipher() Encrypt or decrypt all data passing
+ through the filter.
+- BIO_f_base64() Base64 decode on read and encode on write.
+- BIO_f_ssl() A filter that performs SSL encryption on the
+ data sent through it.
+
+Base BIO functions.
+The BIO library has a set of base functions that are
+implemented for each particular type. Filter BIOs will
+normally call the equivalent function on the source/sink BIO
+that they are layered on top of after they have performed
+some modification to the data stream. Multiple filter BIOs
+can be 'push' into a stack of modifers, so to read from a
+file, unbase64 it, then decrypt it, a BIO_f_cipher,
+BIO_f_base64 and a BIO_s_file would probably be used. If a
+sha-1 and md5 message digest needed to be generated, a stack
+two BIO_f_md() BIOs and a BIO_s_null() BIO could be used.
+The base functions are
+- BIO *BIO_new(BIO_METHOD *type); Create a new BIO of type 'type'.
+- int BIO_free(BIO *a); Free a BIO structure. Depending on
+ the configuration, this will free the underlying data
+ object for a source/sink BIO.
+- int BIO_read(BIO *b, char *data, int len); Read upto 'len'
+ bytes into 'data'.
+- int BIO_gets(BIO *bp,char *buf, int size); Depending on
+ the BIO, this can either be a 'get special' or a get one
+ line of data, as per fgets();
+- int BIO_write(BIO *b, char *data, int len); Write 'len'
+ bytes from 'data' to the 'b' BIO.
+- int BIO_puts(BIO *bp,char *buf); Either a 'put special' or
+ a write null terminated string as per fputs().
+- long BIO_ctrl(BIO *bp,int cmd,long larg,char *parg); A
+ control function which is used to manipulate the BIO
+ structure and modify it's state and or report on it. This
+ function is just about never used directly, rather it
+ should be used in conjunction with BIO_METHOD specific
+ macros.
+- BIO *BIO_push(BIO *new_top, BIO *old); new_top is apped to the
+ top of the 'old' BIO list. new_top should be a filter BIO.
+ All writes will go through 'new_top' first and last on read.
+ 'old' is returned.
+- BIO *BIO_pop(BIO *bio); the new topmost BIO is returned, NULL if
+ there are no more.
+
+If a particular low level BIO method is not supported
+(normally BIO_gets()), -2 will be returned if that method is
+called. Otherwise the IO methods (read, write, gets, puts)
+will return the number of bytes read or written, and 0 or -1
+for error (or end of input). For the -1 case,
+BIO_should_retry(bio) can be called to determine if it was a
+genuine error or a temporary problem. -2 will also be
+returned if the BIO has not been initalised yet, in all
+cases, the correct error codes are set (accessible via the
+ERR library).
+
+
+The following functions are convenience functions:
+- int BIO_printf(BIO *bio, char * format, ..); printf but
+ to a BIO handle.
+- long BIO_ctrl_int(BIO *bp,int cmd,long larg,int iarg); a
+ convenience function to allow a different argument types
+ to be passed to BIO_ctrl().
+- int BIO_dump(BIO *b,char *bytes,int len); output 'len'
+ bytes from 'bytes' in a hex dump debug format.
+- long BIO_debug_callback(BIO *bio, int cmd, char *argp, int
+ argi, long argl, long ret) - a default debug BIO callback,
+ this is mentioned below. To use this one normally has to
+ use the BIO_set_callback_arg() function to assign an
+ output BIO for the callback to use.
+- BIO *BIO_find_type(BIO *bio,int type); when there is a 'stack'
+ of BIOs, this function scan the list and returns the first
+ that is of type 'type', as listed in buffer.h under BIO_TYPE_XXX.
+- void BIO_free_all(BIO *bio); Free the bio and all other BIOs
+ in the list. It walks the bio->next_bio list.
+
+
+
+Extra commands are normally implemented as macros calling BIO_ctrl().
+- BIO_number_read(BIO *bio) - the number of bytes processed
+ by BIO_read(bio,.).
+- BIO_number_written(BIO *bio) - the number of bytes written
+ by BIO_write(bio,.).
+- BIO_reset(BIO *bio) - 'reset' the BIO.
+- BIO_eof(BIO *bio) - non zero if we are at the current end
+ of input.
+- BIO_set_close(BIO *bio, int close_flag) - set the close flag.
+- BIO_get_close(BIO *bio) - return the close flag.
+ BIO_pending(BIO *bio) - return the number of bytes waiting
+ to be read (normally buffered internally).
+- BIO_flush(BIO *bio) - output any data waiting to be output.
+- BIO_should_retry(BIO *io) - after a BIO_read/BIO_write
+ operation returns 0 or -1, a call to this function will
+ return non zero if you should retry the call later (this
+ is for non-blocking IO).
+- BIO_should_read(BIO *io) - we should retry when data can
+ be read.
+- BIO_should_write(BIO *io) - we should retry when data can
+ be written.
+- BIO_method_name(BIO *io) - return a string for the method name.
+- BIO_method_type(BIO *io) - return the unique ID of the BIO method.
+- BIO_set_callback(BIO *io, long (*callback)(BIO *io, int
+ cmd, char *argp, int argi, long argl, long ret); - sets
+ the debug callback.
+- BIO_get_callback(BIO *io) - return the assigned function
+ as mentioned above.
+- BIO_set_callback_arg(BIO *io, char *arg) - assign some
+ data against the BIO. This is normally used by the debug
+ callback but could in reality be used for anything. To
+ get an idea of how all this works, have a look at the code
+ in the default debug callback mentioned above. The
+ callback can modify the return values.
+
+Details of the BIO_METHOD structure.
+typedef struct bio_method_st
+ {
+ int type;
+ char *name;
+ int (*bwrite)();
+ int (*bread)();
+ int (*bputs)();
+ int (*bgets)();
+ long (*ctrl)();
+ int (*create)();
+ int (*destroy)();
+ } BIO_METHOD;
+
+The 'type' is the numeric type of the BIO, these are listed in buffer.h;
+'Name' is a textual representation of the BIO 'type'.
+The 7 function pointers point to the respective function
+methods, some of which can be NULL if not implemented.
+The BIO structure
+typedef struct bio_st
+ {
+ BIO_METHOD *method;
+ long (*callback)(BIO * bio, int mode, char *argp, int
+ argi, long argl, long ret);
+ char *cb_arg; /* first argument for the callback */
+ int init;
+ int shutdown;
+ int flags; /* extra storage */
+ int num;
+ char *ptr;
+ struct bio_st *next_bio; /* used by filter BIOs */
+ int references;
+ unsigned long num_read;
+ unsigned long num_write;
+ } BIO;
+
+- 'Method' is the BIO method.
+- 'callback', when configured, is called before and after
+ each BIO method is called for that particular BIO. This
+ is intended primarily for debugging and of informational feedback.
+- 'init' is 0 when the BIO can be used for operation.
+ Often, after a BIO is created, a number of operations may
+ need to be performed before it is available for use. An
+ example is for BIO_s_sock(). A socket needs to be
+ assigned to the BIO before it can be used.
+- 'shutdown', this flag indicates if the underlying
+ comunication primative being used should be closed/freed
+ when the BIO is closed.
+- 'flags' is used to hold extra state. It is primarily used
+ to hold information about why a non-blocking operation
+ failed and to record startup protocol information for the
+ SSL BIO.
+- 'num' and 'ptr' are used to hold instance specific state
+ like file descriptors or local data structures.
+- 'next_bio' is used by filter BIOs to hold the pointer of the
+ next BIO in the chain. written data is sent to this BIO and
+ data read is taken from it.
+- 'references' is used to indicate the number of pointers to
+ this structure. This needs to be '1' before a call to
+ BIO_free() is made if the BIO_free() function is to
+ actually free() the structure, otherwise the reference
+ count is just decreased. The actual BIO subsystem does
+ not really use this functionality but it is useful when
+ used in more advanced applicaion.
+- num_read and num_write are the total number of bytes
+ read/written via the 'read()' and 'write()' methods.
+
+BIO_ctrl operations.
+The following is the list of standard commands passed as the
+second parameter to BIO_ctrl() and should be supported by
+all BIO as best as possible. Some are optional, some are
+manditory, in any case, where is makes sense, a filter BIO
+should pass such requests to underlying BIO's.
+- BIO_CTRL_RESET - Reset the BIO back to an initial state.
+- BIO_CTRL_EOF - return 0 if we are not at the end of input,
+ non 0 if we are.
+- BIO_CTRL_INFO - BIO specific special command, normal
+ information return.
+- BIO_CTRL_SET - set IO specific parameter.
+- BIO_CTRL_GET - get IO specific parameter.
+- BIO_CTRL_GET_CLOSE - Get the close on BIO_free() flag, one
+ of BIO_CLOSE or BIO_NOCLOSE.
+- BIO_CTRL_SET_CLOSE - Set the close on BIO_free() flag.
+- BIO_CTRL_PENDING - Return the number of bytes available
+ for instant reading
+- BIO_CTRL_FLUSH - Output pending data, return number of bytes output.
+- BIO_CTRL_SHOULD_RETRY - After an IO error (-1 returned)
+ should we 'retry' when IO is possible on the underlying IO object.
+- BIO_CTRL_RETRY_TYPE - What kind of IO are we waiting on.
+
+The following command is a special BIO_s_file() specific option.
+- BIO_CTRL_SET_FILENAME - specify a file to open for IO.
+
+The BIO_CTRL_RETRY_TYPE needs a little more explanation.
+When performing non-blocking IO, or say reading on a memory
+BIO, when no data is present (or cannot be written),
+BIO_read() and/or BIO_write() will return -1.
+BIO_should_retry(bio) will return true if this is due to an
+IO condition rather than an actual error. In the case of
+BIO_s_mem(), a read when there is no data will return -1 and
+a should retry when there is more 'read' data.
+The retry type is deduced from 2 macros
+BIO_should_read(bio) and BIO_should_write(bio).
+Now while it may appear obvious that a BIO_read() failure
+should indicate that a retry should be performed when more
+read data is available, this is often not true when using
+things like an SSL BIO. During the SSL protocol startup
+multiple reads and writes are performed, triggered by any
+SSL_read or SSL_write.
+So to write code that will transparently handle either a
+socket or SSL BIO,
+ i=BIO_read(bio,..)
+ if (I == -1)
+ {
+ if (BIO_should_retry(bio))
+ {
+ if (BIO_should_read(bio))
+ {
+ /* call us again when BIO can be read */
+ }
+ if (BIO_should_write(bio))
+ {
+ /* call us again when BIO can be written */
+ }
+ }
+ }
+
+At this point in time only read and write conditions can be
+used but in the future I can see the situation for other
+conditions, specifically with SSL there could be a condition
+of a X509 certificate lookup taking place and so the non-
+blocking BIO_read would require a retry when the certificate
+lookup subsystem has finished it's lookup. This is all
+makes more sense and is easy to use in a event loop type
+setup.
+When using the SSL BIO, either SSL_read() or SSL_write()s
+can be called during the protocol startup and things will
+still work correctly.
+The nice aspect of the use of the BIO_should_retry() macro
+is that all the errno codes that indicate a non-fatal error
+are encapsulated in one place. The Windows specific error
+codes and WSAGetLastError() calls are also hidden from the
+application.
+
+Notes on each BIO method.
+Normally buffer.h is just required but depending on the
+BIO_METHOD, ssl.h or evp.h will also be required.
+
+BIO_METHOD *BIO_s_mem(void);
+- BIO_set_mem_buf(BIO *bio, BUF_MEM *bm, int close_flag) -
+ set the underlying BUF_MEM structure for the BIO to use.
+- BIO_get_mem_ptr(BIO *bio, char **pp) - if pp is not NULL,
+ set it to point to the memory array and return the number
+ of bytes available.
+A read/write BIO. Any data written is appended to the
+memory array and any read is read from the front. This BIO
+can be used for read/write at the same time. BIO_gets() is
+supported in the fgets() sense.
+BIO_CTRL_INFO can be used to retrieve pointers to the memory
+buffer and it's length.
+
+BIO_METHOD *BIO_s_file(void);
+- BIO_set_fp(BIO *bio, FILE *fp, int close_flag) - set 'FILE *' to use.
+- BIO_get_fp(BIO *bio, FILE **fp) - get the 'FILE *' in use.
+- BIO_read_filename(BIO *bio, char *name) - read from file.
+- BIO_write_filename(BIO *bio, char *name) - write to file.
+- BIO_append_filename(BIO *bio, char *name) - append to file.
+This BIO sits over the normal system fread()/fgets() type
+functions. Gets() is supported. This BIO in theory could be
+used for read and write but it is best to think of each BIO
+of this type as either a read or a write BIO, not both.
+
+BIO_METHOD *BIO_s_socket(void);
+BIO_METHOD *BIO_s_fd(void);
+- BIO_sock_should_retry(int i) - the underlying function
+ used to determine if a call should be retried; the
+ argument is the '0' or '-1' returned by the previous BIO
+ operation.
+- BIO_fd_should_retry(int i) - same as the
+- BIO_sock_should_retry() except that it is different internally.
+- BIO_set_fd(BIO *bio, int fd, int close_flag) - set the
+ file descriptor to use
+- BIO_get_fd(BIO *bio, int *fd) - get the file descriptor.
+These two methods are very similar. Gets() is not
+supported, if you want this functionality, put a
+BIO_f_buffer() onto it. This BIO is bi-directional if the
+underlying file descriptor is. This is normally the case
+for sockets but not the case for stdio descriptors.
+
+BIO_METHOD *BIO_s_null(void);
+Read and write as much data as you like, it all disappears
+into this BIO.
+
+BIO_METHOD *BIO_f_buffer(void);
+- BIO_get_buffer_num_lines(BIO *bio) - return the number of
+ complete lines in the buffer.
+- BIO_set_buffer_size(BIO *bio, long size) - set the size of
+ the buffers.
+This type performs input and output buffering. It performs
+both at the same time. The size of the buffer can be set
+via the set buffer size option. Data buffered for output is
+only written when the buffer fills.
+
+BIO_METHOD *BIO_f_ssl(void);
+- BIO_set_ssl(BIO *bio, SSL *ssl, int close_flag) - the SSL
+ structure to use.
+- BIO_get_ssl(BIO *bio, SSL **ssl) - get the SSL structure
+ in use.
+The SSL bio is a little different from normal BIOs because
+the underlying SSL structure is a little different. A SSL
+structure performs IO via a read and write BIO. These can
+be different and are normally set via the
+SSL_set_rbio()/SSL_set_wbio() calls. The SSL_set_fd() calls
+are just wrappers that create socket BIOs and then call
+SSL_set_bio() where the read and write BIOs are the same.
+The BIO_push() operation makes the SSLs IO BIOs the same, so
+make sure the BIO pushed is capable of two directional
+traffic. If it is not, you will have to install the BIOs
+via the more conventional SSL_set_bio() call. BIO_pop() will retrieve
+the 'SSL read' BIO.
+
+BIO_METHOD *BIO_f_md(void);
+- BIO_set_md(BIO *bio, EVP_MD *md) - set the message digest
+ to use.
+- BIO_get_md(BIO *bio, EVP_MD **mdp) - return the digest
+ method in use in mdp, return 0 if not set yet.
+- BIO_reset() reinitializes the digest (EVP_DigestInit())
+ and passes the reset to the underlying BIOs.
+All data read or written via BIO_read() or BIO_write() to
+this BIO will be added to the calculated digest. This
+implies that this BIO is only one directional. If read and
+write operations are performed, two separate BIO_f_md() BIOs
+are reuqired to generate digests on both the input and the
+output. BIO_gets(BIO *bio, char *md, int size) will place the
+generated digest into 'md' and return the number of bytes.
+The EVP_MAX_MD_SIZE should probably be used to size the 'md'
+array. Reading the digest will also reset it.
+
+BIO_METHOD *BIO_f_cipher(void);
+- BIO_reset() reinitializes the cipher.
+- BIO_flush() should be called when the last bytes have been
+ output to flush the final block of block ciphers.
+- BIO_get_cipher_status(BIO *b), when called after the last
+ read from a cipher BIO, returns non-zero if the data
+ decrypted correctly, otherwise, 0.
+- BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *key,
+ unsigned char *iv, int encrypt) This function is used to
+ setup a cipher BIO. The length of key and iv are
+ specified by the choice of EVP_CIPHER. Encrypt is 1 to
+ encrypt and 0 to decrypt.
+
+BIO_METHOD *BIO_f_base64(void);
+- BIO_flush() should be called when the last bytes have been output.
+This BIO base64 encodes when writing and base64 decodes when
+reading. It will scan the input until a suitable begin line
+is found. After reading data, BIO_reset() will reset the
+BIO to start scanning again. Do not mix reading and writing
+on the same base64 BIO. It is meant as a single stream BIO.
+
+Directions type
+both BIO_s_mem()
+one/both BIO_s_file()
+both BIO_s_fd()
+both BIO_s_socket()
+both BIO_s_null()
+both BIO_f_buffer()
+one BIO_f_md()
+one BIO_f_cipher()
+one BIO_f_base64()
+both BIO_f_ssl()
+
+It is easy to mix one and two directional BIOs, all one has
+to do is to keep two separate BIO pointers for reading and
+writing and be careful about usage of underlying BIOs. The
+SSL bio by it's very nature has to be two directional but
+the BIO_push() command will push the one BIO into the SSL
+BIO for both reading and writing.
+
+The best example program to look at is apps/enc.c and/or perhaps apps/dgst.c.
+
diff --git a/doc/blowfish.doc b/doc/blowfish.doc
new file mode 100644
index 0000000..3a7291f
--- /dev/null
+++ b/doc/blowfish.doc
@@ -0,0 +1,149 @@
+The Blowfish library.
+
+Blowfish is a block cipher that operates on 64bit (8 byte) quantities. It
+uses variable size key, but 128bit (16 byte) key would normally be considered
+good. It can be used in all the modes that DES can be used. This
+library implements the ecb, cbc, cfb64, ofb64 modes.
+
+Blowfish is quite a bit faster that DES, and much faster than IDEA or
+RC2. It is one of the faster block ciphers.
+
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'blowfish.h'.
+
+All of the encryption functions take what is called an BF_KEY as an
+argument. An BF_KEY is an expanded form of the Blowfish key.
+For all modes of the Blowfish algorithm, the BF_KEY used for
+decryption is the same one that was used for encryption.
+
+The define BF_ENCRYPT is passed to specify encryption for the functions
+that require an encryption/decryption flag. BF_DECRYPT is passed to
+specify decryption.
+
+Please note that any of the encryption modes specified in my DES library
+could be used with Blowfish. I have only implemented ecb, cbc, cfb64 and
+ofb64 for the following reasons.
+- ecb is the basic Blowfish encryption.
+- cbc is the normal 'chaining' form for block ciphers.
+- cfb64 can be used to encrypt single characters, therefore input and output
+ do not need to be a multiple of 8.
+- ofb64 is similar to cfb64 but is more like a stream cipher, not as
+ secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
+- If you want triple Blowfish, thats 384 bits of key and you must be totally
+ obsessed with security. Still, if you want it, it is simple enough to
+ copy the function from the DES library and change the des_encrypt to
+ BF_encrypt; an exercise left for the paranoid reader :-).
+
+The functions are as follows:
+
+void BF_set_key(
+BF_KEY *ks;
+int len;
+unsigned char *key;
+ BF_set_key converts an 'len' byte key into a BF_KEY.
+ A 'ks' is an expanded form of the 'key' which is used to
+ perform actual encryption. It can be regenerated from the Blowfish key
+ so it only needs to be kept when encryption or decryption is about
+ to occur. Don't save or pass around BF_KEY's since they
+ are CPU architecture dependent, 'key's are not. Blowfish is an
+ interesting cipher in that it can be used with a variable length
+ key. 'len' is the length of 'key' to be used as the key.
+ A 'len' of 16 is recomended by me, but blowfish can use upto
+ 72 bytes. As a warning, blowfish has a very very slow set_key
+ function, it actually runs BF_encrypt 521 times.
+
+void BF_encrypt(
+unsigned long *data,
+BF_KEY *key,
+int encrypt);
+ This is the Blowfish encryption function that gets called by just about
+ every other Blowfish routine in the library. You should not use this
+ function except to implement 'modes' of Blowfish.
+ I say this because the
+ functions that call this routine do the conversion from 'char *' to
+ long, and this needs to be done to make sure 'non-aligned' memory
+ access do not occur.
+ Data is a pointer to 2 unsigned long's and key is the
+ BF_KEY to use. Encryption or decryption is indicated by 'encrypt'.
+ which can have the values BF_ENCRYPT or BF_DECRYPT.
+
+void BF_ecb_encrypt(
+unsigned char *in,
+unsigned char *out,
+BF_KEY *key,
+int encrypt);
+ This is the basic Electronic Code Book form of Blowfish (in DES this
+ mode is called Electronic Code Book so I'm going to use the term
+ for blowfish as well.
+ Input is encrypted into output using the key represented by
+ key. Depending on the encrypt, encryption or
+ decryption occurs. Input is 8 bytes long and output is 8 bytes.
+
+void BF_cbc_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+BF_KEY *ks,
+unsigned char *ivec,
+int encrypt);
+ This routine implements Blowfish in Cipher Block Chaining mode.
+ Input, which should be a multiple of 8 bytes is encrypted
+ (or decrypted) to output which will also be a multiple of 8 bytes.
+ The number of bytes is in length (and from what I've said above,
+ should be a multiple of 8). If length is not a multiple of 8, bad
+ things will probably happen. ivec is the initialisation vector.
+ This function updates iv after each call so that it can be passed to
+ the next call to BF_cbc_encrypt().
+
+void BF_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+BF_KEY *schedule,
+unsigned char *ivec,
+int *num,
+int encrypt);
+ This is one of the more useful functions in this Blowfish library, it
+ implements CFB mode of Blowfish with 64bit feedback.
+ This allows you to encrypt an arbitrary number of bytes,
+ you do not require 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. Num contains 'how far' we are though ivec.
+ 'Encrypt' is used to indicate encryption or decryption.
+ CFB64 mode operates by using the cipher to generate a stream
+ of bytes which is used to encrypt the plain text.
+ The cipher text is then encrypted to generate the next 64 bits to
+ be xored (incrementally) with the next 64 bits of plain
+ text. As can be seen from this, to encrypt or decrypt,
+ the same 'cipher stream' needs to be generated but the way the next
+ block of data is gathered for encryption is different for
+ encryption and decryption.
+
+void BF_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+BF_KEY *schedule,
+unsigned char *ivec,
+int *num);
+ This functions implements OFB mode of Blowfish with 64bit feedback.
+ This allows you to encrypt an arbitrary number of bytes,
+ you do not require 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. Num contains 'how far' we are though ivec.
+ This is in effect a stream cipher, there is no encryption or
+ decryption mode.
+
+For reading passwords, I suggest using des_read_pw_string() from my DES library.
+To generate a password from a text string, I suggest using MD5 (or MD2) to
+produce a 16 byte message digest that can then be passed directly to
+BF_set_key().
+
+=====
+For more information about the specific Blowfish modes in this library
+(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
+documentation on my DES library. What is said about DES is directly
+applicable for Blowfish.
+
diff --git a/doc/bn.doc b/doc/bn.doc
new file mode 100644
index 0000000..2358c20
--- /dev/null
+++ b/doc/bn.doc
@@ -0,0 +1,379 @@
+The Big Number library.
+
+#include "bn.h" when using this library.
+
+This big number library was written for use in implementing the RSA and DH
+public key encryption algorithms. As such, features such as negative
+numbers have not been extensively tested but they should work as expected.
+This library uses dynamic memory allocation for storing its data structures
+and so there are no limit on the size of the numbers manipulated by these
+routines but there is always the requirement to check return codes from
+functions just in case a memory allocation error has occurred.
+
+The basic object in this library is a BIGNUM. It is used to hold a single
+large integer. This type should be considered opaque and fields should not
+be modified or accessed directly.
+typedef struct bignum_st
+ {
+ int top; /* Index of last used d. */
+ BN_ULONG *d; /* Pointer to an array of 'BITS2' bit chunks. */
+ int max; /* Size of the d array. */
+ int neg;
+ } BIGNUM;
+The big number is stored in a malloced array of BN_ULONG's. A BN_ULONG can
+be either 16, 32 or 64 bits in size, depending on the 'number of bits'
+specified in bn.h.
+The 'd' field is this array. 'max' is the size of the 'd' array that has
+been allocated. 'top' is the 'last' entry being used, so for a value of 4,
+bn.d[0]=4 and bn.top=1. 'neg' is 1 if the number is negative.
+When a BIGNUM is '0', the 'd' field can be NULL and top == 0.
+
+Various routines in this library require the use of 'temporary' BIGNUM
+variables during their execution. Due to the use of dynamic memory
+allocation to create BIGNUMs being rather expensive when used in
+conjunction with repeated subroutine calls, the BN_CTX structure is
+used. This structure contains BN_CTX BIGNUMs. BN_CTX
+is the maximum number of temporary BIGNUMs any publicly exported
+function will use.
+
+#define BN_CTX 12
+typedef struct bignum_ctx
+ {
+ int tos; /* top of stack */
+ BIGNUM *bn[BN_CTX]; /* The variables */
+ } BN_CTX;
+
+The functions that follow have been grouped according to function. Most
+arithmetic functions return a result in the first argument, sometimes this
+first argument can also be an input parameter, sometimes it cannot. These
+restrictions are documented.
+
+extern BIGNUM *BN_value_one;
+There is one variable defined by this library, a BIGNUM which contains the
+number 1. This variable is useful for use in comparisons and assignment.
+
+Get Size functions.
+
+int BN_num_bits(BIGNUM *a);
+ This function returns the size of 'a' in bits.
+
+int BN_num_bytes(BIGNUM *a);
+ This function (macro) returns the size of 'a' in bytes.
+ For conversion of BIGNUMs to byte streams, this is the number of
+ bytes the output string will occupy. If the output byte
+ format specifies that the 'top' bit indicates if the number is
+ signed, so an extra '0' byte is required if the top bit on a
+ positive number is being written, it is upto the application to
+ make this adjustment. Like I said at the start, I don't
+ really support negative numbers :-).
+
+Creation/Destruction routines.
+
+BIGNUM *BN_new();
+ Return a new BIGNUM object. The number initially has a value of 0. If
+ there is an error, NULL is returned.
+
+void BN_free(BIGNUM *a);
+ Free()s a BIGNUM.
+
+void BN_clear(BIGNUM *a);
+ Sets 'a' to a value of 0 and also zeros all unused allocated
+ memory. This function is used to clear a variable of 'sensitive'
+ data that was held in it.
+
+void BN_clear_free(BIGNUM *a);
+ This function zeros the memory used by 'a' and then free()'s it.
+ This function should be used to BN_free() BIGNUMS that have held
+ sensitive numeric values like RSA private key values. Both this
+ function and BN_clear tend to only be used by RSA and DH routines.
+
+BN_CTX *BN_CTX_new(void);
+ Returns a new BN_CTX. NULL on error.
+
+void BN_CTX_free(BN_CTX *c);
+ Free a BN_CTX structure. The BIGNUMs in 'c' are BN_clear_free()ed.
+
+BIGNUM *bn_expand(BIGNUM *b, int bits);
+ This is an internal function that should not normally be used. It
+ ensures that 'b' has enough room for a 'bits' bit number. It is
+ mostly used by the various BIGNUM routines. If there is an error,
+ NULL is returned. if not, 'b' is returned.
+
+BIGNUM *BN_copy(BIGNUM *to, BIGNUM *from);
+ The 'from' is copied into 'to'. NULL is returned if there is an
+ error, otherwise 'to' is returned.
+
+BIGNUM *BN_dup(BIGNUM *a);
+ A new BIGNUM is created and returned containing the value of 'a'.
+ NULL is returned on error.
+
+Comparison and Test Functions.
+
+int BN_is_zero(BIGNUM *a)
+ Return 1 if 'a' is zero, else 0.
+
+int BN_is_one(a)
+ Return 1 is 'a' is one, else 0.
+
+int BN_is_word(a,w)
+ Return 1 if 'a' == w, else 0. 'w' is a BN_ULONG.
+
+int BN_cmp(BIGNUM *a, BIGNUM *b);
+ Return -1 if 'a' is less than 'b', 0 if 'a' and 'b' are the same
+ and 1 is 'a' is greater than 'b'. This is a signed comparison.
+
+int BN_ucmp(BIGNUM *a, BIGNUM *b);
+ This function is the same as BN_cmp except that the comparison
+ ignores the sign of the numbers.
+
+Arithmetic Functions
+For all of these functions, 0 is returned if there is an error and 1 is
+returned for success. The return value should always be checked. eg.
+if (!BN_add(r,a,b)) goto err;
+Unless explicitly mentioned, the 'return' value can be one of the
+'parameters' to the function.
+
+int BN_add(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+ Add 'a' and 'b' and return the result in 'r'. This is r=a+b.
+
+int BN_sub(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+ Subtract 'a' from 'b' and put the result in 'r'. This is r=a-b.
+
+int BN_lshift(BIGNUM *r, BIGNUM *a, int n);
+ Shift 'a' left by 'n' bits. This is r=a*(2^n).
+
+int BN_lshift1(BIGNUM *r, BIGNUM *a);
+ Shift 'a' left by 1 bit. This form is more efficient than
+ BN_lshift(r,a,1). This is r=a*2.
+
+int BN_rshift(BIGNUM *r, BIGNUM *a, int n);
+ Shift 'a' right by 'n' bits. This is r=int(a/(2^n)).
+
+int BN_rshift1(BIGNUM *r, BIGNUM *a);
+ Shift 'a' right by 1 bit. This form is more efficient than
+ BN_rshift(r,a,1). This is r=int(a/2).
+
+int BN_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b);
+ Multiply a by b and return the result in 'r'. 'r' must not be
+ either 'a' or 'b'. It has to be a different BIGNUM.
+ This is r=a*b.
+
+int BN_sqr(BIGNUM *r, BIGNUM *a, BN_CTX *ctx);
+ Multiply a by a and return the result in 'r'. 'r' must not be
+ 'a'. This function is alot faster than BN_mul(r,a,a). This is r=a*a.
+
+int BN_div(BIGNUM *dv, BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+ Divide 'm' by 'd' and return the result in 'dv' and the remainder
+ in 'rem'. Either of 'dv' or 'rem' can be NULL in which case that
+ value is not returned. 'ctx' needs to be passed as a source of
+ temporary BIGNUM variables.
+ This is dv=int(m/d), rem=m%d.
+
+int BN_mod(BIGNUM *rem, BIGNUM *m, BIGNUM *d, BN_CTX *ctx);
+ Find the remainder of 'm' divided by 'd' and return it in 'rem'.
+ 'ctx' holds the temporary BIGNUMs required by this function.
+ This function is more efficient than BN_div(NULL,rem,m,d,ctx);
+ This is rem=m%d.
+
+int BN_mod_mul(BIGNUM *r, BIGNUM *a, BIGNUM *b, BIGNUM *m,BN_CTX *ctx);
+ Multiply 'a' by 'b' and return the remainder when divided by 'm'.
+ 'ctx' holds the temporary BIGNUMs required by this function.
+ This is r=(a*b)%m.
+
+int BN_mod_exp(BIGNUM *r, BIGNUM *a, BIGNUM *p, BIGNUM *m,BN_CTX *ctx);
+ Raise 'a' to the 'p' power and return the remainder when divided by
+ 'm'. 'ctx' holds the temporary BIGNUMs required by this function.
+ This is r=(a^p)%m.
+
+int BN_reciprocal(BIGNUM *r, BIGNUM *m, BN_CTX *ctx);
+ Return the reciprocal of 'm'. 'ctx' holds the temporary variables
+ required. This function returns -1 on error, otherwise it returns
+ the number of bits 'r' is shifted left to make 'r' into an integer.
+ This number of bits shifted is required in BN_mod_mul_reciprocal().
+ This is r=(1/m)<<(BN_num_bits(m)+1).
+
+int BN_mod_mul_reciprocal(BIGNUM *r, BIGNUM *x, BIGNUM *y, BIGNUM *m,
+ BIGNUM *i, int nb, BN_CTX *ctx);
+ This function is used to perform an efficient BN_mod_mul()
+ operation. If one is going to repeatedly perform BN_mod_mul() with
+ the same modulus is worth calculating the reciprocal of the modulus
+ and then using this function. This operation uses the fact that
+ a/b == a*r where r is the reciprocal of b. On modern computers
+ multiplication is very fast and big number division is very slow.
+ 'x' is multiplied by 'y' and then divided by 'm' and the remainder
+ is returned. 'i' is the reciprocal of 'm' and 'nb' is the number
+ of bits as returned from BN_reciprocal(). Normal usage is as follows.
+ bn=BN_reciprocal(i,m);
+ for (...)
+ { BN_mod_mul_reciprocal(r,x,y,m,i,bn,ctx); }
+ This is r=(x*y)%m. Internally it is approximately
+ r=(x*y)-m*(x*y/m) or r=(x*y)-m*((x*y*i) >> bn)
+ This function is used in BN_mod_exp() and BN_is_prime().
+
+Assignment Operations
+
+int BN_one(BIGNUM *a)
+ Set 'a' to hold the value one.
+ This is a=1.
+
+int BN_zero(BIGNUM *a)
+ Set 'a' to hold the value zero.
+ This is a=0.
+
+int BN_set_word(BIGNUM *a, unsigned long w);
+ Set 'a' to hold the value of 'w'. 'w' is an unsigned long.
+ This is a=w.
+
+unsigned long BN_get_word(BIGNUM *a);
+ Returns 'a' in an unsigned long. Not remarkably, often 'a' will
+ be biger than a word, in which case 0xffffffffL is returned.
+
+Word Operations
+These functions are much more efficient that the normal bignum arithmetic
+operations.
+
+BN_ULONG BN_mod_word(BIGNUM *a, unsigned long w);
+ Return the remainder of 'a' divided by 'w'.
+ This is return(a%w).
+
+int BN_add_word(BIGNUM *a, unsigned long w);
+ Add 'w' to 'a'. This function does not take the sign of 'a' into
+ account. This is a+=w;
+
+Bit operations.
+
+int BN_is_bit_set(BIGNUM *a, int n);
+ This function return 1 if bit 'n' is set in 'a' else 0.
+
+int BN_set_bit(BIGNUM *a, int n);
+ This function sets bit 'n' to 1 in 'a'. Return 0 if less than
+ 'n' bits in 'a', else 1. This is a&= ~(1<<n);
+
+int BN_clear_bit(BIGNUM *a, int n);
+ This function sets bit 'n' to zero in 'a'. Return 0 if less
+ than 'n' bits in 'a' else 1. This is a&= ~(1<<n);
+
+int BN_mask_bits(BIGNUM *a, int n);
+ Truncate 'a' to n bits long. This is a&= ~((~0)<<n)
+
+Format conversion routines.
+
+BIGNUM *BN_bin2bn(unsigned char *s, int len,BIGNUM *ret);
+ This function converts 'len' bytes in 's' into a BIGNUM which
+ is put in 'ret'. If ret is NULL, a new BIGNUM is created.
+ Either this new BIGNUM or ret is returned. The number is
+ assumed to be in bigendian form in 's'. By this I mean that
+ to 'ret' is created as follows for 'len' == 5.
+ ret = s[0]*2^32 + s[1]*2^24 + s[2]*2^16 + s[3]*2^8 + s[4];
+ This function cannot be used to convert negative numbers. It
+ is always assumed the number is positive. The application
+ needs to diddle the 'neg' field of th BIGNUM its self.
+ The better solution would be to save the numbers in ASN.1 format
+ since this is a defined standard for storing big numbers.
+ Look at the functions
+
+ ASN1_INTEGER *BN_to_ASN1_INTEGER(BIGNUM *bn, ASN1_INTEGER *ai);
+ BIGNUM *ASN1_INTEGER_to_BN(ASN1_INTEGER *ai,BIGNUM *bn);
+ int i2d_ASN1_INTEGER(ASN1_INTEGER *a,unsigned char **pp);
+ ASN1_INTEGER *d2i_ASN1_INTEGER(ASN1_INTEGER **a,unsigned char **pp,
+ long length;
+
+int BN_bn2bin(BIGNUM *a, unsigned char *to);
+ This function converts 'a' to a byte string which is put into
+ 'to'. The representation is big-endian in that the most
+ significant byte of 'a' is put into to[0]. This function
+ returns the number of bytes used to hold 'a'. BN_num_bytes(a)
+ would return the same value and can be used to determine how
+ large 'to' needs to be. If the number is negative, this
+ information is lost. Since this library was written to
+ manipulate large positive integers, the inability to save and
+ restore them is not considered to be a problem by me :-).
+ As for BN_bin2bn(), look at the ASN.1 integer encoding funtions
+ for SSLeay. They use BN_bin2bn() and BN_bn2bin() internally.
+
+char *BN_bn2ascii(BIGNUM *a);
+ This function returns a malloc()ed string that contains the
+ ascii hexadecimal encoding of 'a'. The number is in bigendian
+ format with a '-' in front if the number is negative.
+
+int BN_ascii2bn(BIGNUM **bn, char *a);
+ The inverse of BN_bn2ascii. The function returns the number of
+ characters from 'a' were processed in generating a the bignum.
+ error is inticated by 0 being returned. The number is a
+ hex digit string, optionally with a leading '-'. If *bn
+ is null, a BIGNUM is created and returned via that variable.
+
+int BN_print_fp(FILE *fp, BIGNUM *a);
+ 'a' is printed to file pointer 'fp'. It is in the same format
+ that is output from BN_bn2ascii(). 0 is returned on error,
+ 1 if things are ok.
+
+int BN_print(BIO *bp, BIGNUM *a);
+ Same as BN_print except that the output is done to the SSLeay libraries
+ BIO routines. BN_print_fp() actually calls this function.
+
+Miscellaneous Routines.
+
+int BN_rand(BIGNUM *rnd, int bits, int top, int bottom);
+ This function returns in 'rnd' a random BIGNUM that is bits
+ long. If bottom is 1, the number returned is odd. If top is set,
+ the top 2 bits of the number are set. This is useful because if
+ this is set, 2 'n; bit numbers multiplied together will return a 2n
+ bit number. If top was not set, they could produce a 2n-1 bit
+ number.
+
+BIGNUM *BN_mod_inverse(BIGNUM *a, BIGNUM *n,BN_CTX *ctx);
+ This function create a new BIGNUM and returns it. This number
+ is the inverse mod 'n' of 'a'. By this it is meant that the
+ returned value 'r' satisfies (a*r)%n == 1. This function is
+ used in the generation of RSA keys. 'ctx', as per usual,
+ is used to hold temporary variables that are required by the
+ function. NULL is returned on error.
+
+int BN_gcd(BIGNUM *r,BIGNUM *a,BIGNUM *b,BN_CTX *ctx);
+ 'r' has the greatest common divisor of 'a' and 'b'. 'ctx' is
+ used for temporary variables and 0 is returned on error.
+
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(),BN_CTX *ctx);
+ This function is used to check if a BIGNUM ('p') is prime.
+ It performs this test by using the Miller-Rabin randomised
+ primality test. This is a probalistic test that requires a
+ number of rounds to ensure the number is prime to a high
+ degree of probability. Since this can take quite some time, a
+ callback function can be passed and it will be called each
+ time 'p' passes a round of the prime testing. 'callback' will
+ be called as follows, callback(1,n) where n is the number of
+ the round, just passed. As per usual 'ctx' contains temporary
+ variables used. If ctx is NULL, it does not matter, a local version
+ will be malloced. This parameter is present to save some mallocing
+ inside the function but probably could be removed.
+ 0 is returned on error.
+ 'ncheck' is the number of Miller-Rabin tests to run. It is
+ suggested to use the value 'BN_prime_checks' by default.
+
+BIGNUM *BN_generate_prime(
+int bits,
+int strong,
+BIGNUM *a,
+BIGNUM *rems,
+void (*callback)());
+ This function is used to generate prime numbers. It returns a
+ new BIGNUM that has a high probability of being a prime.
+ 'bits' is the number of bits that
+ are to be in the prime. If 'strong' is true, the returned prime
+ will also be a strong prime ((p-1)/2 is also prime).
+ While searching for the prime ('p'), we
+ can add the requirement that the prime fill the following
+ condition p%a == rem. This can be used to help search for
+ primes with specific features, which is required when looking
+ for primes suitable for use with certain 'g' values in the
+ Diffie-Hellman key exchange algorithm. If 'a' is NULL,
+ this condition is not checked. If rem is NULL, rem is assumed
+ to be 1. Since this search for a prime
+ can take quite some time, if callback is not NULL, it is called
+ in the following situations.
+ We have a suspected prime (from a quick sieve),
+ callback(0,sus_prime++). Each item to be passed to BN_is_prime().
+ callback(1,round++). Each successful 'round' in BN_is_prime().
+ callback(2,round). For each successful BN_is_prime() test.
+
diff --git a/doc/ca.1 b/doc/ca.1
new file mode 100644
index 0000000..5b0c5a1
--- /dev/null
+++ b/doc/ca.1
@@ -0,0 +1,121 @@
+From eay@orb.mincom.oz.au Thu Dec 28 23:56:45 1995
+Received: by orb.mincom.oz.au id AA07374
+ (5.65c/IDA-1.4.4 for eay); Thu, 28 Dec 1995 13:56:45 +1000
+Date: Thu, 28 Dec 1995 13:56:45 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: sameer <sameer@c2.org>
+Cc: ssleay@mincom.oz.au
+Subject: Re: 'ca'
+In-Reply-To: <199512230440.UAA23410@infinity.c2.org>
+Message-Id: <Pine.SOL.3.91.951228133525.7269A-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: RO
+X-Status:
+
+On Fri, 22 Dec 1995, sameer wrote:
+> I could use documentation on 'ca'. Thanks.
+
+Very quickly.
+The ca program uses the ssleay.conf file for most of its configuration
+
+./ca -help
+
+ -verbose - Talk alot while doing things
+ -config file - A config file. If you don't want to use the
+ default config file
+ -name arg - The particular CA definition to use
+ In the config file, the section to use for parameters. This lets
+ multiple setups to be contained in the one file. By default, the
+ default_ca variable is looked up in the [ ca ] section. So in the
+ shipped ssleay.conf, the CA definition used is CA_default. It could be
+ any other name.
+ -gencrl days - Generate a new CRL, days is when the next CRL is due
+ This will generate a new certificate revocion list.
+ -days arg - number of days to certify the certificate for
+ When certifiying certificates, this is the number of days to use.
+ -md arg - md to use, one of md2, md5, sha or sha1
+ -policy arg - The CA 'policy' to support
+ I'll describe this later, but there are 2 policies definied in the
+ shipped ssleay.conf
+ -keyfile arg - PEM RSA private key file
+ -key arg - key to decode the RSA private key if it is encrypted
+ since we need to keep the CA's RSA key encrypted
+ -cert - The CA certificate
+ -in file - The input PEM encoded certificate request(s)
+ -out file - Where to put the output file(s)
+ -outdir dir - Where to put output certificates
+ The -out options concatinates all the output certificied
+ certificates to one file, -outdir puts them in a directory,
+ named by serial number.
+ -infiles .... - The last argument, requests to process
+ The certificate requests to process, -in is the same.
+
+Just about all the above have default values defined in ssleay.conf.
+
+The key variables in ssleay.conf are (for the pariticular '-name' being
+used, in the default, it is CA_default).
+
+dir is where all the CA database stuff is kept.
+certs is where all the previously issued certificates are kept.
+The database is a simple text database containing the following tab separated
+fields.
+status: a value of 'R' - revoked, 'E' -expired or 'V' valid.
+issued date: When the certificate was certified.
+revoked date: When it was revoked, blank if not revoked.
+serial number: The certificate serial number.
+certificate: Where the certificate is located.
+CN: The name of the certificate.
+
+The demo file has quite a few made up values it it. The last 2 were
+added by the ca program and are acurate.
+The CA program does not update the 'certificate' file correctly right now.
+The serial field should be unique as should the CN/status combination.
+The ca program checks these at startup. What still needs to be
+wrtten is a program to 'regenerate' the data base file from the issued
+certificate list (and a CRL list).
+
+Back to the CA_default variables.
+
+Most of the variables are commented.
+
+policy is the default policy.
+
+Ok for policies, they define the order and which fields must be present
+in the certificate request and what gets filled in.
+
+So a value of
+countryName = match
+means that the country name must match the CA certificate.
+organizationalUnitName = optional
+The org.Unit,Name does not have to be present and
+commonName = supplied
+commonName must be supplied in the certificate request.
+
+For the 'policy_match' polocy, the order of the attributes in the
+generated certiticate would be
+countryName
+stateOrProvinceName
+organizationName
+organizationalUnitName
+commonName
+emailAddress
+
+Have a play, it sort of makes sense. If you think about how the persona
+requests operate, it is similar to the 'policy_match' policy and the
+'policy_anything' is similar to what versign is doing.
+
+I hope this helps a bit. Some backend scripts are definitly needed to
+update the database and to make certificate revocion easy. All
+certificates issued should also be kept forever (or until they expire?)
+
+hope this helps
+eric (who has to run off an buy some cheap knee pads for the caving in 4
+days time :-)
+
+--
+Eric Young | Signature removed since it was generating
+AARNet: eay@mincom.oz.au | more followups than the message contents :-)
+
+
diff --git a/doc/callback.doc b/doc/callback.doc
new file mode 100644
index 0000000..7ad0f7f
--- /dev/null
+++ b/doc/callback.doc
@@ -0,0 +1,240 @@
+Callback functions used in SSLeay.
+
+--------------------------
+The BIO library.
+
+Each BIO structure can have a callback defined against it. This callback is
+called 2 times for each BIO 'function'. It is passed 6 parameters.
+BIO_debug_callback() is an example callback which is defined in
+crypto/buffer/bio_cb.c and is used in apps/dgst.c This is intended mostly
+for debuging or to notify the application of IO.
+
+long BIO_debug_callback(BIO *bio,int cmd,char *argp,int argi,long argl,
+ long ret);
+bio is the BIO being called, cmd is the type of BIO function being called.
+Look at the BIO_CB_* defines in buffer.h. Argp and argi are the arguments
+passed to BIO_read(), BIO_write, BIO_gets(), BIO_puts(). In the case of
+BIO_ctrl(), argl is also defined. The first time the callback is called,
+before the underlying function has been executed, 0 is passed as 'ret', and
+if the return code from the callback is not > 0, the call is aborted
+and the returned <= 0 value is returned.
+The second time the callback is called, the 'cmd' value also has
+BIO_CB_RETURN logically 'or'ed with it. The 'ret' value is the value returned
+from the actuall function call and whatever the callback returns is returned
+from the BIO function.
+
+BIO_set_callback(b,cb) can be used to set the callback function
+(b is a BIO), and BIO_set_callback_arg(b,arg) can be used to
+set the cb_arg argument in the BIO strucutre. This field is only intended
+to be used by application, primarily in the callback function since it is
+accessable since the BIO is passed.
+
+--------------------------
+The PEM library.
+
+The pem library only really uses one type of callback,
+static int def_callback(char *buf, int num, int verify);
+which is used to return a password string if required.
+'buf' is the buffer to put the string in. 'num' is the size of 'buf'
+and 'verify' is used to indicate that the password should be checked.
+This last flag is mostly used when reading a password for encryption.
+
+For all of these functions, a NULL callback will call the above mentioned
+default callback. This default function does not work under Windows 3.1.
+For other machines, it will use an application defined prompt string
+(EVP_set_pw_prompt(), which defines a library wide prompt string)
+if defined, otherwise it will use it's own PEM password prompt.
+It will then call EVP_read_pw_string() to get a password from the console.
+If your application wishes to use nice fancy windows to retrieve passwords,
+replace this function. The callback should return the number of bytes read
+into 'buf'. If the number of bytes <= 0, it is considered an error.
+
+Functions that take this callback are listed below. For the 'read' type
+functions, the callback will only be required if the PEM data is encrypted.
+
+For the Write functions, normally a password can be passed in 'kstr', of
+'klen' bytes which will be used if the 'enc' cipher is not NULL. If
+'kstr' is NULL, the callback will be used to retrieve a password.
+
+int PEM_do_header (EVP_CIPHER_INFO *cipher, unsigned char *data,long *len,
+ int (*callback)());
+char *PEM_ASN1_read_bio(char *(*d2i)(),char *name,BIO *bp,char **x,int (*cb)());
+char *PEM_ASN1_read(char *(*d2i)(),char *name,FILE *fp,char **x,int (*cb)());
+int PEM_ASN1_write_bio(int (*i2d)(),char *name,BIO *bp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+int PEM_ASN1_write(int (*i2d)(),char *name,FILE *fp,char *x,
+ EVP_CIPHER *enc,unsigned char *kstr,int klen,int (*callback)());
+STACK *PEM_X509_INFO_read(FILE *fp, STACK *sk, int (*cb)());
+STACK *PEM_X509_INFO_read_bio(BIO *fp, STACK *sk, int (*cb)());
+
+#define PEM_write_RSAPrivateKey(fp,x,enc,kstr,klen,cb)
+#define PEM_write_DSAPrivateKey(fp,x,enc,kstr,klen,cb)
+#define PEM_write_bio_RSAPrivateKey(bp,x,enc,kstr,klen,cb)
+#define PEM_write_bio_DSAPrivateKey(bp,x,enc,kstr,klen,cb)
+#define PEM_read_SSL_SESSION(fp,x,cb)
+#define PEM_read_X509(fp,x,cb)
+#define PEM_read_X509_REQ(fp,x,cb)
+#define PEM_read_X509_CRL(fp,x,cb)
+#define PEM_read_RSAPrivateKey(fp,x,cb)
+#define PEM_read_DSAPrivateKey(fp,x,cb)
+#define PEM_read_PrivateKey(fp,x,cb)
+#define PEM_read_PKCS7(fp,x,cb)
+#define PEM_read_DHparams(fp,x,cb)
+#define PEM_read_bio_SSL_SESSION(bp,x,cb)
+#define PEM_read_bio_X509(bp,x,cb)
+#define PEM_read_bio_X509_REQ(bp,x,cb)
+#define PEM_read_bio_X509_CRL(bp,x,cb)
+#define PEM_read_bio_RSAPrivateKey(bp,x,cb)
+#define PEM_read_bio_DSAPrivateKey(bp,x,cb)
+#define PEM_read_bio_PrivateKey(bp,x,cb)
+#define PEM_read_bio_PKCS7(bp,x,cb)
+#define PEM_read_bio_DHparams(bp,x,cb)
+int i2d_Netscape_RSA(RSA *a, unsigned char **pp, int (*cb)());
+RSA *d2i_Netscape_RSA(RSA **a, unsigned char **pp, long length, int (*cb)());
+
+Now you will notice that macros like
+#define PEM_write_X509(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_X509,PEM_STRING_X509,fp, \
+ (char *)x, NULL,NULL,0,NULL)
+Don't do encryption normally. If you want to PEM encrypt your X509 structure,
+either just call PEM_ASN1_write directly or just define you own
+macro variant. As you can see, this macro just sets all encryption related
+parameters to NULL.
+
+
+--------------------------
+The SSL library.
+
+#define SSL_set_info_callback(ssl,cb)
+#define SSL_CTX_set_info_callback(ctx,cb)
+void callback(SSL *ssl,int location,int ret)
+This callback is called each time around the SSL_connect()/SSL_accept()
+state machine. So it will be called each time the SSL protocol progresses.
+It is mostly present for use when debugging. When SSL_connect() or
+SSL_accept() return, the location flag is SSL_CB_ACCEPT_EXIT or
+SSL_CB_CONNECT_EXIT and 'ret' is the value about to be returned.
+Have a look at the SSL_CB_* defines in ssl.h. If an info callback is defined
+against the SSL_CTX, it is called unless there is one set against the SSL.
+Have a look at
+void client_info_callback() in apps/s_client() for an example.
+
+Certificate verification.
+void SSL_set_verify(SSL *s, int mode, int (*callback) ());
+void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)());
+This callback is used to help verify client and server X509 certificates.
+It is actually passed to X509_cert_verify(), along with the SSL structure
+so you have to read about X509_cert_verify() :-). The SSL_CTX version is used
+if the SSL version is not defined. X509_cert_verify() is the function used
+by the SSL part of the library to verify certificates. This function is
+nearly always defined by the application.
+
+void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
+int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain);
+This call is used to replace the SSLeay certificate verification code.
+The 'arg' is kept in the SSL_CTX and is passed to the callback.
+If the callback returns 0, the certificate is rejected, otherwise it
+is accepted. The callback is replacing the X509_cert_verify() call.
+This feature is not often used, but if you wished to implement
+some totally different certificate authentication system, this 'hook' is
+vital.
+
+SSLeay keeps a cache of session-ids against each SSL_CTX. These callbacks can
+be used to notify the application when a SSL_SESSION is added to the cache
+or to retrieve a SSL_SESSION that is not in the cache from the application.
+#define SSL_CTX_sess_set_get_cb(ctx,cb)
+SSL_SESSION *callback(SSL *s,char *session_id,int session_id_len,int *copy);
+If defined, this callback is called to return the SESSION_ID for the
+session-id in 'session_id', of 'session_id_len' bytes. 'copy' is set to 1
+if the server is to 'take a copy' of the SSL_SESSION structure. It is 0
+if the SSL_SESSION is being 'passed in' so the SSLeay library is now
+responsible for 'free()ing' the structure. Basically it is used to indicate
+if the reference count on the SSL_SESSION structure needs to be incremented.
+
+#define SSL_CTX_sess_set_new_cb(ctx,cb)
+int callback(SSL *s, SSL_SESSION *sess);
+When a new connection is established, if the SSL_SESSION is going to be added
+to the cache, this callback is called. Return 1 if a 'copy' is required,
+otherwise, return 0. This return value just causes the reference count
+to be incremented (on return of a 1), this means the application does
+not need to worry about incrementing the refernece count (and the
+locking that implies in a multi-threaded application).
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
+This sets the SSL password reading function.
+It is mostly used for windowing applications
+and used by PEM_read_bio_X509() and PEM_read_bio_RSAPrivateKey()
+calls inside the SSL library. The only reason this is present is because the
+calls to PEM_* functions is hidden in the SSLeay library so you have to
+pass in the callback some how.
+
+#define SSL_CTX_set_client_cert_cb(ctx,cb)
+int callback(SSL *s,X509 **x509, EVP_PKEY **pkey);
+Called when a client certificate is requested but there is not one set
+against the SSL_CTX or the SSL. If the callback returns 1, x509 and
+pkey need to point to valid data. The library will free these when
+required so if the application wants to keep these around, increment
+their reference counts. If 0 is returned, no client cert is
+available. If -1 is returned, it is assumed that the callback needs
+to be called again at a later point in time. SSL_connect will return
+-1 and SSL_want_x509_lookup(ssl) returns true. Remember that
+application data can be attached to an SSL structure via the
+SSL_set_app_data(SSL *ssl,char *data) call.
+
+--------------------------
+The X509 library.
+
+int X509_cert_verify(CERTIFICATE_CTX *ctx,X509 *xs, int (*cb)(),
+ int *error,char *arg,STACK *cert_chain);
+int verify_callback(int ok,X509 *xs,X509 *xi,int depth,int error,char *arg,
+ STACK *cert_chain);
+
+X509_cert_verify() is used to authenticate X509 certificates. The 'ctx' holds
+the details of the various caches and files used to locate certificates.
+'xs' is the certificate to verify and 'cb' is the application callback (more
+detail later). 'error' will be set to the error code and 'arg' is passed
+to the 'cb' callback. Look at the VERIFY_* defines in crypto/x509/x509.h
+
+When ever X509_cert_verify() makes a 'negative' decision about a
+certitificate, the callback is called. If everything checks out, the
+callback is called with 'VERIFY_OK' or 'VERIFY_ROOT_OK' (for a self
+signed cert that is not the passed certificate).
+
+The callback is passed the X509_cert_verify opinion of the certificate
+in 'ok', the certificate in 'xs', the issuer certificate in 'xi',
+the 'depth' of the certificate in the verification 'chain', the
+VERIFY_* code in 'error' and the argument passed to X509_cert_verify()
+in 'arg'. cert_chain is a list of extra certs to use if they are not
+in the cache.
+
+The callback can be used to look at the error reason, and then return 0
+for an 'error' or '1' for ok. This will override the X509_cert_verify()
+opinion of the certificates validity. Processing will continue depending on
+the return value. If one just wishes to use the callback for informational
+reason, just return the 'ok' parameter.
+
+--------------------------
+The BN and DH library.
+
+BIGNUM *BN_generate_prime(int bits,int strong,BIGNUM *add,
+ BIGNUM *rem,void (*callback)(int,int));
+int BN_is_prime(BIGNUM *p,int nchecks,void (*callback)(int,int),
+
+Read doc/bn.doc for the description of these 2.
+
+DH *DH_generate_parameters(int prime_len,int generator,
+ void (*callback)(int,int));
+Read doc/bn.doc for the description of the callback, since it is just passed
+to BN_generate_prime(), except that it is also called as
+callback(3,0) by this function.
+
+--------------------------
+The CRYPTO library.
+
+void CRYPTO_set_locking_callback(void (*func)(int mode,int type,char *file,
+ int line));
+void CRYPTO_set_add_lock_callback(int (*func)(int *num,int mount,
+ int type,char *file, int line));
+void CRYPTO_set_id_callback(unsigned long (*func)(void));
+
+Read threads.doc for info on these ones.
+
diff --git a/doc/cipher.doc b/doc/cipher.doc
new file mode 100644
index 0000000..d49ba78
--- /dev/null
+++ b/doc/cipher.doc
@@ -0,0 +1,345 @@
+The Cipher subroutines.
+
+These routines require "evp.h" to be included.
+
+These functions are a higher level interface to the various cipher
+routines found in this library. As such, they allow the same code to be
+used to encrypt and decrypt via different ciphers with only a change
+in an initial parameter. These routines also provide buffering for block
+ciphers.
+
+These routines all take a pointer to the following structure to specify
+which cipher to use. If you wish to use a new cipher with these routines,
+you would probably be best off looking an how an existing cipher is
+implemented and copying it. At this point in time, I'm not going to go
+into many details. This structure should be considered opaque
+
+typedef struct pem_cipher_st
+ {
+ int type;
+ int block_size;
+ int key_len;
+ int iv_len;
+ void (*enc_init)(); /* init for encryption */
+ void (*dec_init)(); /* init for decryption */
+ void (*do_cipher)(); /* encrypt data */
+ } EVP_CIPHER;
+
+The type field is the object NID of the cipher type
+(read the section on Objects for an explanation of what a NID is).
+The cipher block_size is how many bytes need to be passed
+to the cipher at a time. Key_len is the
+length of the key the cipher requires and iv_len is the length of the
+initialisation vector required. enc_init is the function
+called to initialise the ciphers context for encryption and dec_init is the
+function to initialise for decryption (they need to be different, especially
+for the IDEA cipher).
+
+One reason for specifying the Cipher via a pointer to a structure
+is that if you only use des-cbc, only the des-cbc routines will
+be included when you link the program. If you passed an integer
+that specified which cipher to use, the routine that mapped that
+integer to a set of cipher functions would cause all the ciphers
+to be link into the code. This setup also allows new ciphers
+to be added by the application (with some restrictions).
+
+The thirteen ciphers currently defined in this library are
+
+EVP_CIPHER *EVP_des_ecb(); /* DES in ecb mode, iv=0, block=8, key= 8 */
+EVP_CIPHER *EVP_des_ede(); /* DES in ecb ede mode, iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_des_ede3(); /* DES in ecb ede mode, iv=0, block=8, key=24 */
+EVP_CIPHER *EVP_des_cfb(); /* DES in cfb mode, iv=8, block=1, key= 8 */
+EVP_CIPHER *EVP_des_ede_cfb(); /* DES in ede cfb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_des_ede3_cfb();/* DES in ede cfb mode, iv=8, block=1, key=24 */
+EVP_CIPHER *EVP_des_ofb(); /* DES in ofb mode, iv=8, block=1, key= 8 */
+EVP_CIPHER *EVP_des_ede_ofb(); /* DES in ede ofb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_des_ede3_ofb();/* DES in ede ofb mode, iv=8, block=1, key=24 */
+EVP_CIPHER *EVP_des_cbc(); /* DES in cbc mode, iv=8, block=8, key= 8 */
+EVP_CIPHER *EVP_des_ede_cbc(); /* DES in cbc ede mode, iv=8, block=8, key=16 */
+EVP_CIPHER *EVP_des_ede3_cbc();/* DES in cbc ede mode, iv=8, block=8, key=24 */
+EVP_CIPHER *EVP_desx_cbc(); /* DES in desx cbc mode,iv=8, block=8, key=24 */
+EVP_CIPHER *EVP_rc4(); /* RC4, iv=0, block=1, key=16 */
+EVP_CIPHER *EVP_idea_ecb(); /* IDEA in ecb mode, iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_idea_cfb(); /* IDEA in cfb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_idea_ofb(); /* IDEA in ofb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_idea_cbc(); /* IDEA in cbc mode, iv=8, block=8, key=16 */
+EVP_CIPHER *EVP_rc2_ecb(); /* RC2 in ecb mode, iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_rc2_cfb(); /* RC2 in cfb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_rc2_ofb(); /* RC2 in ofb mode, iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_rc2_cbc(); /* RC2 in cbc mode, iv=8, block=8, key=16 */
+EVP_CIPHER *EVP_bf_ecb(); /* Blowfish in ecb mode,iv=0, block=8, key=16 */
+EVP_CIPHER *EVP_bf_cfb(); /* Blowfish in cfb mode,iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_bf_ofb(); /* Blowfish in ofb mode,iv=8, block=1, key=16 */
+EVP_CIPHER *EVP_bf_cbc(); /* Blowfish in cbc mode,iv=8, block=8, key=16 */
+
+The meaning of the compound names is as follows.
+des The base cipher is DES.
+idea The base cipher is IDEA
+rc4 The base cipher is RC4-128
+rc2 The base cipher is RC2-128
+ecb Electronic Code Book form of the cipher.
+cbc Cipher Block Chaining form of the cipher.
+cfb 64 bit Cipher Feedback form of the cipher.
+ofb 64 bit Output Feedback form of the cipher.
+ede The cipher is used in Encrypt, Decrypt, Encrypt mode. The first
+ and last keys are the same.
+ede3 The cipher is used in Encrypt, Decrypt, Encrypt mode.
+
+All the Cipher routines take a EVP_CIPHER_CTX pointer as an argument.
+The state of the cipher is kept in this structure.
+
+typedef struct EVP_CIPHER_Ctx_st
+ {
+ EVP_CIPHER *cipher;
+ int encrypt; /* encrypt or decrypt */
+ int buf_len; /* number we have left */
+ unsigned char buf[8];
+ union {
+ .... /* cipher specific stuff */
+ } c;
+ } EVP_CIPHER_CTX;
+
+Cipher is a pointer the the EVP_CIPHER for the current context. The encrypt
+flag indicates encryption or decryption. buf_len is the number of bytes
+currently being held in buf.
+The 'c' union holds the cipher specify context.
+
+The following functions are to be used.
+
+int EVP_read_pw_string(
+char *buf,
+int len,
+char *prompt,
+int verify,
+ This function is the same as des_read_pw_string() (des.doc).
+
+void EVP_set_pw_prompt(char *prompt);
+ This function sets the 'default' prompt to use to use in
+ EVP_read_pw_string when the prompt parameter is NULL. If the
+ prompt parameter is NULL, this 'default prompt' feature is turned
+ off. Be warned, this is a global variable so weird things
+ will happen if it is used under Win16 and care must be taken
+ with a multi-threaded version of the library.
+
+char *EVP_get_pw_prompt();
+ This returns a pointer to the default prompt string. NULL
+ if it is not set.
+
+int EVP_BytesToKey(
+EVP_CIPHER *type,
+EVP_MD *md,
+unsigned char *salt,
+unsigned char *data,
+int datal,
+int count,
+unsigned char *key,
+unsigned char *iv);
+ This function is used to generate a key and an initialisation vector
+ for a specified cipher from a key string and a salt. Type
+ specifies the cipher the 'key' is being generated for. Md is the
+ message digest algorithm to use to generate the key and iv. The salt
+ is an optional 8 byte object that is used to help seed the key
+ generator.
+ If the salt value is NULL, it is just not used. Datal is the
+ number of bytes to use from 'data' in the key generation.
+ This function returns the key size for the specified cipher, if
+ data is NULL, this value is returns and no other
+ computation is performed. Count is
+ the number of times to loop around the key generator. I would
+ suggest leaving it's value as 1. Key and iv are the structures to
+ place the returning iv and key in. If they are NULL, no value is
+ generated for that particular value.
+ The algorithm used is as follows
+
+ /* M[] is an array of message digests
+ * MD() is the message digest function */
+ M[0]=MD(data . salt);
+ for (i=1; i<count; i++) M[0]=MD(M[0]);
+
+ i=1
+ while (data still needed for key and iv)
+ {
+ M[i]=MD(M[i-1] . data . salt);
+ for (i=1; i<count; i++) M[i]=MD(M[i]);
+ i++;
+ }
+
+ If the salt is NULL, it is not used.
+ The digests are concatenated together.
+ M = M[0] . M[1] . M[2] .......
+
+ For key= 8, iv=8 => key=M[0.. 8], iv=M[ 9 .. 16].
+ For key=16, iv=0 => key=M[0..16].
+ For key=16, iv=8 => key=M[0..16], iv=M[17 .. 24].
+ For key=24, iv=8 => key=M[0..24], iv=M[25 .. 32].
+
+ This routine will produce DES-CBC keys and iv that are compatible
+ with the PKCS-5 standard when md2 or md5 are used. If md5 is
+ used, the salt is NULL and count is 1, this routine will produce
+ the password to key mapping normally used with RC4.
+ I have attempted to logically extend the PKCS-5 standard to
+ generate keys and iv for ciphers that require more than 16 bytes,
+ if anyone knows what the correct standard is, please inform me.
+ When using sha or sha1, things are a bit different under this scheme,
+ since sha produces a 20 byte digest. So for ciphers requiring
+ 24 bits of data, 20 will come from the first MD and 4 will
+ come from the second.
+
+ I have considered having a separate function so this 'routine'
+ can be used without the requirement of passing a EVP_CIPHER *,
+ but I have decided to not bother. If you wish to use the
+ function without official EVP_CIPHER structures, just declare
+ a local one and set the key_len and iv_len fields to the
+ length you desire.
+
+The following routines perform encryption and decryption 'by parts'. By
+this I mean that there are groups of 3 routines. An Init function that is
+used to specify a cipher and initialise data structures. An Update routine
+that does encryption/decryption, one 'chunk' at a time. And finally a
+'Final' function that finishes the encryption/decryption process.
+All these functions take a EVP_CIPHER pointer to specify which cipher to
+encrypt/decrypt with. They also take a EVP_CIPHER_CTX object as an
+argument. This structure is used to hold the state information associated
+with the operation in progress.
+
+void EVP_EncryptInit(
+EVP_CIPHER_CTX *ctx,
+EVP_CIPHER *type,
+unsigned char *key,
+unsigned char *iv);
+ This function initialise a EVP_CIPHER_CTX for encryption using the
+ cipher passed in the 'type' field. The cipher is initialised to use
+ 'key' as the key and 'iv' for the initialisation vector (if one is
+ required). If the type, key or iv is NULL, the value currently in the
+ EVP_CIPHER_CTX is reused. So to perform several decrypt
+ using the same cipher, key and iv, initialise with the cipher,
+ key and iv the first time and then for subsequent calls,
+ reuse 'ctx' but pass NULL for type, key and iv. You must make sure
+ to pass a key that is large enough for a particular cipher. I
+ would suggest using the EVP_BytesToKey() function.
+
+void EVP_EncryptUpdate(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl,
+unsigned char *in,
+int inl);
+ This function takes 'inl' bytes from 'in' and outputs bytes
+ encrypted by the cipher 'ctx' was initialised with into 'out'. The
+ number of bytes written to 'out' is put into outl. If a particular
+ cipher encrypts in blocks, less or more bytes than input may be
+ output. Currently the largest block size used by supported ciphers
+ is 8 bytes, so 'out' should have room for 'inl+7' bytes. Normally
+ EVP_EncryptInit() is called once, followed by lots and lots of
+ calls to EVP_EncryptUpdate, followed by a single EVP_EncryptFinal
+ call.
+
+void EVP_EncryptFinal(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl);
+ Because quite a large number of ciphers are block ciphers, there is
+ often an incomplete block to write out at the end of the
+ encryption. EVP_EncryptFinal() performs processing on this last
+ block. The last block in encoded in such a way that it is possible
+ to determine how many bytes in the last block are valid. For 8 byte
+ block size ciphers, if only 5 bytes in the last block are valid, the
+ last three bytes will be filled with the value 3. If only 2 were
+ valid, the other 6 would be filled with sixes. If all 8 bytes are
+ valid, a extra 8 bytes are appended to the cipher stream containing
+ nothing but 8 eights. These last bytes are output into 'out' and
+ the number of bytes written is put into 'outl' These last bytes
+ are output into 'out' and the number of bytes written is put into
+ 'outl'. This form of block cipher finalisation is compatible with
+ PKCS-5. Please remember that even if you are using ciphers like
+ RC4 that has no blocking and so the function will not write
+ anything into 'out', it would still be a good idea to pass a
+ variable for 'out' that can hold 8 bytes just in case the cipher is
+ changed some time in the future. It should also be remembered
+ that the EVP_CIPHER_CTX contains the password and so when one has
+ finished encryption with a particular EVP_CIPHER_CTX, it is good
+ practice to zero the structure
+ (ie. memset(ctx,0,sizeof(EVP_CIPHER_CTX)).
+
+void EVP_DecryptInit(
+EVP_CIPHER_CTX *ctx,
+EVP_CIPHER *type,
+unsigned char *key,
+unsigned char *iv);
+ This function is basically the same as EVP_EncryptInit() accept that
+ is prepares the EVP_CIPHER_CTX for decryption.
+
+void EVP_DecryptUpdate(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl,
+unsigned char *in,
+int inl);
+ This function is basically the same as EVP_EncryptUpdate()
+ except that it performs decryption. There is one
+ fundamental difference though. 'out' can not be the same as
+ 'in' for any ciphers with a block size greater than 1 if more
+ than one call to EVP_DecryptUpdate() will be made. This
+ is because this routine can hold a 'partial' block between
+ calls. When a partial block is decrypted (due to more bytes
+ being passed via this function, they will be written to 'out'
+ overwriting the input bytes in 'in' that have not been read
+ yet. From this it should also be noted that 'out' should
+ be at least one 'block size' larger than 'inl'. This problem
+ only occurs on the second and subsequent call to
+ EVP_DecryptUpdate() when using a block cipher.
+
+int EVP_DecryptFinal(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl);
+ This function is different to EVP_EncryptFinal in that it 'removes'
+ any padding bytes appended when the data was encrypted. Due to the
+ way in which 1 to 8 bytes may have been appended when encryption
+ using a block cipher, 'out' can end up with 0 to 7 bytes being put
+ into it. When decoding the padding bytes, it is possible to detect
+ an incorrect decryption. If the decryption appears to be wrong, 0
+ is returned. If everything seems ok, 1 is returned. For ciphers
+ with a block size of 1 (RC4), this function would normally not
+ return any bytes and would always return 1. Just because this
+ function returns 1 does not mean the decryption was correct. It
+ would normally be wrong due to either the wrong key/iv or
+ corruption of the cipher data fed to EVP_DecryptUpdate().
+ As for EVP_EncryptFinal, it is a good idea to zero the
+ EVP_CIPHER_CTX after use since the structure contains the key used
+ to decrypt the data.
+
+The following Cipher routines are convenience routines that call either
+EVP_EncryptXxx or EVP_DecryptXxx depending on weather the EVP_CIPHER_CTX
+was setup to encrypt or decrypt.
+
+void EVP_CipherInit(
+EVP_CIPHER_CTX *ctx,
+EVP_CIPHER *type,
+unsigned char *key,
+unsigned char *iv,
+int enc);
+ This function take arguments that are the same as EVP_EncryptInit()
+ and EVP_DecryptInit() except for the extra 'enc' flag. If 1, the
+ EVP_CIPHER_CTX is setup for encryption, if 0, decryption.
+
+void EVP_CipherUpdate(
+EVP_CIPHER_CTX *ctx,
+unsigned char *out,
+int *outl,
+unsigned char *in,
+int inl);
+ Again this function calls either EVP_EncryptUpdate() or
+ EVP_DecryptUpdate() depending on state in the 'ctx' structure.
+ As noted for EVP_DecryptUpdate(), when this routine is used
+ for decryption with block ciphers, 'out' should not be the
+ same as 'in'.
+
+int EVP_CipherFinal(
+EVP_CIPHER_CTX *ctx,
+unsigned char *outm,
+int *outl);
+ This routine call EVP_EncryptFinal() or EVP_DecryptFinal()
+ depending on the state information in 'ctx'. 1 is always returned
+ if the mode is encryption, otherwise the return value is the return
+ value of EVP_DecryptFinal().
diff --git a/doc/cipher.m b/doc/cipher.m
new file mode 100644
index 0000000..9f74917
--- /dev/null
+++ b/doc/cipher.m
@@ -0,0 +1,128 @@
+From ssl-lists-owner@mincom.com Tue Oct 15 18:16:14 1996
+Received: from cygnus.mincom.oz.au by orb.mincom.oz.au with SMTP id AA11550
+ (5.65c/IDA-1.4.4 for eay); Tue, 15 Oct 1996 08:17:41 +1000
+Received: (from daemon@localhost) by cygnus.mincom.oz.au (8.7.5/8.7.3) id IAA12472 for ssl-users-outgoing; Tue, 15 Oct 1996 08:16:35 +1000 (EST)
+Received: from orb.mincom.oz.au (eay@orb.mincom.oz.au [192.55.197.1]) by cygnus.mincom.oz.au (8.7.5/8.7.3) with SMTP id IAA12463 for <ssl-users@listserv.mincom.oz.au>; Tue, 15 Oct 1996 08:16:32 +1000 (EST)
+Received: by orb.mincom.oz.au id AA11544
+ (5.65c/IDA-1.4.4 for ssl-users@listserv.mincom.oz.au); Tue, 15 Oct 1996 08:16:15 +1000
+Date: Tue, 15 Oct 1996 08:16:14 +1000 (EST)
+From: Eric Young <eay@mincom.com>
+X-Sender: eay@orb
+To: Roland Haring <rharing@tandem.cl>
+Cc: ssl-users@mincom.com
+Subject: Re: Symmetric encryption with ssleay
+In-Reply-To: <m0vBpyq-00001aC@tandemnet.tandem.cl>
+Message-Id: <Pine.SOL.3.91.961015075623.11394A-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Sender: ssl-lists-owner@mincom.com
+Precedence: bulk
+Status: RO
+X-Status:
+
+
+On Fri, 11 Oct 1996, Roland Haring wrote:
+> THE_POINT:
+> Would somebody be so kind to give me the minimum basic
+> calls I need to do to libcrypto.a to get some text encrypted
+> and decrypted again? ...hopefully with code included to do
+> base64 encryption and decryption ... e.g. that sign-it.c code
+> posted some while ago was a big help :-) (please, do not point
+> me to apps/enc.c where I suspect my Heissenbug to be hidden :-)
+
+Ok, the base64 encoding stuff in 'enc.c' does the wrong thing sometimes
+when the data is less than a line long (this is for decoding). I'll dig
+up the exact fix today and post it. I am taking longer on 0.6.5 than I
+intended so I'll just post this patch.
+
+The documentation to read is in
+doc/cipher.doc,
+doc/encode.doc (very sparse :-).
+and perhaps
+doc/digest.doc,
+
+The basic calls to encrypt with say triple DES are
+
+Given
+char key[EVP_MAX_KEY_LENGTH];
+char iv[EVP_MAX_IV_LENGTH];
+EVP_CIPHER_CTX ctx;
+unsigned char out[512+8];
+int outl;
+
+/* optional generation of key/iv data from text password using md5
+ * via an upward compatable verson of PKCS#5. */
+EVP_BytesToKey(EVP_des_ede3_cbc,EVP_md5,NULL,passwd,strlen(passwd),
+ key,iv);
+
+/* Initalise the EVP_CIPHER_CTX */
+EVP_EncryptInit(ctx,EVP_des_ede3_cbc,key,iv);
+
+while (....)
+ {
+ /* This is processing 512 bytes at a time, the bytes are being
+ * copied into 'out', outl bytes are output. 'out' should not be the
+ * same as 'in' for reasons mentioned in the documentation. */
+ EVP_EncryptUpdate(ctx,out,&outl,in,512);
+ }
+
+/* Output the last 'block'. If the cipher is a block cipher, the last
+ * block is encoded in such a way so that a wrong decryption will normally be
+ * detected - again, one of the PKCS standards. */
+
+EVP_EncryptFinal(ctx,out,&outl);
+
+To decrypt, use the EVP_DecryptXXXXX functions except that EVP_DecryptFinal()
+will return 0 if the decryption fails (only detectable on block ciphers).
+
+You can also use
+EVP_CipherInit()
+EVP_CipherUpdate()
+EVP_CipherFinal()
+which does either encryption or decryption depending on an extra
+parameter to EVP_CipherInit().
+
+
+To do the base64 encoding,
+EVP_EncodeInit()
+EVP_EncodeUpdate()
+EVP_EncodeFinal()
+
+EVP_DecodeInit()
+EVP_DecodeUpdate()
+EVP_DecodeFinal()
+
+where the encoding is quite simple, but the decoding can be a bit more
+fun (due to dud input).
+
+EVP_DecodeUpdate() returns -1 for an error on an input line, 0 if the
+'last line' was just processed, and 1 if more lines should be submitted.
+
+EVP_DecodeFinal() returns -1 for an error or 1 if things are ok.
+
+So the loop becomes
+EVP_DecodeInit(....)
+for (;;)
+ {
+ i=EVP_DecodeUpdate(....);
+ if (i < 0) goto err;
+
+ /* process the data */
+
+ if (i == 0) break;
+ }
+EVP_DecodeFinal(....);
+/* process the data */
+
+The problem in 'enc.c' is that I was stuff the processing up after the
+EVP_DecodeFinal(...) when the for(..) loop was not being run (one line of
+base64 data) and this was because 'enc.c' tries to scan over a file until
+it hits the first valid base64 encoded line.
+
+hope this helps a bit.
+eric
+--
+Eric Young | BOOL is tri-state according to Bill Gates.
+AARNet: eay@mincom.oz.au | RTFM Win32 GetMessage().
+
+
diff --git a/doc/conf.doc b/doc/conf.doc
new file mode 100644
index 0000000..f12fe88
--- /dev/null
+++ b/doc/conf.doc
@@ -0,0 +1,89 @@
+The CONF library.
+
+The CONF library is a simple set of routines that can be used to configure
+programs. It is a superset of the genenv() function with some extra
+structure.
+
+The library consists of 5 functions.
+
+LHASH *CONF_load(LHASH *config,char *file);
+This function is called to load in a configuration file. Multiple
+configuration files can be loaded, with each subsequent 'load' overwriting
+any already defined 'variables'. If there is an error, NULL is returned.
+If config is NULL, a new LHASH structure is created and returned, otherwise
+the new data in the 'file' is loaded into the 'config' structure.
+
+void CONF_free(LHASH *config);
+This function free()s the data in config.
+
+char *CONF_get_string(LHASH *config,char *section,char *name);
+This function returns the string found in 'config' that corresponds to the
+'section' and 'name' specified. Classes and the naming system used will be
+discussed later in this document. If the variable is not defined, an NULL
+is returned.
+
+long CONF_get_long(LHASH *config,char *section, char *name);
+This function is the same as CONF_get_string() except that it converts the
+string to an long and returns it. If variable is not a number or the
+variable does not exist, 0 is returned. This is a little problematic but I
+don't know of a simple way around it.
+
+STACK *CONF_get_section(LHASH *config, char *section);
+This function returns a 'stack' of CONF_VALUE items that are all the
+items defined in a particular section. DO NOT free() any of the
+variable returned. They will disappear when CONF_free() is called.
+
+The 'lookup' model.
+The configuration file is divided into 'sections'. Each section is started by
+a line of the form '[ section ]'. All subsequent variable definitions are
+of this section. A variable definition is a simple alpha-numeric name
+followed by an '=' and then the data. A section or variable name can be
+described by a regular expression of the following form '[A-Za-z0-9_]+'.
+The value of the variable is the text after the '=' until the end of the
+line, stripped of leading and trailing white space.
+At this point I should mention that a '#' is a comment character, \ is the
+escape character, and all three types of quote can be used to stop any
+special interpretation of the data.
+Now when the data is being loaded, variable expansion can occur. This is
+done by expanding any $NAME sequences into the value represented by the
+variable NAME. If the variable is not in the current section, the different
+section can be specified by using the $SECTION::NAME form. The ${NAME} form
+also works and is very useful for expanding variables inside strings.
+
+When a variable is looked up, there are 2 special section. 'default', which
+is the initial section, and 'ENV' which is the processes environment
+variables (accessed via getenv()). When a variable is looked up, it is
+first 'matched' with it's section (if one was specified), if this fails, the
+'default' section is matched.
+If the 'lhash' variable passed was NULL, the environment is searched.
+
+Now why do we bother with sections? So we can have multiple programs using
+the same configuration file, or multiple instances of the same program
+using different variables. It also provides a nice mechanism to override
+the processes environment variables (eg ENV::HOME=/tmp). If there is a
+program specific variable missing, we can have default values.
+Multiple configuration files can be loaded, with each new value clearing
+any predefined values. A system config file can provide 'default' values,
+and application/usr specific files can provide overriding values.
+
+Examples
+
+# This is a simple example
+SSLEAY_HOME = /usr/local/ssl
+ENV::PATH = $SSLEAY_HOME/bin:$PATH # override my path
+
+[X509]
+cert_dir = $SSLEAY_HOME/certs # /usr/local/ssl/certs
+
+[SSL]
+CIPHER = DES-EDE-MD5:RC4-MD5
+USER_CERT = $HOME/${USER}di'r 5' # /home/eay/eaydir 5
+USER_CERT = $HOME/\${USER}di\'r # /home/eay/${USER}di'r
+USER_CERT = "$HOME/${US"ER}di\'r # $HOME/${USER}di'r
+
+TEST = 1234\
+5678\
+9ab # TEST=123456789ab
+TTT = 1234\n\n # TTT=1234<nl><nl>
+
+
diff --git a/doc/danger b/doc/danger
new file mode 100644
index 0000000..d71b1b7
--- /dev/null
+++ b/doc/danger
@@ -0,0 +1,8 @@
+If you specify a SSLv2 cipher, and the mode is SSLv23 and the server
+can talk SSLv3, it will claim there is no cipher since you should be
+using SSLv3.
+
+When tracing debug stuff, remember BIO_s_socket() is different to
+BIO_s_connect().
+
+BSD/OS assember is not working
diff --git a/doc/des.doc b/doc/des.doc
new file mode 100644
index 0000000..1e30158
--- /dev/null
+++ b/doc/des.doc
@@ -0,0 +1,505 @@
+The DES library.
+
+Please note that this library was originally written to operate with
+eBones, a version of Kerberos that had had encryption removed when it left
+the USA and then put back in. As such there are some routines that I will
+advise not using but they are still in the library for historical reasons.
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'des.h'.
+
+All of the encryption functions take what is called a des_key_schedule as an
+argument. A des_key_schedule is an expanded form of the des key.
+A des_key is 8 bytes of odd parity, the type used to hold the key is a
+des_cblock. A des_cblock is an array of 8 bytes, often in this library
+description I will refer to input bytes when the function specifies
+des_cblock's as input or output, this just means that the variable should
+be a multiple of 8 bytes.
+
+The define DES_ENCRYPT is passed to specify encryption, DES_DECRYPT to
+specify decryption. The functions and global variable are as follows:
+
+int des_check_key;
+ DES keys are supposed to be odd parity. If this variable is set to
+ a non-zero value, des_set_key() will check that the key has odd
+ parity and is not one of the known weak DES keys. By default this
+ variable is turned off;
+
+void des_set_odd_parity(
+des_cblock *key );
+ This function takes a DES key (8 bytes) and sets the parity to odd.
+
+int des_is_weak_key(
+des_cblock *key );
+ This function returns a non-zero value if the DES key passed is a
+ weak, DES key. If it is a weak key, don't use it, try a different
+ one. If you are using 'random' keys, the chances of hitting a weak
+ key are 1/2^52 so it is probably not worth checking for them.
+
+int des_set_key(
+des_cblock *key,
+des_key_schedule schedule);
+ Des_set_key converts an 8 byte DES key into a des_key_schedule.
+ A des_key_schedule is an expanded form of the key which is used to
+ perform actual encryption. It can be regenerated from the DES key
+ so it only needs to be kept when encryption or decryption is about
+ to occur. Don't save or pass around des_key_schedule's since they
+ are CPU architecture dependent, DES keys are not. If des_check_key
+ is non zero, zero is returned if the key has the wrong parity or
+ the key is a weak key, else 1 is returned.
+
+int des_key_sched(
+des_cblock *key,
+des_key_schedule schedule);
+ An alternative name for des_set_key().
+
+int des_rw_mode; /* defaults to DES_PCBC_MODE */
+ This flag holds either DES_CBC_MODE or DES_PCBC_MODE (default).
+ This specifies the function to use in the enc_read() and enc_write()
+ functions.
+
+void des_encrypt(
+unsigned long *data,
+des_key_schedule ks,
+int enc);
+ This is the DES encryption function that gets called by just about
+ every other DES routine in the library. You should not use this
+ function except to implement 'modes' of DES. I say this because the
+ functions that call this routine do the conversion from 'char *' to
+ long, and this needs to be done to make sure 'non-aligned' memory
+ access do not occur. The characters are loaded 'little endian',
+ have a look at my source code for more details on how I use this
+ function.
+ Data is a pointer to 2 unsigned long's and ks is the
+ des_key_schedule to use. enc, is non zero specifies encryption,
+ zero if decryption.
+
+void des_encrypt2(
+unsigned long *data,
+des_key_schedule ks,
+int enc);
+ This functions is the same as des_encrypt() except that the DES
+ initial permutation (IP) and final permutation (FP) have been left
+ out. As for des_encrypt(), you should not use this function.
+ It is used by the routines in my library that implement triple DES.
+ IP() des_encrypt2() des_encrypt2() des_encrypt2() FP() is the same
+ as des_encrypt() des_encrypt() des_encrypt() except faster :-).
+
+void des_ecb_encrypt(
+des_cblock *input,
+des_cblock *output,
+des_key_schedule ks,
+int enc);
+ This is the basic Electronic Code Book form of DES, the most basic
+ form. Input is encrypted into output using the key represented by
+ ks. If enc is non zero (DES_ENCRYPT), encryption occurs, otherwise
+ decryption occurs. Input is 8 bytes long and output is 8 bytes.
+ (the des_cblock structure is 8 chars).
+
+void des_ecb3_encrypt(
+des_cblock *input,
+des_cblock *output,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+int enc);
+ This is the 3 key EDE mode of ECB DES. What this means is that
+ the 8 bytes of input is encrypted with ks1, decrypted with ks2 and
+ then encrypted again with ks3, before being put into output;
+ C=E(ks3,D(ks2,E(ks1,M))). There is a macro, des_ecb2_encrypt()
+ that only takes 2 des_key_schedules that implements,
+ C=E(ks1,D(ks2,E(ks1,M))) in that the final encrypt is done with ks1.
+
+void des_cbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int enc);
+ This routine implements DES in Cipher Block Chaining mode.
+ Input, which should be a multiple of 8 bytes is encrypted
+ (or decrypted) to output which will also be a multiple of 8 bytes.
+ The number of bytes is in length (and from what I've said above,
+ should be a multiple of 8). If length is not a multiple of 8, I'm
+ not being held responsible :-). ivec is the initialisation vector.
+ This function does not modify this variable. To correctly implement
+ cbc mode, you need to do one of 2 things; copy the last 8 bytes of
+ cipher text for use as the next ivec in your application,
+ or use des_ncbc_encrypt().
+ Only this routine has this problem with updating the ivec, all
+ other routines that are implementing cbc mode update ivec.
+
+void des_ncbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk,
+des_cblock *ivec,
+int enc);
+ For historical reasons, des_cbc_encrypt() did not update the
+ ivec with the value requires so that subsequent calls to
+ des_cbc_encrypt() would 'chain'. This was needed so that the same
+ 'length' values would not need to be used when decrypting.
+ des_ncbc_encrypt() does the right thing. It is the same as
+ des_cbc_encrypt accept that ivec is updates with the correct value
+ to pass in subsequent calls to des_ncbc_encrypt(). I advise using
+ des_ncbc_encrypt() instead of des_cbc_encrypt();
+
+void des_xcbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk,
+des_cblock *ivec,
+des_cblock *inw,
+des_cblock *outw,
+int enc);
+ This is RSA's DESX mode of DES. It uses inw and outw to
+ 'whiten' the encryption. inw and outw are secret (unlike the iv)
+ and are as such, part of the key. So the key is sort of 24 bytes.
+ This is much better than cbc des.
+
+void des_3cbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule sk1,
+des_key_schedule sk2,
+des_cblock *ivec1,
+des_cblock *ivec2,
+int enc);
+ This function is flawed, do not use it. I have left it in the
+ library because it is used in my des(1) program and will function
+ correctly when used by des(1). If I removed the function, people
+ could end up unable to decrypt files.
+ This routine implements outer triple cbc encryption using 2 ks and
+ 2 ivec's. Use des_ede2_cbc_encrypt() instead.
+
+void des_ede3_cbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+des_cblock *ivec,
+int enc);
+ This function implements inner triple CBC DES encryption with 3
+ keys. What this means is that each 'DES' operation
+ inside the cbc mode is really an C=E(ks3,D(ks2,E(ks1,M))).
+ Again, this is cbc mode so an ivec is requires.
+ This mode is used by SSL.
+ There is also a des_ede2_cbc_encrypt() that only uses 2
+ des_key_schedule's, the first being reused for the final
+ encryption. C=E(ks1,D(ks2,E(ks1,M))). This form of triple DES
+ is used by the RSAref library.
+
+void des_pcbc_encrypt(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int enc);
+ This is Propagating Cipher Block Chaining mode of DES. It is used
+ by Kerberos v4. It's parameters are the same as des_ncbc_encrypt().
+
+void des_cfb_encrypt(
+unsigned char *in,
+unsigned char *out,
+int numbits,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int enc);
+ Cipher Feedback Back mode of DES. This implementation 'feeds back'
+ in numbit blocks. The input (and output) is in multiples of numbits
+ bits. numbits should to be a multiple of 8 bits. Length is the
+ number of bytes input. If numbits is not a multiple of 8 bits,
+ the extra bits in the bytes will be considered padding. So if
+ numbits is 12, for each 2 input bytes, the 4 high bits of the
+ second byte will be ignored. So to encode 72 bits when using
+ a numbits of 12 take 12 bytes. To encode 72 bits when using
+ numbits of 9 will take 16 bytes. To encode 80 bits when using
+ numbits of 16 will take 10 bytes. etc, etc. This padding will
+ apply to both input and output.
+
+
+void des_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num,
+int enc);
+ This is one of the more useful functions in this DES library, it
+ implements CFB mode of DES with 64bit feedback. Why is this
+ useful you ask? Because this routine will allow you to encrypt an
+ arbitrary number of bytes, no 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. num contains 'how far' we are though ivec. If this does
+ not make much sense, read more about cfb mode of DES :-).
+
+void des_ede3_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+des_cblock *ivec,
+int *num,
+int enc);
+ Same as des_cfb64_encrypt() accept that the DES operation is
+ triple DES. As usual, there is a macro for
+ des_ede2_cfb64_encrypt() which reuses ks1.
+
+void des_ofb_encrypt(
+unsigned char *in,
+unsigned char *out,
+int numbits,
+long length,
+des_key_schedule ks,
+des_cblock *ivec);
+ This is a implementation of Output Feed Back mode of DES. It is
+ the same as des_cfb_encrypt() in that numbits is the size of the
+ units dealt with during input and output (in bits).
+
+void des_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num);
+ The same as des_cfb64_encrypt() except that it is Output Feed Back
+ mode.
+
+void des_ede3_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks1,
+des_key_schedule ks2,
+des_key_schedule ks3,
+des_cblock *ivec,
+int *num);
+ Same as des_ofb64_encrypt() accept that the DES operation is
+ triple DES. As usual, there is a macro for
+ des_ede2_ofb64_encrypt() which reuses ks1.
+
+int des_read_pw_string(
+char *buf,
+int length,
+char *prompt,
+int verify);
+ This routine is used to get a password from the terminal with echo
+ turned off. Buf is where the string will end up and length is the
+ size of buf. Prompt is a string presented to the 'user' and if
+ verify is set, the key is asked for twice and unless the 2 copies
+ match, an error is returned. A return code of -1 indicates a
+ system error, 1 failure due to use interaction, and 0 is success.
+
+unsigned long des_cbc_cksum(
+des_cblock *input,
+des_cblock *output,
+long length,
+des_key_schedule ks,
+des_cblock *ivec);
+ This function produces an 8 byte checksum from input that it puts in
+ output and returns the last 4 bytes as a long. The checksum is
+ generated via cbc mode of DES in which only the last 8 byes are
+ kept. I would recommend not using this function but instead using
+ the EVP_Digest routines, or at least using MD5 or SHA. This
+ function is used by Kerberos v4 so that is why it stays in the
+ library.
+
+char *des_fcrypt(
+const char *buf,
+const char *salt
+char *ret);
+ This is my fast version of the unix crypt(3) function. This version
+ takes only a small amount of space relative to other fast
+ crypt() implementations. This is different to the normal crypt
+ in that the third parameter is the buffer that the return value
+ is written into. It needs to be at least 14 bytes long. This
+ function is thread safe, unlike the normal crypt.
+
+char *crypt(
+const char *buf,
+const char *salt);
+ This function calls des_fcrypt() with a static array passed as the
+ third parameter. This emulates the normal non-thread safe semantics
+ of crypt(3).
+
+void des_string_to_key(
+char *str,
+des_cblock *key);
+ This function takes str and converts it into a DES key. I would
+ recommend using MD5 instead and use the first 8 bytes of output.
+ When I wrote the first version of these routines back in 1990, MD5
+ did not exist but I feel these routines are still sound. This
+ routines is compatible with the one in MIT's libdes.
+
+void des_string_to_2keys(
+char *str,
+des_cblock *key1,
+des_cblock *key2);
+ This function takes str and converts it into 2 DES keys.
+ I would recommend using MD5 and using the 16 bytes as the 2 keys.
+ I have nothing against these 2 'string_to_key' routines, it's just
+ that if you say that your encryption key is generated by using the
+ 16 bytes of an MD5 hash, every-one knows how you generated your
+ keys.
+
+int des_read_password(
+des_cblock *key,
+char *prompt,
+int verify);
+ This routine combines des_read_pw_string() with des_string_to_key().
+
+int des_read_2passwords(
+des_cblock *key1,
+des_cblock *key2,
+char *prompt,
+int verify);
+ This routine combines des_read_pw_string() with des_string_to_2key().
+
+void des_random_seed(
+des_cblock key);
+ This routine sets a starting point for des_random_key().
+
+void des_random_key(
+des_cblock ret);
+ This function return a random key. Make sure to 'seed' the random
+ number generator (with des_random_seed()) before using this function.
+ I personally now use a MD5 based random number system.
+
+int des_enc_read(
+int fd,
+char *buf,
+int len,
+des_key_schedule ks,
+des_cblock *iv);
+ This function will write to a file descriptor the encrypted data
+ from buf. This data will be preceded by a 4 byte 'byte count' and
+ will be padded out to 8 bytes. The encryption is either CBC of
+ PCBC depending on the value of des_rw_mode. If it is DES_PCBC_MODE,
+ pcbc is used, if DES_CBC_MODE, cbc is used. The default is to use
+ DES_PCBC_MODE.
+
+int des_enc_write(
+int fd,
+char *buf,
+int len,
+des_key_schedule ks,
+des_cblock *iv);
+ This routines read stuff written by des_enc_read() and decrypts it.
+ I have used these routines quite a lot but I don't believe they are
+ suitable for non-blocking io. If you are after a full
+ authentication/encryption over networks, have a look at SSL instead.
+
+unsigned long des_quad_cksum(
+des_cblock *input,
+des_cblock *output,
+long length,
+int out_count,
+des_cblock *seed);
+ This is a function from Kerberos v4 that is not anything to do with
+ DES but was needed. It is a cksum that is quicker to generate than
+ des_cbc_cksum(); I personally would use MD5 routines now.
+=====
+Modes of DES
+Quite a bit of the following information has been taken from
+ AS 2805.5.2
+ Australian Standard
+ Electronic funds transfer - Requirements for interfaces,
+ Part 5.2: Modes of operation for an n-bit block cipher algorithm
+ Appendix A
+
+There are several different modes in which DES can be used, they are
+as follows.
+
+Electronic Codebook Mode (ECB) (des_ecb_encrypt())
+- 64 bits are enciphered at a time.
+- The order of the blocks can be rearranged without detection.
+- The same plaintext block always produces the same ciphertext block
+ (for the same key) making it vulnerable to a 'dictionary attack'.
+- An error will only affect one ciphertext block.
+
+Cipher Block Chaining Mode (CBC) (des_cbc_encrypt())
+- a multiple of 64 bits are enciphered at a time.
+- The CBC mode produces the same ciphertext whenever the same
+ plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext blocks dependent on the
+ current and all preceding plaintext blocks and therefore blocks can not
+ be rearranged.
+- The use of different starting variables prevents the same plaintext
+ enciphering to the same ciphertext.
+- An error will affect the current and the following ciphertext blocks.
+
+Cipher Feedback Mode (CFB) (des_cfb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The CFB mode produces the same ciphertext whenever the same
+ plaintext is encrypted using the same key and starting variable.
+- The chaining operation makes the ciphertext variables dependent on the
+ current and all preceding variables and therefore j-bit variables are
+ chained together and can not be rearranged.
+- The use of different starting variables prevents the same plaintext
+ enciphering to the same ciphertext.
+- The strength of the CFB mode depends on the size of k (maximal if
+ j == k). In my implementation this is always the case.
+- Selection of a small value for j will require more cycles through
+ the encipherment algorithm per unit of plaintext and thus cause
+ greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- An error will affect the current and the following ciphertext variables.
+
+Output Feedback Mode (OFB) (des_ofb_encrypt())
+- a number of bits (j) <= 64 are enciphered at a time.
+- The OFB mode produces the same ciphertext whenever the same
+ plaintext enciphered using the same key and starting variable. More
+ over, in the OFB mode the same key stream is produced when the same
+ key and start variable are used. Consequently, for security reasons
+ a specific start variable should be used only once for a given key.
+- The absence of chaining makes the OFB more vulnerable to specific attacks.
+- The use of different start variables values prevents the same
+ plaintext enciphering to the same ciphertext, by producing different
+ key streams.
+- Selection of a small value for j will require more cycles through
+ the encipherment algorithm per unit of plaintext and thus cause
+ greater processing overheads.
+- Only multiples of j bits can be enciphered.
+- OFB mode of operation does not extend ciphertext errors in the
+ resultant plaintext output. Every bit error in the ciphertext causes
+ only one bit to be in error in the deciphered plaintext.
+- OFB mode is not self-synchronising. If the two operation of
+ encipherment and decipherment get out of synchronism, the system needs
+ to be re-initialised.
+- Each re-initialisation should use a value of the start variable
+ different from the start variable values used before with the same
+ key. The reason for this is that an identical bit stream would be
+ produced each time from the same parameters. This would be
+ susceptible to a ' known plaintext' attack.
+
+Triple ECB Mode (des_ecb3_encrypt())
+- Encrypt with key1, decrypt with key2 and encrypt with key3 again.
+- As for ECB encryption but increases the key length to 168 bits.
+ There are theoretic attacks that can be used that make the effective
+ key length 112 bits, but this attack also requires 2^56 blocks of
+ memory, not very likely, even for the NSA.
+- If both keys are the same it is equivalent to encrypting once with
+ just one key.
+- If the first and last key are the same, the key length is 112 bits.
+ There are attacks that could reduce the key space to 55 bit's but it
+ requires 2^56 blocks of memory.
+- If all 3 keys are the same, this is effectively the same as normal
+ ecb mode.
+
+Triple CBC Mode (des_ede3_cbc_encrypt())
+- Encrypt with key1, decrypt with key2 and then encrypt with key3.
+- As for CBC encryption but increases the key length to 168 bits with
+ the same restrictions as for triple ecb mode.
diff --git a/doc/digest.doc b/doc/digest.doc
new file mode 100644
index 0000000..d2fb987
--- /dev/null
+++ b/doc/digest.doc
@@ -0,0 +1,94 @@
+
+The Message Digest subroutines.
+
+These routines require "evp.h" to be included.
+
+These functions are a higher level interface to the various message digest
+routines found in this library. As such, they allow the same code to be
+used to digest via different algorithms with only a change in an initial
+parameter. They are basically just a front-end to the MD2, MD5, SHA
+and SHA1
+routines.
+
+These routines all take a pointer to the following structure to specify
+which message digest algorithm to use.
+typedef struct evp_md_st
+ {
+ int type;
+ int pkey_type;
+ int md_size;
+ void (*init)();
+ void (*update)();
+ void (*final)();
+
+ int required_pkey_type; /*EVP_PKEY_xxx */
+ int (*sign)();
+ int (*verify)();
+ } EVP_MD;
+
+If additional message digest algorithms are to be supported, a structure of
+this type needs to be declared and populated and then the Digest routines
+can be used with that algorithm. The type field is the object NID of the
+digest type (read the section on Objects for an explanation). The pkey_type
+is the Object type to use when the a message digest is generated by there
+routines and then is to be signed with the pkey algorithm. Md_size is
+the size of the message digest returned. Init, update
+and final are the relevant functions to perform the message digest function
+by parts. One reason for specifying the message digest to use via this
+mechanism is that if you only use md5, only the md5 routines will
+be included in you linked program. If you passed an integer
+that specified which message digest to use, the routine that mapped that
+integer to a set of message digest functions would cause all the message
+digests functions to be link into the code. This setup also allows new
+message digest functions to be added by the application.
+
+The six message digests defined in this library are
+
+EVP_MD *EVP_md2(void); /* RSA sign/verify */
+EVP_MD *EVP_md5(void); /* RSA sign/verify */
+EVP_MD *EVP_sha(void); /* RSA sign/verify */
+EVP_MD *EVP_sha1(void); /* RSA sign/verify */
+EVP_MD *EVP_dss(void); /* DSA sign/verify */
+EVP_MD *EVP_dss1(void); /* DSA sign/verify */
+
+All the message digest routines take a EVP_MD_CTX pointer as an argument.
+The state of the message digest is kept in this structure.
+
+typedef struct pem_md_ctx_st
+ {
+ EVP_MD *digest;
+ union {
+ unsigned char base[4]; /* this is used in my library as a
+ * 'pointer' to all union elements
+ * structures. */
+ MD2_CTX md2;
+ MD5_CTX md5;
+ SHA_CTX sha;
+ } md;
+ } EVP_MD_CTX;
+
+The Digest functions are as follows.
+
+void EVP_DigestInit(
+EVP_MD_CTX *ctx,
+EVP_MD *type);
+ This function is used to initialise the EVP_MD_CTX. The message
+ digest that will associated with 'ctx' is specified by 'type'.
+
+void EVP_DigestUpdate(
+EVP_MD_CTX *ctx,
+unsigned char *data,
+unsigned int cnt);
+ This function is used to pass more data to the message digest
+ function. 'cnt' bytes are digested from 'data'.
+
+void EVP_DigestFinal(
+EVP_MD_CTX *ctx,
+unsigned char *md,
+unsigned int *len);
+ This function finishes the digestion and puts the message digest
+ into 'md'. The length of the message digest is put into len;
+ EVP_MAX_MD_SIZE is the size of the largest message digest that
+ can be returned from this function. Len can be NULL if the
+ size of the digest is not required.
+
diff --git a/doc/encode.doc b/doc/encode.doc
new file mode 100644
index 0000000..af17549
--- /dev/null
+++ b/doc/encode.doc
@@ -0,0 +1,15 @@
+
+void EVP_EncodeInit(EVP_ENCODE_CTX *ctx);
+void EVP_EncodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,
+ int *outl,unsigned char *in,int inl);
+void EVP_EncodeFinal(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl);
+int EVP_EncodeBlock(unsigned char *t, unsigned char *f, int n);
+
+void EVP_DecodeInit(EVP_ENCODE_CTX *ctx);
+int EVP_DecodeUpdate(EVP_ENCODE_CTX *ctx,unsigned char *out,int *outl,
+ unsigned char *in, int inl);
+int EVP_DecodeFinal(EVP_ENCODE_CTX *ctx, unsigned
+ char *out, int *outl);
+int EVP_DecodeBlock(unsigned char *t, unsigned
+ char *f, int n);
+
diff --git a/doc/envelope.doc b/doc/envelope.doc
new file mode 100644
index 0000000..483e4fc
--- /dev/null
+++ b/doc/envelope.doc
@@ -0,0 +1,67 @@
+The following routines are use to create 'digital' envelopes.
+By this I mean that they perform various 'higher' level cryptographic
+functions. Have a read of 'cipher.doc' and 'digest.doc' since those
+routines are used by these functions.
+cipher.doc contains documentation about the cipher part of the
+envelope library and digest.doc contatins the description of the
+message digests supported.
+
+To 'sign' a document involves generating a message digest and then encrypting
+the digest with an private key.
+
+#define EVP_SignInit(a,b) EVP_DigestInit(a,b)
+#define EVP_SignUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+Due to the fact this operation is basically just an extended message
+digest, the first 2 functions are macro calls to Digest generating
+functions.
+
+int EVP_SignFinal(
+EVP_MD_CTX *ctx,
+unsigned char *md,
+unsigned int *s,
+EVP_PKEY *pkey);
+ This finalisation function finishes the generation of the message
+digest and then encrypts the digest (with the correct message digest
+object identifier) with the EVP_PKEY private key. 'ctx' is the message digest
+context. 'md' will end up containing the encrypted message digest. This
+array needs to be EVP_PKEY_size(pkey) bytes long. 's' will actually
+contain the exact length. 'pkey' of course is the private key. It is
+one of EVP_PKEY_RSA or EVP_PKEY_DSA type.
+If there is an error, 0 is returned, otherwise 1.
+
+Verify is used to check an signed message digest.
+
+#define EVP_VerifyInit(a,b) EVP_DigestInit(a,b)
+#define EVP_VerifyUpdate(a,b,c) EVP_DigestUpdate(a,b,c)
+Since the first step is to generate a message digest, the first 2 functions
+are macros.
+
+int EVP_VerifyFinal(
+EVP_MD_CTX *ctx,
+unsigned char *md,
+unsigned int s,
+EVP_PKEY *pkey);
+ This function finishes the generation of the message digest and then
+compares it with the supplied encrypted message digest. 'md' contains the
+'s' bytes of encrypted message digest. 'pkey' is used to public key decrypt
+the digest. It is then compared with the message digest just generated.
+If they match, 1 is returned else 0.
+
+int EVP_SealInit(EVP_CIPHER_CTX *ctx, EVP_CIPHER *type, unsigned char **ek,
+ int *ekl, unsigned char *iv, EVP_PKEY **pubk, int npubk);
+Must have at least one public key, error is 0. I should also mention that
+the buffers pointed to by 'ek' need to be EVP_PKEY_size(pubk[n]) is size.
+
+#define EVP_SealUpdate(a,b,c,d,e) EVP_EncryptUpdate(a,b,c,d,e)
+void EVP_SealFinal(EVP_CIPHER_CTX *ctx,unsigned char *out,int *outl);
+
+
+int EVP_OpenInit(EVP_CIPHER_CTX *ctx,EVP_CIPHER *type,unsigned char *ek,
+ int ekl,unsigned char *iv,EVP_PKEY *priv);
+0 on failure
+
+#define EVP_OpenUpdate(a,b,c,d,e) EVP_DecryptUpdate(a,b,c,d,e)
+
+int EVP_OpenFinal(EVP_CIPHER_CTX *ctx, unsigned char *out, int *outl);
+Decrypt final return code
+
diff --git a/doc/error.doc b/doc/error.doc
new file mode 100644
index 0000000..a916549
--- /dev/null
+++ b/doc/error.doc
@@ -0,0 +1,115 @@
+The error routines.
+
+The 'error' system I've implemented is intended to server 2 purpose, to
+record the reason why a command failed and to record where in the libraries
+the failure occurred. It is more or less setup to record a 'trace' of which
+library components were being traversed when the error occurred.
+
+When an error is recorded, it is done so a as single unsigned long which is
+composed of three parts. The top byte is the 'library' number, the middle
+12 bytes is the function code, and the bottom 12 bits is the 'reason' code.
+
+Each 'library', or should a say, 'section' of the SSLeay library has a
+different unique 'library' error number. Each function in the library has
+a number that is unique for that library. Each 'library' also has a number
+for each 'error reason' that is only unique for that 'library'.
+
+Due to the way these error routines record a 'error trace', there is an
+array per thread that is used to store the error codes.
+The various functions in this library are used to access
+and manipulate this array.
+
+void ERR_put_error(int lib, int func,int reason);
+ This routine records an error in library 'lib', function 'func'
+and reason 'reason'. As errors get 'put' into the buffer, they wrap
+around and overwrite old errors if too many are written. It is assumed
+that the last errors are the most important.
+
+unsigned long ERR_get_error(void );
+ This function returns the last error added to the error buffer.
+In effect it is popping the value off the buffer so repeated calls will
+continue to return values until there are no more errors to return in which
+case 0 is returned.
+
+unsigned long ERR_peek_error(void );
+ This function returns the value of the last error added to the
+error buffer but does not 'pop' it from the buffer.
+
+void ERR_clear_error(void );
+ This function clears the error buffer, discarding all unread
+errors.
+
+While the above described error system obviously produces lots of different
+error number, a method for 'reporting' these errors in a human readable
+form is required. To achieve this, each library has the option of
+'registering' error strings.
+
+typedef struct ERR_string_data_st
+ {
+ unsigned long error;
+ char *string;
+ } ERR_STRING_DATA;
+
+The 'ERR_STRING_DATA' contains an error code and the corresponding text
+string. To add new function error strings for a library, the
+ERR_STRING_DATA needs to be 'registered' with the library.
+
+void ERR_load_strings(unsigned long lib,ERR_STRING_DATA *err);
+ This function 'registers' the array of ERR_STRING_DATA pointed to by
+'err' as error text strings for the error library 'lib'.
+
+void ERR_free_strings(void);
+ This function free()s all the loaded error strings.
+
+char *ERR_error_string(unsigned long error,char *buf);
+ This function returns a text string that is a human readable
+version of the error represented by 'error'. Buff should be at least 120
+bytes long and if it is NULL, the return value is a pointer to a static
+variable that will contain the error string, otherwise 'buf' is returned.
+If there is not a text string registered for a particular error, a text
+string containing the error number is returned instead.
+
+void ERR_print_errors(BIO *bp);
+void ERR_print_errors_fp(FILE *fp);
+ This function is a convenience routine that prints the error string
+for each error until all errors have been accounted for.
+
+char *ERR_lib_error_string(unsigned long e);
+char *ERR_func_error_string(unsigned long e);
+char *ERR_reason_error_string(unsigned long e);
+The above three functions return the 3 different components strings for the
+error 'e'. ERR_error_string() uses these functions.
+
+void ERR_load_ERR_strings(void );
+ This function 'registers' the error strings for the 'ERR' module.
+
+void ERR_load_crypto_strings(void );
+ This function 'register' the error strings for just about every
+library in the SSLeay package except for the SSL routines. There is no
+need to ever register any error text strings and you will probably save in
+program size. If on the other hand you do 'register' all errors, it is
+quite easy to determine why a particular routine failed.
+
+As a final footnote as to why the error system is designed as it is.
+1) I did not want a single 'global' error code.
+2) I wanted to know which subroutine a failure occurred in.
+3) For Windows NT etc, it should be simple to replace the 'key' routines
+ with code to pass error codes back to the application.
+4) I wanted the option of meaningful error text strings.
+
+Late breaking news - the changes to support threads.
+
+Each 'thread' has an 'ERR_STATE' state associated with it.
+ERR_STATE *ERR_get_state(void ) will return the 'state' for the calling
+thread/process.
+
+ERR_remove_state(unsigned long pid); will 'free()' this state. If pid == 0
+the current 'thread/process' will have it's error state removed.
+If you do not remove the error state of a thread, this could be considered a
+form of memory leak, so just after 'reaping' a thread that has died,
+call ERR_remove_state(pid).
+
+Have a read of thread.doc for more details for what is required for
+multi-threading support. All the other error routines will
+work correctly when using threads.
+
diff --git a/doc/idea.doc b/doc/idea.doc
new file mode 100644
index 0000000..68a22a6
--- /dev/null
+++ b/doc/idea.doc
@@ -0,0 +1,176 @@
+The IDEA library.
+IDEA is a block cipher that operates on 64bit (8 byte) quantities. It
+uses a 128bit (16 byte) key. It can be used in all the modes that DES can
+be used. This library implements the ecb, cbc, cfb64 and ofb64 modes.
+
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'idea.h'.
+
+All of the encryption functions take what is called an IDEA_KEY_SCHEDULE as an
+argument. An IDEA_KEY_SCHEDULE is an expanded form of the idea key.
+For all modes of the IDEA algorithm, the IDEA_KEY_SCHEDULE used for
+decryption is different to the one used for encryption.
+
+The define IDEA_ENCRYPT is passed to specify encryption for the functions
+that require an encryption/decryption flag. IDEA_DECRYPT is passed to
+specify decryption. For some mode there is no encryption/decryption
+flag since this is determined by the IDEA_KEY_SCHEDULE.
+
+So to encrypt you would do the following
+idea_set_encrypt_key(key,encrypt_ks);
+idea_ecb_encrypt(...,encrypt_ks);
+idea_cbc_encrypt(....,encrypt_ks,...,IDEA_ENCRYPT);
+
+To Decrypt
+idea_set_encrypt_key(key,encrypt_ks);
+idea_set_decrypt_key(encrypt_ks,decrypt_ks);
+idea_ecb_encrypt(...,decrypt_ks);
+idea_cbc_encrypt(....,decrypt_ks,...,IDEA_DECRYPT);
+
+Please note that any of the encryption modes specified in my DES library
+could be used with IDEA. I have only implemented ecb, cbc, cfb64 and
+ofb64 for the following reasons.
+- ecb is the basic IDEA encryption.
+- cbc is the normal 'chaining' form for block ciphers.
+- cfb64 can be used to encrypt single characters, therefore input and output
+ do not need to be a multiple of 8.
+- ofb64 is similar to cfb64 but is more like a stream cipher, not as
+ secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
+- If you want triple IDEA, thats 384 bits of key and you must be totally
+ obsessed with security. Still, if you want it, it is simple enough to
+ copy the function from the DES library and change the des_encrypt to
+ idea_encrypt; an exercise left for the paranoid reader :-).
+
+The functions are as follows:
+
+void idea_set_encrypt_key(
+unsigned char *key;
+IDEA_KEY_SCHEDULE *ks);
+ idea_set_encrypt_key converts a 16 byte IDEA key into an
+ IDEA_KEY_SCHEDULE. The IDEA_KEY_SCHEDULE is an expanded form of
+ the key which can be used to perform IDEA encryption.
+ An IDEA_KEY_SCHEDULE is an expanded form of the key which is used to
+ perform actual encryption. It can be regenerated from the IDEA key
+ so it only needs to be kept when encryption is about
+ to occur. Don't save or pass around IDEA_KEY_SCHEDULE's since they
+ are CPU architecture dependent, IDEA keys are not.
+
+void idea_set_decrypt_key(
+IDEA_KEY_SCHEDULE *encrypt_ks,
+IDEA_KEY_SCHEDULE *decrypt_ks);
+ This functions converts an encryption IDEA_KEY_SCHEDULE into a
+ decryption IDEA_KEY_SCHEDULE. For all decryption, this conversion
+ of the key must be done. In some modes of IDEA, an
+ encryption/decryption flag is also required, this is because these
+ functions involve block chaining and the way this is done changes
+ depending on which of encryption of decryption is being done.
+ Please note that there is no quick way to generate the decryption
+ key schedule other than generating the encryption key schedule and
+ then converting it.
+
+void idea_encrypt(
+unsigned long *data,
+IDEA_KEY_SCHEDULE *ks);
+ This is the IDEA encryption function that gets called by just about
+ every other IDEA routine in the library. You should not use this
+ function except to implement 'modes' of IDEA. I say this because the
+ functions that call this routine do the conversion from 'char *' to
+ long, and this needs to be done to make sure 'non-aligned' memory
+ access do not occur.
+ Data is a pointer to 2 unsigned long's and ks is the
+ IDEA_KEY_SCHEDULE to use. Encryption or decryption depends on the
+ IDEA_KEY_SCHEDULE.
+
+void idea_ecb_encrypt(
+unsigned char *input,
+unsigned char *output,
+IDEA_KEY_SCHEDULE *ks);
+ This is the basic Electronic Code Book form of IDEA (in DES this
+ mode is called Electronic Code Book so I'm going to use the term
+ for idea as well :-).
+ Input is encrypted into output using the key represented by
+ ks. Depending on the IDEA_KEY_SCHEDULE, encryption or
+ decryption occurs. Input is 8 bytes long and output is 8 bytes.
+
+void idea_cbc_encrypt(
+unsigned char *input,
+unsigned char *output,
+long length,
+IDEA_KEY_SCHEDULE *ks,
+unsigned char *ivec,
+int enc);
+ This routine implements IDEA in Cipher Block Chaining mode.
+ Input, which should be a multiple of 8 bytes is encrypted
+ (or decrypted) to output which will also be a multiple of 8 bytes.
+ The number of bytes is in length (and from what I've said above,
+ should be a multiple of 8). If length is not a multiple of 8, bad
+ things will probably happen. ivec is the initialisation vector.
+ This function updates iv after each call so that it can be passed to
+ the next call to idea_cbc_encrypt().
+
+void idea_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num,
+int enc);
+ This is one of the more useful functions in this IDEA library, it
+ implements CFB mode of IDEA with 64bit feedback.
+ This allows you to encrypt an arbitrary number of bytes,
+ you do not require 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. Num contains 'how far' we are though ivec.
+ Enc is used to indicate encryption or decryption.
+ One very important thing to remember is that when decrypting, use
+ the encryption form of the key.
+ CFB64 mode operates by using the cipher to
+ generate a stream of bytes which is used to encrypt the plain text.
+ The cipher text is then encrypted to generate the next 64 bits to
+ be xored (incrementally) with the next 64 bits of plain
+ text. As can be seen from this, to encrypt or decrypt,
+ the same 'cipher stream' needs to be generated but the way the next
+ block of data is gathered for encryption is different for
+ encryption and decryption. What this means is that to encrypt
+ idea_set_encrypt_key(key,ks);
+ idea_cfb64_encrypt(...,ks,..,IDEA_ENCRYPT)
+ do decrypt
+ idea_set_encrypt_key(key,ks)
+ idea_cfb64_encrypt(...,ks,...,IDEA_DECRYPT)
+ Note: The same IDEA_KEY_SCHEDULE but different encryption flags.
+ For idea_cbc or idea_ecb, idea_set_decrypt_key() would need to be
+ used to generate the IDEA_KEY_SCHEDULE for decryption.
+ The reason I'm stressing this point is that I just wasted 3 hours
+ today trying to decrypt using this mode and the decryption form of
+ the key :-(.
+
+void idea_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+des_key_schedule ks,
+des_cblock *ivec,
+int *num);
+ This functions implements OFB mode of IDEA with 64bit feedback.
+ This allows you to encrypt an arbitrary number of bytes,
+ you do not require 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. Num contains 'how far' we are though ivec.
+ This is in effect a stream cipher, there is no encryption or
+ decryption mode. The same key and iv should be used to
+ encrypt and decrypt.
+
+For reading passwords, I suggest using des_read_pw_string() from my DES library.
+To generate a password from a text string, I suggest using MD5 (or MD2) to
+produce a 16 byte message digest that can then be passed directly to
+idea_set_encrypt_key().
+
+=====
+For more information about the specific IDEA modes in this library
+(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
+documentation on my DES library. What is said about DES is directly
+applicable for IDEA.
+
diff --git a/doc/legal.doc b/doc/legal.doc
new file mode 100644
index 0000000..b55ed5c
--- /dev/null
+++ b/doc/legal.doc
@@ -0,0 +1,117 @@
+From eay@mincom.com Thu Jun 27 00:25:45 1996
+Received: by orb.mincom.oz.au id AA15821
+ (5.65c/IDA-1.4.4 for eay); Wed, 26 Jun 1996 14:25:45 +1000
+Date: Wed, 26 Jun 1996 14:25:45 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: Ken Toll <ktoll@ren.digitalage.com>
+Cc: Eric Young <eay@mincom.oz.au>, ssl-talk@netscape.com
+Subject: Re: Unidentified subject!
+In-Reply-To: <9606261950.ZM28943@ren.digitalage.com>
+Message-Id: <Pine.SOL.3.91.960626131156.28573K-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: O
+X-Status:
+
+
+This is a little off topic but since SSLeay is a free implementation of
+the SSLv2 protocol, I feel it is worth responding on the topic of if it
+is actually legal for Americans to use free cryptographic software.
+
+On Wed, 26 Jun 1996, Ken Toll wrote:
+> Is the U.S the only country that SSLeay cannot be used commercially
+> (because of RSAref) or is that going to be an issue with every country
+> that a client/server application (non-web browser/server) is deployed
+> and sold?
+
+>From what I understand, the software patents that apply to algorithms
+like RSA and DH only apply in the USA. The IDEA algorithm I believe is
+patened in europe (USA?), but considing how little it is used by other SSL
+implementations, it quite easily be left out of the SSLeay build
+(this can be done with a compile flag).
+
+Actually if the RSA patent did apply outside the USA, it could be rather
+interesting since RSA is not alowed to let RSA toolkits outside of the USA
+[1], and since these are the only forms that they will alow the algorithm
+to be used in, it would mean that non-one outside of the USA could produce
+public key software which would be a very strong statment for
+international patent law to make :-). This logic is a little flawed but
+it still points out some of the more interesting permutations of USA
+patent law and ITAR restrictions.
+
+Inside the USA there is also the unresolved issue of RC4/RC2 which were
+made public on sci.crypt in Sep 1994 (RC4) and Feb 1996 (RC2). I have
+copies of the origional postings if people are interested. RSA I believe
+claim that they were 'trade-secrets' and that some-one broke an NDA in
+revealing them. Other claim they reverse engineered the algorithms from
+compiled binaries. If the algorithms were reverse engineered, I belive
+RSA had no legal leg to stand on. If an NDA was broken, I don't know.
+Regardless, RSA, I belive, is willing to go to court over the issue so
+licencing is probably the best idea, or at least talk to them.
+If there are people who actually know more about this, pease let me know, I
+don't want to vilify or spread miss-information if I can help it.
+
+If you are not producing a web browser, it is easy to build SSLeay with
+RC2/RC4 removed. Since RC4 is the defacto standard cipher in
+all web software (and it is damn fast) it is more or less required for
+www use. For non www use of SSL, especially for an application where
+interoperability with other vendors is not critical just leave it out.
+
+Removing IDEA, RC2 and RC4 would only leave DES and Triple DES but
+they should be ok. Considing that Triple DES can encrypt at rates of
+410k/sec on a pentium 100, and 940k/sec on a P6/200, this is quite
+reasonable performance. Single DES clocks in at 1160k/s and 2467k/s
+respectivly is actually quite fast for those not so paranoid (56 bit key).[1]
+
+> Is it possible to get a certificate for commercial use outside of the U.S.?
+yes.
+
+Thawte Consulting issues certificates (they are the people who sell the
+ Sioux httpd server and are based in South Africa)
+Verisign will issue certificates for Sioux (sold from South Africa), so this
+ proves that they will issue certificate for OS use if they are
+ happy with the quality of the software.
+
+(The above mentioned companies just the ones that I know for sure are issuing
+ certificates outside the USA).
+
+There is always the point that if you are using SSL for an intra net,
+SSLeay provides programs that can be used so you can issue your own
+certificates. They need polishing but at least it is a good starting point.
+
+I am not doing anything outside Australian law by implementing these
+algorithms (to the best of my knowedge). It is another example of how
+the world legal system does not cope with the internet very well.
+
+I may start making shared libraries available (I have now got DLL's for
+Windows). This will mean that distributions into the usa could be
+shipped with a version with a reduced cipher set and the versions outside
+could use the DLL/shared library with all the ciphers (and without RSAref).
+
+This could be completly hidden from the application, so this would not
+even require a re-linking.
+
+This is the reverse of what people were talking about doing to get around
+USA export regulations :-)
+
+eric
+
+[1]: The RSAref2.0 tookit is available on at least 3 ftp sites in Europe
+ and one in South Africa.
+
+[2]: Since I always get questions when I post benchmark numbers :-),
+ DES performace figures are in 1000's of bytes per second in cbc
+ mode using an 8192 byte buffer. The pentium 100 was running Windows NT
+ 3.51 DLLs and the 686/200 was running NextStep.
+ I quote pentium 100 benchmarks because it is basically the
+ 'entry level' computer that most people buy for personal use.
+ Windows 95 is the OS shipping on those boxes, so I'll give
+ NT numbers (the same Win32 runtime environment). The 686
+ numbers are present as an indication of where we will be in a
+ few years.
+--
+Eric Young | BOOL is tri-state according to Bill Gates.
+AARNet: eay@mincom.oz.au | RTFM Win32 GetMessage().
+
+
diff --git a/doc/lhash.doc b/doc/lhash.doc
new file mode 100644
index 0000000..5a2aeb4
--- /dev/null
+++ b/doc/lhash.doc
@@ -0,0 +1,151 @@
+The LHASH library.
+
+I wrote this library in 1991 and have since forgotten why I called it lhash.
+It implements a hash table from an article I read at the
+time from 'Communications of the ACM'. What makes this hash
+table different is that as the table fills, the hash table is
+increased (or decreased) in size via realloc().
+When a 'resize' is done, instead of all hashes being redistributed over
+twice as many 'buckets', one bucket is split. So when an 'expand' is done,
+there is only a minimal cost to redistribute some values. Subsequent
+inserts will cause more single 'bucket' redistributions but there will
+never be a sudden large cost due to redistributing all the 'buckets'.
+
+The state for a particular hash table is kept in the LHASH structure.
+The LHASH structure also records statistics about most aspects of accessing
+the hash table. This is mostly a legacy of my writing this library for
+the reasons of implementing what looked like a nice algorithm rather than
+for a particular software product.
+
+Internal stuff you probably don't want to know about.
+The decision to increase or decrease the hash table size is made depending
+on the 'load' of the hash table. The load is the number of items in the
+hash table divided by the size of the hash table. The default values are
+as follows. If (hash->up_load < load) => expand.
+if (hash->down_load > load) => contract. The 'up_load' has a default value of
+1 and 'down_load' has a default value of 2. These numbers can be modified
+by the application by just playing with the 'up_load' and 'down_load'
+variables. The 'load' is kept in a form which is multiplied by 256. So
+hash->up_load=8*256; will cause a load of 8 to be set.
+
+If you are interested in performance the field to watch is
+num_comp_calls. The hash library keeps track of the 'hash' value for
+each item so when a lookup is done, the 'hashes' are compared, if
+there is a match, then a full compare is done, and
+hash->num_comp_calls is incremented. If num_comp_calls is not equal
+to num_delete plus num_retrieve it means that your hash function is
+generating hashes that are the same for different values. It is
+probably worth changing your hash function if this is the case because
+even if your hash table has 10 items in a 'bucked', it can be searched
+with 10 'unsigned long' compares and 10 linked list traverses. This
+will be much less expensive that 10 calls to you compare function.
+
+LHASH *lh_new(
+unsigned long (*hash)(),
+int (*cmp)());
+ This function is used to create a new LHASH structure. It is passed
+ function pointers that are used to store and retrieve values passed
+ into the hash table. The 'hash'
+ function is a hashing function that will return a hashed value of
+ it's passed structure. 'cmp' is passed 2 parameters, it returns 0
+ is they are equal, otherwise, non zero.
+ If there are any problems (usually malloc failures), NULL is
+ returned, otherwise a new LHASH structure is returned. The
+ hash value is normally truncated to a power of 2, so make sure
+ that your hash function returns well mixed low order bits.
+
+void lh_free(
+LHASH *lh);
+ This function free()s a LHASH structure. If there is malloced
+ data in the hash table, it will not be freed. Consider using the
+ lh_doall function to deallocate any remaining entries in the hash
+ table.
+
+char *lh_insert(
+LHASH *lh,
+char *data);
+ This function inserts the data pointed to by data into the lh hash
+ table. If there is already and entry in the hash table entry, the
+ value being replaced is returned. A NULL is returned if the new
+ entry does not clash with an entry already in the table (the normal
+ case) or on a malloc() failure (perhaps I should change this....).
+ The 'char *data' is exactly what is passed to the hash and
+ comparison functions specified in lh_new().
+
+char *lh_delete(
+LHASH *lh,
+char *data);
+ This routine deletes an entry from the hash table. The value being
+ deleted is returned. NULL is returned if there is no such value in
+ the hash table.
+
+char *lh_retrieve(
+LHASH *lh,
+char *data);
+ If 'data' is in the hash table it is returned, else NULL is
+ returned. The way these routines would normally be uses is that a
+ dummy structure would have key fields populated and then
+ ret=lh_retrieve(hash,&dummy);. Ret would now be a pointer to a fully
+ populated structure.
+
+void lh_doall(
+LHASH *lh,
+void (*func)(char *a));
+ This function will, for every entry in the hash table, call function
+ 'func' with the data item as parameters.
+ This function can be quite useful when used as follows.
+ void cleanup(STUFF *a)
+ { STUFF_free(a); }
+ lh_doall(hash,cleanup);
+ lh_free(hash);
+ This can be used to free all the entries, lh_free() then
+ cleans up the 'buckets' that point to nothing. Be careful
+ when doing this. If you delete entries from the hash table,
+ in the call back function, the table may decrease in size,
+ moving item that you are
+ currently on down lower in the hash table. This could cause
+ some entries to be skipped. The best solution to this problem
+ is to set lh->down_load=0 before you start. This will stop
+ the hash table ever being decreased in size.
+
+void lh_doall_arg(
+LHASH *lh;
+void(*func)(char *a,char *arg));
+char *arg;
+ This function is the same as lh_doall except that the function
+ called will be passed 'arg' as the second argument.
+
+unsigned long lh_strhash(
+char *c);
+ This function is a demo string hashing function. Since the LHASH
+ routines would normally be passed structures, this routine would
+ not normally be passed to lh_new(), rather it would be used in the
+ function passed to lh_new().
+
+The next three routines print out various statistics about the state of the
+passed hash table. These numbers are all kept in the lhash structure.
+
+void lh_stats(
+LHASH *lh,
+FILE *out);
+ This function prints out statistics on the size of the hash table,
+ how many entries are in it, and the number and result of calls to
+ the routines in this library.
+
+void lh_node_stats(
+LHASH *lh,
+FILE *out);
+ For each 'bucket' in the hash table, the number of entries is
+ printed.
+
+void lh_node_usage_stats(
+LHASH *lh,
+FILE *out);
+ This function prints out a short summary of the state of the hash
+ table. It prints what I call the 'load' and the 'actual load'.
+ The load is the average number of data items per 'bucket' in the
+ hash table. The 'actual load' is the average number of items per
+ 'bucket', but only for buckets which contain entries. So the
+ 'actual load' is the average number of searches that will need to
+ find an item in the hash table, while the 'load' is the average number
+ that will be done to record a miss.
diff --git a/doc/md2.doc b/doc/md2.doc
new file mode 100644
index 0000000..b106bc6
--- /dev/null
+++ b/doc/md2.doc
@@ -0,0 +1,49 @@
+The MD2 library.
+MD2 is a message digest algorithm that can be used to condense an arbitrary
+length message down to a 16 byte hash. The functions all need to be passed
+a MD2_CTX which is used to hold the MD2 context during multiple MD2_Update()
+function calls. The normal method of use for this library is as follows
+
+MD2_Init(...);
+MD2_Update(...);
+...
+MD2_Update(...);
+MD2_Final(...);
+
+This library requires the inclusion of 'md2.h'.
+
+The main negative about MD2 is that it is slow, especially when compared
+to MD5.
+
+The functions are as follows:
+
+void MD2_Init(
+MD2_CTX *c);
+ This function needs to be called to initiate a MD2_CTX structure for
+ use.
+
+void MD2_Update(
+MD2_CTX *c;
+unsigned char *data;
+unsigned long len);
+ This updates the message digest context being generated with 'len'
+ bytes from the 'data' pointer. The number of bytes can be any
+ length.
+
+void MD2_Final(
+unsigned char *md;
+MD2_CTX *c;
+ This function is called when a message digest of the data digested
+ with MD2_Update() is wanted. The message digest is put in the 'md'
+ array and is MD2_DIGEST_LENGTH (16) bytes long.
+
+unsigned char *MD2(
+unsigned long n;
+unsigned char *d;
+unsigned char *md;
+ This function performs a MD2_Init(), followed by a MD2_Update()
+ followed by a MD2_Final() (using a local MD2_CTX).
+ The resulting digest is put into 'md' if it is not NULL.
+ Regardless of the value of 'md', the message
+ digest is returned from the function. If 'md' was NULL, the message
+ digest returned is being stored in a static structure.
diff --git a/doc/md5.doc b/doc/md5.doc
new file mode 100644
index 0000000..519dbdc
--- /dev/null
+++ b/doc/md5.doc
@@ -0,0 +1,50 @@
+The MD5 library.
+MD5 is a message digest algorithm that can be used to condense an arbitrary
+length message down to a 16 byte hash. The functions all need to be passed
+a MD5_CTX which is used to hold the MD5 context during multiple MD5_Update()
+function calls. This library also contains random number routines that are
+based on MD5
+
+The normal method of use for this library is as follows
+
+MD5_Init(...);
+MD5_Update(...);
+...
+MD5_Update(...);
+MD5_Final(...);
+
+This library requires the inclusion of 'md5.h'.
+
+The functions are as follows:
+
+void MD5_Init(
+MD5_CTX *c);
+ This function needs to be called to initiate a MD5_CTX structure for
+ use.
+
+void MD5_Update(
+MD5_CTX *c;
+unsigned char *data;
+unsigned long len);
+ This updates the message digest context being generated with 'len'
+ bytes from the 'data' pointer. The number of bytes can be any
+ length.
+
+void MD5_Final(
+unsigned char *md;
+MD5_CTX *c;
+ This function is called when a message digest of the data digested
+ with MD5_Update() is wanted. The message digest is put in the 'md'
+ array and is MD5_DIGEST_LENGTH (16) bytes long.
+
+unsigned char *MD5(
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ This function performs a MD5_Init(), followed by a MD5_Update()
+ followed by a MD5_Final() (using a local MD5_CTX).
+ The resulting digest is put into 'md' if it is not NULL.
+ Regardless of the value of 'md', the message
+ digest is returned from the function. If 'md' was NULL, the message
+ digest returned is being stored in a static structure.
+
diff --git a/doc/memory.doc b/doc/memory.doc
new file mode 100644
index 0000000..b9aa33a
--- /dev/null
+++ b/doc/memory.doc
@@ -0,0 +1,27 @@
+In the interests of debugging SSLeay, there is an option to compile
+using some simple memory leak checking.
+
+All malloc(), free() and realloc() calls in SSLeay now go via
+Malloc(), Free() and Realloc() (except those in crypto/lhash).
+
+If CRYPTO_MDEBUG is defined, these calls are #defined to
+CRYPTO_malloc(), CRYPTO_free() and CRYPTO_realloc().
+If it is not defined, they are #defined to malloc(), free() and realloc().
+
+the CRYPTO_malloc() routines by default just call the underlying library
+functons.
+
+If CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) is called, memory leak detection is
+turned on. CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_OFF) turns it off.
+
+When turned on, each Malloc() or Realloc() call is recored along with the file
+and line number from where the call was made. (This is done using the
+lhash library which always uses normal system malloc(3) routines).
+
+void CRYPTO_mem_leaks(BIO *b);
+void CRYPTO_mem_leaks_fp(FILE *fp);
+These both print out the list of memory that has not been free()ed.
+This will probably be rather hard to read, but if you look for the 'top level'
+structure allocation, this will often give an idea as to what is not being
+free()ed. I don't expect people to use this stuff normally.
+
diff --git a/doc/ms3-ca.doc b/doc/ms3-ca.doc
new file mode 100644
index 0000000..f8350aa
--- /dev/null
+++ b/doc/ms3-ca.doc
@@ -0,0 +1,398 @@
+Date: Mon, 9 Jun 97 08:00:33 +0200
+From: Holger.Reif@PrakInf.TU-Ilmenau.DE (Holger Reif)
+Subject: ms3-ca.doc
+Organization: TU Ilmenau, Fak. IA, FG Telematik
+Content-Length: 14575
+Status: RO
+X-Status:
+
+Loading client certs into MSIE 3.01
+===================================
+
+This document conatains all the information necessary to succesfully set up
+some scripts to issue client certs to Microsoft Internet Explorer. It
+includes the required knowledge about the model MSIE uses for client
+certification and includes complete sample scripts ready to play with. The
+scripts were tested against a modified ca program of SSLeay 0.6.6 and should
+work with the regular ca program that comes with version 0.8.0. I haven't
+tested against MSIE 4.0
+
+You can use the information contained in this document in either way you
+want. However if you feel it saved you a lot of time I ask you to be as fair
+as to mention my name: Holger Reif <reif@prakinf.tu-ilmenau.de>.
+
+1.) The model used by MSIE
+--------------------------
+
+The Internet Explorer doesn't come with a embedded engine for installing
+client certs like Netscape's Navigator. It rather uses the CryptoAPI (CAPI)
+defined by Microsoft. CAPI comes with WindowsNT 4.0 or is installed together
+with Internet Explorer since 3.01. The advantage of this approach is a higher
+flexibility because the certificates in the (per user) system open
+certificate store may be used by other applications as well. The drawback
+however is that you need to do a bit more work to get a client cert issued.
+
+CAPI defines functions which will handle basic cryptographic work, eg.
+generating keys, encrypting some data, signing text or building a certificate
+request. The procedure is as follows: A CAPI function generates you a key
+pair and saves it into the certificate store. After that one builds a
+Distinguished Name. Together with that key pair another CAPI function forms a
+PKCS#10 request which you somehow need to submit to a CA. Finally the issued
+cert is given to a yet another CAPI function which saves it into the
+certificate store.
+
+The certificate store with the user's keys and certs is in the registry. You
+will find it under HKEY_CURRENT_USER/Software/Microsoft/Cryptography/ (I
+leave it to you as a little exercise to figure out what all the entries mean
+;-). Note that the keys are protected only with the user's usual Windows
+login password.
+
+2.) The practical usage
+-----------------------
+
+Unfortunatly since CAPI is a system API you can't access its functions from
+HTML code directly. For this purpose Microsoft provides a wrapper called
+certenr3.dll. This DLL accesses the CAPI functions and provides an interface
+usable from Visual Basic Script. One needs to install that library on the
+computer which wants to have client cert. The easiest way is to load it as an
+ActiveX control (certenr3.dll is properly authenticode signed by MS ;-). If
+you have ever enrolled e cert request at a CA you will have installed it.
+
+At time of writing certenr3.dll is contained in
+http://www.microsoft.com/workshop/prog/security/csa/certenr3.exe. It comes
+with an README file which explains the available functions. It is labeled
+beta but every CA seems to use it anyway. The license.txt allows you the
+usage for your own purposes (as far as I understood) and a somehow limited
+distribution.
+
+The two functions of main interest are GenerateKeyPair and AcceptCredentials.
+For complete explanation of all possible parameters see the README file. Here
+are only minimal required parameters and their values.
+
+GenerateKeyPair(sessionID, FASLE, szName, 0, "ClientAuth", TRUE, FALSE, 1)
+- sessionID is a (locally to that computer) unique string to correlate the
+generated key pair with a cert installed later.
+- szName is the DN of the form "C=DE; S=Thueringen; L=Ilmenau; CN=Holger
+Reif; 1.2.840.113549.1.9.1=reif@prakinf.tu-ilmenau.de". Note that S is the
+abreviation for StateOrProvince. The recognized abreviation include CN, O, C,
+OU, G, I, L, S, T. If the abreviation is unknown (eg. for PKCS#9 email addr)
+you need to use the full object identifier. The starting point for searching
+them could be crypto/objects.h since all OIDs know to SSLeay are listed
+there.
+- note: the possible ninth parameter which should give a default name to the
+certificate storage location doesn't seem to work. Changes to the constant
+values in the call above doesn't seem to make sense. You can't generate
+PKCS#10 extensions with that function.
+
+The result of GenerateKeyPair is the base64 encoded PKCS#10 request. However
+it has a little strange format that SSLeay doesn't accept. (BTW I feel the
+decision of rejecting that format as standard conforming.) It looks like
+follows:
+ 1st line with 76 chars
+ 2nd line with 76 chars
+ ...
+ (n-2)th line with 76 chars
+ (n-1)th line contains a multiple of 4 chars less then 76 (possible
+empty)
+ (n)th line has zero or 4 chars (then with 1 or 2 equal signs - the
+ original text's lenght wasn'T a multiple of 3)
+ The line separator has two chars: 0x0d 0x0a
+
+AcceptCredentials(sessionID, credentials, 0, FALSE)
+- sessionID needs to be the same as while generating the key pair
+- credentials is the base64 encoded PKCS#7 object containing the cert.
+
+CRL's and CA certs are not required simply just the client cert. (It seems to
+me that both are not even checked somehow.) The only format of the base64
+encoded object I succesfully used was all characters in a very long string
+without line feeds or carriage returns. (Hey, it doesn't matter, only a
+computer reads it!)
+
+The result should be S_OK. For error handling see the example that comes with
+certenr3.dll.
+
+A note about ASN.1 character encodings. certenr3.dll seems to know only about
+2 of them: UniversalString and PrintableString. First it is definitely wrong
+for an email address which is IA5STRING (checked by ssleay's ca). Second
+unfortunately MSIE (at least until version 3.02) can't handle UniversalString
+correctly - they just blow up you cert store! Therefore ssleay's ca (starting
+from version 0.8.0) tries to convert the encodings automatically to IA5STRING
+or TeletexString. The beef is it will work only for the latin-1 (western)
+charset. Microsoft still has to do abit of homework...
+
+3.) An example
+--------------
+
+At least you need two steps: generating the key & request and then installing
+the certificate. A real world CA would have some more steps involved, eg.
+accepting some license. Note that both scripts shown below are just
+experimental state without any warrenty!
+
+First how to generate a request. Note that we can't use a static page because
+of the sessionID. I generate it from system time plus pid and hope it is
+unique enough. Your are free to feed it through md5 to get more impressive
+ID's ;-) Then the intended text is read in with sed which inserts the
+sessionID.
+
+-----BEGIN ms-enroll.cgi-----
+#!/bin/sh
+SESSION_ID=`date '+%y%m%d%H%M%S'`$$
+echo Content-type: text/html
+echo
+sed s/template_for_sessId/$SESSION_ID/ <<EOF
+<HTML><HEAD>
+<TITLE>Certificate Enrollment Test Page</TITLE>
+</HEAD><BODY>
+
+<OBJECT
+ classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
+ codebase=certenr3.dll
+ id=certHelper
+ >
+</OBJECT>
+
+<CENTER>
+<H2>enrollment for a personal cert</H2>
+<BR><HR WIDTH=50%><BR><P>
+<FORM NAME="MSIE_Enrollment" ACTION="ms-gencert.cgi" ENCTYPE=x-www-form-
+encoded METHOD=POST>
+<TABLE>
+ <TR><TD>Country</TD><TD><INPUT NAME="Country" VALUE=""></TD></TR>
+ <TR><TD>State</TD><TD><INPUT NAME="StateOrProvince" VALUE=""></TD></TR>
+ <TR><TD>Location</TD><TD><INPUT NAME="Location" VALUE=""></TD></TR>
+ <TR><TD>Organization</TD><TD><INPUT NAME="Organization"
+VALUE=""></TD></TR>
+ <TR><TD>Organizational Unit</TD>
+ <TD><INPUT NAME="OrganizationalUnit" VALUE=""></TD></TR>
+ <TR><TD>Name</TD><TD><INPUT NAME="CommonName" VALUE=""></TD></TR>
+ <TR><TD>eMail Address</TD>
+ <TD><INPUT NAME="EmailAddress" VALUE=""></TD></TR>
+ <TR><TD></TD>
+ <TD><INPUT TYPE="BUTTON" NAME="submit" VALUE="Beantragen"></TD></TR>
+</TABLE>
+ <INPUT TYPE="hidden" NAME="SessionId" VALUE="template_for_sessId">
+ <INPUT TYPE="hidden" NAME="Request" VALUE="">
+</FORM>
+<BR><HR WIDTH=50%><BR><P>
+</CENTER>
+
+<SCRIPT LANGUAGE=VBS>
+ Dim DN
+
+ Sub Submit_OnClick
+ Dim TheForm
+ Set TheForm = Document.MSIE_Enrollment
+ sessionId = TheForm.SessionId.value
+ reqHardware = FALSE
+ C = TheForm.Country.value
+ SP = TheForm.StateOrProvince.value
+ L = TheForm.Location.value
+ O = TheForm.Organization.value
+ OU = TheForm.OrganizationalUnit.value
+ CN = TheForm.CommonName.value
+ Email = TheForm.EmailAddress.value
+ szPurpose = "ClientAuth"
+ doAcceptanceUINow = FALSE
+ doOnline = TRUE
+
+ DN = ""
+
+ Call Add_RDN("C", C)
+ Call Add_RDN("S", SP)
+ Call Add_RDN("L", L)
+ Call Add_RDN("O", O)
+ Call Add_RDN("OU", OU)
+ Call Add_RDN("CN", CN)
+ Call Add_RDN("1.2.840.113549.1.9.1", Email)
+ ' rsadsi
+ ' pkcs
+ ' pkcs9
+ ' eMailAddress
+ On Error Resume Next
+ sz10 = certHelper.GenerateKeyPair(sessionId, _
+ FALSE, DN, 0, ClientAuth, FASLE, TRUE, 1)_
+ theError = Err.Number
+ On Error Goto 0
+ if (sz10 = Empty OR theError <> 0) Then
+ sz = "The error '" & Hex(theError) & "' occurred." & chr(13) & _
+ chr(10) & "Your credentials could not be generated."
+ result = MsgBox(sz, 0, "Credentials Enrollment")
+ Exit Sub
+ else
+ TheForm.Request.value = sz10
+ TheForm.Submit
+ end if
+ End Sub
+
+ Sub Add_RDN(sn, value)
+ if (value <> "") then
+ if (DN <> "") then
+ DN = DN & "; "
+ end if
+ DN = DN & sn & "=" & value
+ end if
+ End Sub
+</SCRIPT>
+</BODY>
+</HTML>
+EOF
+-----END ms-enroll.cgi-----
+
+Second, how to extract the request and feed the certificate back? We need to
+"normalize" the base64 encoding of the PKCS#10 format which means
+regenerating the lines and wrapping with BEGIN and END line. This is done by
+gawk. The request is taken by ca the normal way. Then the cert needs to be
+packed into a PKCS#7 structure (note: the use of a CRL is necessary for
+crl2pkcs7 as of version 0.6.6. Starting with 0.8.0 it it might probably be
+ommited). Finally we need to format the PKCS#7 object and generate the HTML
+text. I use two templates to have a clearer script.
+
+1st note: postit2 is slightly modified from a program I found at ncsa's ftp
+site. Grab it from http://www.easterngraphics.com/certs/IX9704/postit2.c. You
+need utils.c from there too.
+
+2nd note: I'm note quite sure wether the gawk script really handles all
+possible inputs for the request right! Today I don't use this construction
+anymore myself.
+
+3d note: the cert must be of version 3! This could be done with the nsComment
+line in ssleay.cnf...
+
+------BEGIN ms-gencert.cgi-----
+#!/bin/sh
+FILE="/tmp/"`date '+%y%m%d%H%M%S'-`$$
+rm -f "$FILE".*
+
+HOME=`pwd`; export HOME # as ssleay.cnf insists on having such an env var
+cd /usr/local/ssl #where demoCA (as named in ssleay.conf) is located
+
+postit2 -s " " -i 0x0d > "$FILE".inp # process the FORM vars
+
+SESSION_ID=`gawk '$1 == "SessionId" { print $2; exit }' "$FILE".inp`
+
+gawk \
+ 'BEGIN { \
+ OFS = ""; \
+ print "-----BEGIN CERTIFICATE REQUEST-----"; \
+ req_seen=0 \
+ } \
+ $1 == "Request" { \
+ req_seen=1; \
+ if (length($2) == 72) print($2); \
+ lastline=$2; \
+ next; \
+ } \
+ { \
+ if (req_seen == 1) { \
+ if (length($1) >= 72) print($1); \
+ else if (length(lastline) < 72) { \
+ req_seen=0; \
+ print (lastline,$1); \
+ } \
+ lastline=$1; \
+ } \
+ } \
+ END { \
+ print "-----END CERTIFICATE REQUEST-----"; \
+ }' > "$FILE".pem < "$FILE".inp
+
+ssleay ca -batch -in "$FILE".pem -key passwd -out "$FILE".out
+ssleay crl2pkcs7 -certfile "$FILE".out -out "$FILE".pkcs7 -in demoCA/crl.pem
+
+sed s/template_for_sessId/$SESSION_ID/ <ms-enroll2a.html >"$FILE".cert
+/usr/local/bin/gawk \
+ 'BEGIN { \
+ OFS = ""; \
+ dq = sprintf("%c",34); \
+ } \
+ $0 ~ "PKCS7" { next; } \
+ { \
+ print dq$0dq" & _"; \
+ }' <"$FILE".pkcs7 >> "$FILE".cert
+cat ms-enroll2b.html >>"$FILE".cert
+
+echo Content-type: text/html
+echo Content-length: `wc -c "$FILE".cert`
+echo
+cat "$FILE".cert
+rm -f "$FILE".*
+-----END ms-gencert.cgi-----
+
+----BEGIN ms-enroll2a.html----
+<HTML><HEAD><TITLE>Certificate Acceptance Test Page</TITLE></HEAD><BODY>
+
+<OBJECT
+ classid="clsid:33BEC9E0-F78F-11cf-B782-00C04FD7BF43"
+ codebase=certenr3.dll
+ id=certHelper
+ >
+</OBJECT>
+
+<CENTER>
+<H2>Your personal certificate</H2>
+<BR><HR WIDTH=50%><BR><P>
+Press the button!
+<P><INPUT TYPE=BUTTON VALUE="Nimm mich!" NAME="InstallCert">
+</CENTER>
+<BR><HR WIDTH=50%><BR>
+
+<SCRIPT LANGUAGE=VBS>
+ Sub InstallCert_OnClick
+
+ sessionId = "template_for_sessId"
+credentials = "" & _
+----END ms-enroll2a.html----
+
+----BEGIN ms-enroll2b.html----
+""
+ On Error Resume Next
+ result = certHelper.AcceptCredentials(sessionId, credentials, 0,
+FALSE)
+ if (IsEmpty(result)) Then
+ sz = "The error '" & Err.Number & "' occurred." & chr(13) &
+chr(10) & "This Digital ID could not be registered."
+ msgOut = MsgBox(sz, 0, "Credentials Registration Error")
+ navigate "error.html"
+ else
+ sz = "Digital ID successfully registered."
+ msgOut = MsgBox(sz, 0, "Credentials Registration")
+ navigate "success.html"
+ end if
+ Exit Sub
+ End Sub
+</SCRIPT>
+</BODY>
+</HTML>
+----END ms-enroll2b.html----
+
+4.) What do do with the cert?
+-----------------------------
+
+The cert is visible (without restarting MSIE) under the following menu:
+View->Options->Security->Personal certs. You can examine it's contents at
+least partially.
+
+To use it for client authentication you need to use SSL3.0 (fortunately
+SSLeay supports it with 0.8.0). Furthermore MSIE is told to only supports a
+kind of automatic selection of certs (I personally wasn't able to test it
+myself). But there is a requirement that the issuer of the server cert and
+the issuer of the client cert needs to be the same (according to a developer
+from MS). Which means: you need may more then one cert to talk to all
+servers...
+
+I'm sure we will get a bit more experience after ApacheSSL is available for
+SSLeay 0.8.8.
+
+
+I hope you enjoyed reading and that in future questions on this topic will
+rarely appear on ssl-users@moncom.com ;-)
+
+Ilmenau, 9th of June 1997
+Holger Reif <reif@prakinf.tu-ilmenau.de>
+--
+read you later - Holger Reif
+---------------------------------------- Signaturprojekt Deutsche Einheit
+TU Ilmenau - Informatik - Telematik (Verdamp lang her)
+Holger.Reif@PrakInf.TU-Ilmenau.DE Alt wie ein Baum werden, um ueber
+http://Remus.PrakInf.TU-Ilmenau.DE/Reif/ alle 7 Bruecken gehen zu koennen
+
diff --git a/doc/ns-ca.doc b/doc/ns-ca.doc
new file mode 100644
index 0000000..836883e
--- /dev/null
+++ b/doc/ns-ca.doc
@@ -0,0 +1,154 @@
+The following documentation was supplied by Jeff Barber, who provided the
+patch to the CA program to add this functionality.
+
+eric
+--
+Jeff Barber Email: jeffb@issl.atl.hp.com
+
+Hewlett Packard Phone: (404) 648-9503
+Internet and System Security Lab Fax: (404) 648-9516
+
+ oo
+---------------------cut /\ here for ns-ca.doc ------------------------------
+
+This document briefly describes how to use SSLeay to implement a
+certificate authority capable of dynamically serving up client
+certificates for version 3.0 beta 5 (and presumably later) versions of
+the Netscape Navigator. Before describing how this is done, it's
+important to understand a little about how the browser implements its
+client certificate support. This is documented in some detail in the
+URLs based at <URL:http://home.netscape.com/eng/security/certs.html>.
+Here's a brief overview:
+
+- The Navigator supports a new HTML tag "KEYGEN" which will cause
+ the browser to generate an RSA key pair when you submit a form
+ containing the tag. The public key, along with an optional
+ challenge (supposedly provided for use in certificate revocation
+ but I don't use it) is signed, DER-encoded, base-64 encoded
+ and sent to the web server as the value of the variable
+ whose NAME is provided in the KEYGEN tag. The private key is
+ stored by the browser in a local key database.
+
+ This "Signed Public Key And Challenge" (SPKAC) arrives formatted
+ into 64 character lines (which are of course URL-encoded when
+ sent via HTTP -- i.e. spaces, newlines and most punctuatation are
+ encoded as "%HH" where HH is the hex equivalent of the ASCII code).
+ Note that the SPKAC does not contain the other usual attributes
+ of a certificate request, especially the subject name fields.
+ These must be otherwise encoded in the form for submission along
+ with the SPKAC.
+
+- Either immediately (in response to this form submission), or at
+ some later date (a real CA will probably verify your identity in
+ some way before issuing the certificate), a web server can send a
+ certificate based on the public key and other attributes back to
+ the browser by encoding it in DER (the binary form) and sending it
+ to the browser as MIME type:
+ "Content-type: application/x-x509-user-cert"
+
+ The browser uses the public key encoded in the certificate to
+ associate the certificate with the appropriate private key in
+ its local key database. Now, the certificate is "installed".
+
+- When a server wants to require authentication based on client
+ certificates, it uses the right signals via the SSL protocol to
+ trigger the Navigator to ask you which certificate you want to
+ send. Whether the certificate is accepted is dependent on CA
+ certificates and so forth installed in the server and is beyond
+ the scope of this document.
+
+
+Now, here's how the SSLeay package can be used to provide client
+certficates:
+
+- You prepare a file for input to the SSLeay ca application.
+ The file contains a number of "name = value" pairs that identify
+ the subject. The names here are the same subject name component
+ identifiers used in the CA section of the lib/ssleay.conf file,
+ such as "emailAddress", "commonName" "organizationName" and so
+ forth. Both the long version and the short version (e.g. "Email",
+ "CN", "O") can be used.
+
+ One more name is supported: this one is "SPKAC". Its value
+ is simply the value of the base-64 encoded SPKAC sent by the
+ browser (with all the newlines and other space charaters
+ removed -- and newline escapes are NOT supported).
+
+ [ As of SSLeay 0.6.4, multiple lines are supported.
+ Put a \ at the end of each line and it will be joined with the
+ previous line with the '\n' removed - eay ]
+
+ Here's a sample input file:
+
+C = US
+SP = Georgia
+O = Some Organization, Inc.
+OU = Netscape Compatibility Group
+CN = John X. Doe
+Email = jxdoe@someorg.com
+SPKAC = MIG0MGAwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAwmk6FMJ4uAVIYbcvIOx5+bDGTfvL8X5gE+R67ccMk6rCSGbVQz2cetyQtnI+VIs0NwdD6wjuSuVtVFbLoHonowIDAQABFgAwDQYJKoZIhvcNAQEEBQADQQBFZDUWFl6BJdomtN1Bi53mwijy1rRgJ4YirF15yBEDM3DjAQkKXHYOIX+qpz4KXKnl6EYxTnGSFL5wWt8X2iyx
+
+- You execute the ca command (either from a CGI program run out of
+ the web server, or as a later manual task) giving it the above
+ file as input. For example, if the file were named /tmp/cert.req,
+ you'd run:
+ $SSLDIR/bin/ca -spkac /tmp/cert.req -out /tmp/cert
+
+ The output is in DER format (binary) if a -out argument is
+ provided, as above; otherwise, it's in the PEM format (base-64
+ encoded DER). Also, the "-batch" switch is implied by the
+ "-spkac" so you don't get asked whether to complete the signing
+ (probably it shouldn't work this way but I was only interested
+ in hacking together an online CA that could be used for issuing
+ test certificates).
+
+ The "-spkac" capability doesn't support multiple files (I think).
+
+ Any CHALLENGE provided in the SPKAC is simply ignored.
+
+ The interactions between the identification fields you provide
+ and those identified in your lib/ssleay.conf are the same as if
+ you did an ordinary "ca -in infile -out outfile" -- that is, if
+ something is marked as required in the ssleay.conf file and it
+ isn't found in the -spkac file, the certificate won't be issued.
+
+- Now, you pick up the output from /tmp/cert and pass it back to
+ the Navigator prepending the Content-type string described earlier.
+
+- In order to run the ca command out of a CGI program, you must
+ provide a password to decrypt the CA's private key. You can
+ do this by using "echo MyKeyPassword | $SSLDIR/bin/ca ..."
+ I think there's a way to not encrypt the key file in the first
+ place, but I didn't see how to do that, so I made a small change
+ to the library that allows the password to be accepted from a pipe.
+ Either way is UTTERLY INSECURE and a real CA would never do that.
+
+ [ You can use the 'ssleay rsa' command to remove the password
+ from the private key, or you can use the '-key' option to the
+ ca command to specify the decryption key on the command line
+ or use the -nodes option when generating the key.
+ ca will try to clear the command line version of the password
+ but for quite a few operating systems, this is not possible.
+ - eric ]
+
+So, what do you have to do to make use of this stuff to create an online
+demo CA capability with SSLeay?
+
+1 Create an HTML form for your users. The form should contain
+ fields for all of the required or optional fields in ssleay.conf.
+ The form must contain a KEYGEN tag somewhere with at least a NAME
+ attribute.
+
+2 Create a CGI program to process the form input submitted by the
+ browser. The CGI program must URL-decode the variables and create
+ the file described above, containing subject identification info
+ as well as the SPKAC block. It should then run the the ca program
+ with the -spkac option. If it works (check the exit status),
+ return the new certificate with the appropriate MIME type. If not,
+ return the output of the ca command with MIME type "text/plain".
+
+3 Set up your web server to accept connections signed by your demo
+ CA. This probably involves obtaining the PEM-encoded CA certificate
+ (ordinarily in $SSLDIR/CA/cacert.pem) and installing it into a
+ server database. See your server manual for instructions.
+
diff --git a/doc/obj.doc b/doc/obj.doc
new file mode 100644
index 0000000..bad347c
--- /dev/null
+++ b/doc/obj.doc
@@ -0,0 +1,69 @@
+The Object library.
+
+As part of my Crypto library, I found I required a method of identifying various
+objects. These objects normally had 3 different values associated with
+them, a short text name, a long (or lower case) text name, and an
+ASN.1 Object Identifier (which is a sequence of numbers).
+This library contains a static list of objects and functions to lookup
+according to one type and to return the other types.
+
+To use these routines, 'Object.h' needs to be included.
+
+For each supported object, #define entries are defined as follows
+#define SN_Algorithm "Algorithm"
+#define LN_algorithm "algorithm"
+#define NID_algorithm 38
+#define OBJ_algorithm 1L,3L,14L,3L,2L
+
+SN_ stands for short name.
+LN_ stands for either long name or lowercase name.
+NID_ stands for Numeric ID. I each object has a unique NID and this
+ should be used internally to identify objects.
+OBJ_ stands for ASN.1 Object Identifier or ASN1_OBJECT as defined in the
+ ASN1 routines. These values are used in ASN1 encoding.
+
+The following functions are to be used to return pointers into a static
+definition of these types. What this means is "don't try to free() any
+pointers returned from these functions.
+
+ASN1_OBJECT *OBJ_nid2obj(
+int n);
+ Return the ASN1_OBJECT that corresponds to a NID of n.
+
+char *OBJ_nid2ln(
+int n);
+ Return the long/lower case name of the object represented by the
+ NID of n.
+
+char *OBJ_nid2sn(
+int n);
+ Return the short name for the object represented by the NID of n.
+
+ASN1_OBJECT *OBJ_dup(
+ASN1_OBJECT *o);
+ Duplicate and return a new ASN1_OBJECT that is the same as the
+ passed parameter.
+
+int OBJ_obj2nid(
+ASN1_OBJECT *o);
+ Given ASN1_OBJECT o, return the NID that corresponds.
+
+int OBJ_ln2nid(
+char *s);
+ Given the long/lower case name 's', return the NID of the object.
+
+int OBJ_sn2nid(
+char *s);
+ Given the short name 's', return the NID of the object.
+
+char *OBJ_bsearch(
+char *key,
+char *base,
+int num,
+int size,
+int (*cmp)());
+ Since I have come across a few platforms that do not have the
+ bsearch() function, OBJ_bsearch is my version of that function.
+ Feel free to use this function, but you may as well just use the
+ normal system bsearch(3) if it is present. This version also
+ has tolerance of being passed NULL pointers.
diff --git a/doc/rand.doc b/doc/rand.doc
new file mode 100644
index 0000000..da02a07
--- /dev/null
+++ b/doc/rand.doc
@@ -0,0 +1,141 @@
+My Random number library.
+
+These routines can be used to generate pseudo random numbers and can be
+used to 'seed' the pseudo random number generator (RNG). The RNG make no
+effort to reproduce the same random number stream with each execution.
+Various other routines in the SSLeay library 'seed' the RNG when suitable
+'random' input data is available. Read the section at the end for details
+on the design of the RNG.
+
+void RAND_bytes(
+unsigned char *buf,
+int num);
+ This routine puts 'num' random bytes into 'buf'. One should make
+ sure RAND_seed() has been called before using this routine.
+
+void RAND_seed(
+unsigned char *buf,
+int num);
+ This routine adds more 'seed' data the RNG state. 'num' bytes
+ are added to the RNG state, they are taken from 'buf'. This
+ routine can be called with sensitive data such as user entered
+ passwords. This sensitive data is in no way recoverable from
+ the RAND library routines or state. Try to pass as much data
+ from 'random' sources as possible into the RNG via this function.
+ Also strongly consider using the RAND_load_file() and
+ RAND_write_file() routines.
+
+void RAND_cleanup();
+ When a program has finished with the RAND library, if it so
+ desires, it can 'zero' all RNG state.
+
+The following 3 routines are convenience routines that can be used to
+'save' and 'restore' data from/to the RNG and it's state.
+Since the more 'random' data that is feed as seed data the better, why not
+keep it around between executions of the program? Of course the
+application should pass more 'random' data in via RAND_seed() and
+make sure no-one can read the 'random' data file.
+
+char *RAND_file_name(
+char *buf,
+int size);
+ This routine returns a 'default' name for the location of a 'rand'
+ file. The 'rand' file should keep a sequence of random bytes used
+ to initialise the RNG. The filename is put in 'buf'. Buf is 'size'
+ bytes long. Buf is returned if things go well, if they do not,
+ NULL is returned. The 'rand' file name is generated in the
+ following way. First, if there is a 'RANDFILE' environment
+ variable, it is returned. Second, if there is a 'HOME' environment
+ variable, $HOME/.rand is returned. Third, NULL is returned. NULL
+ is also returned if a buf would overflow.
+
+int RAND_load_file(
+char *file,
+long number);
+ This function 'adds' the 'file' into the RNG state. It does this by
+ doing a RAND_seed() on the value returned from a stat() system call
+ on the file and if 'number' is non-zero, upto 'number' bytes read
+ from the file. The number of bytes passed to RAND_seed() is returned.
+
+int RAND_write_file(
+char *file),
+ RAND_write_file() writes N random bytes to the file 'file', where
+ N is the size of the internal RND state (currently 1k).
+ This is a suitable method of saving RNG state for reloading via
+ RAND_load_file().
+
+What follows is a description of this RNG and a description of the rational
+behind it's design.
+
+It should be noted that this RNG is intended to be used to generate
+'random' keys for various ciphers including generation of DH and RSA keys.
+
+It should also be noted that I have just created a system that I am happy with.
+It may be overkill but that does not worry me. I have not spent that much
+time on this algorithm so if there are glaring errors, please let me know.
+Speed has not been a consideration in the design of these routines.
+
+First up I will state the things I believe I need for a good RNG.
+1) A good hashing algorithm to mix things up and to convert the RNG 'state'
+ to random numbers.
+2) An initial source of random 'state'.
+3) The state should be very large. If the RNG is being used to generate
+ 4096 bit RSA keys, 2 2048 bit random strings are required (at a minimum).
+ If your RNG state only has 128 bits, you are obviously limiting the
+ search space to 128 bits, not 2048. I'm probably getting a little
+ carried away on this last point but it does indicate that it may not be
+ a bad idea to keep quite a lot of RNG state. It should be easier to
+ break a cipher than guess the RNG seed data.
+4) Any RNG seed data should influence all subsequent random numbers
+ generated. This implies that any random seed data entered will have
+ an influence on all subsequent random numbers generated.
+5) When using data to seed the RNG state, the data used should not be
+ extractable from the RNG state. I believe this should be a
+ requirement because one possible source of 'secret' semi random
+ data would be a private key or a password. This data must
+ not be disclosed by either subsequent random numbers or a
+ 'core' dump left by a program crash.
+6) Given the same initial 'state', 2 systems should deviate in their RNG state
+ (and hence the random numbers generated) over time if at all possible.
+7) Given the random number output stream, it should not be possible to determine
+ the RNG state or the next random number.
+
+
+The algorithm is as follows.
+
+There is global state made up of a 1023 byte buffer (the 'state'), a
+working message digest ('md') and a counter ('count').
+
+Whenever seed data is added, it is inserted into the 'state' as
+follows.
+ The input is chopped up into units of 16 bytes (or less for
+ the last block). Each of these blocks is run through the MD5
+ message digest. The data passed to the MD5 digest is the
+ current 'md', the same number of bytes from the 'state'
+ (the location determined by in incremented looping index) as
+ the current 'block' and the new key data 'block'. The result
+ of this is kept in 'md' and also xored into the 'state' at the
+ same locations that were used as input into the MD5.
+ I believe this system addresses points 1 (MD5), 3 (the 'state'),
+ 4 (via the 'md'), 5 (by the use of MD5 and xor).
+
+When bytes are extracted from the RNG, the following process is used.
+For each group of 8 bytes (or less), we do the following,
+ Input into MD5, the top 8 bytes from 'md', the byte that are
+ to be overwritten by the random bytes and bytes from the
+ 'state' (incrementing looping index). From this digest output
+ (which is kept in 'md'), the top (upto) 8 bytes are
+ returned to the caller and the bottom (upto) 8 bytes are xored
+ into the 'state'.
+ Finally, after we have finished 'generation' random bytes for the
+ called, 'count' (which is incremented) and 'md' are fed into MD5 and
+ the results are kept in 'md'.
+ I believe the above addressed points 1 (use of MD5), 6 (by
+ hashing into the 'state' the 'old' data from the caller that
+ is about to be overwritten) and 7 (by not using the 8 bytes
+ given to the caller to update the 'state', but they are used
+ to update 'md').
+
+So of the points raised, only 2 is not addressed, but sources of
+random data will always be a problem.
+
diff --git a/doc/rc2.doc b/doc/rc2.doc
new file mode 100644
index 0000000..efab015
--- /dev/null
+++ b/doc/rc2.doc
@@ -0,0 +1,165 @@
+The RC2 library.
+
+RC2 is a block cipher that operates on 64bit (8 byte) quantities. It
+uses variable size key, but 128bit (16 byte) key would normally be considered
+good. It can be used in all the modes that DES can be used. This
+library implements the ecb, cbc, cfb64, ofb64 modes.
+
+I have implemented this library from an article posted to sci.crypt on
+11-Feb-1996. I personally don't know how far to trust the RC2 cipher.
+While it is capable of having a key of any size, not much reseach has
+publically been done on it at this point in time (Apr-1996)
+since the cipher has only been public for a few months :-)
+It is of a similar speed to DES and IDEA, so unless it is required for
+meeting some standard (SSLv2, perhaps S/MIME), it would probably be advisable
+to stick to IDEA, or for the paranoid, Tripple DES.
+
+Mind you, having said all that, I should mention that I just read alot and
+implement ciphers, I'm a 'babe in the woods' when it comes to evaluating
+ciphers :-).
+
+For all calls that have an 'input' and 'output' variables, they can be the
+same.
+
+This library requires the inclusion of 'rc2.h'.
+
+All of the encryption functions take what is called an RC2_KEY as an
+argument. An RC2_KEY is an expanded form of the RC2 key.
+For all modes of the RC2 algorithm, the RC2_KEY used for
+decryption is the same one that was used for encryption.
+
+The define RC2_ENCRYPT is passed to specify encryption for the functions
+that require an encryption/decryption flag. RC2_DECRYPT is passed to
+specify decryption.
+
+Please note that any of the encryption modes specified in my DES library
+could be used with RC2. I have only implemented ecb, cbc, cfb64 and
+ofb64 for the following reasons.
+- ecb is the basic RC2 encryption.
+- cbc is the normal 'chaining' form for block ciphers.
+- cfb64 can be used to encrypt single characters, therefore input and output
+ do not need to be a multiple of 8.
+- ofb64 is similar to cfb64 but is more like a stream cipher, not as
+ secure (not cipher feedback) but it does not have an encrypt/decrypt mode.
+- If you want triple RC2, thats 384 bits of key and you must be totally
+ obsessed with security. Still, if you want it, it is simple enough to
+ copy the function from the DES library and change the des_encrypt to
+ RC2_encrypt; an exercise left for the paranoid reader :-).
+
+The functions are as follows:
+
+void RC2_set_key(
+RC2_KEY *ks;
+int len;
+unsigned char *key;
+int bits;
+ RC2_set_key converts an 'len' byte key into a RC2_KEY.
+ A 'ks' is an expanded form of the 'key' which is used to
+ perform actual encryption. It can be regenerated from the RC2 key
+ so it only needs to be kept when encryption or decryption is about
+ to occur. Don't save or pass around RC2_KEY's since they
+ are CPU architecture dependent, 'key's are not. RC2 is an
+ interesting cipher in that it can be used with a variable length
+ key. 'len' is the length of 'key' to be used as the key.
+ A 'len' of 16 is recomended. The 'bits' argument is an
+ interesting addition which I only found out about in Aug 96.
+ BSAFE uses this parameter to 'limit' the number of bits used
+ for the key. To use the 'key' unmodified, set bits to 1024.
+ This is what old versions of my RC2 library did (SSLeay 0.6.3).
+ RSAs BSAFE library sets this parameter to be 128 if 128 bit
+ keys are being used. So to be compatable with BSAFE, set it
+ to 128, if you don't want to reduce RC2's key length, leave it
+ at 1024.
+
+void RC2_encrypt(
+unsigned long *data,
+RC2_KEY *key,
+int encrypt);
+ This is the RC2 encryption function that gets called by just about
+ every other RC2 routine in the library. You should not use this
+ function except to implement 'modes' of RC2. I say this because the
+ functions that call this routine do the conversion from 'char *' to
+ long, and this needs to be done to make sure 'non-aligned' memory
+ access do not occur.
+ Data is a pointer to 2 unsigned long's and key is the
+ RC2_KEY to use. Encryption or decryption is indicated by 'encrypt'.
+ which can have the values RC2_ENCRYPT or RC2_DECRYPT.
+
+void RC2_ecb_encrypt(
+unsigned char *in,
+unsigned char *out,
+RC2_KEY *key,
+int encrypt);
+ This is the basic Electronic Code Book form of RC2 (in DES this
+ mode is called Electronic Code Book so I'm going to use the term
+ for rc2 as well.
+ Input is encrypted into output using the key represented by
+ key. Depending on the encrypt, encryption or
+ decryption occurs. Input is 8 bytes long and output is 8 bytes.
+
+void RC2_cbc_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+RC2_KEY *ks,
+unsigned char *ivec,
+int encrypt);
+ This routine implements RC2 in Cipher Block Chaining mode.
+ Input, which should be a multiple of 8 bytes is encrypted
+ (or decrypted) to output which will also be a multiple of 8 bytes.
+ The number of bytes is in length (and from what I've said above,
+ should be a multiple of 8). If length is not a multiple of 8, bad
+ things will probably happen. ivec is the initialisation vector.
+ This function updates iv after each call so that it can be passed to
+ the next call to RC2_cbc_encrypt().
+
+void RC2_cfb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+RC2_KEY *schedule,
+unsigned char *ivec,
+int *num,
+int encrypt);
+ This is one of the more useful functions in this RC2 library, it
+ implements CFB mode of RC2 with 64bit feedback.
+ This allows you to encrypt an arbitrary number of bytes,
+ you do not require 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. Num contains 'how far' we are though ivec.
+ 'Encrypt' is used to indicate encryption or decryption.
+ CFB64 mode operates by using the cipher to generate a stream
+ of bytes which is used to encrypt the plain text.
+ The cipher text is then encrypted to generate the next 64 bits to
+ be xored (incrementally) with the next 64 bits of plain
+ text. As can be seen from this, to encrypt or decrypt,
+ the same 'cipher stream' needs to be generated but the way the next
+ block of data is gathered for encryption is different for
+ encryption and decryption.
+
+void RC2_ofb64_encrypt(
+unsigned char *in,
+unsigned char *out,
+long length,
+RC2_KEY *schedule,
+unsigned char *ivec,
+int *num);
+ This functions implements OFB mode of RC2 with 64bit feedback.
+ This allows you to encrypt an arbitrary number of bytes,
+ you do not require 8 byte padding. Each call to this
+ routine will encrypt the input bytes to output and then update ivec
+ and num. Num contains 'how far' we are though ivec.
+ This is in effect a stream cipher, there is no encryption or
+ decryption mode.
+
+For reading passwords, I suggest using des_read_pw_string() from my DES library.
+To generate a password from a text string, I suggest using MD5 (or MD2) to
+produce a 16 byte message digest that can then be passed directly to
+RC2_set_key().
+
+=====
+For more information about the specific RC2 modes in this library
+(ecb, cbc, cfb and ofb), read the section entitled 'Modes of DES' from the
+documentation on my DES library. What is said about DES is directly
+applicable for RC2.
+
diff --git a/doc/rc4.doc b/doc/rc4.doc
new file mode 100644
index 0000000..4b2897e
--- /dev/null
+++ b/doc/rc4.doc
@@ -0,0 +1,44 @@
+The RC4 library.
+RC4 is a stream cipher that operates on a byte stream. It can be used with
+any length key but I would recommend normally using 16 bytes.
+
+This library requires the inclusion of 'rc4.h'.
+
+The RC4 encryption function takes what is called an RC4_KEY as an argument.
+The RC4_KEY is generated by the RC4_set_key function from the key bytes.
+
+RC4, being a stream cipher, does not have an encryption or decryption mode.
+It produces a stream of bytes that the input stream is xor'ed against and
+so decryption is just a case of 'encrypting' again with the same key.
+
+I have only put in one 'mode' for RC4 which is the normal one. This means
+there is no initialisation vector and there is no feedback of the cipher
+text into the cipher. This implies that you should not ever use the
+same key twice if you can help it. If you do, you leave yourself open to
+known plain text attacks; if you know the plain text and
+corresponding cipher text in one message, all messages that used the same
+key can have the cipher text decoded for the corresponding positions in the
+cipher stream.
+
+The main positive feature of RC4 is that it is a very fast cipher; about 4
+times faster that DES. This makes it ideally suited to protocols where the
+key is randomly chosen, like SSL.
+
+The functions are as follows:
+
+void RC4_set_key(
+RC4_KEY *key;
+int len;
+unsigned char *data);
+ This function initialises the RC4_KEY structure with the key passed
+ in 'data', which is 'len' bytes long. The key data can be any
+ length but 16 bytes seems to be a good number.
+
+void RC4(
+RC4_KEY *key;
+unsigned long len;
+unsigned char *in;
+unsigned char *out);
+ Do the actual RC4 encryption/decryption. Using the 'key', 'len'
+ bytes are transformed from 'in' to 'out'. As mentioned above,
+ decryption is the operation as encryption.
diff --git a/doc/readme b/doc/readme
new file mode 100644
index 0000000..824d4fd
--- /dev/null
+++ b/doc/readme
@@ -0,0 +1,6 @@
+This is the old 0.6.6 docuementation. Most of the cipher stuff is still
+relevent but I'm working (very slowly) on new docuemtation.
+The current version can be found online at
+
+http://www.cryptsoft.com/ssleay/doc
+
diff --git a/doc/ref.doc b/doc/ref.doc
new file mode 100644
index 0000000..2115599
--- /dev/null
+++ b/doc/ref.doc
@@ -0,0 +1,48 @@
+I have lots more references etc, and will update this list in the future,
+30 Aug 1996 - eay
+
+
+SSL The SSL Protocol - from Netscapes.
+
+RC4 Newsgroups: sci.crypt
+ From: sterndark@netcom.com (David Sterndark)
+ Subject: RC4 Algorithm revealed.
+ Message-ID: <sternCvKL4B.Hyy@netcom.com>
+
+RC2 Newsgroups: sci.crypt
+ From: pgut01@cs.auckland.ac.nz (Peter Gutmann)
+ Subject: Specification for Ron Rivests Cipher No.2
+ Message-ID: <4fk39f$f70@net.auckland.ac.nz>
+
+MD2 RFC1319 The MD2 Message-Digest Algorithm
+MD5 RFC1321 The MD5 Message-Digest Algorithm
+
+X509 Certificates
+ RFC1421 Privacy Enhancement for Internet Electronic Mail: Part I
+ RFC1422 Privacy Enhancement for Internet Electronic Mail: Part II
+ RFC1423 Privacy Enhancement for Internet Electronic Mail: Part III
+ RFC1424 Privacy Enhancement for Internet Electronic Mail: Part IV
+
+RSA and various standard encoding
+ PKCS#1 RSA Encryption Standard
+ PKCS#5 Password-Based Encryption Standard
+ PKCS#7 Cryptographic Message Syntax Standard
+ A Layman's Guide to a Subset of ASN.1, BER, and DER
+ An Overview of the PKCS Standards
+ Some Examples of the PKCS Standards
+
+IDEA Chapter 3 The Block Cipher IDEA
+
+RSA, prime number generation and bignum algorithms
+ Introduction To Algorithms,
+ Thomas Cormen, Charles Leiserson, Ronald Rivest,
+ Section 29 Arithmetic Circuits
+ Section 33 Number-Theoretic Algorithms
+
+Fast Private Key algorithm
+ Fast Decipherment Algorithm for RSA Public-Key Cryptosystem
+ J.-J. Quisquater and C. Couvreur, Electronics Letters,
+ 14th October 1982, Vol. 18 No. 21
+
+Prime number generation and bignum algorithms.
+ PGP-2.3a
diff --git a/doc/req.1 b/doc/req.1
new file mode 100644
index 0000000..684fda5
--- /dev/null
+++ b/doc/req.1
@@ -0,0 +1,137 @@
+The 'req' command is used to manipulate and deal with pkcs#10
+certificate requests.
+
+It's default mode of operation is to load a certificate and then
+write it out again.
+
+By default the 'req' is read from stdin in 'PEM' format.
+The -inform option can be used to specify 'pem' format or 'der'
+format. PEM format is the base64 encoding of the DER format.
+
+By default 'req' then writes the request back out. -outform can be used
+to indicate the desired output format, be it 'pem' or 'der'.
+
+To specify an input file, use the '-in' option and the '-out' option
+can be used to specify the output file.
+
+If you wish to perform a command and not output the certificate
+request afterwards, use the '-noout' option.
+
+When a certificate is loaded, it can be printed in a human readable
+ascii format via the '-text' option.
+
+To check that the signature on a certificate request is correct, use
+the '-verify' option to make sure that the private key contained in the
+certificate request corresponds to the signature.
+
+Besides the default mode, there is also the 'generate a certificate
+request' mode. There are several flags that trigger this mode.
+
+-new will generate a new RSA key (if required) and then prompts
+the user for details for the certificate request.
+-newkey has an argument that is the number of bits to make the new
+key. This function also triggers '-new'.
+
+The '-new' option can have a key to use specified instead of having to
+load one, '-key' is used to specify the file containg the key.
+-keyform can be used to specify the format of the key. Only
+'pem' and 'der' formats are supported, later, 'netscape' format may be added.
+
+Finally there is the '-x509' options which makes req output a self
+signed x509 certificate instead of a certificate request.
+
+Now as you may have noticed, there are lots of default options that
+cannot be specified via the command line. They are held in a 'template'
+or 'configuration file'. The -config option specifies which configuration
+file to use. See conf.doc for details on the syntax of this file.
+
+The req command uses the 'req' section of the config file.
+
+---
+# The following variables are defined. For this example I will populate
+# the various values
+[ req ]
+default_bits = 512 # default number of bits to use.
+default_keyfile = testkey.pem # Where to write the generated keyfile
+ # if not specified.
+distinguished_name= req_dn # The section that contains the
+ # information about which 'object' we
+ # want to put in the DN.
+attributes = req_attr # The objects we want for the
+ # attributes field.
+encrypt_rsa_key = no # Should we encrypt newly generated
+ # keys. I strongly recommend 'yes'.
+
+# The distinguished name section. For the following entries, the
+# object names must exist in the SSLeay header file objects.h. If they
+# do not, they will be silently ignored. The entries have the following
+# format.
+# <object_name> => string to prompt with
+# <object_name>_default => default value for people
+# <object_name>_value => Automatically use this value for this field.
+# <object_name>_min => minimum number of characters for data (def. 0)
+# <object_name>_max => maximum number of characters for data (def. inf.)
+# All of these entries are optional except for the first one.
+[ req_dn ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Queensland
+
+localityName = Locality Name (eg, city)
+
+organizationName = Organization Name (eg, company)
+organizationName_default = Mincom Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default = MTR
+
+commonName = Common Name (eg, YOUR name)
+commonName_max = 64
+
+emailAddress = Email Address
+emailAddress_max = 40
+
+# The next section is the attributes section. This is exactly the
+# same as for the previous section except that the resulting objects are
+# put in the attributes field.
+[ req_attr ]
+challengePassword = A challenge password
+challengePassword_min = 4
+challengePassword_max = 20
+
+unstructuredName = An optional company name
+
+----
+Also note that the order that attributes appear in this file is the
+order they will be put into the distinguished name.
+
+Once this request has been generated, it can be sent to a CA for
+certifying.
+
+----
+A few quick examples....
+
+To generate a new request and a new key
+req -new
+
+To generate a new request and a 1058 bit key
+req -newkey 1058
+
+To generate a new request using a pre-existing key
+req -new -key key.pem
+
+To generate a self signed x509 certificate from a certificate
+request using a supplied key, and we want to see the text form of the
+output certificate (which we will put in the file selfSign.pem
+req -x509 -in req.pem -key key.pem -text -out selfSign.pem
+
+Verify that the signature is correct on a certificate request.
+req -verify -in req.pem
+
+Verify that the signature was made using a specified public key.
+req -verify -in req.pem -key key.pem
+
+Print the contents of a certificate request
+req -text -in req.pem
diff --git a/doc/rsa.doc b/doc/rsa.doc
new file mode 100644
index 0000000..f899a39
--- /dev/null
+++ b/doc/rsa.doc
@@ -0,0 +1,133 @@
+The RSA encryption and utility routines.
+
+The RSA routines are built on top of a big number library (the BN library).
+There are support routines in the X509 library for loading and manipulating
+the various objects in the RSA library. When errors are returned, read
+about the ERR library for how to access the error codes.
+
+All RSA encryption is done according to the PKCS-1 standard which is
+compatible with PEM and RSAref. This means that any values being encrypted
+must be less than the size of the modulus in bytes, minus 10, bytes long.
+
+This library uses RAND_bytes()() for it's random data, make sure to feed
+RAND_seed() with lots of interesting and varied data before using these
+routines.
+
+The RSA library has one specific data type, the RSA structure.
+It is composed of 8 BIGNUM variables (see the BN library for details) and
+can hold either a private RSA key or a public RSA key.
+Some RSA libraries have different structures for public and private keys, I
+don't. For my libraries, a public key is determined by the fact that the
+RSA->d value is NULL. These routines will operate on any size RSA keys.
+While I'm sure 4096 bit keys are very very secure, they take a lot longer
+to process that 1024 bit keys :-).
+
+The function in the RSA library are as follows.
+
+RSA *RSA_new();
+ This function creates a new RSA object. The sub-fields of the RSA
+ type are also malloced so you should always use this routine to
+ create RSA variables.
+
+void RSA_free(
+RSA *rsa);
+ This function 'frees' an RSA structure. This routine should always
+ be used to free the RSA structure since it will also 'free' any
+ sub-fields of the RSA type that need freeing.
+
+int RSA_size(
+RSA *rsa);
+ This function returns the size of the RSA modulus in bytes. Why do
+ I need this you may ask, well the reason is that when you encrypt
+ with RSA, the output string will be the size of the RSA modulus.
+ So the output for the RSA_encrypt and the input for the RSA_decrypt
+ routines need to be RSA_size() bytes long, because this is how many
+ bytes are expected.
+
+For the following 4 RSA encryption routines, it should be noted that
+RSA_private_decrypt() should be used on the output from
+RSA_public_encrypt() and RSA_public_decrypt() should be used on
+the output from RSA_private_encrypt().
+
+int RSA_public_encrypt(
+int from_len;
+unsigned char *from
+unsigned char *to
+RSA *rsa);
+ This function implements RSA public encryption, the rsa variable
+ should be a public key (but can be a private key). 'from_len'
+ bytes taken from 'from' and encrypted and put into 'to'. 'to' needs
+ to be at least RSA_size(rsa) bytes long. The number of bytes
+ written into 'to' is returned. -1 is returned on an error. The
+ operation performed is
+ to = from^rsa->e mod rsa->n.
+
+int RSA_private_encrypt(
+int from_len;
+unsigned char *from
+unsigned char *to
+RSA *rsa);
+ This function implements RSA private encryption, the rsa variable
+ should be a private key. 'from_len' bytes taken from
+ 'from' and encrypted and put into 'to'. 'to' needs
+ to be at least RSA_size(rsa) bytes long. The number of bytes
+ written into 'to' is returned. -1 is returned on an error. The
+ operation performed is
+ to = from^rsa->d mod rsa->n.
+
+int RSA_public_decrypt(
+int from_len;
+unsigned char *from
+unsigned char *to
+RSA *rsa);
+ This function implements RSA public decryption, the rsa variable
+ should be a public key (but can be a private key). 'from_len'
+ bytes are taken from 'from' and decrypted. The decrypted data is
+ put into 'to'. The number of bytes encrypted is returned. -1 is
+ returned to indicate an error. The operation performed is
+ to = from^rsa->e mod rsa->n.
+
+int RSA_private_decrypt(
+int from_len;
+unsigned char *from
+unsigned char *to
+RSA *rsa);
+ This function implements RSA private decryption, the rsa variable
+ should be a private key. 'from_len' bytes are taken
+ from 'from' and decrypted. The decrypted data is
+ put into 'to'. The number of bytes encrypted is returned. -1 is
+ returned to indicate an error. The operation performed is
+ to = from^rsa->d mod rsa->n.
+
+int RSA_mod_exp(
+BIGNUM *n;
+BIGNUM *p;
+RSA *rsa);
+ Normally you will never use this routine.
+ This is really an internal function which is called by
+ RSA_private_encrypt() and RSA_private_decrypt(). It performs
+ n=n^p mod rsa->n except that it uses the 5 extra variables in the
+ RSA structure to make this more efficient.
+
+RSA *RSA_generate_key(
+int bits;
+unsigned long e;
+void (*callback)();
+ This routine is used to generate RSA private keys. It takes
+ quite a period of time to run and should only be used to
+ generate initial private keys that should then be stored
+ for later use. The passed callback function
+ will be called periodically so that feedback can be given
+ as to how this function is progressing.
+ 'bits' is the length desired for the modulus, so it would be 1024
+ to generate a 1024 bit private key.
+ 'e' is the value to use for the public exponent 'e'. Traditionally
+ it is set to either 3 or 0x10001.
+ The callback function (if not NULL) is called in the following
+ situations.
+ when we have generated a suspected prime number to test,
+ callback(0,num1++). When it passes a prime number test,
+ callback(1,num2++). When it is rejected as one of
+ the 2 primes required due to gcd(prime,e value) != 0,
+ callback(2,num3++). When finally accepted as one of the 2 primes,
+ callback(3,num4++).
diff --git a/doc/rsaref.doc b/doc/rsaref.doc
new file mode 100644
index 0000000..0505b76
--- /dev/null
+++ b/doc/rsaref.doc
@@ -0,0 +1,35 @@
+This package can be compiled to use the RSAref library.
+This library is not allowed outside of the USA but inside the USA it is
+claimed by RSA to be the only RSA public key library that can be used
+besides BSAFE..
+
+There are 2 files, rsaref/rsaref.c and rsaref/rsaref.h that contain the glue
+code to use RSAref. These files were written by looking at the PGP
+source code and seeing which routines it used to access RSAref.
+I have also been sent by some-one a copy of the RSAref header file that
+contains the library error codes.
+
+[ Jun 1996 update - I have recently gotten hold of RSAref 2.0 from
+ South Africa and have been doing some performace tests. ]
+
+They have now been tested against the recently announced RSAEURO
+library.
+
+There are 2 ways to use SSLeay and RSAref. First, to build so that
+the programs must be linked with RSAref, add '-DRSAref' to CFLAG in the top
+level makefile and -lrsaref (or where ever you are keeping RSAref) to
+EX_LIBS.
+
+To build a makefile via util/mk1mf.pl to do this, use the 'rsaref' option.
+
+The second method is to build as per normal and link applications with
+the RSAglue library. The correct library order would be
+cc -o cmd cmd.o -lssl -lRSAglue -lcrypto -lrsaref -ldes
+The RSAglue library is built in the rsa directory and is NOT
+automatically installed.
+
+Be warned that the RSAEURO library, that is claimed to be compatible
+with RSAref contains a different value for the maximum number of bits
+supported. This changes structure sizes and so if you are using
+RSAEURO, change the value of RSAref_MAX_BITS in rsa/rsaref.h
+
diff --git a/doc/s_mult.doc b/doc/s_mult.doc
new file mode 100644
index 0000000..726085b
--- /dev/null
+++ b/doc/s_mult.doc
@@ -0,0 +1,17 @@
+s_mult is a test program I hacked up on a Sunday for testing non-blocking
+IO. It has a select loop at it's centre that handles multiple readers
+and writers.
+
+Try the following command
+ssleay s_mult -echo -nbio -ssl -v
+echo - sends any sent text back to the sender
+nbio - turns on non-blocking IO
+ssl - accept SSL connections, default is normal text
+v - print lots
+ type Q<cr> to quit
+
+In another window, run the following
+ssleay s_client -pause </etc/termcap
+
+The pause option puts in a 1 second pause in each read(2)/write(2) call
+so the other end will have read()s fail.
diff --git a/doc/session.doc b/doc/session.doc
new file mode 100644
index 0000000..ffccb03
--- /dev/null
+++ b/doc/session.doc
@@ -0,0 +1,297 @@
+I have just checked over and re-worked the session stuff.
+The following brief example will ignore all setup information to do with
+authentication.
+
+Things operate as follows.
+
+The SSL environment has a 'context', a SSL_CTX structure. This holds the
+cached SSL_SESSIONS (which can be reused) and the certificate lookup
+information. Each SSL structure needs to be associated with a SSL_CTX.
+Normally only one SSL_CTX structure is needed per program.
+
+SSL_CTX *SSL_CTX_new(void );
+void SSL_CTX_free(SSL_CTX *);
+These 2 functions create and destroy SSL_CTX structures
+
+The SSL_CTX has a session_cache_mode which is by default,
+in SSL_SESS_CACHE_SERVER mode. What this means is that the library
+will automatically add new session-id's to the cache apon sucsessful
+SSL_accept() calls.
+If SSL_SESS_CACHE_CLIENT is set, then client certificates are also added
+to the cache.
+SSL_set_session_cache_mode(ctx,mode) will set the 'mode' and
+SSL_get_session_cache_mode(ctx) will get the cache 'mode'.
+The modes can be
+SSL_SESS_CACHE_OFF - no caching
+SSL_SESS_CACHE_CLIENT - only SSL_connect()
+SSL_SESS_CACHE_SERVER - only SSL_accept()
+SSL_SESS_NO_CACHE_BOTH - Either SSL_accept() or SSL_connect().
+If SSL_SESS_CACHE_NO_AUTO_CLEAR is set, old timed out sessions are
+not automatically removed each 255, SSL_connect()s or SSL_accept()s.
+
+By default, apon every 255 successful SSL_connect() or SSL_accept()s,
+the cache is flush. Please note that this could be expensive on
+a heavily loaded SSL server, in which case, turn this off and
+clear the cache of old entries 'manually' (with one of the functions
+listed below) every few hours. Perhaps I should up this number, it is hard
+to say. Remember, the '255' new calls is just a mechanims to get called
+every now and then, in theory at most 255 new session-id's will have been
+added but if 100 are added every minute, you would still have
+500 in the cache before any would start being flushed (assuming a 3 minute
+timeout)..
+
+int SSL_CTX_sess_hits(SSL_CTX *ctx);
+int SSL_CTX_sess_misses(SSL_CTX *ctx);
+int SSL_CTX_sess_timeouts(SSL_CTX *ctx);
+These 3 functions return statistics about the SSL_CTX. These 3 are the
+number of session id reuses. hits is the number of reuses, misses are the
+number of lookups that failed, and timeouts is the number of cached
+entries ignored because they had timeouted.
+
+ctx->new_session_cb is a function pointer to a function of type
+int new_session_callback(SSL *ssl,SSL_SESSION *new);
+This function, if set in the SSL_CTX structure is called whenever a new
+SSL_SESSION is added to the cache. If the callback returns non-zero, it
+means that the application will have to do a SSL_SESSION_free()
+on the structure (this is
+to do with the cache keeping the reference counts correct, without the
+application needing to know about it.
+The 'active' parameter is the current SSL session for which this connection
+was created.
+
+void SSL_CTX_sess_set_new_cb(SSL_CTX *ctx,int (*cb)());
+to set the callback,
+int (*cb)() SSL_CTX_sess_get_new_cb(SSL_CTX *ctx)
+to get the callback.
+
+If the 'get session' callback is set, when a session id is looked up and
+it is not in the session-id cache, this callback is called. The callback is
+of the form
+SSL_SESSION *get_session_callback(unsigned char *sess_id,int sess_id_len,
+ int *copy);
+
+The get_session_callback is intended to return null if no session id is found.
+The reference count on the SSL_SESSION in incremented by the SSL library,
+if copy is 1. Otherwise, the reference count is not modified.
+
+void SSL_CTX_sess_set_get_cb(ctx,cb) sets the callback and
+int (*cb)()SSL_CTX_sess_get_get_cb(ctx) returns the callback.
+
+These callbacks are basically indended to be used by processes to
+send their session-id's to other processes. I currently have not implemented
+non-blocking semantics for these callbacks, it is upto the appication
+to make the callbacks effiecent if they require blocking (perhaps
+by 'saving' them and then 'posting them' when control returns from
+the SSL_accept().
+
+LHASH *SSL_CTX_sessions(SSL_CTX *ctx)
+This returns the session cache. The lhash strucutre can be accessed for
+statistics about the cache.
+
+void lh_stats(LHASH *lh, FILE *out);
+void lh_node_stats(LHASH *lh, FILE *out);
+void lh_node_usage_stats(LHASH *lh, FILE *out);
+
+can be used to print details about it's activity and current state.
+You can also delve directly into the lhash structure for 14 different
+counters that are kept against the structure. When I wrote the lhash library,
+I was interested in gathering statistics :-).
+Have a read of doc/lhash.doc in the SSLeay distribution area for more details
+on the lhash library.
+
+Now as mentioned ealier, when a SSL is created, it needs a SSL_CTX.
+SSL * SSL_new(SSL_CTX *);
+
+This stores a session. A session is secret information shared between 2
+SSL contexts. It will only be created if both ends of the connection have
+authenticated their peer to their satisfaction. It basically contains
+the information required to use a particular secret key cipher.
+
+To retrieve the SSL_CTX being used by a SSL,
+SSL_CTX *SSL_get_SSL_CTX(SSL *s);
+
+Now when a SSL session is established between to programs, the 'session'
+information that is cached in the SSL_CTX can me manipulated by the
+following functions.
+int SSL_set_session(SSL *s, SSL_SESSION *session);
+This will set the SSL_SESSION to use for the next SSL_connect(). If you use
+this function on an already 'open' established SSL connection, 'bad things
+will happen'. This function is meaning-less when used on a ssl strucutre
+that is just about to be used in a SSL_accept() call since the
+SSL_accept() will either create a new session or retrieve one from the
+cache.
+
+SSL_SESSION *SSL_get_session(SSL *s);
+This will return the SSL_SESSION for the current SSL, NULL if there is
+no session associated with the SSL structure.
+
+The SSL sessions are kept in the SSL_CTX in a hash table, to remove a
+session
+void SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
+and to add one
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+SSL_CTX_add_session() returns 1 if the session was already in the cache (so it
+was not added).
+Whenever a new session is created via SSL_connect()/SSL_accept(),
+they are automatically added to the cache, depending on the session_cache_mode
+settings. SSL_set_session()
+does not add it to the cache. Just call SSL_CTX_add_session() if you do want the
+session added. For a 'client' this would not normally be the case.
+SSL_CTX_add_session() is not normally ever used, except for doing 'evil' things
+which the next 2 funtions help you do.
+
+int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
+These 2 functions are in the standard ASN1 library form and can be used to
+load and save to a byte format, the SSL_SESSION structure.
+With these functions, you can save and read these structures to a files or
+arbitary byte string.
+The PEM_write_SSL_SESSION(fp,x) and PEM_read_SSL_SESSION(fp,x,cb) will
+write to a file pointer in base64 encoding.
+
+What you can do with this, is pass session information between separate
+processes. Please note, that you will probably also need to modify the
+timeout information on the SSL_SESSIONs.
+
+long SSL_get_time(SSL_SESSION *s)
+will return the 'time' that the session
+was loaded. The timeout is relative to this time. This information is
+saved when the SSL_SESSION is converted to binarary but it is stored
+in as a unix long, which is rather OS dependant, but easy to convert back.
+
+long SSL_set_time(SSL_SESSION *s,long t) will set the above mentioned time.
+The time value is just the value returned from time(3), and should really
+be defined by be to be time_t.
+
+long SSL_get_timeout(SSL_SESSION *s);
+long SSL_set_timeout(SSL_SESSION *s,long t);
+These 2 retrieve and set the timeout which is just a number of secconds
+from the 'SSL_get_time()' value. When this time period has elapesed,
+the session will no longer be in the cache (well it will actually be removed
+the next time it is attempted to be retrieved, so you could 'bump'
+the timeout so it remains valid).
+The 'time' and 'timeout' are set on a session when it is created, not reset
+each time it is reused. If you did wish to 'bump it', just after establishing
+a connection, do a
+SSL_set_time(ssl,time(NULL));
+
+You can also use
+SSL_CTX_set_timeout(SSL_CTX *ctx,unsigned long t) and
+SSL_CTX_get_timeout(SSL_CTX *ctx) to manipulate the default timeouts for
+all SSL connections created against a SSL_CTX. If you set a timeout in
+an SSL_CTX, all new SSL's created will inherit the timeout. It can be over
+written by the SSL_set_timeout(SSL *s,unsigned long t) function call.
+If you 'set' the timeout back to 0, the system default will be used.
+
+SSL_SESSION *SSL_SESSION_new();
+void SSL_SESSION_free(SSL_SESSION *ses);
+These 2 functions are used to create and dispose of SSL_SESSION functions.
+You should not ever normally need to use them unless you are using
+i2d_SSL_SESSION() and/or d2i_SSL_SESSION(). If you 'load' a SSL_SESSION
+via d2i_SSL_SESSION(), you will need to SSL_SESSION_free() it.
+Both SSL_set_session() and SSL_CTX_add_session() will 'take copies' of the
+structure (via reference counts) when it is passed to them.
+
+SSL_CTX_flush_sessions(ctx,time);
+The first function will clear all sessions from the cache, which have expired
+relative to 'time' (which could just be time(NULL)).
+
+SSL_CTX_flush_sessions(ctx,0);
+This is a special case that clears everything.
+
+As a final comment, a 'session' is not enough to establish a new
+connection. If a session has timed out, a certificate and private key
+need to have been associated with the SSL structure.
+SSL_copy_session_id(SSL *to,SSL *from); will copy not only the session
+strucutre but also the private key and certificate associated with
+'from'.
+
+EXAMPLES.
+
+So lets play at being a wierd SSL server.
+
+/* setup a context */
+ctx=SSL_CTX_new();
+
+/* Lets load some session from binary into the cache, why one would do
+ * this is not toally clear, but passing between programs does make sense
+ * Perhaps you are using 4096 bit keys and are happy to keep them
+ * valid for a week, to avoid the RSA overhead of 15 seconds, I'm not toally
+ * sure, perhaps this is a process called from an SSL inetd and this is being
+ * passed to the application. */
+session=d2i_SSL_SESSION(....)
+SSL_CTX_add_session(ctx,session);
+
+/* Lets even add a session from a file */
+session=PEM_read_SSL_SESSION(....)
+SSL_CTX_add_session(ctx,session);
+
+/* create a new SSL structure */
+ssl=SSL_new(ctx);
+
+/* At this point we want to be able to 'create' new session if
+ * required, so we need a certificate and RSAkey. */
+SSL_use_RSAPrivateKey_file(ssl,...)
+SSL_use_certificate_file(ssl,...)
+
+/* Now since we are a server, it make little sence to load a session against
+ * the ssl strucutre since a SSL_accept() will either create a new session or
+ * grab an existing one from the cache. */
+
+/* grab a socket descriptor */
+fd=accept(...);
+
+/* associated it with the ssl strucutre */
+SSL_set_fd(ssl,fd);
+
+SSL_accept(ssl); /* 'do' SSL using out cert and RSA key */
+
+/* Lets print out the session details or lets save it to a file,
+ * perhaps with a secret key cipher, so that we can pass it to the FBI
+ * when they want to decode the session :-). While we have RSA
+ * this does not matter much but when I do SSLv3, this will allow a mechanism
+ * for the server/client to record the information needed to decode
+ * the traffic that went over the wire, even when using Diffie-Hellman */
+PEM_write_SSL_SESSION(SSL_get_session(ssl),stdout,....)
+
+Lets 'connect' back to the caller using the same session id.
+
+ssl2=SSL_new(ctx);
+fd2=connect(them);
+SSL_set_fd(ssl2,fd2);
+SSL_set_session(ssl2,SSL_get_session(ssl));
+SSL_connect(ssl2);
+
+/* what the hell, lets accept no more connections using this session */
+SSL_CTX_remove_session(SSL_get_SSL_CTX(ssl),SSL_get_session(ssl));
+
+/* we could have just as easily used ssl2 since they both are using the
+ * same session.
+ * You will note that both ssl and ssl2 are still using the session, and
+ * the SSL_SESSION structure will be free()ed when both ssl and ssl2
+ * finish using the session. Also note that you could continue to initiate
+ * connections using this session by doing SSL_get_session(ssl) to get the
+ * existing session, but SSL_accept() will not be able to find it to
+ * use for incoming connections.
+ * Of corse, the session will timeout at the far end and it will no
+ * longer be accepted after a while. The time and timeout are ignored except
+ * by SSL_accept(). */
+
+/* Since we have had our server running for 10 weeks, and memory is getting
+ * short, perhaps we should clear the session cache to remove those
+ * 100000 session entries that have expired. Some may consider this
+ * a memory leak :-) */
+
+SSL_CTX_flush_sessions(ctx,time(NULL));
+
+/* Ok, after a bit more time we wish to flush all sessions from the cache
+ * so that all new connections will be authenticated and incure the
+ * public key operation overhead */
+
+SSL_CTX_flush_sessions(ctx,0);
+
+/* As a final note, to copy everything to do with a SSL, use */
+SSL_copy_session_id(SSL *to,SSL *from);
+/* as this also copies the certificate and RSA key so new session can
+ * be established using the same details */
+
diff --git a/doc/sha.doc b/doc/sha.doc
new file mode 100644
index 0000000..895fa18
--- /dev/null
+++ b/doc/sha.doc
@@ -0,0 +1,52 @@
+The SHA (Secure Hash Algorithm) library.
+SHA is a message digest algorithm that can be used to condense an arbitrary
+length message down to a 20 byte hash. The functions all need to be passed
+a SHA_CTX which is used to hold the SHA context during multiple SHA_Update()
+function calls. The normal method of use for this library is as follows
+This library contains both SHA and SHA-1 digest algorithms. SHA-1 is
+an update to SHA (which should really be called SHA-0 now) which
+tweaks the algorithm slightly. The SHA-1 algorithm is used by simply
+using SHA1_Init(), SHA1_Update(), SHA1_Final() and SHA1() instead of the
+SHA*() calls
+
+SHA_Init(...);
+SHA_Update(...);
+...
+SHA_Update(...);
+SHA_Final(...);
+
+This library requires the inclusion of 'sha.h'.
+
+The functions are as follows:
+
+void SHA_Init(
+SHA_CTX *c);
+ This function needs to be called to initiate a SHA_CTX structure for
+ use.
+
+void SHA_Update(
+SHA_CTX *c;
+unsigned char *data;
+unsigned long len);
+ This updates the message digest context being generated with 'len'
+ bytes from the 'data' pointer. The number of bytes can be any
+ length.
+
+void SHA_Final(
+unsigned char *md;
+SHA_CTX *c;
+ This function is called when a message digest of the data digested
+ with SHA_Update() is wanted. The message digest is put in the 'md'
+ array and is SHA_DIGEST_LENGTH (20) bytes long.
+
+unsigned char *SHA(
+unsigned char *d;
+unsigned long n;
+unsigned char *md;
+ This function performs a SHA_Init(), followed by a SHA_Update()
+ followed by a SHA_Final() (using a local SHA_CTX).
+ The resulting digest is put into 'md' if it is not NULL.
+ Regardless of the value of 'md', the message
+ digest is returned from the function. If 'md' was NULL, the message
+ digest returned is being stored in a static structure.
+
diff --git a/doc/speed.doc b/doc/speed.doc
new file mode 100644
index 0000000..11dfa85
--- /dev/null
+++ b/doc/speed.doc
@@ -0,0 +1,96 @@
+To get an idea of the performance of this library, use
+ssleay speed
+
+perl util/sp-diff.pl file1 file2
+
+will print out the relative differences between the 2 files which are
+expected to be the output from the speed program.
+
+The performace of the library is very dependant on the Compiler
+quality and various flags used to build.
+
+---
+
+These are some numbers I did comparing RSAref and SSLeay on a Pentium 100.
+[ These numbers are all out of date, as of SSL - 0.6.1 the RSA
+operations are about 2 times faster, so check the version number ]
+
+RSA performance.
+
+SSLeay 0.6.0
+Pentium 100, 32meg, Windows NT Workstation 3.51
+linux - gcc v 2.7.0 -O3 -fomit-frame-pointer -m486
+and
+Windows NT - Windows NT 3.51 - Visual C++ 4.1 - 586 code + 32bit assember
+Windows 3.1 - Windows NT 3.51 - Visual C++ 1.52c - 286 code + 32bit assember
+NT Dos Shell- Windows NT 3.51 - Visual C++ 1.52c - 286 code + 16bit assember
+
+Times are how long it takes to do an RSA private key operation.
+
+ 512bits 1024bits
+-------------------------------
+SSLeay NT dll 0.042s 0.202s see above
+SSLeay linux 0.046s 0.218s Assember inner loops (normal build)
+SSLeay linux 0.067s 0.380s Pure C code with BN_LLONG defined
+SSLeay W3.1 dll 0.108s 0.478s see above
+SSLeay linux 0.109s 0.713s C without BN_LLONG.
+RSAref2.0 linux 0.149s 0.936s
+SSLeay MS-DOS 0.197s 1.049s see above
+
+486DX66, 32meg, Windows NT Server 3.51
+ 512bits 1024bits
+-------------------------------
+SSLeay NT dll 0.084s 0.495s <- SSLeay 0.6.3
+SSLeay NT dll 0.154s 0.882s
+SSLeay W3.1 dll 0.335s 1.538s
+SSLeay MS-DOS 0.490s 2.790s
+
+What I find cute is that I'm still faster than RSAref when using standard C,
+without using the 'long long' data type :-), %35 faster for 512bit and we
+scale up to 3.2 times faster for the 'default linux' build. I should mention
+that people should 'try' to use either x86-lnx.s (elf), x86-lnxa.s or
+x86-sol.s for any x86 based unix they are building on. The only problems
+with be with syntax but the performance gain is quite large, especially for
+servers. The code is very simple, you just need to modify the 'header'.
+
+The message is, if you are stuck using RSAref, the RSA performance will be
+bad. Considering the code was compiled for a pentium, the 486DX66 number
+would indicate 'Use RSAref and turn you Pentium 100 into a 486DX66' :-).
+[ As of verson 0.6.1, it would be correct to say 'turn you pentium 100
+ into a 486DX33' :-) ]
+
+I won't tell people if the DLL's are using RSAref or my stuff if no-one
+asks :-).
+
+eric
+
+PS while I know I could speed things up further, I will probably not do
+ so due to the effort involved. I did do some timings on the
+ SSLeay bignum format -> RSAref number format conversion that occurs
+ each time RSAref is used by SSLeay, and the numbers are trivial.
+ 0.00012s a call for 512bit vs 0.149s for the time spent in the function.
+ 0.00018s for 1024bit vs 0.938s. Insignificant.
+ So the 'way to go', to support faster RSA libraries, if people are keen,
+ is to write 'glue' code in a similar way that I do for RSAref and send it
+ to me :-).
+ My base library still has the advantage of being able to operate on
+ any size numbers, and is not that far from the performance from the
+ leaders in the field. (-%30?)
+ [ Well as of 0.6.1 I am now the leader in the filed on x86 (we at
+ least very close :-) ]
+
+ I suppose I should also mention some other numbers RSAref numbers, again
+ on my Pentium.
+ DES CBC EDE-DES MD5
+ RSAref linux 830k/s 302k/s 4390k/s
+ SSLeay linux 855k/s 319k/s 10025k/s
+ SSLeay NT 1158k/s 410k/s 10470k/s
+ SSLeay w31 378k/s 143k/s 2383k/s (fully 16bit)
+
+ Got to admit that Visual C++ 4.[01] is a damn fine compiler :-)
+--
+Eric Young | BOOL is tri-state according to Bill Gates.
+AARNet: eay@cryptsoft.com | RTFM Win32 GetMessage().
+
+
+
diff --git a/doc/ssl-ciph.doc b/doc/ssl-ciph.doc
new file mode 100644
index 0000000..33a7e41
--- /dev/null
+++ b/doc/ssl-ciph.doc
@@ -0,0 +1,84 @@
+This is a quick high level summery of how things work now.
+
+Each SSLv2 and SSLv3 cipher is composed of 4 major attributes plus a few extra
+minor ones.
+
+They are 'The key exchange algorithm', which is RSA for SSLv2 but can also
+be Diffle-Hellman for SSLv3.
+
+An 'Authenticion algorithm', which can be RSA, Diffle-Helman, DSS or
+none.
+
+The cipher
+
+The MAC digest.
+
+A cipher can also be an export cipher and is either an SSLv2 or a
+SSLv3 ciphers.
+
+To specify which ciphers to use, one can either specify all the ciphers,
+one at a time, or use 'aliases' to specify the preference and order for
+the ciphers.
+
+There are a large number of aliases, but the most importaint are
+kRSA, kDHr, kDHd and kEDH for key exchange types.
+
+aRSA, aDSS, aNULL and aDH for authentication
+DES, 3DES, RC4, RC2, IDEA and eNULL for ciphers
+MD5, SHA0 and SHA1 digests
+
+Now where this becomes interesting is that these can be put together to
+specify the order and ciphers you wish to use.
+
+To speed this up there are also aliases for certian groups of ciphers.
+The main ones are
+SSLv2 - all SSLv2 ciphers
+SSLv3 - all SSLv3 ciphers
+EXP - all export ciphers
+LOW - all low strngth ciphers (no export ciphers, normally single DES)
+MEDIUM - 128 bit encryption
+HIGH - Triple DES
+
+These aliases can be joined in a : separated list which specifies to
+add ciphers, move them to the current location and delete them.
+
+A simpler way to look at all of this is to use the 'ssleay ciphers -v' command.
+The default library cipher spec is
+!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP
+which means, first, remove from consideration any ciphers that do not
+authenticate. Next up, use ciphers using RC4 and RSA. Next include the HIGH,
+MEDIUM and the LOW security ciphers. Finish up by adding all the export
+ciphers on the end, then 'pull' all the SSLv2 and export ciphers to
+the end of the list.
+
+The results are
+$ ssleay ciphers -v '!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP'
+
+RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
+RC4-MD5 SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
+EDH-RSA-DES-CBC3-SHA SSLv3 Kx=DH Au=RSA Enc=3DES(168) Mac=SHA1
+EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1
+DES-CBC3-SHA SSLv3 Kx=RSA Au=RSA Enc=3DES(168) Mac=SHA1
+IDEA-CBC-MD5 SSLv3 Kx=RSA Au=RSA Enc=IDEA(128) Mac=SHA1
+EDH-RSA-DES-CBC-SHA SSLv3 Kx=DH Au=RSA Enc=DES(56) Mac=SHA1
+EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Au=DSS Enc=DES(56) Mac=SHA1
+DES-CBC-SHA SSLv3 Kx=RSA Au=RSA Enc=DES(56) Mac=SHA1
+DES-CBC3-MD5 SSLv2 Kx=RSA Au=RSA Enc=3DES(168) Mac=MD5
+DES-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=DES(56) Mac=MD5
+IDEA-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=IDEA(128) Mac=MD5
+RC2-CBC-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC2(128) Mac=MD5
+RC4-MD5 SSLv2 Kx=RSA Au=RSA Enc=RC4(128) Mac=MD5
+EXP-EDH-RSA-DES-CBC SSLv3 Kx=DH(512) Au=RSA Enc=DES(40) Mac=SHA1 export
+EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export
+EXP-DES-CBC-SHA SSLv3 Kx=RSA(512) Au=RSA Enc=DES(40) Mac=SHA1 export
+EXP-RC2-CBC-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
+EXP-RC4-MD5 SSLv3 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
+EXP-RC2-CBC-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC2(40) Mac=MD5 export
+EXP-RC4-MD5 SSLv2 Kx=RSA(512) Au=RSA Enc=RC4(40) Mac=MD5 export
+
+I would recoment people use the 'ssleay ciphers -v "text"'
+command to check what they are going to use.
+
+Anyway, I'm falling asleep here so I'll do some more tomorrow.
+
+eric
diff --git a/doc/ssl.doc b/doc/ssl.doc
new file mode 100644
index 0000000..1f89cd5
--- /dev/null
+++ b/doc/ssl.doc
@@ -0,0 +1,172 @@
+SSL_CTX_sessions(SSL_CTX *ctx) - the session-id hash table.
+
+/* Session-id cache stats */
+SSL_CTX_sess_number
+SSL_CTX_sess_connect
+SSL_CTX_sess_connect_good
+SSL_CTX_sess_accept
+SSL_CTX_sess_accept_good
+SSL_CTX_sess_hits
+SSL_CTX_sess_cb_hits
+SSL_CTX_sess_misses
+SSL_CTX_sess_timeouts
+
+/* Session-id application notification callbacks */
+SSL_CTX_sess_set_new_cb
+SSL_CTX_sess_get_new_cb
+SSL_CTX_sess_set_get_cb
+SSL_CTX_sess_get_get_cb
+
+/* Session-id cache operation mode */
+SSL_CTX_set_session_cache_mode
+SSL_CTX_get_session_cache_mode
+
+/* Set default timeout values to use. */
+SSL_CTX_set_timeout
+SSL_CTX_get_timeout
+
+/* Global SSL initalisation informational callback */
+SSL_CTX_set_info_callback
+SSL_CTX_get_info_callback
+SSL_set_info_callback
+SSL_get_info_callback
+
+/* If the SSL_accept/SSL_connect returned with -1, these indicate when
+ * we should re-call *.
+SSL_want
+SSL_want_nothing
+SSL_want_read
+SSL_want_write
+SSL_want_x509_lookup
+
+/* Where we are in SSL initalisation, used in non-blocking, perhaps
+ * have a look at ssl/bio_ssl.c */
+SSL_state
+SSL_is_init_finished
+SSL_in_init
+SSL_in_connect_init
+SSL_in_accept_init
+
+/* Used to set the 'inital' state so SSL_in_connect_init and SSL_in_accept_init
+ * can be used to work out which function to call. */
+SSL_set_connect_state
+SSL_set_accept_state
+
+/* Where to look for certificates for authentication */
+SSL_set_default_verify_paths /* calles SSL_load_verify_locations */
+SSL_load_verify_locations
+
+/* get info from an established connection */
+SSL_get_session
+SSL_get_certificate
+SSL_get_SSL_CTX
+
+SSL_CTX_new
+SSL_CTX_free
+SSL_new
+SSL_clear
+SSL_free
+
+SSL_CTX_set_cipher_list
+SSL_get_cipher
+SSL_set_cipher_list
+SSL_get_cipher_list
+SSL_get_shared_ciphers
+
+SSL_accept
+SSL_connect
+SSL_read
+SSL_write
+
+SSL_debug
+
+SSL_get_read_ahead
+SSL_set_read_ahead
+SSL_set_verify
+
+SSL_pending
+
+SSL_set_fd
+SSL_set_rfd
+SSL_set_wfd
+SSL_set_bio
+SSL_get_fd
+SSL_get_rbio
+SSL_get_wbio
+
+SSL_use_RSAPrivateKey
+SSL_use_RSAPrivateKey_ASN1
+SSL_use_RSAPrivateKey_file
+SSL_use_PrivateKey
+SSL_use_PrivateKey_ASN1
+SSL_use_PrivateKey_file
+SSL_use_certificate
+SSL_use_certificate_ASN1
+SSL_use_certificate_file
+
+ERR_load_SSL_strings
+SSL_load_error_strings
+
+/* human readable version of the 'state' of the SSL connection. */
+SSL_state_string
+SSL_state_string_long
+/* These 2 report what kind of IO operation the library was trying to
+ * perform last. Probably not very usefull. */
+SSL_rstate_string
+SSL_rstate_string_long
+
+SSL_get_peer_certificate
+
+SSL_SESSION_new
+SSL_SESSION_print_fp
+SSL_SESSION_print
+SSL_SESSION_free
+i2d_SSL_SESSION
+d2i_SSL_SESSION
+
+SSL_get_time
+SSL_set_time
+SSL_get_timeout
+SSL_set_timeout
+SSL_copy_session_id
+SSL_set_session
+SSL_CTX_add_session
+SSL_CTX_remove_session
+SSL_CTX_flush_sessions
+
+BIO_f_ssl
+
+/* used to hold information as to why a certificate verification failed */
+SSL_set_verify_result
+SSL_get_verify_result
+
+/* can be used by the application to associate data with an SSL structure.
+ * It needs to be 'free()ed' by the application */
+SSL_set_app_data
+SSL_get_app_data
+
+/* The following all set values that are kept in the SSL_CTX but
+ * are used as the default values when an SSL session is created.
+ * They are over writen by the relevent SSL_xxxx functions */
+
+/* SSL_set_verify */
+void SSL_CTX_set_default_verify
+
+/* This callback, if set, totaly overrides the normal SSLeay verification
+ * functions and should return 1 on sucesss and 0 on failure */
+void SSL_CTX_set_cert_verify_callback
+
+/* The following are the same as the equivilent SSL_xxx functions.
+ * Only one copy of this information is kept and if a particular
+ * SSL structure has a local override, it is totally separate structure.
+ */
+int SSL_CTX_use_RSAPrivateKey
+int SSL_CTX_use_RSAPrivateKey_ASN1
+int SSL_CTX_use_RSAPrivateKey_file
+int SSL_CTX_use_PrivateKey
+int SSL_CTX_use_PrivateKey_ASN1
+int SSL_CTX_use_PrivateKey_file
+int SSL_CTX_use_certificate
+int SSL_CTX_use_certificate_ASN1
+int SSL_CTX_use_certificate_file
+
diff --git a/doc/ssl_ctx.doc b/doc/ssl_ctx.doc
new file mode 100644
index 0000000..508394e
--- /dev/null
+++ b/doc/ssl_ctx.doc
@@ -0,0 +1,68 @@
+This is now a bit dated, quite a few of the SSL_ functions could be
+SSL_CTX_ functions. I will update this in the future. 30 Aug 1996
+
+From eay@orb.mincom.oz.au Mon Dec 11 21:37:08 1995
+Received: by orb.mincom.oz.au id AA00696
+ (5.65c/IDA-1.4.4 for eay); Mon, 11 Dec 1995 11:37:08 +1000
+Date: Mon, 11 Dec 1995 11:37:08 +1000 (EST)
+From: Eric Young <eay@mincom.oz.au>
+X-Sender: eay@orb
+To: sameer <sameer@c2.org>
+Cc: Eric Young <eay@mincom.oz.au>
+Subject: Re: PEM_readX509 oesn't seem to be working
+In-Reply-To: <199512110102.RAA12521@infinity.c2.org>
+Message-Id: <Pine.SOL.3.91.951211112115.28608D-100000@orb>
+Mime-Version: 1.0
+Content-Type: TEXT/PLAIN; charset=US-ASCII
+Status: RO
+X-Status:
+
+On Sun, 10 Dec 1995, sameer wrote:
+> OK, that's solved. I've found out that it is saying "no
+> certificate set" in SSL_accept because s->conn == NULL
+> so there is some place I need to initialize s->conn that I am
+> not initializing it.
+
+The full order of things for a server should be.
+
+ctx=SSL_CTX_new();
+
+/* The next line should not really be using ctx->cert but I'll leave it
+ * this way right now... I don't want a X509_ routine to know about an SSL
+ * structure, there should be an SSL_load_verify_locations... hmm, I may
+ * add it tonight.
+ */
+X509_load_verify_locations(ctx->cert,CAfile,CApath);
+
+/* Ok now for each new connection we do the following */
+con=SSL_new(ctx);
+SSL_set_fd(con,s);
+SSL_set_verify(con,verify,verify_callback);
+
+/* set the certificate and private key to use. */
+SSL_use_certificate_ASN1(con,X509_certificate);
+SSL_use_RSAPrivateKey_ASN1(con,RSA_private_key);
+
+SSL_accept(con);
+
+SSL_read(con)/SSL_write(con);
+
+There is a bit more than that but that is basically the structure.
+
+Create a context and specify where to lookup certificates.
+
+foreach connection
+ {
+ create a SSL structure
+ set the certificate and private key
+ do a SSL_accept
+
+ we should now be ok
+ }
+
+eric
+--
+Eric Young | Signature removed since it was generating
+AARNet: eay@mincom.oz.au | more followups than the message contents :-)
+
+
diff --git a/doc/ssleay.doc b/doc/ssleay.doc
new file mode 100644
index 0000000..a0e86ae
--- /dev/null
+++ b/doc/ssleay.doc
@@ -0,0 +1,213 @@
+SSLeay: a cryptographic kitchen sink.
+
+1st December 1995
+Way back at the start of April 1995, I was looking for a mindless
+programming project. A friend of mine (Tim Hudson) said "why don't you do SSL,
+it has DES encryption in it and I would not mind using it in a SSL telnet".
+While it was true I had written a DES library in previous years, litle
+did I know what an expansive task SSL would turn into.
+
+First of all, the SSL protocol contains DES encryption. Well and good. My
+DES library was fast and portable. It also contained the RSA's RC4 stream
+cipher. Again, not a problem, some-one had just posted to sci.crypt
+something that was claimed to be RC4. It also contained IDEA, I had the
+specifications, not a problem to implement. MD5, an RFC, trivial, at most
+I could spend a week or so trying to see if I could speed up the
+implementation. All in all a nice set of ciphers.
+Then the first 'expantion of the scope', RSA public key
+encryption. Since I did not knowing a thing about public key encryption
+or number theory, this appeared quite a daunting task. Just writing a
+big number library would be problomatic in itself, let alone making it fast.
+At this point the scope of 'implementing SSL' expands eponentialy.
+First of all, the RSA private keys were being kept in ASN.1 format.
+Thankfully the RSA PKCS series of documents explains this format. So I now
+needed to be able to encode and decode arbitary ASN.1 objects. The Public
+keys were embeded in X509 certificates. Hmm... these are not only
+ASN.1 objects but they make up a heirachy of authentication. To
+authenticate a X509 certificate one needs to retrieve it's issuers
+certificate etc etc. Hmm..., so I also need to implement some kind
+of certificate management software. I would also have to implement
+software to authenticate certificates. At this point the support code made
+the SSL part of my library look quite small.
+Around this time, the first version of SSLeay was released.
+
+Ah, but here was the problem, I was not happy with the code so far. As may
+have become obvious, I had been treating all of this as a learning
+exersize, so I have completely written the library myself. As such, due
+to the way it had grown like a fungus, much of the library was not
+'elagent' or neat. There were global and static variables all over the
+place, the SSL part did not even handle non-blocking IO.
+The Great rewrite began.
+
+As of this point in time, the 'Great rewrite' has almost finished. So what
+follows is an approximate list of what is actually SSLeay 0.5.0
+
+/********* This needs to be updated for 0.6.0+ *************/
+
+---
+The library contains the following routines. Please note that most of these
+functions are not specfic for SSL or any other particular cipher
+implementation. I have tried to make all the routines as general purpose
+as possible. So you should not think of this library as an SSL
+implemtation, but rather as a library of cryptographic functions
+that also contains SSL. I refer to each of these function groupings as
+libraries since they are often capable of functioning as independant
+libraries
+
+First up, the general ciphers and message digests supported by the library.
+
+MD2 rfc???, a standard 'by parts' interface to this algorithm.
+MD5 rfc???, the same type of interface as for the MD2 library except a
+ different algorithm.
+SHA THe Secure Hash Algorithm. Again the same type of interface as
+ MD2/MD5 except the digest is 20 bytes.
+SHA1 The 'revised' version of SHA. Just about identical to SHA except
+ for one tweak of an inner loop.
+DES This is my libdes library that has been floating around for the last
+ few years. It has been enhanced for no other reason than completeness.
+ It now supports ecb, cbc, cfb, ofb, cfb64, ofb64 in normal mode and
+ triple DES modes of ecb, cbc, cfb64 and ofb64. cfb64 and ofb64 are
+ functional interfaces to the 64 bit modes of cfb and ofb used in
+ such a way thay they function as single character interfaces.
+RC4 The RSA Inc. stream cipher.
+RC2 The RSA Inc. block cipher.
+IDEA An implmentation of the IDEA cipher, the library supports ecb, cbc,
+ cfb64 and ofb64 modes of operation.
+
+Now all the above mentioned ciphers and digests libraries support high
+speed, minimal 'crap in the way' type interfaces. For fastest and
+lowest level access, these routines should be used directly.
+
+Now there was also the matter of public key crypto systems. These are
+based on large integer arithmatic.
+
+BN This is my large integer library. It supports all the normal
+ arithmentic operations. It uses malloc extensivly and as such has
+ no limits of the size of the numbers being manipulated. If you
+ wish to use 4000 bit RSA moduli, these routines will handle it.
+ This library also contains routines to 'generate' prime numbers and
+ to test for primality. The RSA and DH libraries sit on top of this
+ library. As of this point in time, I don't support SHA, but
+ when I do add it, it will just sit on top of the routines contained
+ in this library.
+RSA This implements the RSA public key algorithm. It also contains
+ routines that will generate a new private/public key pair.
+ All the RSA functions conform to the PKCS#1 standard.
+DH This is an implementation of the
+ Diffie-Hellman protocol. There are all the require routines for
+ the protocol, plus extra routines that can be used to generate a
+ strong prime for use with a specified generator. While this last
+ routine is not generally required by applications implementing DH,
+ It is present for completeness and because I thing it is much
+ better to be able to 'generate' your own 'magic' numbers as oposed
+ to using numbers suplied by others. I conform to the PKCS#3
+ standard where required.
+
+You may have noticed the preceeding section mentions the 'generation' of
+prime numbers. Now this requries the use of 'random numbers'.
+
+RAND This psuedo-random number library is based on MD5 at it's core
+ and a large internal state (2k bytes). Once you have entered enough
+ seed data into this random number algorithm I don't feel
+ you will ever need to worry about it generating predictable output.
+ Due to the way I am writing a portable library, I have left the
+ issue of how to get good initial random seed data upto the
+ application but I do have support routines for saving and loading a
+ persistant random number state for use between program runs.
+
+Now to make all these ciphers easier to use, a higher level
+interface was required. In this form, the same function would be used to
+encrypt 'by parts', via any one of the above mentioned ciphers.
+
+EVP The Digital EnVeloPe library is quite large. At it's core are
+ function to perform encryption and decryption by parts while using
+ an initial parameter to specify which of the 17 different ciphers
+ or 4 different message digests to use. On top of these are implmented
+ the digital signature functions, sign, verify, seal and open.
+ Base64 encoding of binary data is also done in this library.
+
+PEM rfc???? describe the format for Privacy Enhanced eMail.
+ As part of this standard, methods of encoding digital enveloped
+ data is an ascii format are defined. As such, I use a form of these
+ to encode enveloped data. While at this point in time full support
+ for PEM has not been built into the library, a minimal subset of
+ the secret key and Base64 encoding is present. These reoutines are
+ mostly used to Ascii encode binary data with a 'type' associated
+ with it and perhaps details of private key encryption used to
+ encrypt the data.
+
+PKCS7 This is another Digital Envelope encoding standard which uses ASN.1
+ to encode the data. At this point in time, while there are some
+ routines to encode and decode this binary format, full support is
+ not present.
+
+As Mentioned, above, there are several different ways to encode
+data structures.
+
+ASN1 This library is more a set of primatives used to encode the packing
+ and unpacking of data structures. It is used by the X509
+ certificate standard and by the PKCS standards which are used by
+ this library. It also contains routines for duplicating and signing
+ the structures asocisated with X509.
+
+X509 The X509 library contains routines for packing and unpacking,
+ verifying and just about every thing else you would want to do with
+ X509 certificates.
+
+PKCS7 PKCS-7 is a standard for encoding digital envelope data
+ structures. At this point in time the routines will load and save
+ DER forms of these structees. They need to be re-worked to support
+ the BER form which is the normal way PKCS-7 is encoded. If the
+ previous 2 sentances don't make much sense, don't worry, this
+ library is not used by this version of SSLeay anyway.
+
+OBJ ASN.1 uses 'object identifiers' to identify objects. A set of
+ functions were requred to translate from ASN.1 to an intenger, to a
+ character string. This library provieds these translations
+
+Now I mentioned an X509 library. X509 specified a hieachy of certificates
+which needs to be traversed to authenticate particular certificates.
+
+METH This library is used to push 'methods' of retrieving certificates
+ into the library. There are some supplied 'methods' with SSLeay
+ but applications can add new methods if they so desire.
+ This library has not been finished and is not being used in this
+ version.
+
+Now all the above are required for use in the initial point of this project.
+
+SSL The SSL protocol. This is a full implmentation of SSL v 2. It
+ support both server and client authentication. SSL v 3 support
+ will be added when the SSL v 3 specification is released in it's
+ final form.
+
+Now quite a few of the above mentioned libraries rely on a few 'complex'
+data structures. For each of these I have a library.
+
+Lhash This is a hash table library which is used extensivly.
+
+STACK An implemetation of a Stack data structure.
+
+BUF A simple character array structure that also support a function to
+ check that the array is greater that a certain size, if it is not,
+ it is realloced so that is it.
+
+TXT_DB A simple memory based text file data base. The application can specify
+ unique indexes that will be enforced at update time.
+
+CONF Most of the programs written for this library require a configuration
+ file. Instead of letting programs constantly re-implment this
+ subsystem, the CONF library provides a consistant and flexable
+ interface to not only configuration files but also environment
+ variables.
+
+But what about when something goes wrong?
+The one advantage (and perhaps disadvantage) of all of these
+functions being in one library was the ability to implement a
+single error reporting system.
+
+ERR This library is used to report errors. The error system records
+ library number, function number (in the library) and reason
+ number. Multiple errors can be reported so that an 'error' trace
+ is created. The errors can be printed in numeric or textual form.
+
diff --git a/doc/ssluse.doc b/doc/ssluse.doc
new file mode 100644
index 0000000..2e3a26c
--- /dev/null
+++ b/doc/ssluse.doc
@@ -0,0 +1,45 @@
+We have an SSL_CTX which contains global information for lots of
+SSL connections. The session-id cache and the certificate verificate cache.
+It also contains default values for use when certificates are used.
+
+SSL_CTX
+ default cipher list
+ session-id cache
+ certificate cache
+ default session-id timeout period
+ New session-id callback
+ Required session-id callback
+ session-id stats
+ Informational callback
+ Callback that is set, overrides the SSLeay X509 certificate
+ verification
+ The default Certificate/Private Key pair
+ Default read ahead mode.
+ Default verify mode and verify callback. These are not used
+ if the over ride callback mentioned above is used.
+
+Each SSL can have the following defined for it before a connection is made.
+
+Certificate
+Private key
+Ciphers to use
+Certificate verify mode and callback
+IO object to use in the comunication.
+Some 'read-ahead' mode information.
+A previous session-id to re-use.
+
+A connection is made by using SSL_connect or SSL_accept.
+When non-blocking IO is being used, there are functions that can be used
+to determin where and why the SSL_connect or SSL_accept did not complete.
+This information can be used to recall the functions when the 'error'
+condition has dissapeared.
+
+After the connection has been made, information can be retrived about the
+SSL session and the session-id values that have been decided apon.
+The 'peer' certificate can be retrieved.
+
+The session-id values include
+'start time'
+'timeout length'
+
+
diff --git a/doc/stack.doc b/doc/stack.doc
new file mode 100644
index 0000000..7c20b1b
--- /dev/null
+++ b/doc/stack.doc
@@ -0,0 +1,96 @@
+The stack data structure is used to store an ordered list of objects.
+It is basically misnamed to call it a stack but it can function that way
+and that is what I originally used it for. Due to the way element
+pointers are kept in a malloc()ed array, the most efficient way to use this
+structure is to add and delete elements from the end via sk_pop() and
+sk_push(). If you wish to do 'lookups' sk_find() is quite efficient since
+it will sort the stack (if required) and then do a binary search to lookup
+the requested item. This sorting occurs automatically so just sk_push()
+elements on the stack and don't worry about the order. Do remember that if
+you do a sk_find(), the order of the elements will change.
+
+You should never need to 'touch' this structure directly.
+typedef struct stack_st
+ {
+ unsigned int num;
+ char **data;
+ int sorted;
+
+ unsigned int num_alloc;
+ int (*comp)();
+ } STACK;
+
+'num' holds the number of elements in the stack, 'data' is the array of
+elements. 'sorted' is 1 is the list has been sorted, 0 if not.
+
+num_alloc is the number of 'nodes' allocated in 'data'. When num becomes
+larger than num_alloc, data is realloced to a larger size.
+If 'comp' is set, it is a function that is used to compare 2 of the items
+in the stack. The function should return -1, 0 or 1, depending on the
+ordering.
+
+#define sk_num(sk) ((sk)->num)
+#define sk_value(sk,n) ((sk)->data[n])
+
+These 2 macros should be used to access the number of elements in the
+'stack' and to access a pointer to one of the values.
+
+STACK *sk_new(int (*c)());
+ This creates a new stack. If 'c', the comparison function, is not
+specified, the various functions that operate on a sorted 'stack' will not
+work (sk_find()). NULL is returned on failure.
+
+void sk_free(STACK *);
+ This function free()'s a stack structure. The elements in the
+stack will not be freed so one should 'pop' and free all elements from the
+stack before calling this function or call sk_pop_free() instead.
+
+void sk_pop_free(STACK *st; void (*func)());
+ This function calls 'func' for each element on the stack, passing
+the element as the argument. sk_free() is then called to free the 'stack'
+structure.
+
+int sk_insert(STACK *sk,char *data,int where);
+ This function inserts 'data' into stack 'sk' at location 'where'.
+If 'where' is larger that the number of elements in the stack, the element
+is put at the end. This function tends to be used by other 'stack'
+functions. Returns 0 on failure, otherwise the number of elements in the
+new stack.
+
+char *sk_delete(STACK *st,int loc);
+ Remove the item a location 'loc' from the stack and returns it.
+Returns NULL if the 'loc' is out of range.
+
+char *sk_delete_ptr(STACK *st, char *p);
+ If the data item pointed to by 'p' is in the stack, it is deleted
+from the stack and returned. NULL is returned if the element is not in the
+stack.
+
+int sk_find(STACK *st,char *data);
+ Returns the location that contains a value that is equal to
+the 'data' item. If the comparison function was not set, this function
+does a linear search. This function actually qsort()s the stack if it is not
+in order and then uses bsearch() to do the initial search. If the
+search fails,, -1 is returned. For mutliple items with the same
+value, the index of the first in the array is returned.
+
+int sk_push(STACK *st,char *data);
+ Append 'data' to the stack. 0 is returned if there is a failure
+(due to a malloc failure), else 1. This is
+sk_insert(st,data,sk_num(st));
+
+int sk_unshift(STACK *st,char *data);
+ Prepend 'data' to the front (location 0) of the stack. This is
+sk_insert(st,data,0);
+
+char *sk_shift(STACK *st);
+ Return and delete from the stack the first element in the stack.
+This is sk_delete(st,0);
+
+char *sk_pop(STACK *st);
+ Return and delete the last element on the stack. This is
+sk_delete(st,sk_num(sk)-1);
+
+void sk_zero(STACK *st);
+ Removes all items from the stack. It does not 'free'
+pointers but is a quick way to clear a 'stack of references'.
diff --git a/doc/threads.doc b/doc/threads.doc
new file mode 100644
index 0000000..251061e
--- /dev/null
+++ b/doc/threads.doc
@@ -0,0 +1,90 @@
+How to compile SSLeay for multi-threading.
+
+Well basically it is quite simple, set the compiler flags and build.
+I have only really done much testing under Solaris and Windows NT.
+If you library supports localtime_r() and gmtime_r() add,
+-DTHREADS to the makefile parameters. You can probably survive with out
+this define unless you are going to have multiple threads generating
+certificates at once. It will not affect the SSL side of things.
+
+The approach I have taken to doing locking is to make the application provide
+callbacks to perform locking and so that the SSLeay library can distinguish
+between threads (for the error state).
+
+To have a look at an example program, 'cd mt; vi mttest.c'.
+To build under solaris, sh solaris.sh, for Windows NT or Windows 95,
+win32.bat
+
+This will build mttest which will fire up 10 threads that talk SSL
+to each other 10 times.
+To enable everything to work, the application needs to call
+
+CRYPTO_set_id_callback(id_function);
+CRYPTO_set_locking_callback(locking_function);
+
+before any multithreading is started.
+id_function does not need to be defined under Windows NT or 95, the
+correct function will be called if it is not. Under unix, getpid()
+is call if the id_callback is not defined, for solaris this is wrong
+(since threads id's are not pid's) but under IRIX it is correct
+(threads are just processes sharing the data segement).
+
+The locking_callback is used to perform locking by the SSLeay library.
+eg.
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ mutex_lock(&(lock_cs[type]));
+ else
+ mutex_unlock(&(lock_cs[type]));
+ }
+
+Now in this case I have used mutexes instead of read/write locks, since they
+are faster and there are not many read locks in SSLeay, you may as well
+always use write locks. file and line are __FILE__ and __LINE__ from
+the compile and can be usefull when debugging.
+
+Now as you can see, 'type' can be one of a range of values, these values are
+defined in crypto/crypto.h
+CRYPTO_get_lock_name(type) will return a text version of what the lock is.
+There are CRYPTO_NUM_LOCKS locks required, so under solaris, the setup
+for multi-threading can be
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+ CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+ CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ }
+
+As a final note, under Windows NT or Windows 95, you have to be careful
+not to mix the various threaded, unthreaded and debug libraries.
+Normally if they are mixed incorrectly, mttest will crash just after printing
+out some usage statistics at the end. This is because the
+different system libraries use different malloc routines and if
+data is malloc()ed inside crypt32.dll or ssl32.dll and then free()ed by a
+different library malloc, things get very confused.
+
+The default SSLeay DLL builds use /MD, so if you use this on your
+application, things will work as expected. If you use /MDd,
+you will probably have to rebuild SSLeay using this flag.
+I should modify util/mk1mf.pl so it does all this correctly, but
+this has not been done yet.
+
+One last warning. Because locking overheads are actually quite large, the
+statistics collected against the SSL_CTX for successfull connections etc
+are not locked when updated. This does make it possible for these
+values to be slightly lower than they should be, if you are
+running multithreaded on a multi-processor box, but this does not really
+matter much.
+
diff --git a/doc/txt_db.doc b/doc/txt_db.doc
new file mode 100644
index 0000000..3a5b0d5
--- /dev/null
+++ b/doc/txt_db.doc
@@ -0,0 +1,4 @@
+TXT_DB, a simple text based in memory database.
+
+It holds rows of ascii data, for which the only special character is '\0'.
+The rows can be of an unlimited length.
diff --git a/doc/verify b/doc/verify
new file mode 100644
index 0000000..b78d961
--- /dev/null
+++ b/doc/verify
@@ -0,0 +1,22 @@
+X509_verify_cert_chain(
+ CERT_STORE *cert_store,
+ STACK /* X509 */ *certs,
+ int *verify_result,
+ int (*verify_error_callback)()
+ char *argument_to_callback, /* SSL */
+
+app_verify_callback(
+ char *app_verify_arg, /* from SSL_CTX */
+ STACK /* X509 */ *certs,
+ int *verify_result,
+ int (*verify_error_callback)()
+ SSL *s,
+
+int X509_verify_cert(
+ CERT_STORE *cert_store,
+ X509 *x509,
+ int *verify_result,
+ int (*verify_error_callback)(),
+ char *arg,
+
+
diff --git a/doc/why.doc b/doc/why.doc
new file mode 100644
index 0000000..a1ac84b
--- /dev/null
+++ b/doc/why.doc
@@ -0,0 +1,79 @@
+This file is more of a note for other people who wish to understand why
+the build environment is the way it is :-).
+
+The include files 'depend' as follows.
+Each of
+crypto/*/*.c includes crypto/cryptlib.h
+ssl/*.c include ssl/ssl_locl.h
+apps/*.c include apps/apps.h
+crypto/cryptlib.h, ssl/ssl_locl.h and apps/apps.h
+all include e_os.h which contains OS/environment specific information.
+If you need to add something todo with a particular environment,
+add it to this file. It is worth remembering that quite a few libraries,
+like lhash, des, md, sha etc etc do not include crypto/cryptlib.h. This
+is because these libraries should be 'independantly compilable' and so I
+try to keep them this way.
+e_os.h is not so much a part of SSLeay, as the placing in one spot all the
+evil OS dependant muck.
+
+I wanted to automate as many things as possible. This includes
+error number generation. A
+make errors
+will scan the source files for error codes, append them to the correct
+header files, and generate the functions to print the text version
+of the error numbers. So don't even think about adding error numbers by
+hand, put them in the form
+XXXerr(XXXX_F_XXXX,YYYY_R_YYYY);
+on line and it will be automatically picked up my a make errors.
+
+In a similar vein, programs to be added into ssleay in the apps directory
+just need to have an entry added to E_EXE in makefile.ssl and
+everthing will work as expected. Don't edit progs.h by hand.
+
+make links re-generates the symbolic links that are used. The reason why
+I keep everything in its own directory, and don't put all the
+test programs and header files in 'test' and 'include' is because I want
+to keep the 'sub-libraries' independant. I still 'pull' out
+indervidual libraries for use in specific projects where the code is
+required. I have used the 'lhash' library in just about every software
+project I have worked on :-).
+
+make depend generates dependancies and
+make dclean removes them.
+
+You will notice that I use perl quite a bit when I could be using 'sed'.
+The reason I decided to do this was to just stick to one 'extra' program.
+For Windows NT, I have perl and no sed.
+
+The util/mk1mf.pl program can be used to generate a single makefile.
+I use this because makefiles under Microsoft are horrific.
+Each C compiler seems to have different linker formats, which have
+to be used because the retarted C compilers explode when you do
+cl -o file *.o.
+
+Now some would argue that I should just use the single makefile. I don't
+like it during develoment for 2 reasons. First, the actuall make
+command takes a long time. For my current setup, if I'm in
+crypto/bn and I type make, only the crypto/bn directory gets rebuilt,
+which is nice when you are modifying prototypes in bn.h which
+half the SSLeay depends on. The second is that to add a new souce file
+I just plonk it in at the required spot in the local makefile. This
+then alows me to keep things local, I don't need to modify a 'global'
+tables (the make for unix, the make for NT, the make for w31...).
+When I am ripping apart a library structure, it is nice to only
+have to worry about one directory :-).
+
+Having said all this, for the hell of it I put together 2 files that
+#include all the souce code (generated by doing a ls */*.o after a build).
+crypto.c takes only 30 seconds to build under NT and 2 minutes under linux
+for my pentium100. Much faster that the normal build :-).
+Again, the problem is that when using libraries, every program linked
+to libcrypto.a would suddenly get 330k of library when it may only need
+1k. This technique does look like a nice way to do shared libraries though.
+
+Oh yes, as a final note, to 'build' a distribution, I just type
+make dist.
+This cleans and packages everything. The directory needs to be called
+SSLeay since the make does a 'cd ..' and renames and tars things up.
+
+
diff --git a/e_os.h b/e_os.h
new file mode 100644
index 0000000..2f22805
--- /dev/null
+++ b/e_os.h
@@ -0,0 +1,288 @@
+/* e_os.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_E_OS_H
+#define HEADER_E_OS_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifndef DEVRANDOM
+#undef DEVRANDOM /* set this to your 'random' device if you have one */
+#endif
+
+#if defined(NOCONST)
+#define const
+#endif
+
+/********************************************************************
+ The Microsoft section
+ ********************************************************************/
+/* The following is used becaue of the small stack in some
+ * Microsoft operating systems */
+#if defined(WIN16) || defined(MSDOS)
+# define MS_STATIC static
+#else
+# define MS_STATIC
+#endif
+
+#if defined(WIN32) || defined(WIN16)
+# ifndef WINDOWS
+# define WINDOWS
+# endif
+# ifndef MSDOS
+# define MSDOS
+# endif
+#endif
+
+#ifdef WIN16
+# define MS_CALLBACK _far _loadds
+# define MS_FAR _far
+#else
+# define MS_CALLBACK
+# define MS_FAR
+#endif
+
+#if defined(WINDOWS) || defined(MSDOS)
+
+#ifndef S_IFDIR
+#define S_IFDIR _S_IFDIR
+#endif
+
+#ifndef S_IFMT
+#define S_IFMT _S_IFMT
+#endif
+
+#define strncasecmp(a,b,c) strnicmp((a),(b),(c))
+
+# ifdef WINDOWS
+# include <windows.h>
+# include <stddef.h>
+# include <errno.h>
+# include <string.h>
+# include <malloc.h>
+# endif
+# include <io.h>
+# include <fcntl.h>
+
+#if defined(WIN16) && (!defined(MONOLITH) || defined(SSLEAY)) && defined(_WINEXITNOPERSIST)
+# define EXIT(n) { if (n == 0) _wsetexit(_WINEXITNOPERSIST); \
+ return(n); }
+#else
+# define EXIT(n) return(n);
+#endif
+# define LIST_SEPARATOR_CHAR ';'
+#ifndef X_OK
+# define X_OK 0
+#endif
+#ifndef W_OK
+# define W_OK 2
+#endif
+#ifndef R_OK
+# define R_OK 4
+#endif
+# define SSLEAY_CONF "ssleay.cnf"
+# define NUL_DEV "nul"
+# define RFILE ".rnd"
+
+#else /* The non-microsoft world world */
+
+# ifdef VMS
+# include <unixlib.h>
+# else
+# include <unistd.h>
+# endif
+
+# define SSLEAY_CONF "ssleay.cnf"
+# define RFILE ".rnd"
+# define LIST_SEPARATOR_CHAR ':'
+# ifndef MONOLITH
+# define EXIT(n) exit(n); return(n)
+# else
+# define EXIT(n) return(n)
+# endif
+# define NUL_DEV "/dev/null"
+
+# define SSLeay_getpid() getpid()
+
+#endif
+
+/*************/
+
+#ifdef USE_SOCKETS
+# if defined(WINDOWS) || defined(MSDOS)
+ /* windows world */
+
+# ifdef NO_SOCK
+# define SSLeay_Write(a,b,c) (-1)
+# define SSLeay_Read(a,b,c) (-1)
+# define SHUTDOWN(fd) close(fd)
+# define SHUTDOWN2(fd) close(fd)
+# else
+# include <winsock.h>
+extern HINSTANCE _hInstance;
+# define SSLeay_Write(a,b,c) send((a),(b),(c),0)
+# define SSLeay_Read(a,b,c) recv((a),(b),(c),0)
+# define SHUTDOWN(fd) { shutdown((fd),0); closesocket(fd); }
+# define SHUTDOWN2(fd) { shutdown((fd),2); closesocket(fd); }
+# endif
+
+
+# else
+
+# ifndef VMS
+ /* unix world */
+# include <netdb.h>
+# include <sys/types.h>
+# include <sys/socket.h>
+# include <sys/param.h>
+# include <sys/time.h> /* Needed under linux for FD_XXX */
+# include <netinet/in.h>
+# endif
+
+# if defined(NeXT) || defined(_NEXT_SOURCE)
+# include <sys/fcntl.h>
+# include <sys/types.h>
+# endif
+
+# ifdef AIX
+# include <sys/select.h>
+# endif
+
+# if defined(sun)
+# include <sys/filio.h>
+# else
+# include <sys/ioctl.h>
+# endif
+
+# ifdef VMS
+# include <unixio.h>
+# endif
+
+# define SSLeay_Read(a,b,c) read((a),(b),(c))
+# define SSLeay_Write(a,b,c) write((a),(b),(c))
+# define SHUTDOWN(fd) { shutdown((fd),0); close((fd)); }
+# define SHUTDOWN2(fd) { shutdown((fd),2); close((fd)); }
+# define INVALID_SOCKET -1
+# endif
+#endif
+
+#if defined(THREADS) || defined(sun)
+#ifndef _REENTRANT
+#define _REENTRANT
+#endif
+#endif
+
+/***********************************************/
+
+#ifndef NOPROTO
+#define P_CC_CC const void *,const void *
+#define P_I_I int,int
+#define P_I_I_P_I int,int,char *,int
+#define P_IP_I_I_P_I int *,int,int,char *,int
+#define P_V void
+#else
+#define P_CC_CC
+#define P_I_I
+#define P_IP_I_I_P_I
+#define P_I_I_P_I
+#define P_V
+#endif
+
+/* not used yet */
+#define CS_BEGIN
+#define CS_END
+
+/* do we need to do this for getenv.
+ * Just define getenv for use under windows */
+
+#ifdef WIN16
+/* How to do this needs to be thought out a bit more.... */
+/*char *GETENV(char *);
+#define Getenv GETENV*/
+#define Getenv getenv
+#else
+#define Getenv getenv
+#endif
+
+#define DG_GCC_BUG /* gcc < 2.6.3 on DGUX */
+
+#ifdef sgi
+#define IRIX_CC_BUG /* all version of IRIX I've tested (4.* 5.*) */
+#endif
+
+#ifdef NO_MD2
+#define MD2_Init MD2Init
+#define MD2_Update MD2Update
+#define MD2_Final MD2Final
+#define MD2_DIGEST_LENGTH 16
+#endif
+#ifdef NO_MD5
+#define MD5_Init MD5Init
+#define MD5_Update MD5Update
+#define MD5_Final MD5Final
+#define MD5_DIGEST_LENGTH 16
+#endif
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif
+
diff --git a/makefile.one b/makefile.one
new file mode 100644
index 0000000..afb3127
--- /dev/null
+++ b/makefile.one
@@ -0,0 +1,1576 @@
+# This makefile has been automatically generated from the SSLeay distribution.
+# This single makefile will build the complete SSLeay distribution and
+# by default leave the 'intertesting' output files in ./out and the stuff
+# that needs deleting in ./tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util/mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+INSTALLTOP=/usr/local/ssl
+
+# Set your compiler options
+CC=cc
+CFLAG=-O -DTERMIO
+APP_CFLAG=
+LIB_CFLAG=
+APP_EX_OBJ=
+SHLIB_EX_OBJ=
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=
+
+# The SSLeay directory
+SRC_D=.
+
+LINK=${CC}
+LFLAGS=${CFLAGS}
+
+BN_MULW_OBJ=
+BN_MULW_SRC=
+DES_ENC_OBJ=
+DES_ENC_SRC=
+DES_CRYPT_OBJ=
+DES_CRYPT_SRC=
+BF_ENC_OBJ=
+BF_ENC_SRC=
+
+# The output directory for everything intersting
+OUT_D=out
+# The output directory for all the temporary muck
+TMP_D=tmp
+
+CP=/bin/cp
+RM=/bin/rm -f
+RANLIB=$(SRC_D)/util/ranlib.sh
+MKDIR=mkdir
+MKLIB=ar r
+MLFLAGS=
+ASM=as
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=ssleay
+SSL=ssl
+CRYPTO=crypto
+RSAGLUE=RSAglue
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+# INC_D - include directory
+BIN_D=$(OUT_D)
+TEST_D=$(OUT_D)
+LIB_D=$(OUT_D)
+INC_D=$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=$(TMP_D)
+INCL_D=$(TMP_D)
+
+O_SSL= $(LIB_D)/lib$(SSL).a
+O_CRYPTO= $(LIB_D)/lib$(CRYPTO).a
+O_RSAGLUE= $(LIB_D)/lib$(RSAGLUE).a
+L_SSL= $(LIB_D)/lib$(SSL).a
+L_CRYPTO= $(LIB_D)/lib$(CRYPTO).a
+
+L_LIBS= $(L_SSL) $(L_CRYPTO)
+#L_LIBS= $(O_SSL) $(O_RSAGLUE) -lrsaref $(O_CRYPTO)
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-DFLAT_INC -I$(INC_D) -I$(INCL_D)
+APP_CFLAGS=$(INC) $(CFLAG) $(APP_CFLAG)
+LIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG)
+LIBS_DEP=$(O_CRYPTO) $(O_RSAGLUE) $(O_SSL)
+
+#############################################
+HEADER=$(INCL_D)/e_os.h \
+ $(INCL_D)/cryptlib.h $(INCL_D)/date.h $(INCL_D)/md5_locl.h \
+ $(INCL_D)/sha_locl.h $(INCL_D)/des_locl.h $(INCL_D)/rpc_des.h \
+ $(INCL_D)/podd.h $(INCL_D)/sk.h $(INCL_D)/spr.h \
+ $(INCL_D)/des_ver.h $(INCL_D)/rc2_locl.h $(INCL_D)/idea_lcl.h \
+ $(INCL_D)/bf_pi.h $(INCL_D)/bf_locl.h $(INCL_D)/bn_lcl.h \
+ $(INCL_D)/bn_prime.h $(INCL_D)/obj_dat.h $(INCL_D)/conf_lcl.h \
+ $(INCL_D)/ssl_locl.h $(INCL_D)/rsaref.h $(INCL_D)/apps.h \
+ $(INCL_D)/progs.h $(INCL_D)/s_apps.h $(INCL_D)/testdsa.h \
+ $(INCL_D)/testrsa.h
+
+EXHEADER=$(INC_D)/crypto.h \
+ $(INC_D)/cryptall.h $(INC_D)/md2.h $(INC_D)/md5.h \
+ $(INC_D)/sha.h $(INC_D)/mdc2.h $(INC_D)/des.h \
+ $(INC_D)/rc4.h $(INC_D)/rc2.h $(INC_D)/idea.h \
+ $(INC_D)/blowfish.h $(INC_D)/bn.h $(INC_D)/rsa.h \
+ $(INC_D)/dsa.h $(INC_D)/dh.h $(INC_D)/buffer.h \
+ $(INC_D)/bio.h $(INC_D)/stack.h $(INC_D)/lhash.h \
+ $(INC_D)/rand.h $(INC_D)/err.h $(INC_D)/objects.h \
+ $(INC_D)/evp.h $(INC_D)/pem.h $(INC_D)/asn1.h \
+ $(INC_D)/asn1_mac.h $(INC_D)/x509.h $(INC_D)/x509_vfy.h \
+ $(INC_D)/conf.h $(INC_D)/txt_db.h $(INC_D)/pkcs7.h \
+ $(INC_D)/ssl.h $(INC_D)/ssl2.h $(INC_D)/ssl3.h \
+ $(INC_D)/ssl23.h
+
+T_OBJ=$(OBJ_D)/md2test.o \
+ $(OBJ_D)/md5test.o $(OBJ_D)/shatest.o $(OBJ_D)/sha1test.o \
+ $(OBJ_D)/mdc2test.o $(OBJ_D)/destest.o $(OBJ_D)/rc4test.o \
+ $(OBJ_D)/rc2test.o $(OBJ_D)/ideatest.o $(OBJ_D)/bftest.o \
+ $(OBJ_D)/bntest.o $(OBJ_D)/exptest.o $(OBJ_D)/dsatest.o \
+ $(OBJ_D)/dhtest.o $(OBJ_D)/randtest.o $(OBJ_D)/ssltest.o
+
+E_OBJ=$(OBJ_D)/verify.o \
+ $(OBJ_D)/asn1pars.o $(OBJ_D)/req.o $(OBJ_D)/dgst.o \
+ $(OBJ_D)/dh.o $(OBJ_D)/enc.o $(OBJ_D)/gendh.o \
+ $(OBJ_D)/errstr.o $(OBJ_D)/ca.o $(OBJ_D)/gendsa.o \
+ $(OBJ_D)/pkcs7.o $(OBJ_D)/crl2p7.o $(OBJ_D)/crl.o \
+ $(OBJ_D)/rsa.o $(OBJ_D)/dsa.o $(OBJ_D)/dsaparam.o \
+ $(OBJ_D)/x509.o $(OBJ_D)/genrsa.o $(OBJ_D)/s_server.o \
+ $(OBJ_D)/s_client.o $(OBJ_D)/speed.o $(OBJ_D)/s_time.o \
+ $(OBJ_D)/apps.o $(OBJ_D)/s_cb.o $(OBJ_D)/s_socket.o \
+ $(OBJ_D)/version.o $(OBJ_D)/sess_id.o $(OBJ_D)/ciphers.o \
+ $(OBJ_D)/ssleay.o
+
+CRYPTOOBJ=$(OBJ_D)/cryptlib.o \
+ $(OBJ_D)/mem.o $(OBJ_D)/cversion.o $(OBJ_D)/md2_dgst.o \
+ $(OBJ_D)/md5_dgst.o $(OBJ_D)/md2_one.o $(OBJ_D)/md5_one.o \
+ $(OBJ_D)/sha_dgst.o $(OBJ_D)/sha1dgst.o $(OBJ_D)/sha_one.o \
+ $(OBJ_D)/sha1_one.o $(OBJ_D)/mdc2dgst.o $(OBJ_D)/mdc2_one.o \
+ $(OBJ_D)/set_key.o $(OBJ_D)/ecb_enc.o $(OBJ_D)/ede_enc.o \
+ $(OBJ_D)/cbc_enc.o $(OBJ_D)/cbc3_enc.o $(OBJ_D)/ecb3_enc.o \
+ $(OBJ_D)/cfb64enc.o $(OBJ_D)/cfb64ede.o $(OBJ_D)/cfb_enc.o \
+ $(OBJ_D)/ofb64ede.o $(OBJ_D)/enc_read.o $(OBJ_D)/enc_writ.o \
+ $(OBJ_D)/ncbc_enc.o $(OBJ_D)/ofb64enc.o $(OBJ_D)/ofb_enc.o \
+ $(OBJ_D)/str2key.o $(OBJ_D)/pcbc_enc.o $(OBJ_D)/qud_cksm.o \
+ $(OBJ_D)/rand_key.o $(OBJ_D)/des_enc.o $(OBJ_D)/fcrypt_b.o \
+ $(OBJ_D)/read2pwd.o $(OBJ_D)/fcrypt.o $(OBJ_D)/xcbc_enc.o \
+ $(OBJ_D)/read_pwd.o $(OBJ_D)/rpc_enc.o $(OBJ_D)/cbc_cksm.o \
+ $(OBJ_D)/supp.o $(OBJ_D)/rc4_enc.o $(OBJ_D)/rc2_ecb.o \
+ $(OBJ_D)/rc2_skey.o $(OBJ_D)/rc2_cbc.o $(OBJ_D)/rc2cfb64.o \
+ $(OBJ_D)/rc2ofb64.o $(OBJ_D)/i_cbc.o $(OBJ_D)/i_cfb64.o \
+ $(OBJ_D)/i_ofb64.o $(OBJ_D)/i_ecb.o $(OBJ_D)/i_skey.o \
+ $(OBJ_D)/bf_skey.o $(OBJ_D)/bf_ecb.o $(OBJ_D)/bf_enc.o \
+ $(OBJ_D)/bf_cbc.o $(OBJ_D)/bf_cfb64.o $(OBJ_D)/bf_ofb64.o \
+ $(OBJ_D)/bn_add.o $(OBJ_D)/bn_div.o $(OBJ_D)/bn_exp.o \
+ $(OBJ_D)/bn_lib.o $(OBJ_D)/bn_mod.o $(OBJ_D)/bn_mul.o \
+ $(OBJ_D)/bn_print.o $(OBJ_D)/bn_rand.o $(OBJ_D)/bn_shift.o \
+ $(OBJ_D)/bn_sub.o $(OBJ_D)/bn_word.o $(OBJ_D)/bn_gcd.o \
+ $(OBJ_D)/bn_prime.o $(OBJ_D)/bn_err.o $(OBJ_D)/bn_sqr.o \
+ $(OBJ_D)/bn_mulw.o $(OBJ_D)/bn_recp.o $(OBJ_D)/bn_mont.o \
+ $(OBJ_D)/rsa_enc.o $(OBJ_D)/rsa_gen.o $(OBJ_D)/rsa_lib.o \
+ $(OBJ_D)/rsa_sign.o $(OBJ_D)/rsa_saos.o $(OBJ_D)/rsa_err.o \
+ $(OBJ_D)/dsa_gen.o $(OBJ_D)/dsa_key.o $(OBJ_D)/dsa_lib.o \
+ $(OBJ_D)/dsa_vrf.o $(OBJ_D)/dsa_sign.o $(OBJ_D)/dsa_err.o \
+ $(OBJ_D)/dh_gen.o $(OBJ_D)/dh_key.o $(OBJ_D)/dh_lib.o \
+ $(OBJ_D)/dh_check.o $(OBJ_D)/dh_err.o $(OBJ_D)/buffer.o \
+ $(OBJ_D)/buf_err.o $(OBJ_D)/bio_lib.o $(OBJ_D)/bio_cb.o \
+ $(OBJ_D)/bio_err.o $(OBJ_D)/bss_mem.o $(OBJ_D)/bss_null.o \
+ $(OBJ_D)/bss_fd.o $(OBJ_D)/bss_file.o $(OBJ_D)/bss_sock.o \
+ $(OBJ_D)/bss_conn.o $(OBJ_D)/bf_null.o $(OBJ_D)/bf_buff.o \
+ $(OBJ_D)/b_print.o $(OBJ_D)/b_dump.o $(OBJ_D)/b_sock.o \
+ $(OBJ_D)/bss_acpt.o $(OBJ_D)/bf_nbio.o $(OBJ_D)/stack.o \
+ $(OBJ_D)/lhash.o $(OBJ_D)/lh_stats.o $(OBJ_D)/md_rand.o \
+ $(OBJ_D)/randfile.o $(OBJ_D)/err.o $(OBJ_D)/err_all.o \
+ $(OBJ_D)/err_prn.o $(OBJ_D)/obj_dat.o $(OBJ_D)/obj_lib.o \
+ $(OBJ_D)/obj_err.o $(OBJ_D)/encode.o $(OBJ_D)/digest.o \
+ $(OBJ_D)/evp_enc.o $(OBJ_D)/evp_key.o $(OBJ_D)/e_ecb_d.o \
+ $(OBJ_D)/e_cbc_d.o $(OBJ_D)/e_cfb_d.o $(OBJ_D)/e_ofb_d.o \
+ $(OBJ_D)/e_ecb_i.o $(OBJ_D)/e_cbc_i.o $(OBJ_D)/e_cfb_i.o \
+ $(OBJ_D)/e_ofb_i.o $(OBJ_D)/e_ecb_3d.o $(OBJ_D)/e_cbc_3d.o \
+ $(OBJ_D)/e_rc4.o $(OBJ_D)/names.o $(OBJ_D)/e_cfb_3d.o \
+ $(OBJ_D)/e_ofb_3d.o $(OBJ_D)/e_xcbc_d.o $(OBJ_D)/e_ecb_r2.o \
+ $(OBJ_D)/e_cbc_r2.o $(OBJ_D)/e_cfb_r2.o $(OBJ_D)/e_ofb_r2.o \
+ $(OBJ_D)/e_ecb_bf.o $(OBJ_D)/e_cbc_bf.o $(OBJ_D)/e_cfb_bf.o \
+ $(OBJ_D)/e_ofb_bf.o $(OBJ_D)/m_null.o $(OBJ_D)/m_md2.o \
+ $(OBJ_D)/m_md5.o $(OBJ_D)/m_sha.o $(OBJ_D)/m_sha1.o \
+ $(OBJ_D)/m_dss.o $(OBJ_D)/m_dss1.o $(OBJ_D)/m_mdc2.o \
+ $(OBJ_D)/p_open.o $(OBJ_D)/p_seal.o $(OBJ_D)/p_sign.o \
+ $(OBJ_D)/p_verify.o $(OBJ_D)/p_lib.o $(OBJ_D)/bio_md.o \
+ $(OBJ_D)/bio_b64.o $(OBJ_D)/bio_enc.o $(OBJ_D)/evp_err.o \
+ $(OBJ_D)/e_null.o $(OBJ_D)/c_all.o $(OBJ_D)/pem_sign.o \
+ $(OBJ_D)/pem_seal.o $(OBJ_D)/pem_info.o $(OBJ_D)/pem_lib.o \
+ $(OBJ_D)/pem_all.o $(OBJ_D)/pem_err.o $(OBJ_D)/a_object.o \
+ $(OBJ_D)/a_bitstr.o $(OBJ_D)/a_utctm.o $(OBJ_D)/a_int.o \
+ $(OBJ_D)/a_octet.o $(OBJ_D)/a_print.o $(OBJ_D)/a_type.o \
+ $(OBJ_D)/a_set.o $(OBJ_D)/a_dup.o $(OBJ_D)/a_d2i_fp.o \
+ $(OBJ_D)/a_i2d_fp.o $(OBJ_D)/a_sign.o $(OBJ_D)/a_digest.o \
+ $(OBJ_D)/a_verify.o $(OBJ_D)/x_algor.o $(OBJ_D)/x_val.o \
+ $(OBJ_D)/x_pubkey.o $(OBJ_D)/x_sig.o $(OBJ_D)/x_req.o \
+ $(OBJ_D)/x_attrib.o $(OBJ_D)/x_name.o $(OBJ_D)/x_cinf.o \
+ $(OBJ_D)/x_x509.o $(OBJ_D)/x_crl.o $(OBJ_D)/x_info.o \
+ $(OBJ_D)/x_spki.o $(OBJ_D)/d2i_r_pr.o $(OBJ_D)/i2d_r_pr.o \
+ $(OBJ_D)/d2i_r_pu.o $(OBJ_D)/i2d_r_pu.o $(OBJ_D)/d2i_s_pr.o \
+ $(OBJ_D)/i2d_s_pr.o $(OBJ_D)/d2i_s_pu.o $(OBJ_D)/i2d_s_pu.o \
+ $(OBJ_D)/d2i_pu.o $(OBJ_D)/d2i_pr.o $(OBJ_D)/i2d_pu.o \
+ $(OBJ_D)/i2d_pr.o $(OBJ_D)/t_req.o $(OBJ_D)/t_x509.o \
+ $(OBJ_D)/t_pkey.o $(OBJ_D)/p7_i_s.o $(OBJ_D)/p7_signi.o \
+ $(OBJ_D)/p7_signd.o $(OBJ_D)/p7_recip.o $(OBJ_D)/p7_enc_c.o \
+ $(OBJ_D)/p7_evp.o $(OBJ_D)/p7_dgst.o $(OBJ_D)/p7_s_e.o \
+ $(OBJ_D)/p7_enc.o $(OBJ_D)/p7_lib.o $(OBJ_D)/f_int.o \
+ $(OBJ_D)/f_string.o $(OBJ_D)/i2d_dhp.o $(OBJ_D)/i2d_dsap.o \
+ $(OBJ_D)/d2i_dhp.o $(OBJ_D)/d2i_dsap.o $(OBJ_D)/n_pkey.o \
+ $(OBJ_D)/a_hdr.o $(OBJ_D)/x_pkey.o $(OBJ_D)/a_bool.o \
+ $(OBJ_D)/x_exten.o $(OBJ_D)/asn1_par.o $(OBJ_D)/asn1_lib.o \
+ $(OBJ_D)/asn1_err.o $(OBJ_D)/a_meth.o $(OBJ_D)/a_bytes.o \
+ $(OBJ_D)/x509_def.o $(OBJ_D)/x509_d2.o $(OBJ_D)/x509_r2x.o \
+ $(OBJ_D)/x509_cmp.o $(OBJ_D)/x509_obj.o $(OBJ_D)/x509_req.o \
+ $(OBJ_D)/x509_vfy.o $(OBJ_D)/x509_set.o $(OBJ_D)/x509rset.o \
+ $(OBJ_D)/x509_err.o $(OBJ_D)/x509name.o $(OBJ_D)/x509_v3.o \
+ $(OBJ_D)/x509_ext.o $(OBJ_D)/x509pack.o $(OBJ_D)/x509type.o \
+ $(OBJ_D)/x509_lu.o $(OBJ_D)/x_all.o $(OBJ_D)/x509_txt.o \
+ $(OBJ_D)/by_file.o $(OBJ_D)/by_dir.o $(OBJ_D)/v3_net.o \
+ $(OBJ_D)/v3_x509.o $(OBJ_D)/conf.o $(OBJ_D)/conf_err.o \
+ $(OBJ_D)/txt_db.o $(OBJ_D)/pk7_lib.o $(OBJ_D)/pkcs7err.o \
+ $(OBJ_D)/pk7_doit.o
+
+SSLOBJ=$(OBJ_D)/s2_meth.o \
+ $(OBJ_D)/s2_srvr.o $(OBJ_D)/s2_clnt.o $(OBJ_D)/s2_lib.o \
+ $(OBJ_D)/s2_pkt.o $(OBJ_D)/s2_enc.o $(OBJ_D)/s3_meth.o \
+ $(OBJ_D)/s3_srvr.o $(OBJ_D)/s3_clnt.o $(OBJ_D)/s3_lib.o \
+ $(OBJ_D)/s3_pkt.o $(OBJ_D)/s3_enc.o $(OBJ_D)/s3_both.o \
+ $(OBJ_D)/s23_meth.o $(OBJ_D)/s23_srvr.o $(OBJ_D)/s23_clnt.o \
+ $(OBJ_D)/s23_lib.o $(OBJ_D)/s23_pkt.o $(OBJ_D)/ssl_lib.o \
+ $(OBJ_D)/ssl_err2.o $(OBJ_D)/ssl_cert.o $(OBJ_D)/ssl_sess.o \
+ $(OBJ_D)/ssl_ciph.o $(OBJ_D)/ssl_stat.o $(OBJ_D)/ssl_rsa.o \
+ $(OBJ_D)/ssl_asn1.o $(OBJ_D)/ssl_txt.o $(OBJ_D)/ssl_algs.o \
+ $(OBJ_D)/bio_ssl.o $(OBJ_D)/ssl_err.o
+
+RSAGLUEOBJ=$(OBJ_D)/rsaref.o \
+ $(OBJ_D)/rsar_err.o
+
+T_EXE=$(TEST_D)/md2test \
+ $(TEST_D)/md5test $(TEST_D)/shatest $(TEST_D)/sha1test \
+ $(TEST_D)/mdc2test $(TEST_D)/destest $(TEST_D)/rc4test \
+ $(TEST_D)/rc2test $(TEST_D)/ideatest $(TEST_D)/bftest \
+ $(TEST_D)/bntest $(TEST_D)/exptest $(TEST_D)/dsatest \
+ $(TEST_D)/dhtest $(TEST_D)/randtest $(TEST_D)/ssltest
+
+###################################################################
+all: banner $(OUT_D) $(TMP_D) headers lib exe
+
+banner:
+
+
+$(OUT_D):
+ $(MKDIR) $(OUT_D)
+
+$(TMP_D):
+ $(MKDIR) $(TMP_D)
+
+headers: $(HEADER) $(EXHEADER)
+
+lib: $(LIBS_DEP)
+
+exe: $(T_EXE) $(BIN_D)/$(E_EXE)
+
+install:
+ $(MKDIR) $(INSTALLTOP)
+ $(MKDIR) $(INSTALLTOP)/bin
+ $(MKDIR) $(INSTALLTOP)/include
+ $(MKDIR) $(INSTALLTOP)/lib
+ $(CP) $(INC_D)/*.h $(INSTALLTOP)/include
+ $(CP) $(BIN_D)/$(E_EXE) $(INSTALLTOP)/bin
+ $(CP) $(LIB_D)/$(O_SSL) $(INSTALLTOP)/lib
+ $(CP) $(LIB_D)/$(O_CRYPTO) $(INSTALLTOP)/lib
+
+clean:
+ $(RM) $(TMP_D)/*.*
+
+vclean:
+ $(RM) $(TMP_D)/*.*
+ $(RM) $(OUT_D)/*.*
+
+$(INCL_D)/e_os.h: $(SRC_D)/./e_os.h
+ $(CP) $(SRC_D)/./e_os.h $(INCL_D)/e_os.h
+
+$(INCL_D)/cryptlib.h: $(SRC_D)/crypto/cryptlib.h
+ $(CP) $(SRC_D)/crypto/cryptlib.h $(INCL_D)/cryptlib.h
+
+$(INCL_D)/date.h: $(SRC_D)/crypto/date.h
+ $(CP) $(SRC_D)/crypto/date.h $(INCL_D)/date.h
+
+$(INCL_D)/md5_locl.h: $(SRC_D)/crypto/md/md5_locl.h
+ $(CP) $(SRC_D)/crypto/md/md5_locl.h $(INCL_D)/md5_locl.h
+
+$(INCL_D)/sha_locl.h: $(SRC_D)/crypto/sha/sha_locl.h
+ $(CP) $(SRC_D)/crypto/sha/sha_locl.h $(INCL_D)/sha_locl.h
+
+$(INCL_D)/des_locl.h: $(SRC_D)/crypto/des/des_locl.h
+ $(CP) $(SRC_D)/crypto/des/des_locl.h $(INCL_D)/des_locl.h
+
+$(INCL_D)/rpc_des.h: $(SRC_D)/crypto/des/rpc_des.h
+ $(CP) $(SRC_D)/crypto/des/rpc_des.h $(INCL_D)/rpc_des.h
+
+$(INCL_D)/podd.h: $(SRC_D)/crypto/des/podd.h
+ $(CP) $(SRC_D)/crypto/des/podd.h $(INCL_D)/podd.h
+
+$(INCL_D)/sk.h: $(SRC_D)/crypto/des/sk.h
+ $(CP) $(SRC_D)/crypto/des/sk.h $(INCL_D)/sk.h
+
+$(INCL_D)/spr.h: $(SRC_D)/crypto/des/spr.h
+ $(CP) $(SRC_D)/crypto/des/spr.h $(INCL_D)/spr.h
+
+$(INCL_D)/des_ver.h: $(SRC_D)/crypto/des/des_ver.h
+ $(CP) $(SRC_D)/crypto/des/des_ver.h $(INCL_D)/des_ver.h
+
+$(INCL_D)/rc2_locl.h: $(SRC_D)/crypto/rc2/rc2_locl.h
+ $(CP) $(SRC_D)/crypto/rc2/rc2_locl.h $(INCL_D)/rc2_locl.h
+
+$(INCL_D)/idea_lcl.h: $(SRC_D)/crypto/idea/idea_lcl.h
+ $(CP) $(SRC_D)/crypto/idea/idea_lcl.h $(INCL_D)/idea_lcl.h
+
+$(INCL_D)/bf_pi.h: $(SRC_D)/crypto/bf/bf_pi.h
+ $(CP) $(SRC_D)/crypto/bf/bf_pi.h $(INCL_D)/bf_pi.h
+
+$(INCL_D)/bf_locl.h: $(SRC_D)/crypto/bf/bf_locl.h
+ $(CP) $(SRC_D)/crypto/bf/bf_locl.h $(INCL_D)/bf_locl.h
+
+$(INCL_D)/bn_lcl.h: $(SRC_D)/crypto/bn/bn_lcl.h
+ $(CP) $(SRC_D)/crypto/bn/bn_lcl.h $(INCL_D)/bn_lcl.h
+
+$(INCL_D)/bn_prime.h: $(SRC_D)/crypto/bn/bn_prime.h
+ $(CP) $(SRC_D)/crypto/bn/bn_prime.h $(INCL_D)/bn_prime.h
+
+$(INCL_D)/obj_dat.h: $(SRC_D)/crypto/objects/obj_dat.h
+ $(CP) $(SRC_D)/crypto/objects/obj_dat.h $(INCL_D)/obj_dat.h
+
+$(INCL_D)/conf_lcl.h: $(SRC_D)/crypto/conf/conf_lcl.h
+ $(CP) $(SRC_D)/crypto/conf/conf_lcl.h $(INCL_D)/conf_lcl.h
+
+$(INCL_D)/ssl_locl.h: $(SRC_D)/ssl/ssl_locl.h
+ $(CP) $(SRC_D)/ssl/ssl_locl.h $(INCL_D)/ssl_locl.h
+
+$(INCL_D)/rsaref.h: $(SRC_D)/rsaref/rsaref.h
+ $(CP) $(SRC_D)/rsaref/rsaref.h $(INCL_D)/rsaref.h
+
+$(INCL_D)/apps.h: $(SRC_D)/apps/apps.h
+ $(CP) $(SRC_D)/apps/apps.h $(INCL_D)/apps.h
+
+$(INCL_D)/progs.h: $(SRC_D)/apps/progs.h
+ $(CP) $(SRC_D)/apps/progs.h $(INCL_D)/progs.h
+
+$(INCL_D)/s_apps.h: $(SRC_D)/apps/s_apps.h
+ $(CP) $(SRC_D)/apps/s_apps.h $(INCL_D)/s_apps.h
+
+$(INCL_D)/testdsa.h: $(SRC_D)/apps/testdsa.h
+ $(CP) $(SRC_D)/apps/testdsa.h $(INCL_D)/testdsa.h
+
+$(INCL_D)/testrsa.h: $(SRC_D)/apps/testrsa.h
+ $(CP) $(SRC_D)/apps/testrsa.h $(INCL_D)/testrsa.h
+
+$(INC_D)/crypto.h: $(SRC_D)/crypto/crypto.h
+ $(CP) $(SRC_D)/crypto/crypto.h $(INC_D)/crypto.h
+
+$(INC_D)/cryptall.h: $(SRC_D)/crypto/cryptall.h
+ $(CP) $(SRC_D)/crypto/cryptall.h $(INC_D)/cryptall.h
+
+$(INC_D)/md2.h: $(SRC_D)/crypto/md/md2.h
+ $(CP) $(SRC_D)/crypto/md/md2.h $(INC_D)/md2.h
+
+$(INC_D)/md5.h: $(SRC_D)/crypto/md/md5.h
+ $(CP) $(SRC_D)/crypto/md/md5.h $(INC_D)/md5.h
+
+$(INC_D)/sha.h: $(SRC_D)/crypto/sha/sha.h
+ $(CP) $(SRC_D)/crypto/sha/sha.h $(INC_D)/sha.h
+
+$(INC_D)/mdc2.h: $(SRC_D)/crypto/mdc2/mdc2.h
+ $(CP) $(SRC_D)/crypto/mdc2/mdc2.h $(INC_D)/mdc2.h
+
+$(INC_D)/des.h: $(SRC_D)/crypto/des/des.h
+ $(CP) $(SRC_D)/crypto/des/des.h $(INC_D)/des.h
+
+$(INC_D)/rc4.h: $(SRC_D)/crypto/rc4/rc4.h
+ $(CP) $(SRC_D)/crypto/rc4/rc4.h $(INC_D)/rc4.h
+
+$(INC_D)/rc2.h: $(SRC_D)/crypto/rc2/rc2.h
+ $(CP) $(SRC_D)/crypto/rc2/rc2.h $(INC_D)/rc2.h
+
+$(INC_D)/idea.h: $(SRC_D)/crypto/idea/idea.h
+ $(CP) $(SRC_D)/crypto/idea/idea.h $(INC_D)/idea.h
+
+$(INC_D)/blowfish.h: $(SRC_D)/crypto/bf/blowfish.h
+ $(CP) $(SRC_D)/crypto/bf/blowfish.h $(INC_D)/blowfish.h
+
+$(INC_D)/bn.h: $(SRC_D)/crypto/bn/bn.h
+ $(CP) $(SRC_D)/crypto/bn/bn.h $(INC_D)/bn.h
+
+$(INC_D)/rsa.h: $(SRC_D)/crypto/rsa/rsa.h
+ $(CP) $(SRC_D)/crypto/rsa/rsa.h $(INC_D)/rsa.h
+
+$(INC_D)/dsa.h: $(SRC_D)/crypto/dsa/dsa.h
+ $(CP) $(SRC_D)/crypto/dsa/dsa.h $(INC_D)/dsa.h
+
+$(INC_D)/dh.h: $(SRC_D)/crypto/dh/dh.h
+ $(CP) $(SRC_D)/crypto/dh/dh.h $(INC_D)/dh.h
+
+$(INC_D)/buffer.h: $(SRC_D)/crypto/buffer/buffer.h
+ $(CP) $(SRC_D)/crypto/buffer/buffer.h $(INC_D)/buffer.h
+
+$(INC_D)/bio.h: $(SRC_D)/crypto/bio/bio.h
+ $(CP) $(SRC_D)/crypto/bio/bio.h $(INC_D)/bio.h
+
+$(INC_D)/stack.h: $(SRC_D)/crypto/stack/stack.h
+ $(CP) $(SRC_D)/crypto/stack/stack.h $(INC_D)/stack.h
+
+$(INC_D)/lhash.h: $(SRC_D)/crypto/lhash/lhash.h
+ $(CP) $(SRC_D)/crypto/lhash/lhash.h $(INC_D)/lhash.h
+
+$(INC_D)/rand.h: $(SRC_D)/crypto/rand/rand.h
+ $(CP) $(SRC_D)/crypto/rand/rand.h $(INC_D)/rand.h
+
+$(INC_D)/err.h: $(SRC_D)/crypto/err/err.h
+ $(CP) $(SRC_D)/crypto/err/err.h $(INC_D)/err.h
+
+$(INC_D)/objects.h: $(SRC_D)/crypto/objects/objects.h
+ $(CP) $(SRC_D)/crypto/objects/objects.h $(INC_D)/objects.h
+
+$(INC_D)/evp.h: $(SRC_D)/crypto/evp/evp.h
+ $(CP) $(SRC_D)/crypto/evp/evp.h $(INC_D)/evp.h
+
+$(INC_D)/pem.h: $(SRC_D)/crypto/pem/pem.h
+ $(CP) $(SRC_D)/crypto/pem/pem.h $(INC_D)/pem.h
+
+$(INC_D)/asn1.h: $(SRC_D)/crypto/asn1/asn1.h
+ $(CP) $(SRC_D)/crypto/asn1/asn1.h $(INC_D)/asn1.h
+
+$(INC_D)/asn1_mac.h: $(SRC_D)/crypto/asn1/asn1_mac.h
+ $(CP) $(SRC_D)/crypto/asn1/asn1_mac.h $(INC_D)/asn1_mac.h
+
+$(INC_D)/x509.h: $(SRC_D)/crypto/x509/x509.h
+ $(CP) $(SRC_D)/crypto/x509/x509.h $(INC_D)/x509.h
+
+$(INC_D)/x509_vfy.h: $(SRC_D)/crypto/x509/x509_vfy.h
+ $(CP) $(SRC_D)/crypto/x509/x509_vfy.h $(INC_D)/x509_vfy.h
+
+$(INC_D)/conf.h: $(SRC_D)/crypto/conf/conf.h
+ $(CP) $(SRC_D)/crypto/conf/conf.h $(INC_D)/conf.h
+
+$(INC_D)/txt_db.h: $(SRC_D)/crypto/txt_db/txt_db.h
+ $(CP) $(SRC_D)/crypto/txt_db/txt_db.h $(INC_D)/txt_db.h
+
+$(INC_D)/pkcs7.h: $(SRC_D)/crypto/pkcs7/pkcs7.h
+ $(CP) $(SRC_D)/crypto/pkcs7/pkcs7.h $(INC_D)/pkcs7.h
+
+$(INC_D)/ssl.h: $(SRC_D)/ssl/ssl.h
+ $(CP) $(SRC_D)/ssl/ssl.h $(INC_D)/ssl.h
+
+$(INC_D)/ssl2.h: $(SRC_D)/ssl/ssl2.h
+ $(CP) $(SRC_D)/ssl/ssl2.h $(INC_D)/ssl2.h
+
+$(INC_D)/ssl3.h: $(SRC_D)/ssl/ssl3.h
+ $(CP) $(SRC_D)/ssl/ssl3.h $(INC_D)/ssl3.h
+
+$(INC_D)/ssl23.h: $(SRC_D)/ssl/ssl23.h
+ $(CP) $(SRC_D)/ssl/ssl23.h $(INC_D)/ssl23.h
+
+$(OBJ_D)/md2test.o: $(SRC_D)/crypto/md/md2test.c
+ $(CC) -o $(OBJ_D)/md2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/md/md2test.c
+
+$(OBJ_D)/md5test.o: $(SRC_D)/crypto/md/md5test.c
+ $(CC) -o $(OBJ_D)/md5test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/md/md5test.c
+
+$(OBJ_D)/shatest.o: $(SRC_D)/crypto/sha/shatest.c
+ $(CC) -o $(OBJ_D)/shatest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/sha/shatest.c
+
+$(OBJ_D)/sha1test.o: $(SRC_D)/crypto/sha/sha1test.c
+ $(CC) -o $(OBJ_D)/sha1test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/sha/sha1test.c
+
+$(OBJ_D)/mdc2test.o: $(SRC_D)/crypto/mdc2/mdc2test.c
+ $(CC) -o $(OBJ_D)/mdc2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2test.c
+
+$(OBJ_D)/destest.o: $(SRC_D)/crypto/des/destest.c
+ $(CC) -o $(OBJ_D)/destest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/des/destest.c
+
+$(OBJ_D)/rc4test.o: $(SRC_D)/crypto/rc4/rc4test.c
+ $(CC) -o $(OBJ_D)/rc4test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rc4/rc4test.c
+
+$(OBJ_D)/rc2test.o: $(SRC_D)/crypto/rc2/rc2test.c
+ $(CC) -o $(OBJ_D)/rc2test.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2test.c
+
+$(OBJ_D)/ideatest.o: $(SRC_D)/crypto/idea/ideatest.c
+ $(CC) -o $(OBJ_D)/ideatest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/idea/ideatest.c
+
+$(OBJ_D)/bftest.o: $(SRC_D)/crypto/bf/bftest.c
+ $(CC) -o $(OBJ_D)/bftest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/bf/bftest.c
+
+$(OBJ_D)/bntest.o: $(SRC_D)/crypto/bn/bntest.c
+ $(CC) -o $(OBJ_D)/bntest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/bn/bntest.c
+
+$(OBJ_D)/exptest.o: $(SRC_D)/crypto/bn/exptest.c
+ $(CC) -o $(OBJ_D)/exptest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/bn/exptest.c
+
+$(OBJ_D)/dsatest.o: $(SRC_D)/crypto/dsa/dsatest.c
+ $(CC) -o $(OBJ_D)/dsatest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/dsa/dsatest.c
+
+$(OBJ_D)/dhtest.o: $(SRC_D)/crypto/dh/dhtest.c
+ $(CC) -o $(OBJ_D)/dhtest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/dh/dhtest.c
+
+$(OBJ_D)/randtest.o: $(SRC_D)/crypto/rand/randtest.c
+ $(CC) -o $(OBJ_D)/randtest.o $(APP_CFLAGS) -c $(SRC_D)/crypto/rand/randtest.c
+
+$(OBJ_D)/ssltest.o: $(SRC_D)/ssl/ssltest.c
+ $(CC) -o $(OBJ_D)/ssltest.o $(APP_CFLAGS) -c $(SRC_D)/ssl/ssltest.c
+
+$(OBJ_D)/verify.o: $(SRC_D)/apps/verify.c
+ $(CC) -o $(OBJ_D)/verify.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/verify.c
+
+$(OBJ_D)/asn1pars.o: $(SRC_D)/apps/asn1pars.c
+ $(CC) -o $(OBJ_D)/asn1pars.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/asn1pars.c
+
+$(OBJ_D)/req.o: $(SRC_D)/apps/req.c
+ $(CC) -o $(OBJ_D)/req.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/req.c
+
+$(OBJ_D)/dgst.o: $(SRC_D)/apps/dgst.c
+ $(CC) -o $(OBJ_D)/dgst.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/dgst.c
+
+$(OBJ_D)/dh.o: $(SRC_D)/apps/dh.c
+ $(CC) -o $(OBJ_D)/dh.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/dh.c
+
+$(OBJ_D)/enc.o: $(SRC_D)/apps/enc.c
+ $(CC) -o $(OBJ_D)/enc.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/enc.c
+
+$(OBJ_D)/gendh.o: $(SRC_D)/apps/gendh.c
+ $(CC) -o $(OBJ_D)/gendh.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/gendh.c
+
+$(OBJ_D)/errstr.o: $(SRC_D)/apps/errstr.c
+ $(CC) -o $(OBJ_D)/errstr.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/errstr.c
+
+$(OBJ_D)/ca.o: $(SRC_D)/apps/ca.c
+ $(CC) -o $(OBJ_D)/ca.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/ca.c
+
+$(OBJ_D)/gendsa.o: $(SRC_D)/apps/gendsa.c
+ $(CC) -o $(OBJ_D)/gendsa.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/gendsa.c
+
+$(OBJ_D)/pkcs7.o: $(SRC_D)/apps/pkcs7.c
+ $(CC) -o $(OBJ_D)/pkcs7.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/pkcs7.c
+
+$(OBJ_D)/crl2p7.o: $(SRC_D)/apps/crl2p7.c
+ $(CC) -o $(OBJ_D)/crl2p7.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/crl2p7.c
+
+$(OBJ_D)/crl.o: $(SRC_D)/apps/crl.c
+ $(CC) -o $(OBJ_D)/crl.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/crl.c
+
+$(OBJ_D)/rsa.o: $(SRC_D)/apps/rsa.c
+ $(CC) -o $(OBJ_D)/rsa.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/rsa.c
+
+$(OBJ_D)/dsa.o: $(SRC_D)/apps/dsa.c
+ $(CC) -o $(OBJ_D)/dsa.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/dsa.c
+
+$(OBJ_D)/dsaparam.o: $(SRC_D)/apps/dsaparam.c
+ $(CC) -o $(OBJ_D)/dsaparam.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/dsaparam.c
+
+$(OBJ_D)/x509.o: $(SRC_D)/apps/x509.c
+ $(CC) -o $(OBJ_D)/x509.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/x509.c
+
+$(OBJ_D)/genrsa.o: $(SRC_D)/apps/genrsa.c
+ $(CC) -o $(OBJ_D)/genrsa.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/genrsa.c
+
+$(OBJ_D)/s_server.o: $(SRC_D)/apps/s_server.c
+ $(CC) -o $(OBJ_D)/s_server.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/s_server.c
+
+$(OBJ_D)/s_client.o: $(SRC_D)/apps/s_client.c
+ $(CC) -o $(OBJ_D)/s_client.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/s_client.c
+
+$(OBJ_D)/speed.o: $(SRC_D)/apps/speed.c
+ $(CC) -o $(OBJ_D)/speed.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/speed.c
+
+$(OBJ_D)/s_time.o: $(SRC_D)/apps/s_time.c
+ $(CC) -o $(OBJ_D)/s_time.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/s_time.c
+
+$(OBJ_D)/apps.o: $(SRC_D)/apps/apps.c
+ $(CC) -o $(OBJ_D)/apps.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/apps.c
+
+$(OBJ_D)/s_cb.o: $(SRC_D)/apps/s_cb.c
+ $(CC) -o $(OBJ_D)/s_cb.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/s_cb.c
+
+$(OBJ_D)/s_socket.o: $(SRC_D)/apps/s_socket.c
+ $(CC) -o $(OBJ_D)/s_socket.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/s_socket.c
+
+$(OBJ_D)/version.o: $(SRC_D)/apps/version.c
+ $(CC) -o $(OBJ_D)/version.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/version.c
+
+$(OBJ_D)/sess_id.o: $(SRC_D)/apps/sess_id.c
+ $(CC) -o $(OBJ_D)/sess_id.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/sess_id.c
+
+$(OBJ_D)/ciphers.o: $(SRC_D)/apps/ciphers.c
+ $(CC) -o $(OBJ_D)/ciphers.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/ciphers.c
+
+$(OBJ_D)/ssleay.o: $(SRC_D)/apps/ssleay.c
+ $(CC) -o $(OBJ_D)/ssleay.o -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)/apps/ssleay.c
+
+$(OBJ_D)/cryptlib.o: $(SRC_D)/crypto/cryptlib.c
+ $(CC) -o $(OBJ_D)/cryptlib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/cryptlib.c
+
+$(OBJ_D)/mem.o: $(SRC_D)/crypto/mem.c
+ $(CC) -o $(OBJ_D)/mem.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mem.c
+
+$(OBJ_D)/cversion.o: $(SRC_D)/crypto/cversion.c
+ $(CC) -o $(OBJ_D)/cversion.o $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)/crypto/cversion.c
+
+$(OBJ_D)/md2_dgst.o: $(SRC_D)/crypto/md/md2_dgst.c
+ $(CC) -o $(OBJ_D)/md2_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md2_dgst.c
+
+$(OBJ_D)/md5_dgst.o: $(SRC_D)/crypto/md/md5_dgst.c
+ $(CC) -o $(OBJ_D)/md5_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md5_dgst.c
+
+$(OBJ_D)/md2_one.o: $(SRC_D)/crypto/md/md2_one.c
+ $(CC) -o $(OBJ_D)/md2_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md2_one.c
+
+$(OBJ_D)/md5_one.o: $(SRC_D)/crypto/md/md5_one.c
+ $(CC) -o $(OBJ_D)/md5_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/md/md5_one.c
+
+$(OBJ_D)/sha_dgst.o: $(SRC_D)/crypto/sha/sha_dgst.c
+ $(CC) -o $(OBJ_D)/sha_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha_dgst.c
+
+$(OBJ_D)/sha1dgst.o: $(SRC_D)/crypto/sha/sha1dgst.c
+ $(CC) -o $(OBJ_D)/sha1dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha1dgst.c
+
+$(OBJ_D)/sha_one.o: $(SRC_D)/crypto/sha/sha_one.c
+ $(CC) -o $(OBJ_D)/sha_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha_one.c
+
+$(OBJ_D)/sha1_one.o: $(SRC_D)/crypto/sha/sha1_one.c
+ $(CC) -o $(OBJ_D)/sha1_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/sha/sha1_one.c
+
+$(OBJ_D)/mdc2dgst.o: $(SRC_D)/crypto/mdc2/mdc2dgst.c
+ $(CC) -o $(OBJ_D)/mdc2dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2dgst.c
+
+$(OBJ_D)/mdc2_one.o: $(SRC_D)/crypto/mdc2/mdc2_one.c
+ $(CC) -o $(OBJ_D)/mdc2_one.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/mdc2/mdc2_one.c
+
+$(OBJ_D)/set_key.o: $(SRC_D)/crypto/des/set_key.c
+ $(CC) -o $(OBJ_D)/set_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/set_key.c
+
+$(OBJ_D)/ecb_enc.o: $(SRC_D)/crypto/des/ecb_enc.c
+ $(CC) -o $(OBJ_D)/ecb_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ecb_enc.c
+
+$(OBJ_D)/ede_enc.o: $(SRC_D)/crypto/des/ede_enc.c
+ $(CC) -o $(OBJ_D)/ede_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ede_enc.c
+
+$(OBJ_D)/cbc_enc.o: $(SRC_D)/crypto/des/cbc_enc.c
+ $(CC) -o $(OBJ_D)/cbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc_enc.c
+
+$(OBJ_D)/cbc3_enc.o: $(SRC_D)/crypto/des/cbc3_enc.c
+ $(CC) -o $(OBJ_D)/cbc3_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc3_enc.c
+
+$(OBJ_D)/ecb3_enc.o: $(SRC_D)/crypto/des/ecb3_enc.c
+ $(CC) -o $(OBJ_D)/ecb3_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ecb3_enc.c
+
+$(OBJ_D)/cfb64enc.o: $(SRC_D)/crypto/des/cfb64enc.c
+ $(CC) -o $(OBJ_D)/cfb64enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb64enc.c
+
+$(OBJ_D)/cfb64ede.o: $(SRC_D)/crypto/des/cfb64ede.c
+ $(CC) -o $(OBJ_D)/cfb64ede.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb64ede.c
+
+$(OBJ_D)/cfb_enc.o: $(SRC_D)/crypto/des/cfb_enc.c
+ $(CC) -o $(OBJ_D)/cfb_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cfb_enc.c
+
+$(OBJ_D)/ofb64ede.o: $(SRC_D)/crypto/des/ofb64ede.c
+ $(CC) -o $(OBJ_D)/ofb64ede.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb64ede.c
+
+$(OBJ_D)/enc_read.o: $(SRC_D)/crypto/des/enc_read.c
+ $(CC) -o $(OBJ_D)/enc_read.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/enc_read.c
+
+$(OBJ_D)/enc_writ.o: $(SRC_D)/crypto/des/enc_writ.c
+ $(CC) -o $(OBJ_D)/enc_writ.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/enc_writ.c
+
+$(OBJ_D)/ncbc_enc.o: $(SRC_D)/crypto/des/ncbc_enc.c
+ $(CC) -o $(OBJ_D)/ncbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ncbc_enc.c
+
+$(OBJ_D)/ofb64enc.o: $(SRC_D)/crypto/des/ofb64enc.c
+ $(CC) -o $(OBJ_D)/ofb64enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb64enc.c
+
+$(OBJ_D)/ofb_enc.o: $(SRC_D)/crypto/des/ofb_enc.c
+ $(CC) -o $(OBJ_D)/ofb_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/ofb_enc.c
+
+$(OBJ_D)/str2key.o: $(SRC_D)/crypto/des/str2key.c
+ $(CC) -o $(OBJ_D)/str2key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/str2key.c
+
+$(OBJ_D)/pcbc_enc.o: $(SRC_D)/crypto/des/pcbc_enc.c
+ $(CC) -o $(OBJ_D)/pcbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/pcbc_enc.c
+
+$(OBJ_D)/qud_cksm.o: $(SRC_D)/crypto/des/qud_cksm.c
+ $(CC) -o $(OBJ_D)/qud_cksm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/qud_cksm.c
+
+$(OBJ_D)/rand_key.o: $(SRC_D)/crypto/des/rand_key.c
+ $(CC) -o $(OBJ_D)/rand_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/rand_key.c
+
+$(OBJ_D)/des_enc.o: $(SRC_D)/crypto/des/des_enc.c
+ $(CC) -o $(OBJ_D)/des_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/des_enc.c
+
+$(OBJ_D)/fcrypt_b.o: $(SRC_D)/crypto/des/fcrypt_b.c
+ $(CC) -o $(OBJ_D)/fcrypt_b.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/fcrypt_b.c
+
+$(OBJ_D)/read2pwd.o: $(SRC_D)/crypto/des/read2pwd.c
+ $(CC) -o $(OBJ_D)/read2pwd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/read2pwd.c
+
+$(OBJ_D)/fcrypt.o: $(SRC_D)/crypto/des/fcrypt.c
+ $(CC) -o $(OBJ_D)/fcrypt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/fcrypt.c
+
+$(OBJ_D)/xcbc_enc.o: $(SRC_D)/crypto/des/xcbc_enc.c
+ $(CC) -o $(OBJ_D)/xcbc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/xcbc_enc.c
+
+$(OBJ_D)/read_pwd.o: $(SRC_D)/crypto/des/read_pwd.c
+ $(CC) -o $(OBJ_D)/read_pwd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/read_pwd.c
+
+$(OBJ_D)/rpc_enc.o: $(SRC_D)/crypto/des/rpc_enc.c
+ $(CC) -o $(OBJ_D)/rpc_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/rpc_enc.c
+
+$(OBJ_D)/cbc_cksm.o: $(SRC_D)/crypto/des/cbc_cksm.c
+ $(CC) -o $(OBJ_D)/cbc_cksm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/cbc_cksm.c
+
+$(OBJ_D)/supp.o: $(SRC_D)/crypto/des/supp.c
+ $(CC) -o $(OBJ_D)/supp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/des/supp.c
+
+$(OBJ_D)/rc4_enc.o: $(SRC_D)/crypto/rc4/rc4_enc.c
+ $(CC) -o $(OBJ_D)/rc4_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc4/rc4_enc.c
+
+$(OBJ_D)/rc2_ecb.o: $(SRC_D)/crypto/rc2/rc2_ecb.c
+ $(CC) -o $(OBJ_D)/rc2_ecb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_ecb.c
+
+$(OBJ_D)/rc2_skey.o: $(SRC_D)/crypto/rc2/rc2_skey.c
+ $(CC) -o $(OBJ_D)/rc2_skey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_skey.c
+
+$(OBJ_D)/rc2_cbc.o: $(SRC_D)/crypto/rc2/rc2_cbc.c
+ $(CC) -o $(OBJ_D)/rc2_cbc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2_cbc.c
+
+$(OBJ_D)/rc2cfb64.o: $(SRC_D)/crypto/rc2/rc2cfb64.c
+ $(CC) -o $(OBJ_D)/rc2cfb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2cfb64.c
+
+$(OBJ_D)/rc2ofb64.o: $(SRC_D)/crypto/rc2/rc2ofb64.c
+ $(CC) -o $(OBJ_D)/rc2ofb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rc2/rc2ofb64.c
+
+$(OBJ_D)/i_cbc.o: $(SRC_D)/crypto/idea/i_cbc.c
+ $(CC) -o $(OBJ_D)/i_cbc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_cbc.c
+
+$(OBJ_D)/i_cfb64.o: $(SRC_D)/crypto/idea/i_cfb64.c
+ $(CC) -o $(OBJ_D)/i_cfb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_cfb64.c
+
+$(OBJ_D)/i_ofb64.o: $(SRC_D)/crypto/idea/i_ofb64.c
+ $(CC) -o $(OBJ_D)/i_ofb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_ofb64.c
+
+$(OBJ_D)/i_ecb.o: $(SRC_D)/crypto/idea/i_ecb.c
+ $(CC) -o $(OBJ_D)/i_ecb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_ecb.c
+
+$(OBJ_D)/i_skey.o: $(SRC_D)/crypto/idea/i_skey.c
+ $(CC) -o $(OBJ_D)/i_skey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/idea/i_skey.c
+
+$(OBJ_D)/bf_skey.o: $(SRC_D)/crypto/bf/bf_skey.c
+ $(CC) -o $(OBJ_D)/bf_skey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_skey.c
+
+$(OBJ_D)/bf_ecb.o: $(SRC_D)/crypto/bf/bf_ecb.c
+ $(CC) -o $(OBJ_D)/bf_ecb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_ecb.c
+
+$(OBJ_D)/bf_enc.o: $(SRC_D)/crypto/bf/bf_enc.c
+ $(CC) -o $(OBJ_D)/bf_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_enc.c
+
+$(OBJ_D)/bf_cbc.o: $(SRC_D)/crypto/bf/bf_cbc.c
+ $(CC) -o $(OBJ_D)/bf_cbc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_cbc.c
+
+$(OBJ_D)/bf_cfb64.o: $(SRC_D)/crypto/bf/bf_cfb64.c
+ $(CC) -o $(OBJ_D)/bf_cfb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_cfb64.c
+
+$(OBJ_D)/bf_ofb64.o: $(SRC_D)/crypto/bf/bf_ofb64.c
+ $(CC) -o $(OBJ_D)/bf_ofb64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bf/bf_ofb64.c
+
+$(OBJ_D)/bn_add.o: $(SRC_D)/crypto/bn/bn_add.c
+ $(CC) -o $(OBJ_D)/bn_add.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_add.c
+
+$(OBJ_D)/bn_div.o: $(SRC_D)/crypto/bn/bn_div.c
+ $(CC) -o $(OBJ_D)/bn_div.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_div.c
+
+$(OBJ_D)/bn_exp.o: $(SRC_D)/crypto/bn/bn_exp.c
+ $(CC) -o $(OBJ_D)/bn_exp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_exp.c
+
+$(OBJ_D)/bn_lib.o: $(SRC_D)/crypto/bn/bn_lib.c
+ $(CC) -o $(OBJ_D)/bn_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_lib.c
+
+$(OBJ_D)/bn_mod.o: $(SRC_D)/crypto/bn/bn_mod.c
+ $(CC) -o $(OBJ_D)/bn_mod.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mod.c
+
+$(OBJ_D)/bn_mul.o: $(SRC_D)/crypto/bn/bn_mul.c
+ $(CC) -o $(OBJ_D)/bn_mul.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mul.c
+
+$(OBJ_D)/bn_print.o: $(SRC_D)/crypto/bn/bn_print.c
+ $(CC) -o $(OBJ_D)/bn_print.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_print.c
+
+$(OBJ_D)/bn_rand.o: $(SRC_D)/crypto/bn/bn_rand.c
+ $(CC) -o $(OBJ_D)/bn_rand.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_rand.c
+
+$(OBJ_D)/bn_shift.o: $(SRC_D)/crypto/bn/bn_shift.c
+ $(CC) -o $(OBJ_D)/bn_shift.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_shift.c
+
+$(OBJ_D)/bn_sub.o: $(SRC_D)/crypto/bn/bn_sub.c
+ $(CC) -o $(OBJ_D)/bn_sub.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sub.c
+
+$(OBJ_D)/bn_word.o: $(SRC_D)/crypto/bn/bn_word.c
+ $(CC) -o $(OBJ_D)/bn_word.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_word.c
+
+$(OBJ_D)/bn_gcd.o: $(SRC_D)/crypto/bn/bn_gcd.c
+ $(CC) -o $(OBJ_D)/bn_gcd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_gcd.c
+
+$(OBJ_D)/bn_prime.o: $(SRC_D)/crypto/bn/bn_prime.c
+ $(CC) -o $(OBJ_D)/bn_prime.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_prime.c
+
+$(OBJ_D)/bn_err.o: $(SRC_D)/crypto/bn/bn_err.c
+ $(CC) -o $(OBJ_D)/bn_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_err.c
+
+$(OBJ_D)/bn_sqr.o: $(SRC_D)/crypto/bn/bn_sqr.c
+ $(CC) -o $(OBJ_D)/bn_sqr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_sqr.c
+
+$(OBJ_D)/bn_mulw.o: $(SRC_D)/crypto/bn/bn_mulw.c
+ $(CC) -o $(OBJ_D)/bn_mulw.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mulw.c
+
+$(OBJ_D)/bn_recp.o: $(SRC_D)/crypto/bn/bn_recp.c
+ $(CC) -o $(OBJ_D)/bn_recp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_recp.c
+
+$(OBJ_D)/bn_mont.o: $(SRC_D)/crypto/bn/bn_mont.c
+ $(CC) -o $(OBJ_D)/bn_mont.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bn/bn_mont.c
+
+$(OBJ_D)/rsa_enc.o: $(SRC_D)/crypto/rsa/rsa_enc.c
+ $(CC) -o $(OBJ_D)/rsa_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_enc.c
+
+$(OBJ_D)/rsa_gen.o: $(SRC_D)/crypto/rsa/rsa_gen.c
+ $(CC) -o $(OBJ_D)/rsa_gen.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_gen.c
+
+$(OBJ_D)/rsa_lib.o: $(SRC_D)/crypto/rsa/rsa_lib.c
+ $(CC) -o $(OBJ_D)/rsa_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_lib.c
+
+$(OBJ_D)/rsa_sign.o: $(SRC_D)/crypto/rsa/rsa_sign.c
+ $(CC) -o $(OBJ_D)/rsa_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_sign.c
+
+$(OBJ_D)/rsa_saos.o: $(SRC_D)/crypto/rsa/rsa_saos.c
+ $(CC) -o $(OBJ_D)/rsa_saos.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_saos.c
+
+$(OBJ_D)/rsa_err.o: $(SRC_D)/crypto/rsa/rsa_err.c
+ $(CC) -o $(OBJ_D)/rsa_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rsa/rsa_err.c
+
+$(OBJ_D)/dsa_gen.o: $(SRC_D)/crypto/dsa/dsa_gen.c
+ $(CC) -o $(OBJ_D)/dsa_gen.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_gen.c
+
+$(OBJ_D)/dsa_key.o: $(SRC_D)/crypto/dsa/dsa_key.c
+ $(CC) -o $(OBJ_D)/dsa_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_key.c
+
+$(OBJ_D)/dsa_lib.o: $(SRC_D)/crypto/dsa/dsa_lib.c
+ $(CC) -o $(OBJ_D)/dsa_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_lib.c
+
+$(OBJ_D)/dsa_vrf.o: $(SRC_D)/crypto/dsa/dsa_vrf.c
+ $(CC) -o $(OBJ_D)/dsa_vrf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_vrf.c
+
+$(OBJ_D)/dsa_sign.o: $(SRC_D)/crypto/dsa/dsa_sign.c
+ $(CC) -o $(OBJ_D)/dsa_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_sign.c
+
+$(OBJ_D)/dsa_err.o: $(SRC_D)/crypto/dsa/dsa_err.c
+ $(CC) -o $(OBJ_D)/dsa_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dsa/dsa_err.c
+
+$(OBJ_D)/dh_gen.o: $(SRC_D)/crypto/dh/dh_gen.c
+ $(CC) -o $(OBJ_D)/dh_gen.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_gen.c
+
+$(OBJ_D)/dh_key.o: $(SRC_D)/crypto/dh/dh_key.c
+ $(CC) -o $(OBJ_D)/dh_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_key.c
+
+$(OBJ_D)/dh_lib.o: $(SRC_D)/crypto/dh/dh_lib.c
+ $(CC) -o $(OBJ_D)/dh_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_lib.c
+
+$(OBJ_D)/dh_check.o: $(SRC_D)/crypto/dh/dh_check.c
+ $(CC) -o $(OBJ_D)/dh_check.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_check.c
+
+$(OBJ_D)/dh_err.o: $(SRC_D)/crypto/dh/dh_err.c
+ $(CC) -o $(OBJ_D)/dh_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/dh/dh_err.c
+
+$(OBJ_D)/buffer.o: $(SRC_D)/crypto/buffer/buffer.c
+ $(CC) -o $(OBJ_D)/buffer.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/buffer/buffer.c
+
+$(OBJ_D)/buf_err.o: $(SRC_D)/crypto/buffer/buf_err.c
+ $(CC) -o $(OBJ_D)/buf_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/buffer/buf_err.c
+
+$(OBJ_D)/bio_lib.o: $(SRC_D)/crypto/bio/bio_lib.c
+ $(CC) -o $(OBJ_D)/bio_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_lib.c
+
+$(OBJ_D)/bio_cb.o: $(SRC_D)/crypto/bio/bio_cb.c
+ $(CC) -o $(OBJ_D)/bio_cb.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_cb.c
+
+$(OBJ_D)/bio_err.o: $(SRC_D)/crypto/bio/bio_err.c
+ $(CC) -o $(OBJ_D)/bio_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bio_err.c
+
+$(OBJ_D)/bss_mem.o: $(SRC_D)/crypto/bio/bss_mem.c
+ $(CC) -o $(OBJ_D)/bss_mem.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_mem.c
+
+$(OBJ_D)/bss_null.o: $(SRC_D)/crypto/bio/bss_null.c
+ $(CC) -o $(OBJ_D)/bss_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_null.c
+
+$(OBJ_D)/bss_fd.o: $(SRC_D)/crypto/bio/bss_fd.c
+ $(CC) -o $(OBJ_D)/bss_fd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_fd.c
+
+$(OBJ_D)/bss_file.o: $(SRC_D)/crypto/bio/bss_file.c
+ $(CC) -o $(OBJ_D)/bss_file.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_file.c
+
+$(OBJ_D)/bss_sock.o: $(SRC_D)/crypto/bio/bss_sock.c
+ $(CC) -o $(OBJ_D)/bss_sock.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_sock.c
+
+$(OBJ_D)/bss_conn.o: $(SRC_D)/crypto/bio/bss_conn.c
+ $(CC) -o $(OBJ_D)/bss_conn.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_conn.c
+
+$(OBJ_D)/bf_null.o: $(SRC_D)/crypto/bio/bf_null.c
+ $(CC) -o $(OBJ_D)/bf_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_null.c
+
+$(OBJ_D)/bf_buff.o: $(SRC_D)/crypto/bio/bf_buff.c
+ $(CC) -o $(OBJ_D)/bf_buff.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_buff.c
+
+$(OBJ_D)/b_print.o: $(SRC_D)/crypto/bio/b_print.c
+ $(CC) -o $(OBJ_D)/b_print.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_print.c
+
+$(OBJ_D)/b_dump.o: $(SRC_D)/crypto/bio/b_dump.c
+ $(CC) -o $(OBJ_D)/b_dump.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_dump.c
+
+$(OBJ_D)/b_sock.o: $(SRC_D)/crypto/bio/b_sock.c
+ $(CC) -o $(OBJ_D)/b_sock.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/b_sock.c
+
+$(OBJ_D)/bss_acpt.o: $(SRC_D)/crypto/bio/bss_acpt.c
+ $(CC) -o $(OBJ_D)/bss_acpt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bss_acpt.c
+
+$(OBJ_D)/bf_nbio.o: $(SRC_D)/crypto/bio/bf_nbio.c
+ $(CC) -o $(OBJ_D)/bf_nbio.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/bio/bf_nbio.c
+
+$(OBJ_D)/stack.o: $(SRC_D)/crypto/stack/stack.c
+ $(CC) -o $(OBJ_D)/stack.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/stack/stack.c
+
+$(OBJ_D)/lhash.o: $(SRC_D)/crypto/lhash/lhash.c
+ $(CC) -o $(OBJ_D)/lhash.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/lhash/lhash.c
+
+$(OBJ_D)/lh_stats.o: $(SRC_D)/crypto/lhash/lh_stats.c
+ $(CC) -o $(OBJ_D)/lh_stats.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/lhash/lh_stats.c
+
+$(OBJ_D)/md_rand.o: $(SRC_D)/crypto/rand/md_rand.c
+ $(CC) -o $(OBJ_D)/md_rand.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/md_rand.c
+
+$(OBJ_D)/randfile.o: $(SRC_D)/crypto/rand/randfile.c
+ $(CC) -o $(OBJ_D)/randfile.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/rand/randfile.c
+
+$(OBJ_D)/err.o: $(SRC_D)/crypto/err/err.c
+ $(CC) -o $(OBJ_D)/err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err.c
+
+$(OBJ_D)/err_all.o: $(SRC_D)/crypto/err/err_all.c
+ $(CC) -o $(OBJ_D)/err_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_all.c
+
+$(OBJ_D)/err_prn.o: $(SRC_D)/crypto/err/err_prn.c
+ $(CC) -o $(OBJ_D)/err_prn.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/err/err_prn.c
+
+$(OBJ_D)/obj_dat.o: $(SRC_D)/crypto/objects/obj_dat.c
+ $(CC) -o $(OBJ_D)/obj_dat.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_dat.c
+
+$(OBJ_D)/obj_lib.o: $(SRC_D)/crypto/objects/obj_lib.c
+ $(CC) -o $(OBJ_D)/obj_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_lib.c
+
+$(OBJ_D)/obj_err.o: $(SRC_D)/crypto/objects/obj_err.c
+ $(CC) -o $(OBJ_D)/obj_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/objects/obj_err.c
+
+$(OBJ_D)/encode.o: $(SRC_D)/crypto/evp/encode.c
+ $(CC) -o $(OBJ_D)/encode.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/encode.c
+
+$(OBJ_D)/digest.o: $(SRC_D)/crypto/evp/digest.c
+ $(CC) -o $(OBJ_D)/digest.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/digest.c
+
+$(OBJ_D)/evp_enc.o: $(SRC_D)/crypto/evp/evp_enc.c
+ $(CC) -o $(OBJ_D)/evp_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_enc.c
+
+$(OBJ_D)/evp_key.o: $(SRC_D)/crypto/evp/evp_key.c
+ $(CC) -o $(OBJ_D)/evp_key.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_key.c
+
+$(OBJ_D)/e_ecb_d.o: $(SRC_D)/crypto/evp/e_ecb_d.c
+ $(CC) -o $(OBJ_D)/e_ecb_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_d.c
+
+$(OBJ_D)/e_cbc_d.o: $(SRC_D)/crypto/evp/e_cbc_d.c
+ $(CC) -o $(OBJ_D)/e_cbc_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_d.c
+
+$(OBJ_D)/e_cfb_d.o: $(SRC_D)/crypto/evp/e_cfb_d.c
+ $(CC) -o $(OBJ_D)/e_cfb_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_d.c
+
+$(OBJ_D)/e_ofb_d.o: $(SRC_D)/crypto/evp/e_ofb_d.c
+ $(CC) -o $(OBJ_D)/e_ofb_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_d.c
+
+$(OBJ_D)/e_ecb_i.o: $(SRC_D)/crypto/evp/e_ecb_i.c
+ $(CC) -o $(OBJ_D)/e_ecb_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_i.c
+
+$(OBJ_D)/e_cbc_i.o: $(SRC_D)/crypto/evp/e_cbc_i.c
+ $(CC) -o $(OBJ_D)/e_cbc_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_i.c
+
+$(OBJ_D)/e_cfb_i.o: $(SRC_D)/crypto/evp/e_cfb_i.c
+ $(CC) -o $(OBJ_D)/e_cfb_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_i.c
+
+$(OBJ_D)/e_ofb_i.o: $(SRC_D)/crypto/evp/e_ofb_i.c
+ $(CC) -o $(OBJ_D)/e_ofb_i.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_i.c
+
+$(OBJ_D)/e_ecb_3d.o: $(SRC_D)/crypto/evp/e_ecb_3d.c
+ $(CC) -o $(OBJ_D)/e_ecb_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_3d.c
+
+$(OBJ_D)/e_cbc_3d.o: $(SRC_D)/crypto/evp/e_cbc_3d.c
+ $(CC) -o $(OBJ_D)/e_cbc_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_3d.c
+
+$(OBJ_D)/e_rc4.o: $(SRC_D)/crypto/evp/e_rc4.c
+ $(CC) -o $(OBJ_D)/e_rc4.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_rc4.c
+
+$(OBJ_D)/names.o: $(SRC_D)/crypto/evp/names.c
+ $(CC) -o $(OBJ_D)/names.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/names.c
+
+$(OBJ_D)/e_cfb_3d.o: $(SRC_D)/crypto/evp/e_cfb_3d.c
+ $(CC) -o $(OBJ_D)/e_cfb_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_3d.c
+
+$(OBJ_D)/e_ofb_3d.o: $(SRC_D)/crypto/evp/e_ofb_3d.c
+ $(CC) -o $(OBJ_D)/e_ofb_3d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_3d.c
+
+$(OBJ_D)/e_xcbc_d.o: $(SRC_D)/crypto/evp/e_xcbc_d.c
+ $(CC) -o $(OBJ_D)/e_xcbc_d.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_xcbc_d.c
+
+$(OBJ_D)/e_ecb_r2.o: $(SRC_D)/crypto/evp/e_ecb_r2.c
+ $(CC) -o $(OBJ_D)/e_ecb_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_r2.c
+
+$(OBJ_D)/e_cbc_r2.o: $(SRC_D)/crypto/evp/e_cbc_r2.c
+ $(CC) -o $(OBJ_D)/e_cbc_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_r2.c
+
+$(OBJ_D)/e_cfb_r2.o: $(SRC_D)/crypto/evp/e_cfb_r2.c
+ $(CC) -o $(OBJ_D)/e_cfb_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_r2.c
+
+$(OBJ_D)/e_ofb_r2.o: $(SRC_D)/crypto/evp/e_ofb_r2.c
+ $(CC) -o $(OBJ_D)/e_ofb_r2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_r2.c
+
+$(OBJ_D)/e_ecb_bf.o: $(SRC_D)/crypto/evp/e_ecb_bf.c
+ $(CC) -o $(OBJ_D)/e_ecb_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ecb_bf.c
+
+$(OBJ_D)/e_cbc_bf.o: $(SRC_D)/crypto/evp/e_cbc_bf.c
+ $(CC) -o $(OBJ_D)/e_cbc_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cbc_bf.c
+
+$(OBJ_D)/e_cfb_bf.o: $(SRC_D)/crypto/evp/e_cfb_bf.c
+ $(CC) -o $(OBJ_D)/e_cfb_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_cfb_bf.c
+
+$(OBJ_D)/e_ofb_bf.o: $(SRC_D)/crypto/evp/e_ofb_bf.c
+ $(CC) -o $(OBJ_D)/e_ofb_bf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_ofb_bf.c
+
+$(OBJ_D)/m_null.o: $(SRC_D)/crypto/evp/m_null.c
+ $(CC) -o $(OBJ_D)/m_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_null.c
+
+$(OBJ_D)/m_md2.o: $(SRC_D)/crypto/evp/m_md2.c
+ $(CC) -o $(OBJ_D)/m_md2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_md2.c
+
+$(OBJ_D)/m_md5.o: $(SRC_D)/crypto/evp/m_md5.c
+ $(CC) -o $(OBJ_D)/m_md5.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_md5.c
+
+$(OBJ_D)/m_sha.o: $(SRC_D)/crypto/evp/m_sha.c
+ $(CC) -o $(OBJ_D)/m_sha.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_sha.c
+
+$(OBJ_D)/m_sha1.o: $(SRC_D)/crypto/evp/m_sha1.c
+ $(CC) -o $(OBJ_D)/m_sha1.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_sha1.c
+
+$(OBJ_D)/m_dss.o: $(SRC_D)/crypto/evp/m_dss.c
+ $(CC) -o $(OBJ_D)/m_dss.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_dss.c
+
+$(OBJ_D)/m_dss1.o: $(SRC_D)/crypto/evp/m_dss1.c
+ $(CC) -o $(OBJ_D)/m_dss1.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_dss1.c
+
+$(OBJ_D)/m_mdc2.o: $(SRC_D)/crypto/evp/m_mdc2.c
+ $(CC) -o $(OBJ_D)/m_mdc2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/m_mdc2.c
+
+$(OBJ_D)/p_open.o: $(SRC_D)/crypto/evp/p_open.c
+ $(CC) -o $(OBJ_D)/p_open.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_open.c
+
+$(OBJ_D)/p_seal.o: $(SRC_D)/crypto/evp/p_seal.c
+ $(CC) -o $(OBJ_D)/p_seal.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_seal.c
+
+$(OBJ_D)/p_sign.o: $(SRC_D)/crypto/evp/p_sign.c
+ $(CC) -o $(OBJ_D)/p_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_sign.c
+
+$(OBJ_D)/p_verify.o: $(SRC_D)/crypto/evp/p_verify.c
+ $(CC) -o $(OBJ_D)/p_verify.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_verify.c
+
+$(OBJ_D)/p_lib.o: $(SRC_D)/crypto/evp/p_lib.c
+ $(CC) -o $(OBJ_D)/p_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/p_lib.c
+
+$(OBJ_D)/bio_md.o: $(SRC_D)/crypto/evp/bio_md.c
+ $(CC) -o $(OBJ_D)/bio_md.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_md.c
+
+$(OBJ_D)/bio_b64.o: $(SRC_D)/crypto/evp/bio_b64.c
+ $(CC) -o $(OBJ_D)/bio_b64.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_b64.c
+
+$(OBJ_D)/bio_enc.o: $(SRC_D)/crypto/evp/bio_enc.c
+ $(CC) -o $(OBJ_D)/bio_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/bio_enc.c
+
+$(OBJ_D)/evp_err.o: $(SRC_D)/crypto/evp/evp_err.c
+ $(CC) -o $(OBJ_D)/evp_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/evp_err.c
+
+$(OBJ_D)/e_null.o: $(SRC_D)/crypto/evp/e_null.c
+ $(CC) -o $(OBJ_D)/e_null.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/e_null.c
+
+$(OBJ_D)/c_all.o: $(SRC_D)/crypto/evp/c_all.c
+ $(CC) -o $(OBJ_D)/c_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/evp/c_all.c
+
+$(OBJ_D)/pem_sign.o: $(SRC_D)/crypto/pem/pem_sign.c
+ $(CC) -o $(OBJ_D)/pem_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_sign.c
+
+$(OBJ_D)/pem_seal.o: $(SRC_D)/crypto/pem/pem_seal.c
+ $(CC) -o $(OBJ_D)/pem_seal.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_seal.c
+
+$(OBJ_D)/pem_info.o: $(SRC_D)/crypto/pem/pem_info.c
+ $(CC) -o $(OBJ_D)/pem_info.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_info.c
+
+$(OBJ_D)/pem_lib.o: $(SRC_D)/crypto/pem/pem_lib.c
+ $(CC) -o $(OBJ_D)/pem_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_lib.c
+
+$(OBJ_D)/pem_all.o: $(SRC_D)/crypto/pem/pem_all.c
+ $(CC) -o $(OBJ_D)/pem_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_all.c
+
+$(OBJ_D)/pem_err.o: $(SRC_D)/crypto/pem/pem_err.c
+ $(CC) -o $(OBJ_D)/pem_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pem/pem_err.c
+
+$(OBJ_D)/a_object.o: $(SRC_D)/crypto/asn1/a_object.c
+ $(CC) -o $(OBJ_D)/a_object.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_object.c
+
+$(OBJ_D)/a_bitstr.o: $(SRC_D)/crypto/asn1/a_bitstr.c
+ $(CC) -o $(OBJ_D)/a_bitstr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bitstr.c
+
+$(OBJ_D)/a_utctm.o: $(SRC_D)/crypto/asn1/a_utctm.c
+ $(CC) -o $(OBJ_D)/a_utctm.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_utctm.c
+
+$(OBJ_D)/a_int.o: $(SRC_D)/crypto/asn1/a_int.c
+ $(CC) -o $(OBJ_D)/a_int.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_int.c
+
+$(OBJ_D)/a_octet.o: $(SRC_D)/crypto/asn1/a_octet.c
+ $(CC) -o $(OBJ_D)/a_octet.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_octet.c
+
+$(OBJ_D)/a_print.o: $(SRC_D)/crypto/asn1/a_print.c
+ $(CC) -o $(OBJ_D)/a_print.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_print.c
+
+$(OBJ_D)/a_type.o: $(SRC_D)/crypto/asn1/a_type.c
+ $(CC) -o $(OBJ_D)/a_type.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_type.c
+
+$(OBJ_D)/a_set.o: $(SRC_D)/crypto/asn1/a_set.c
+ $(CC) -o $(OBJ_D)/a_set.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_set.c
+
+$(OBJ_D)/a_dup.o: $(SRC_D)/crypto/asn1/a_dup.c
+ $(CC) -o $(OBJ_D)/a_dup.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_dup.c
+
+$(OBJ_D)/a_d2i_fp.o: $(SRC_D)/crypto/asn1/a_d2i_fp.c
+ $(CC) -o $(OBJ_D)/a_d2i_fp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_d2i_fp.c
+
+$(OBJ_D)/a_i2d_fp.o: $(SRC_D)/crypto/asn1/a_i2d_fp.c
+ $(CC) -o $(OBJ_D)/a_i2d_fp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_i2d_fp.c
+
+$(OBJ_D)/a_sign.o: $(SRC_D)/crypto/asn1/a_sign.c
+ $(CC) -o $(OBJ_D)/a_sign.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_sign.c
+
+$(OBJ_D)/a_digest.o: $(SRC_D)/crypto/asn1/a_digest.c
+ $(CC) -o $(OBJ_D)/a_digest.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_digest.c
+
+$(OBJ_D)/a_verify.o: $(SRC_D)/crypto/asn1/a_verify.c
+ $(CC) -o $(OBJ_D)/a_verify.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_verify.c
+
+$(OBJ_D)/x_algor.o: $(SRC_D)/crypto/asn1/x_algor.c
+ $(CC) -o $(OBJ_D)/x_algor.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_algor.c
+
+$(OBJ_D)/x_val.o: $(SRC_D)/crypto/asn1/x_val.c
+ $(CC) -o $(OBJ_D)/x_val.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_val.c
+
+$(OBJ_D)/x_pubkey.o: $(SRC_D)/crypto/asn1/x_pubkey.c
+ $(CC) -o $(OBJ_D)/x_pubkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_pubkey.c
+
+$(OBJ_D)/x_sig.o: $(SRC_D)/crypto/asn1/x_sig.c
+ $(CC) -o $(OBJ_D)/x_sig.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_sig.c
+
+$(OBJ_D)/x_req.o: $(SRC_D)/crypto/asn1/x_req.c
+ $(CC) -o $(OBJ_D)/x_req.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_req.c
+
+$(OBJ_D)/x_attrib.o: $(SRC_D)/crypto/asn1/x_attrib.c
+ $(CC) -o $(OBJ_D)/x_attrib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_attrib.c
+
+$(OBJ_D)/x_name.o: $(SRC_D)/crypto/asn1/x_name.c
+ $(CC) -o $(OBJ_D)/x_name.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_name.c
+
+$(OBJ_D)/x_cinf.o: $(SRC_D)/crypto/asn1/x_cinf.c
+ $(CC) -o $(OBJ_D)/x_cinf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_cinf.c
+
+$(OBJ_D)/x_x509.o: $(SRC_D)/crypto/asn1/x_x509.c
+ $(CC) -o $(OBJ_D)/x_x509.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_x509.c
+
+$(OBJ_D)/x_crl.o: $(SRC_D)/crypto/asn1/x_crl.c
+ $(CC) -o $(OBJ_D)/x_crl.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_crl.c
+
+$(OBJ_D)/x_info.o: $(SRC_D)/crypto/asn1/x_info.c
+ $(CC) -o $(OBJ_D)/x_info.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_info.c
+
+$(OBJ_D)/x_spki.o: $(SRC_D)/crypto/asn1/x_spki.c
+ $(CC) -o $(OBJ_D)/x_spki.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_spki.c
+
+$(OBJ_D)/d2i_r_pr.o: $(SRC_D)/crypto/asn1/d2i_r_pr.c
+ $(CC) -o $(OBJ_D)/d2i_r_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_r_pr.c
+
+$(OBJ_D)/i2d_r_pr.o: $(SRC_D)/crypto/asn1/i2d_r_pr.c
+ $(CC) -o $(OBJ_D)/i2d_r_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_r_pr.c
+
+$(OBJ_D)/d2i_r_pu.o: $(SRC_D)/crypto/asn1/d2i_r_pu.c
+ $(CC) -o $(OBJ_D)/d2i_r_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_r_pu.c
+
+$(OBJ_D)/i2d_r_pu.o: $(SRC_D)/crypto/asn1/i2d_r_pu.c
+ $(CC) -o $(OBJ_D)/i2d_r_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_r_pu.c
+
+$(OBJ_D)/d2i_s_pr.o: $(SRC_D)/crypto/asn1/d2i_s_pr.c
+ $(CC) -o $(OBJ_D)/d2i_s_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_s_pr.c
+
+$(OBJ_D)/i2d_s_pr.o: $(SRC_D)/crypto/asn1/i2d_s_pr.c
+ $(CC) -o $(OBJ_D)/i2d_s_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_s_pr.c
+
+$(OBJ_D)/d2i_s_pu.o: $(SRC_D)/crypto/asn1/d2i_s_pu.c
+ $(CC) -o $(OBJ_D)/d2i_s_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_s_pu.c
+
+$(OBJ_D)/i2d_s_pu.o: $(SRC_D)/crypto/asn1/i2d_s_pu.c
+ $(CC) -o $(OBJ_D)/i2d_s_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_s_pu.c
+
+$(OBJ_D)/d2i_pu.o: $(SRC_D)/crypto/asn1/d2i_pu.c
+ $(CC) -o $(OBJ_D)/d2i_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_pu.c
+
+$(OBJ_D)/d2i_pr.o: $(SRC_D)/crypto/asn1/d2i_pr.c
+ $(CC) -o $(OBJ_D)/d2i_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_pr.c
+
+$(OBJ_D)/i2d_pu.o: $(SRC_D)/crypto/asn1/i2d_pu.c
+ $(CC) -o $(OBJ_D)/i2d_pu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_pu.c
+
+$(OBJ_D)/i2d_pr.o: $(SRC_D)/crypto/asn1/i2d_pr.c
+ $(CC) -o $(OBJ_D)/i2d_pr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_pr.c
+
+$(OBJ_D)/t_req.o: $(SRC_D)/crypto/asn1/t_req.c
+ $(CC) -o $(OBJ_D)/t_req.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_req.c
+
+$(OBJ_D)/t_x509.o: $(SRC_D)/crypto/asn1/t_x509.c
+ $(CC) -o $(OBJ_D)/t_x509.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_x509.c
+
+$(OBJ_D)/t_pkey.o: $(SRC_D)/crypto/asn1/t_pkey.c
+ $(CC) -o $(OBJ_D)/t_pkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/t_pkey.c
+
+$(OBJ_D)/p7_i_s.o: $(SRC_D)/crypto/asn1/p7_i_s.c
+ $(CC) -o $(OBJ_D)/p7_i_s.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_i_s.c
+
+$(OBJ_D)/p7_signi.o: $(SRC_D)/crypto/asn1/p7_signi.c
+ $(CC) -o $(OBJ_D)/p7_signi.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_signi.c
+
+$(OBJ_D)/p7_signd.o: $(SRC_D)/crypto/asn1/p7_signd.c
+ $(CC) -o $(OBJ_D)/p7_signd.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_signd.c
+
+$(OBJ_D)/p7_recip.o: $(SRC_D)/crypto/asn1/p7_recip.c
+ $(CC) -o $(OBJ_D)/p7_recip.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_recip.c
+
+$(OBJ_D)/p7_enc_c.o: $(SRC_D)/crypto/asn1/p7_enc_c.c
+ $(CC) -o $(OBJ_D)/p7_enc_c.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_enc_c.c
+
+$(OBJ_D)/p7_evp.o: $(SRC_D)/crypto/asn1/p7_evp.c
+ $(CC) -o $(OBJ_D)/p7_evp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_evp.c
+
+$(OBJ_D)/p7_dgst.o: $(SRC_D)/crypto/asn1/p7_dgst.c
+ $(CC) -o $(OBJ_D)/p7_dgst.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_dgst.c
+
+$(OBJ_D)/p7_s_e.o: $(SRC_D)/crypto/asn1/p7_s_e.c
+ $(CC) -o $(OBJ_D)/p7_s_e.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_s_e.c
+
+$(OBJ_D)/p7_enc.o: $(SRC_D)/crypto/asn1/p7_enc.c
+ $(CC) -o $(OBJ_D)/p7_enc.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_enc.c
+
+$(OBJ_D)/p7_lib.o: $(SRC_D)/crypto/asn1/p7_lib.c
+ $(CC) -o $(OBJ_D)/p7_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/p7_lib.c
+
+$(OBJ_D)/f_int.o: $(SRC_D)/crypto/asn1/f_int.c
+ $(CC) -o $(OBJ_D)/f_int.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/f_int.c
+
+$(OBJ_D)/f_string.o: $(SRC_D)/crypto/asn1/f_string.c
+ $(CC) -o $(OBJ_D)/f_string.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/f_string.c
+
+$(OBJ_D)/i2d_dhp.o: $(SRC_D)/crypto/asn1/i2d_dhp.c
+ $(CC) -o $(OBJ_D)/i2d_dhp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_dhp.c
+
+$(OBJ_D)/i2d_dsap.o: $(SRC_D)/crypto/asn1/i2d_dsap.c
+ $(CC) -o $(OBJ_D)/i2d_dsap.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/i2d_dsap.c
+
+$(OBJ_D)/d2i_dhp.o: $(SRC_D)/crypto/asn1/d2i_dhp.c
+ $(CC) -o $(OBJ_D)/d2i_dhp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_dhp.c
+
+$(OBJ_D)/d2i_dsap.o: $(SRC_D)/crypto/asn1/d2i_dsap.c
+ $(CC) -o $(OBJ_D)/d2i_dsap.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/d2i_dsap.c
+
+$(OBJ_D)/n_pkey.o: $(SRC_D)/crypto/asn1/n_pkey.c
+ $(CC) -o $(OBJ_D)/n_pkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/n_pkey.c
+
+$(OBJ_D)/a_hdr.o: $(SRC_D)/crypto/asn1/a_hdr.c
+ $(CC) -o $(OBJ_D)/a_hdr.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_hdr.c
+
+$(OBJ_D)/x_pkey.o: $(SRC_D)/crypto/asn1/x_pkey.c
+ $(CC) -o $(OBJ_D)/x_pkey.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_pkey.c
+
+$(OBJ_D)/a_bool.o: $(SRC_D)/crypto/asn1/a_bool.c
+ $(CC) -o $(OBJ_D)/a_bool.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bool.c
+
+$(OBJ_D)/x_exten.o: $(SRC_D)/crypto/asn1/x_exten.c
+ $(CC) -o $(OBJ_D)/x_exten.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/x_exten.c
+
+$(OBJ_D)/asn1_par.o: $(SRC_D)/crypto/asn1/asn1_par.c
+ $(CC) -o $(OBJ_D)/asn1_par.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_par.c
+
+$(OBJ_D)/asn1_lib.o: $(SRC_D)/crypto/asn1/asn1_lib.c
+ $(CC) -o $(OBJ_D)/asn1_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_lib.c
+
+$(OBJ_D)/asn1_err.o: $(SRC_D)/crypto/asn1/asn1_err.c
+ $(CC) -o $(OBJ_D)/asn1_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/asn1_err.c
+
+$(OBJ_D)/a_meth.o: $(SRC_D)/crypto/asn1/a_meth.c
+ $(CC) -o $(OBJ_D)/a_meth.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_meth.c
+
+$(OBJ_D)/a_bytes.o: $(SRC_D)/crypto/asn1/a_bytes.c
+ $(CC) -o $(OBJ_D)/a_bytes.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/asn1/a_bytes.c
+
+$(OBJ_D)/x509_def.o: $(SRC_D)/crypto/x509/x509_def.c
+ $(CC) -o $(OBJ_D)/x509_def.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_def.c
+
+$(OBJ_D)/x509_d2.o: $(SRC_D)/crypto/x509/x509_d2.c
+ $(CC) -o $(OBJ_D)/x509_d2.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_d2.c
+
+$(OBJ_D)/x509_r2x.o: $(SRC_D)/crypto/x509/x509_r2x.c
+ $(CC) -o $(OBJ_D)/x509_r2x.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_r2x.c
+
+$(OBJ_D)/x509_cmp.o: $(SRC_D)/crypto/x509/x509_cmp.c
+ $(CC) -o $(OBJ_D)/x509_cmp.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_cmp.c
+
+$(OBJ_D)/x509_obj.o: $(SRC_D)/crypto/x509/x509_obj.c
+ $(CC) -o $(OBJ_D)/x509_obj.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_obj.c
+
+$(OBJ_D)/x509_req.o: $(SRC_D)/crypto/x509/x509_req.c
+ $(CC) -o $(OBJ_D)/x509_req.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_req.c
+
+$(OBJ_D)/x509_vfy.o: $(SRC_D)/crypto/x509/x509_vfy.c
+ $(CC) -o $(OBJ_D)/x509_vfy.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_vfy.c
+
+$(OBJ_D)/x509_set.o: $(SRC_D)/crypto/x509/x509_set.c
+ $(CC) -o $(OBJ_D)/x509_set.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_set.c
+
+$(OBJ_D)/x509rset.o: $(SRC_D)/crypto/x509/x509rset.c
+ $(CC) -o $(OBJ_D)/x509rset.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509rset.c
+
+$(OBJ_D)/x509_err.o: $(SRC_D)/crypto/x509/x509_err.c
+ $(CC) -o $(OBJ_D)/x509_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_err.c
+
+$(OBJ_D)/x509name.o: $(SRC_D)/crypto/x509/x509name.c
+ $(CC) -o $(OBJ_D)/x509name.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509name.c
+
+$(OBJ_D)/x509_v3.o: $(SRC_D)/crypto/x509/x509_v3.c
+ $(CC) -o $(OBJ_D)/x509_v3.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_v3.c
+
+$(OBJ_D)/x509_ext.o: $(SRC_D)/crypto/x509/x509_ext.c
+ $(CC) -o $(OBJ_D)/x509_ext.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_ext.c
+
+$(OBJ_D)/x509pack.o: $(SRC_D)/crypto/x509/x509pack.c
+ $(CC) -o $(OBJ_D)/x509pack.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509pack.c
+
+$(OBJ_D)/x509type.o: $(SRC_D)/crypto/x509/x509type.c
+ $(CC) -o $(OBJ_D)/x509type.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509type.c
+
+$(OBJ_D)/x509_lu.o: $(SRC_D)/crypto/x509/x509_lu.c
+ $(CC) -o $(OBJ_D)/x509_lu.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_lu.c
+
+$(OBJ_D)/x_all.o: $(SRC_D)/crypto/x509/x_all.c
+ $(CC) -o $(OBJ_D)/x_all.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x_all.c
+
+$(OBJ_D)/x509_txt.o: $(SRC_D)/crypto/x509/x509_txt.c
+ $(CC) -o $(OBJ_D)/x509_txt.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/x509_txt.c
+
+$(OBJ_D)/by_file.o: $(SRC_D)/crypto/x509/by_file.c
+ $(CC) -o $(OBJ_D)/by_file.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/by_file.c
+
+$(OBJ_D)/by_dir.o: $(SRC_D)/crypto/x509/by_dir.c
+ $(CC) -o $(OBJ_D)/by_dir.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/by_dir.c
+
+$(OBJ_D)/v3_net.o: $(SRC_D)/crypto/x509/v3_net.c
+ $(CC) -o $(OBJ_D)/v3_net.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/v3_net.c
+
+$(OBJ_D)/v3_x509.o: $(SRC_D)/crypto/x509/v3_x509.c
+ $(CC) -o $(OBJ_D)/v3_x509.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/x509/v3_x509.c
+
+$(OBJ_D)/conf.o: $(SRC_D)/crypto/conf/conf.c
+ $(CC) -o $(OBJ_D)/conf.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/conf/conf.c
+
+$(OBJ_D)/conf_err.o: $(SRC_D)/crypto/conf/conf_err.c
+ $(CC) -o $(OBJ_D)/conf_err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/conf/conf_err.c
+
+$(OBJ_D)/txt_db.o: $(SRC_D)/crypto/txt_db/txt_db.c
+ $(CC) -o $(OBJ_D)/txt_db.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/txt_db/txt_db.c
+
+$(OBJ_D)/pk7_lib.o: $(SRC_D)/crypto/pkcs7/pk7_lib.c
+ $(CC) -o $(OBJ_D)/pk7_lib.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_lib.c
+
+$(OBJ_D)/pkcs7err.o: $(SRC_D)/crypto/pkcs7/pkcs7err.c
+ $(CC) -o $(OBJ_D)/pkcs7err.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pkcs7err.c
+
+$(OBJ_D)/pk7_doit.o: $(SRC_D)/crypto/pkcs7/pk7_doit.c
+ $(CC) -o $(OBJ_D)/pk7_doit.o $(LIB_CFLAGS) -c $(SRC_D)/crypto/pkcs7/pk7_doit.c
+
+$(OBJ_D)/s2_meth.o: $(SRC_D)/ssl/s2_meth.c
+ $(CC) -o $(OBJ_D)/s2_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_meth.c
+
+$(OBJ_D)/s2_srvr.o: $(SRC_D)/ssl/s2_srvr.c
+ $(CC) -o $(OBJ_D)/s2_srvr.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_srvr.c
+
+$(OBJ_D)/s2_clnt.o: $(SRC_D)/ssl/s2_clnt.c
+ $(CC) -o $(OBJ_D)/s2_clnt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_clnt.c
+
+$(OBJ_D)/s2_lib.o: $(SRC_D)/ssl/s2_lib.c
+ $(CC) -o $(OBJ_D)/s2_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_lib.c
+
+$(OBJ_D)/s2_pkt.o: $(SRC_D)/ssl/s2_pkt.c
+ $(CC) -o $(OBJ_D)/s2_pkt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_pkt.c
+
+$(OBJ_D)/s2_enc.o: $(SRC_D)/ssl/s2_enc.c
+ $(CC) -o $(OBJ_D)/s2_enc.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s2_enc.c
+
+$(OBJ_D)/s3_meth.o: $(SRC_D)/ssl/s3_meth.c
+ $(CC) -o $(OBJ_D)/s3_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_meth.c
+
+$(OBJ_D)/s3_srvr.o: $(SRC_D)/ssl/s3_srvr.c
+ $(CC) -o $(OBJ_D)/s3_srvr.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_srvr.c
+
+$(OBJ_D)/s3_clnt.o: $(SRC_D)/ssl/s3_clnt.c
+ $(CC) -o $(OBJ_D)/s3_clnt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_clnt.c
+
+$(OBJ_D)/s3_lib.o: $(SRC_D)/ssl/s3_lib.c
+ $(CC) -o $(OBJ_D)/s3_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_lib.c
+
+$(OBJ_D)/s3_pkt.o: $(SRC_D)/ssl/s3_pkt.c
+ $(CC) -o $(OBJ_D)/s3_pkt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_pkt.c
+
+$(OBJ_D)/s3_enc.o: $(SRC_D)/ssl/s3_enc.c
+ $(CC) -o $(OBJ_D)/s3_enc.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_enc.c
+
+$(OBJ_D)/s3_both.o: $(SRC_D)/ssl/s3_both.c
+ $(CC) -o $(OBJ_D)/s3_both.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s3_both.c
+
+$(OBJ_D)/s23_meth.o: $(SRC_D)/ssl/s23_meth.c
+ $(CC) -o $(OBJ_D)/s23_meth.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_meth.c
+
+$(OBJ_D)/s23_srvr.o: $(SRC_D)/ssl/s23_srvr.c
+ $(CC) -o $(OBJ_D)/s23_srvr.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_srvr.c
+
+$(OBJ_D)/s23_clnt.o: $(SRC_D)/ssl/s23_clnt.c
+ $(CC) -o $(OBJ_D)/s23_clnt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_clnt.c
+
+$(OBJ_D)/s23_lib.o: $(SRC_D)/ssl/s23_lib.c
+ $(CC) -o $(OBJ_D)/s23_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_lib.c
+
+$(OBJ_D)/s23_pkt.o: $(SRC_D)/ssl/s23_pkt.c
+ $(CC) -o $(OBJ_D)/s23_pkt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/s23_pkt.c
+
+$(OBJ_D)/ssl_lib.o: $(SRC_D)/ssl/ssl_lib.c
+ $(CC) -o $(OBJ_D)/ssl_lib.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_lib.c
+
+$(OBJ_D)/ssl_err2.o: $(SRC_D)/ssl/ssl_err2.c
+ $(CC) -o $(OBJ_D)/ssl_err2.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err2.c
+
+$(OBJ_D)/ssl_cert.o: $(SRC_D)/ssl/ssl_cert.c
+ $(CC) -o $(OBJ_D)/ssl_cert.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_cert.c
+
+$(OBJ_D)/ssl_sess.o: $(SRC_D)/ssl/ssl_sess.c
+ $(CC) -o $(OBJ_D)/ssl_sess.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_sess.c
+
+$(OBJ_D)/ssl_ciph.o: $(SRC_D)/ssl/ssl_ciph.c
+ $(CC) -o $(OBJ_D)/ssl_ciph.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_ciph.c
+
+$(OBJ_D)/ssl_stat.o: $(SRC_D)/ssl/ssl_stat.c
+ $(CC) -o $(OBJ_D)/ssl_stat.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_stat.c
+
+$(OBJ_D)/ssl_rsa.o: $(SRC_D)/ssl/ssl_rsa.c
+ $(CC) -o $(OBJ_D)/ssl_rsa.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_rsa.c
+
+$(OBJ_D)/ssl_asn1.o: $(SRC_D)/ssl/ssl_asn1.c
+ $(CC) -o $(OBJ_D)/ssl_asn1.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_asn1.c
+
+$(OBJ_D)/ssl_txt.o: $(SRC_D)/ssl/ssl_txt.c
+ $(CC) -o $(OBJ_D)/ssl_txt.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_txt.c
+
+$(OBJ_D)/ssl_algs.o: $(SRC_D)/ssl/ssl_algs.c
+ $(CC) -o $(OBJ_D)/ssl_algs.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_algs.c
+
+$(OBJ_D)/bio_ssl.o: $(SRC_D)/ssl/bio_ssl.c
+ $(CC) -o $(OBJ_D)/bio_ssl.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/bio_ssl.c
+
+$(OBJ_D)/ssl_err.o: $(SRC_D)/ssl/ssl_err.c
+ $(CC) -o $(OBJ_D)/ssl_err.o $(LIB_CFLAGS) -c $(SRC_D)/ssl/ssl_err.c
+
+$(OBJ_D)/rsaref.o: $(SRC_D)/rsaref/rsaref.c
+ $(CC) -o $(OBJ_D)/rsaref.o $(LIB_CFLAGS) -c $(SRC_D)/rsaref/rsaref.c
+
+$(OBJ_D)/rsar_err.o: $(SRC_D)/rsaref/rsar_err.c
+ $(CC) -o $(OBJ_D)/rsar_err.o $(LIB_CFLAGS) -c $(SRC_D)/rsaref/rsar_err.c
+
+$(TEST_D)/md2test: $(OBJ_D)/md2test.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/md2test $(LFLAGS) $(OBJ_D)/md2test.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/md5test: $(OBJ_D)/md5test.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/md5test $(LFLAGS) $(OBJ_D)/md5test.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/shatest: $(OBJ_D)/shatest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/shatest $(LFLAGS) $(OBJ_D)/shatest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/sha1test: $(OBJ_D)/sha1test.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/sha1test $(LFLAGS) $(OBJ_D)/sha1test.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/mdc2test: $(OBJ_D)/mdc2test.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/mdc2test $(LFLAGS) $(OBJ_D)/mdc2test.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/destest: $(OBJ_D)/destest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/destest $(LFLAGS) $(OBJ_D)/destest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/rc4test: $(OBJ_D)/rc4test.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/rc4test $(LFLAGS) $(OBJ_D)/rc4test.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/rc2test: $(OBJ_D)/rc2test.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/rc2test $(LFLAGS) $(OBJ_D)/rc2test.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/ideatest: $(OBJ_D)/ideatest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/ideatest $(LFLAGS) $(OBJ_D)/ideatest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/bftest: $(OBJ_D)/bftest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/bftest $(LFLAGS) $(OBJ_D)/bftest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/bntest: $(OBJ_D)/bntest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/bntest $(LFLAGS) $(OBJ_D)/bntest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/exptest: $(OBJ_D)/exptest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/exptest $(LFLAGS) $(OBJ_D)/exptest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/dsatest: $(OBJ_D)/dsatest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/dsatest $(LFLAGS) $(OBJ_D)/dsatest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/dhtest: $(OBJ_D)/dhtest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/dhtest $(LFLAGS) $(OBJ_D)/dhtest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/randtest: $(OBJ_D)/randtest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/randtest $(LFLAGS) $(OBJ_D)/randtest.o $(L_LIBS) $(EX_LIBS)
+
+$(TEST_D)/ssltest: $(OBJ_D)/ssltest.o $(LIBS_DEP)
+ $(LINK) -o $(TEST_D)/ssltest $(LFLAGS) $(OBJ_D)/ssltest.o $(L_LIBS) $(EX_LIBS)
+
+$(O_SSL): $(SSLOBJ)
+ $(RM) $(O_SSL)
+ $(MKLIB) $(O_SSL) $(SSLOBJ)
+ $(RANLIB) $(O_SSL)
+
+$(O_RSAGLUE): $(RSAGLUEOBJ)
+ $(RM) $(O_RSAGLUE)
+ $(MKLIB) $(O_RSAGLUE) $(RSAGLUEOBJ)
+ $(RANLIB) $(O_RSAGLUE)
+
+$(O_CRYPTO): $(CRYPTOOBJ)
+ $(RM) $(O_CRYPTO)
+ $(MKLIB) $(O_CRYPTO) $(CRYPTOOBJ)
+ $(RANLIB) $(O_CRYPTO)
+
+$(BIN_D)/$(E_EXE): $(E_OBJ) $(LIBS_DEP)
+ $(LINK) -o $(BIN_D)/$(E_EXE) $(LFLAGS) $(E_OBJ) $(L_LIBS) $(EX_LIBS)
+
diff --git a/makevms.com b/makevms.com
new file mode 100755
index 0000000..2f4792a
--- /dev/null
+++ b/makevms.com
@@ -0,0 +1,65 @@
+$!
+$! This procedure compiles the SSL sources into 2 libraries:
+$! [.CRYPTO]CRYPTO-xxx.OLB ! crypto-graphics subroutines
+$! [.SSL]SSL-xxx.OLB ! SSL protocol.
+$!
+$! where 'xxx' specifies the machine achitecture: AXP or VAX
+$!
+$! To perform 1 sub-option, specify P1 as one of:
+$! INCLUDE CRYPTO SSL SSL_TASK
+$!
+$! Requirements:
+$! DECC 4.0 (may work with other versions)
+$! OpenVMS 6.1 (may work with other versions)
+$!
+$ original_default = f$environment("DEFAULT")
+$ proc = f$environment("PROCEDURE")
+$ proc_dir = f$parse("1.1;1",proc) - "1.1;1"
+$ set default 'proc_dir'
+$!
+$! Copy all include files to [.include]
+$!
+$ set noon
+$ if P1 .nes. "" then goto do_'p1'
+$ do_include
+$ write sys$output "Rebuilding [.include] directory..."
+$ delete [.include]*.h;*
+$ backup [.*...]*.h; includes.bck/save
+$ backup includes.bck/save [.include]
+$ delete includes.bck;
+$ if p1 .nes. "" then goto cleanup
+$!
+$! Build crypto lib.
+$!
+$ do_crypto:
+$ write sys$Output "Making CRYPTO library"
+$ set default [.crypto]
+$ @libvms
+$ set default [-]
+$ if p1 .nes. "" then goto cleanup
+$!
+$! Build SSL lib.
+$!
+$ do_ssl:
+$ write sys$output "Making SSL library"
+$ set default [.ssl]
+$ libname = "ssl-axp.olb"
+$ if f$getsyi("CPU") .lt. 128 then libname = "ssl-vax.olb"
+$ if f$search(libname) .eqs. "" then library/create/log 'libname'
+$ cc ssl.c/include=[-.include]/prefix=all
+$ library/replace 'libname' ssl.obj
+$ set default [-]
+$ if p1 .nes. "" then goto cleanup
+$!
+$ do_ssl_task:
+$ write sys$output "Building SSL_TASK.EXE, the DECnet-based SSL engine"
+$ set default [.ssl]
+$ libname = "ssl-axp.olb"
+$ if f$getsyi("CPU") .lt. 128 then libname = "ssl-vax.olb"
+$ cc ssl_task/include=[-.include]/prefix=all
+$ cryptolib = "[-.crypto]crypto-" + f$element(1,"-",libname)
+$ link ssl_task,'libname'/library,'cryptolib'/library
+$!
+$ cleanup:
+$ set default 'original_default'
+$ write sys$output "Done"
diff --git a/ms/README b/ms/README
new file mode 100644
index 0000000..5804a2d
--- /dev/null
+++ b/ms/README
@@ -0,0 +1,18 @@
+Run these makefiles from the top level as in
+nmake -f ms\makefilename
+to build with visual C++ 4.[01].
+
+The results will be in the out directory.
+
+These makefiles and def files were generated my typing
+
+perl util\mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
+perl util\mk1mf.pl VC-W31-32 >ms/w31.mak
+perl util\mk1mf.pl VC-W31-32 dll >ms/w31dll.mak
+perl util\mk1mf.pl VC-NT >ms/nt.mak
+perl util\mk1mf.pl VC-NT dll >ms/ntdll.mak
+
+perl util\mkdef.pl 16 crypto > ms/crypto16.def
+perl util\mkdef.pl 32 crypto > ms/crypto32.def
+perl util\mkdef.pl 16 ssl > ms/ssl16.def
+perl util\mkdef.pl 32 ssl > ms/ssl32.def
diff --git a/ms/certCA.srl b/ms/certCA.srl
new file mode 100644
index 0000000..60d3b2f
--- /dev/null
+++ b/ms/certCA.srl
@@ -0,0 +1 @@
+15
diff --git a/ms/certCA.ss b/ms/certCA.ss
new file mode 100644
index 0000000..7ce3717
--- /dev/null
+++ b/ms/certCA.ss
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBXDCCAQYCAQAwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzA3MTkx
+MTA1MTFaFw05NzA4MTgxMTA1MTFaMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+b2RneSBCcm90aGVyczERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEA3dU4kgK/MVnr7Q3p+Nl5y1TRXPk5L9dNOJ0BoCjKC2wLXSzwcj5c
+Vx2X5WiIeDDH2Dt7AbDvtGhBLVOiq0LuuwIDAQABMA0GCSqGSIb3DQEBBAUAA0EA
+gT6uyZYLx1chz1oV3GnvlbUsWd1x1Y4UQ/KqIP3wr2Bh270CYlWZfm1xiHlQQ6Jf
+DPEMSzr1e1VcRUCT25z7KQ==
+-----END CERTIFICATE-----
diff --git a/ms/certU.ss b/ms/certU.ss
new file mode 100644
index 0000000..6166bf9
--- /dev/null
+++ b/ms/certU.ss
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBcTCCARsCARQwDQYJKoZIhvcNAQEEBQAwOTELMAkGA1UEBhMCQVUxFzAVBgNV
+BAoTDkRvZGd5IEJyb3RoZXJzMREwDwYDVQQDEwhEb2RneSBDQTAeFw05NzA3MTkx
+MTA1MTZaFw05NzA4MTgxMTA1MTZaME4xCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5E
+b2RneSBCcm90aGVyczESMBAGA1UEAxMJQnJvdGhlciAxMRIwEAYDVQQDEwlCcm90
+aGVyIDIwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAxcxzGnflhfIiyt/ijc3WvWKK
+ajZOXnzKDmIo+ENc3Q16oJLkom0FdsYyVbYs9LEyHhApuurrLUH/odPyegqcAQID
+AQABMA0GCSqGSIb3DQEBBAUAA0EAlWvxkrsdbIUj3KSDqvMPYewgV1BAaluuYGCu
+TwllD+yfuZjSzOZbE0tQCigh2yhcGWRin6ngwd+wtxTAnaomMQ==
+-----END CERTIFICATE-----
diff --git a/ms/cmp.pl b/ms/cmp.pl
new file mode 100644
index 0000000..95b257f
--- /dev/null
+++ b/ms/cmp.pl
@@ -0,0 +1,47 @@
+#!/usr/local/bin/perl
+
+($#ARGV == 1) || die "usage: cmp.pl <file1> <file2>\n";
+
+open(IN0,"<$ARGV[0]") || die "unable to open $ARGV[0]\n";
+open(IN1,"<$ARGV[1]") || die "unable to open $ARGV[1]\n";
+binmode IN0;
+binmode IN1;
+
+$tot=0;
+$ret=1;
+for (;;)
+ {
+ $n1=sysread(IN0,$b1,4096);
+ $n2=sysread(IN1,$b2,4096);
+
+ last if ($n1 != $n2);
+ last if ($b1 ne $b2);
+ last if ($n1 < 0);
+ if ($n1 == 0)
+ {
+ $ret=0;
+ last;
+ }
+ $tot+=$n1;
+ }
+
+close(IN0);
+close(IN1);
+if ($ret)
+ {
+ printf STDERR "$ARGV[0] and $ARGV[1] are different\n";
+ @a1=unpack("C*",$b1);
+ @a2=unpack("C*",$b2);
+ for ($i=0; $i<=$#a1; $i++)
+ {
+ if ($a1[$i] ne $a2[$i])
+ {
+ printf "%02X %02X <<\n",$a1[$i],$a2[$i];
+ last;
+ }
+ }
+ $nm=$tot+$n1;
+ $tot+=$i+1;
+ printf STDERR "diff at char $tot of $nm\n";
+ }
+exit($ret);
diff --git a/ms/do_ms.bat b/ms/do_ms.bat
new file mode 100755
index 0000000..673d706
--- /dev/null
+++ b/ms/do_ms.bat
@@ -0,0 +1,11 @@
+
+rem perl util\mk1mf.pl VC-MSDOS no-sock >ms\msdos.mak
+rem perl util\mk1mf.pl VC-W31-32 >ms\w31.mak
+perl util\mk1mf.pl VC-W31-32 dll >ms\w31dll.mak
+rem perl util\mk1mf.pl VC-WIN32 >ms\nt.mak
+perl util\mk1mf.pl VC-WIN32 dll >ms\ntdll.mak
+
+perl util\mkdef.pl 16 libeay > ms\libeay16.def
+perl util\mkdef.pl 32 libeay > ms\libeay32.def
+perl util\mkdef.pl 16 ssleay > ms\ssleay16.def
+perl util\mkdef.pl 32 ssleay > ms\ssleay32.def
diff --git a/ms/keyCA.ss b/ms/keyCA.ss
new file mode 100644
index 0000000..6c007bd
--- /dev/null
+++ b/ms/keyCA.ss
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOwIBAAJBAN3VOJICvzFZ6+0N6fjZectU0Vz5OS/XTTidAaAoygtsC10s8HI+
+XFcdl+VoiHgwx9g7ewGw77RoQS1ToqtC7rsCAwEAAQJAECcKa3dPvKQzjZtJwhjz
+yV5vsDlldJpUwR6Nk7/kllgw4rK2AQJKVXqe6lAv8+P3Pny/XEtUe7YZ0Q/i1L23
+QQIhAP8cckDTFzyaP8O7Hy/SL70e8a8FbHbSl5keVIkNHL2pAiEA3psXWV+eruDd
+l9ERN9ARLqR5VehhnTLKIw+MhHKPH8MCIQCVXDBAZ9Z48s5WaF3v/51XmqBhmklQ
+oCeFzE4uF3E2UQIhAN3T92ScoOjsNGZBdMMFmNm+FRvCwuN/5Wci64hhELc5AiAd
+RjOJzXN5tfiPfl97WF0LCb1UXsL54/+2yI6hTg3xng==
+-----END RSA PRIVATE KEY-----
diff --git a/ms/keyU.ss b/ms/keyU.ss
new file mode 100644
index 0000000..fad45f9
--- /dev/null
+++ b/ms/keyU.ss
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAMXMcxp35YXyIsrf4o3N1r1iimo2Tl58yg5iKPhDXN0NeqCS5KJt
+BXbGMlW2LPSxMh4QKbrq6y1B/6HT8noKnAECAwEAAQJAVJ21z+jio36GK8vDG26n
+IrV5CR7aP8malrSfWjVXEKjm4BR5on5C+TuVeV67WgwIEtIuwyzRefQuBLnmtJsT
+UQIhAOhPQ4NjInS7vXTrvVM/cXEHj+gMN0yq1Lrijo6qM/QrAiEA2fg7mr8Erj86
+t5kM2/clEnA4lMNg2UnfMEkBbEyW/oMCIQClSUgq4kzwq2coGlaRNZGcLxo3qwFp
+fh5vfaSaYwUmEwIhALRkw/ezRY1sWQ0gBst5hF35MGq2NE5A3A1bLmlSDdk/AiEA
+kuVZHwwJIzGrCf9RqJ7CEHs4gPda3OeOiu0+f6M9dvc=
+-----END RSA PRIVATE KEY-----
diff --git a/ms/libeay16.def b/ms/libeay16.def
new file mode 100644
index 0000000..9e036c5
--- /dev/null
+++ b/ms/libeay16.def
@@ -0,0 +1,875 @@
+;
+; Definition file for the DDL version of the LIBEAY16 library from SSLeay
+;
+
+LIBRARY LIBEAY16
+
+DESCRIPTION 'SSLeay LIBEAY16 - eay@cryptsoft.com'
+
+CODE PRELOAD MOVEABLE
+DATA PRELOAD MOVEABLE SINGLE
+
+EXETYPE WINDOWS
+
+HEAPSIZE 4096
+STACKSIZE 8192
+
+EXPORTS
+ _SSLeay @1
+ _SSLeay_add_all_algorithms @508
+ _SSLeay_add_all_ciphers @509
+ _SSLeay_add_all_digests @510
+ _SSLeay_version @2
+ _ASN1_BIT_STRING_asn1_meth @3
+ _ASN1_HEADER_free @4
+ _ASN1_HEADER_new @5
+ _ASN1_IA5STRING_asn1_meth @6
+ _ASN1_INTEGER_get @7
+ _ASN1_INTEGER_set @8
+ _ASN1_INTEGER_to_BN @9
+ _ASN1_OBJECT_create @10
+ _ASN1_OBJECT_free @11
+ _ASN1_OBJECT_new @12
+ _ASN1_PRINTABLE_type @13
+ _ASN1_STRING_cmp @14
+ _ASN1_STRING_dup @15
+ _ASN1_STRING_free @16
+ _ASN1_STRING_new @17
+ _ASN1_STRING_print @18
+ _ASN1_STRING_set @19
+ _ASN1_STRING_type_new @20
+ _ASN1_TYPE_free @21
+ _ASN1_TYPE_get @916
+ _ASN1_TYPE_new @22
+ _ASN1_TYPE_set @917
+ _ASN1_UNIVERSALSTRING_to_string @23
+ _ASN1_UTCTIME_check @24
+ _ASN1_UTCTIME_print @25
+ _ASN1_UTCTIME_set @26
+ _ASN1_check_infinite_end @27
+ _ASN1_d2i_bio @28
+ _ASN1_digest @30
+ _ASN1_dup @31
+ _ASN1_get_object @32
+ _ASN1_i2d_bio @33
+ _ASN1_object_size @35
+ _ASN1_parse @36
+ _ASN1_put_object @37
+ _ASN1_sign @38
+ _ASN1_verify @39
+ _BF_cbc_encrypt @40
+ _BF_cfb64_encrypt @41
+ _BF_ecb_encrypt @42
+ _BF_encrypt @43
+ _BF_ofb64_encrypt @44
+ _BF_options @45
+ _BF_set_key @46
+ _BIO_accept @51
+ _BIO_copy_next_retry @955
+ _BIO_ctrl @52
+ _BIO_ctrl_int @53
+ _BIO_debug_callback @54
+ _BIO_dump @55
+ _BIO_dup_chain @56
+ _BIO_f_base64 @57
+ _BIO_f_buffer @58
+ _BIO_f_cipher @59
+ _BIO_f_md @60
+ _BIO_f_nbio_test @915
+ _BIO_f_null @61
+ _BIO_fd_non_fatal_error @63
+ _BIO_fd_should_retry @64
+ _BIO_find_type @65
+ _BIO_free @66
+ _BIO_free_all @67
+ _BIO_get_accept_socket @69
+ _BIO_get_host_ip @71
+ _BIO_get_port @72
+ _BIO_get_retry_BIO @73
+ _BIO_get_retry_reason @74
+ _BIO_gethostbyname @75
+ _BIO_gets @76
+ _BIO_new @78
+ _BIO_new_accept @79
+ _BIO_new_connect @80
+ _BIO_new_fd @81
+ _BIO_new_socket @84
+ _BIO_pop @85
+ _BIO_printf @86
+ _BIO_push @87
+ _BIO_puts @88
+ _BIO_read @89
+ _BIO_s_accept @90
+ _BIO_s_connect @91
+ _BIO_s_fd @92
+ _BIO_s_file_internal_w16 @94
+ _BIO_s_mem @95
+ _BIO_s_null @96
+ _BIO_s_socket @99
+ _BIO_set @100
+ _BIO_set_cipher @101
+ _BIO_set_tcp_ndelay @102
+ _BIO_sock_cleanup @103
+ _BIO_sock_error @104
+ _BIO_sock_init @105
+ _BIO_sock_non_fatal_error @106
+ _BIO_sock_should_retry @107
+ _BIO_socket_ioctl @108
+ _BIO_write @109
+ _BN_CTX_free @110
+ _BN_CTX_new @111
+ _BN_MONT_CTX_free @112
+ _BN_MONT_CTX_new @113
+ _BN_MONT_CTX_set @114
+ _BN_add @115
+ _BN_add_word @116
+ _BN_ascii2bn @117
+ _BN_bin2bn @118
+ _BN_bn2ascii @119
+ _BN_bn2bin @120
+ _BN_clear @121
+ _BN_clear_bit @122
+ _BN_clear_free @123
+ _BN_cmp @124
+ _BN_copy @125
+ _BN_div @126
+ _BN_div_word @127
+ _BN_dup @128
+ _BN_free @129
+ _BN_from_montgomery @130
+ _BN_gcd @131
+ _BN_generate_prime @132
+ _BN_get_word @133
+ _BN_is_bit_set @134
+ _BN_is_prime @135
+ _BN_lshift @136
+ _BN_lshift1 @137
+ _BN_mask_bits @138
+ _BN_mod @139
+ _BN_mod_exp @140
+ _BN_mod_exp_mont @141
+ _BN_mod_exp_recp @142
+ _BN_mod_exp_simple @143
+ _BN_mod_inverse @144
+ _BN_mod_mul @145
+ _BN_mod_mul_montgomery @146
+ _BN_mod_mul_reciprocal @147
+ _BN_mod_word @148
+ _BN_mul @149
+ _BN_new @150
+ _BN_num_bits @151
+ _BN_num_bits_word @152
+ _BN_options @153
+ _BN_print @154
+ _BN_rand @156
+ _BN_reciprocal @157
+ _BN_rshift @158
+ _BN_rshift1 @159
+ _BN_set_bit @160
+ _BN_set_word @161
+ _BN_sqr @162
+ _BN_sub @163
+ _BN_to_ASN1_INTEGER @164
+ _BN_ucmp @165
+ _BN_value_one @166
+ _BUF_MEM_free @167
+ _BUF_MEM_grow @168
+ _BUF_MEM_new @169
+ _BUF_strdup @170
+ _CONF_free @171
+ _CONF_get_number @172
+ _CONF_get_section @173
+ _CONF_get_string @174
+ _CONF_load @175
+ _CRYPTO_add_lock @176
+ _CRYPTO_dbg_free @177
+ _CRYPTO_dbg_malloc @178
+ _CRYPTO_dbg_realloc @179
+ _CRYPTO_dbg_remalloc @180
+ _CRYPTO_free @181
+ _CRYPTO_get_add_lock_callback @182
+ _CRYPTO_get_id_callback @183
+ _CRYPTO_get_lock_name @184
+ _CRYPTO_get_locking_callback @185
+ _CRYPTO_get_mem_functions @186
+ _CRYPTO_lock @187
+ _CRYPTO_malloc @188
+ _CRYPTO_mem_ctrl @189
+ _CRYPTO_mem_leaks @190
+ _CRYPTO_mem_leaks_cb @191
+ _CRYPTO_realloc @193
+ _CRYPTO_remalloc @194
+ _CRYPTO_set_add_lock_callback @195
+ _CRYPTO_set_id_callback @196
+ _CRYPTO_set_locking_callback @197
+ _CRYPTO_set_mem_functions @198
+ _CRYPTO_thread_id @199
+ _DH_check @200
+ _DH_compute_key @201
+ _DH_free @202
+ _DH_generate_key @203
+ _DH_generate_parameters @204
+ _DH_new @205
+ _DH_size @206
+ _DHparams_print @207
+ _DSA_free @209
+ _DSA_generate_key @210
+ _DSA_generate_parameters @211
+ _DSA_is_prime @212
+ _DSA_new @213
+ _DSA_print @214
+ _DSA_sign @216
+ _DSA_sign_setup @217
+ _DSA_size @218
+ _DSA_verify @219
+ _DSAparams_print @220
+ _ERR_clear_error @222
+ _ERR_error_string @223
+ _ERR_free_strings @224
+ _ERR_func_error_string @225
+ _ERR_get_err_state_table @226
+ _ERR_get_error @227
+ _ERR_get_error_line @228
+ _ERR_get_state @229
+ _ERR_get_string_table @230
+ _ERR_lib_error_string @231
+ _ERR_load_ASN1_strings @232
+ _ERR_load_BIO_strings @233
+ _ERR_load_BN_strings @234
+ _ERR_load_BUF_strings @235
+ _ERR_load_CONF_strings @236
+ _ERR_load_DH_strings @237
+ _ERR_load_DSA_strings @238
+ _ERR_load_ERR_strings @239
+ _ERR_load_EVP_strings @240
+ _ERR_load_OBJ_strings @241
+ _ERR_load_PEM_strings @242
+ _ERR_load_PKCS7_strings @919
+ _ERR_load_RSA_strings @244
+ _ERR_load_X509_strings @245
+ _ERR_load_crypto_strings @246
+ _ERR_load_strings @247
+ _ERR_peek_error @248
+ _ERR_peek_error_line @249
+ _ERR_print_errors @250
+ _ERR_put_error @252
+ _ERR_reason_error_string @253
+ _ERR_remove_state @254
+ _EVP_BytesToKey @255
+ _EVP_CIPHER_CTX_cleanup @256
+ _EVP_CipherFinal @257
+ _EVP_CipherInit @258
+ _EVP_CipherUpdate @259
+ _EVP_DecodeBlock @260
+ _EVP_DecodeFinal @261
+ _EVP_DecodeInit @262
+ _EVP_DecodeUpdate @263
+ _EVP_DecryptFinal @264
+ _EVP_DecryptInit @265
+ _EVP_DecryptUpdate @266
+ _EVP_DigestFinal @267
+ _EVP_DigestInit @268
+ _EVP_DigestUpdate @269
+ _EVP_EncodeBlock @270
+ _EVP_EncodeFinal @271
+ _EVP_EncodeInit @272
+ _EVP_EncodeUpdate @273
+ _EVP_EncryptFinal @274
+ _EVP_EncryptInit @275
+ _EVP_EncryptUpdate @276
+ _EVP_OpenFinal @277
+ _EVP_OpenInit @278
+ _EVP_PKEY_assign @279
+ _EVP_PKEY_copy_parameters @280
+ _EVP_PKEY_free @281
+ _EVP_PKEY_missing_parameters @282
+ _EVP_PKEY_new @283
+ _EVP_PKEY_save_parameters @284
+ _EVP_PKEY_size @285
+ _EVP_PKEY_type @286
+ _EVP_SealFinal @287
+ _EVP_SealInit @288
+ _EVP_SignFinal @289
+ _EVP_VerifyFinal @290
+ _EVP_add_alias @291
+ _EVP_add_cipher @292
+ _EVP_add_digest @293
+ _EVP_bf_cbc @294
+ _EVP_bf_cfb @295
+ _EVP_bf_ecb @296
+ _EVP_bf_ofb @297
+ _EVP_cleanup @298
+ _EVP_delete_alias @941
+ _EVP_des_cbc @299
+ _EVP_des_cfb @300
+ _EVP_des_ecb @301
+ _EVP_des_ede @302
+ _EVP_des_ede3 @303
+ _EVP_des_ede3_cbc @304
+ _EVP_des_ede3_cfb @305
+ _EVP_des_ede3_ofb @306
+ _EVP_des_ede_cbc @307
+ _EVP_des_ede_cfb @308
+ _EVP_des_ede_ofb @309
+ _EVP_des_ofb @310
+ _EVP_desx_cbc @311
+ _EVP_dss @312
+ _EVP_dss1 @313
+ _EVP_enc_null @314
+ _EVP_get_cipherbyname @315
+ _EVP_get_digestbyname @316
+ _EVP_get_pw_prompt @317
+ _EVP_idea_cbc @318
+ _EVP_idea_cfb @319
+ _EVP_idea_ecb @320
+ _EVP_idea_ofb @321
+ _EVP_md2 @322
+ _EVP_md5 @323
+ _EVP_md_null @324
+ _EVP_mdc2 @942
+ _EVP_rc2_cbc @325
+ _EVP_rc2_cfb @326
+ _EVP_rc2_ecb @327
+ _EVP_rc2_ofb @328
+ _EVP_rc4 @329
+ _EVP_read_pw_string @330
+ _EVP_set_pw_prompt @331
+ _EVP_sha @332
+ _EVP_sha1 @333
+ _MD2 @334
+ _MD2_Final @335
+ _MD2_Init @336
+ _MD2_Update @337
+ _MD2_options @338
+ _MD5 @339
+ _MD5_Final @340
+ _MD5_Init @341
+ _MD5_Update @342
+ _MDC2 @343
+ _MDC2_Final @344
+ _MDC2_Init @345
+ _MDC2_Update @346
+ _NETSCAPE_SPKAC_free @347
+ _NETSCAPE_SPKAC_new @348
+ _NETSCAPE_SPKI_free @349
+ _NETSCAPE_SPKI_new @350
+ _NETSCAPE_SPKI_sign @351
+ _NETSCAPE_SPKI_verify @352
+ _OBJ_add_object @353
+ _OBJ_bsearch @354
+ _OBJ_cleanup @355
+ _OBJ_cmp @356
+ _OBJ_create_and_add_object @357
+ _OBJ_dup @358
+ _OBJ_ln2nid @359
+ _OBJ_new_nid @360
+ _OBJ_nid2ln @361
+ _OBJ_nid2obj @362
+ _OBJ_nid2sn @363
+ _OBJ_obj2nid @364
+ _OBJ_sn2nid @365
+ _OBJ_txt2nid @366
+ _PEM_ASN1_read_bio @368
+ _PEM_ASN1_write_bio @370
+ _PEM_SealFinal @371
+ _PEM_SealInit @372
+ _PEM_SealUpdate @373
+ _PEM_SignFinal @374
+ _PEM_X509_INFO_read_bio @378
+ _PEM_X509_INFO_write_bio @379
+ _PEM_dek_info @380
+ _PEM_do_header @381
+ _PEM_get_EVP_CIPHER_INFO @382
+ _PEM_proc_type @383
+ _PEM_read_bio @394
+ _PEM_read_bio_DHparams @395
+ _PEM_read_bio_DSAPrivateKey @396
+ _PEM_read_bio_DSAparams @397
+ _PEM_read_bio_PKCS7 @398
+ _PEM_read_bio_PrivateKey @399
+ _PEM_read_bio_RSAPrivateKey @400
+ _PEM_read_bio_RSAPublicKey @948
+ _PEM_read_bio_X509 @401
+ _PEM_read_bio_X509_CRL @402
+ _PEM_read_bio_X509_REQ @403
+ _PEM_write_bio @414
+ _PEM_write_bio_DHparams @415
+ _PEM_write_bio_DSAPrivateKey @416
+ _PEM_write_bio_DSAparams @417
+ _PEM_write_bio_PKCS7 @418
+ _PEM_write_bio_PrivateKey @419
+ _PEM_write_bio_RSAPrivateKey @420
+ _PEM_write_bio_RSAPublicKey @950
+ _PEM_write_bio_X509 @421
+ _PEM_write_bio_X509_CRL @422
+ _PEM_write_bio_X509_REQ @423
+ _PKCS7_DIGEST_free @424
+ _PKCS7_DIGEST_new @425
+ _PKCS7_ENCRYPT_free @426
+ _PKCS7_ENCRYPT_new @427
+ _PKCS7_ENC_CONTENT_free @428
+ _PKCS7_ENC_CONTENT_new @429
+ _PKCS7_ENVELOPE_free @430
+ _PKCS7_ENVELOPE_new @431
+ _PKCS7_ISSUER_AND_SERIAL_digest @432
+ _PKCS7_ISSUER_AND_SERIAL_free @433
+ _PKCS7_ISSUER_AND_SERIAL_new @434
+ _PKCS7_RECIP_INFO_free @435
+ _PKCS7_RECIP_INFO_new @436
+ _PKCS7_SIGNED_free @437
+ _PKCS7_SIGNED_new @438
+ _PKCS7_SIGNER_INFO_free @439
+ _PKCS7_SIGNER_INFO_new @440
+ _PKCS7_SIGNER_INFO_set @930
+ _PKCS7_SIGN_ENVELOPE_free @441
+ _PKCS7_SIGN_ENVELOPE_new @442
+ _PKCS7_add_certificate @932
+ _PKCS7_add_crl @933
+ _PKCS7_add_signature @938
+ _PKCS7_add_signer @931
+ _PKCS7_cert_from_signer_info @939
+ _PKCS7_content_free @918
+ _PKCS7_content_new @934
+ _PKCS7_ctrl @927
+ _PKCS7_dataInit @937
+ _PKCS7_dataSign @935
+ _PKCS7_dataVerify @936
+ _PKCS7_dup @924
+ _PKCS7_free @444
+ _PKCS7_get_signer_info @940
+ _PKCS7_new @445
+ _PKCS7_set_content @929
+ _PKCS7_set_type @928
+ _RAND_bytes @464
+ _RAND_cleanup @465
+ _RAND_file_name @466
+ _RAND_load_file @467
+ _RAND_screen @468
+ _RAND_seed @469
+ _RAND_write_file @470
+ _RC2_cbc_encrypt @471
+ _RC2_cfb64_encrypt @472
+ _RC2_ecb_encrypt @473
+ _RC2_encrypt @474
+ _RC2_ofb64_encrypt @475
+ _RC2_set_key @476
+ _RC4 @477
+ _RC4_options @478
+ _RC4_set_key @479
+ _RSAPrivateKey_asn1_meth @480
+ _RSAPrivateKey_dup @481
+ _RSAPublicKey_dup @482
+ _RSA_PKCS1_SSLeay @483
+ _RSA_free @484
+ _RSA_generate_key @485
+ _RSA_new @486
+ _RSA_new_method @487
+ _RSA_print @488
+ _RSA_private_decrypt @490
+ _RSA_private_encrypt @491
+ _RSA_public_decrypt @492
+ _RSA_public_encrypt @493
+ _RSA_set_default_method @494
+ _RSA_sign @495
+ _RSA_sign_ASN1_OCTET_STRING @496
+ _RSA_size @497
+ _RSA_verify @498
+ _RSA_verify_ASN1_OCTET_STRING @499
+ _SHA @500
+ _SHA1 @501
+ _SHA1_Final @502
+ _SHA1_Init @503
+ _SHA1_Update @504
+ _SHA_Final @505
+ _SHA_Init @506
+ _SHA_Update @507
+ _TXT_DB_create_index @511
+ _TXT_DB_free @512
+ _TXT_DB_get_by_index @513
+ _TXT_DB_insert @514
+ _TXT_DB_read @515
+ _TXT_DB_write @516
+ _X509_ALGOR_free @517
+ _X509_ALGOR_new @518
+ _X509_ATTRIBUTE_free @519
+ _X509_ATTRIBUTE_new @520
+ _X509_CINF_free @521
+ _X509_CINF_new @522
+ _X509_CRL_INFO_free @523
+ _X509_CRL_INFO_new @524
+ _X509_CRL_add_ext @525
+ _X509_CRL_cmp @526
+ _X509_CRL_delete_ext @527
+ _X509_CRL_dup @528
+ _X509_CRL_free @529
+ _X509_CRL_get_ext @530
+ _X509_CRL_get_ext_by_NID @531
+ _X509_CRL_get_ext_by_OBJ @532
+ _X509_CRL_get_ext_by_critical @533
+ _X509_CRL_get_ext_count @534
+ _X509_CRL_new @535
+ _X509_CRL_sign @536
+ _X509_CRL_verify @537
+ _X509_EXTENSION_create_by_NID @538
+ _X509_EXTENSION_create_by_OBJ @539
+ _X509_EXTENSION_dup @540
+ _X509_EXTENSION_free @541
+ _X509_EXTENSION_get_critical @542
+ _X509_EXTENSION_get_data @543
+ _X509_EXTENSION_get_object @544
+ _X509_EXTENSION_new @545
+ _X509_EXTENSION_set_critical @546
+ _X509_EXTENSION_set_data @547
+ _X509_EXTENSION_set_object @548
+ _X509_INFO_free @549
+ _X509_INFO_new @550
+ _X509_LOOKUP_by_alias @551
+ _X509_LOOKUP_by_fingerprint @552
+ _X509_LOOKUP_by_issuer_serial @553
+ _X509_LOOKUP_by_subject @554
+ _X509_LOOKUP_ctrl @555
+ _X509_LOOKUP_file @556
+ _X509_LOOKUP_free @557
+ _X509_LOOKUP_hash_dir @558
+ _X509_LOOKUP_init @559
+ _X509_LOOKUP_new @560
+ _X509_LOOKUP_shutdown @561
+ _X509_NAME_ENTRY_create_by_NID @562
+ _X509_NAME_ENTRY_create_by_OBJ @563
+ _X509_NAME_ENTRY_dup @564
+ _X509_NAME_ENTRY_free @565
+ _X509_NAME_ENTRY_get_data @566
+ _X509_NAME_ENTRY_get_object @567
+ _X509_NAME_ENTRY_new @568
+ _X509_NAME_ENTRY_set_data @569
+ _X509_NAME_ENTRY_set_object @570
+ _X509_NAME_add_entry @571
+ _X509_NAME_cmp @572
+ _X509_NAME_delete_entry @573
+ _X509_NAME_digest @574
+ _X509_NAME_dup @575
+ _X509_NAME_entry_count @576
+ _X509_NAME_free @577
+ _X509_NAME_get_entry @578
+ _X509_NAME_get_index_by_NID @579
+ _X509_NAME_get_index_by_OBJ @580
+ _X509_NAME_get_text_by_NID @581
+ _X509_NAME_get_text_by_OBJ @582
+ _X509_NAME_hash @583
+ _X509_NAME_new @584
+ _X509_NAME_oneline @585
+ _X509_NAME_print @586
+ _X509_NAME_set @587
+ _X509_OBJECT_free_contents @588
+ _X509_OBJECT_retrive_by_subject @589
+ _X509_OBJECT_up_ref_count @590
+ _X509_PKEY_free @591
+ _X509_PKEY_new @592
+ _X509_PUBKEY_free @593
+ _X509_PUBKEY_get @594
+ _X509_PUBKEY_new @595
+ _X509_PUBKEY_set @596
+ _X509_REQ_INFO_free @597
+ _X509_REQ_INFO_new @598
+ _X509_REQ_dup @599
+ _X509_REQ_free @600
+ _X509_REQ_get_pubkey @601
+ _X509_REQ_new @602
+ _X509_REQ_print @603
+ _X509_REQ_set_pubkey @605
+ _X509_REQ_set_subject_name @606
+ _X509_REQ_set_version @607
+ _X509_REQ_sign @608
+ _X509_REQ_to_X509 @609
+ _X509_REQ_verify @610
+ _X509_REVOKED_add_ext @611
+ _X509_REVOKED_delete_ext @612
+ _X509_REVOKED_free @613
+ _X509_REVOKED_get_ext @614
+ _X509_REVOKED_get_ext_by_NID @615
+ _X509_REVOKED_get_ext_by_OBJ @616
+ _X509_REVOKED_get_ext_by_critical @617
+ _X509_REVOKED_get_ext_count @618
+ _X509_REVOKED_new @619
+ _X509_SIG_free @620
+ _X509_SIG_new @621
+ _X509_STORE_CTX_cleanup @622
+ _X509_STORE_CTX_init @623
+ _X509_STORE_add_cert @624
+ _X509_STORE_add_lookup @625
+ _X509_STORE_free @626
+ _X509_STORE_get_by_subject @627
+ _X509_STORE_load_locations @628
+ _X509_STORE_new @629
+ _X509_STORE_set_default_paths @630
+ _X509_VAL_free @631
+ _X509_VAL_new @632
+ _X509_add_ext @633
+ _X509_asn1_meth @634
+ _X509_certificate_type @635
+ _X509_check_private_key @636
+ _X509_cmp_current_time @637
+ _X509_delete_ext @638
+ _X509_digest @639
+ _X509_dup @640
+ _X509_find_by_issuer_and_serial @920
+ _X509_find_by_subject @921
+ _X509_free @641
+ _X509_get_default_cert_area @642
+ _X509_get_default_cert_dir @643
+ _X509_get_default_cert_dir_env @644
+ _X509_get_default_cert_file @645
+ _X509_get_default_cert_file_env @646
+ _X509_get_default_private_dir @647
+ _X509_get_ext @648
+ _X509_get_ext_by_NID @649
+ _X509_get_ext_by_OBJ @650
+ _X509_get_ext_by_critical @651
+ _X509_get_ext_count @652
+ _X509_get_issuer_name @653
+ _X509_get_pubkey @654
+ _X509_get_pubkey_parameters @655
+ _X509_get_serialNumber @656
+ _X509_get_subject_name @657
+ _X509_gmtime_adj @658
+ _X509_issuer_and_serial_cmp @659
+ _X509_issuer_and_serial_hash @660
+ _X509_issuer_name_cmp @661
+ _X509_issuer_name_hash @662
+ _X509_load_cert_file @663
+ _X509_new @664
+ _X509_print @665
+ _X509_set_issuer_name @667
+ _X509_set_notAfter @668
+ _X509_set_notBefore @669
+ _X509_set_pubkey @670
+ _X509_set_serialNumber @671
+ _X509_set_subject_name @672
+ _X509_set_version @673
+ _X509_sign @674
+ _X509_subject_name_cmp @675
+ _X509_subject_name_hash @676
+ _X509_to_X509_REQ @677
+ _X509_verify @678
+ _X509_verify_cert @679
+ _X509_verify_cert_error_string @680
+ _X509v3_add_ext @681
+ _X509v3_add_extension @682
+ _X509v3_add_netscape_extensions @683
+ _X509v3_add_standard_extensions @684
+ _X509v3_cleanup_extensions @685
+ _X509v3_data_type_by_NID @686
+ _X509v3_data_type_by_OBJ @687
+ _X509v3_delete_ext @688
+ _X509v3_get_ext @689
+ _X509v3_get_ext_by_NID @690
+ _X509v3_get_ext_by_OBJ @691
+ _X509v3_get_ext_by_critical @692
+ _X509v3_get_ext_count @693
+ _X509v3_pack_string @694
+ _X509v3_pack_type_by_NID @695
+ _X509v3_pack_type_by_OBJ @696
+ _X509v3_unpack_string @697
+ _a2d_ASN1_OBJECT @699
+ _a2i_ASN1_INTEGER @700
+ _a2i_ASN1_STRING @701
+ _asn1_Finish @702
+ _asn1_GetSequence @703
+ _bn_div64 @704
+ _bn_expand2 @705
+ _bn_mul_add_word @706
+ _bn_mul_word @707
+ _bn_qadd @708
+ _bn_qsub @709
+ _bn_sqr_words @710
+ _crypt @711
+ _d2i_ASN1_BIT_STRING @712
+ _d2i_ASN1_BOOLEAN @713
+ _d2i_ASN1_HEADER @714
+ _d2i_ASN1_IA5STRING @715
+ _d2i_ASN1_INTEGER @716
+ _d2i_ASN1_OBJECT @717
+ _d2i_ASN1_OCTET_STRING @718
+ _d2i_ASN1_PRINTABLE @719
+ _d2i_ASN1_PRINTABLESTRING @720
+ _d2i_ASN1_SET @721
+ _d2i_ASN1_T61STRING @722
+ _d2i_ASN1_TYPE @723
+ _d2i_ASN1_UTCTIME @724
+ _d2i_ASN1_bytes @725
+ _d2i_ASN1_type_bytes @726
+ _d2i_DHparams @727
+ _d2i_DSAPrivateKey @728
+ _d2i_DSAPrivateKey_bio @729
+ _d2i_DSAPublicKey @731
+ _d2i_DSAparams @732
+ _d2i_NETSCAPE_SPKAC @733
+ _d2i_NETSCAPE_SPKI @734
+ _d2i_Netscape_RSA @735
+ _d2i_PKCS7 @736
+ _d2i_PKCS7_DIGEST @737
+ _d2i_PKCS7_ENCRYPT @738
+ _d2i_PKCS7_ENC_CONTENT @739
+ _d2i_PKCS7_ENVELOPE @740
+ _d2i_PKCS7_ISSUER_AND_SERIAL @741
+ _d2i_PKCS7_RECIP_INFO @742
+ _d2i_PKCS7_SIGNED @743
+ _d2i_PKCS7_SIGNER_INFO @744
+ _d2i_PKCS7_SIGN_ENVELOPE @745
+ _d2i_PKCS7_bio @925
+ _d2i_PrivateKey @748
+ _d2i_PublicKey @749
+ _d2i_RSAPrivateKey @750
+ _d2i_RSAPrivateKey_bio @751
+ _d2i_RSAPublicKey @753
+ _d2i_RSAPublicKey_bio @951
+ _d2i_X509 @754
+ _d2i_X509_ALGOR @755
+ _d2i_X509_ATTRIBUTE @756
+ _d2i_X509_CINF @757
+ _d2i_X509_CRL @758
+ _d2i_X509_CRL_INFO @759
+ _d2i_X509_CRL_bio @760
+ _d2i_X509_EXTENSION @762
+ _d2i_X509_NAME @763
+ _d2i_X509_NAME_ENTRY @764
+ _d2i_X509_PKEY @765
+ _d2i_X509_PUBKEY @766
+ _d2i_X509_REQ @767
+ _d2i_X509_REQ_INFO @768
+ _d2i_X509_REQ_bio @769
+ _d2i_X509_REVOKED @771
+ _d2i_X509_SIG @772
+ _d2i_X509_VAL @773
+ _d2i_X509_bio @774
+ _des_3cbc_encrypt @776
+ _des_cbc_cksum @777
+ _des_cbc_encrypt @778
+ _des_cblock_print_file @779
+ _des_cfb64_encrypt @780
+ _des_cfb_encrypt @781
+ _des_decrypt3 @782
+ _des_ecb3_encrypt @783
+ _des_ecb_encrypt @784
+ _des_ede3_cbc_encrypt @785
+ _des_ede3_cfb64_encrypt @786
+ _des_ede3_ofb64_encrypt @787
+ _des_enc_read @788
+ _des_enc_write @789
+ _des_encrypt @790
+ _des_encrypt2 @791
+ _des_encrypt3 @792
+ _des_fcrypt @793
+ _des_is_weak_key @794
+ _des_key_sched @795
+ _des_ncbc_encrypt @796
+ _des_ofb64_encrypt @797
+ _des_ofb_encrypt @798
+ _des_options @799
+ _des_pcbc_encrypt @800
+ _des_quad_cksum @801
+ _des_random_key @802
+ _des_random_seed @803
+ _des_read_2passwords @804
+ _des_read_password @805
+ _des_read_pw @806
+ _des_read_pw_string @807
+ _des_set_key @808
+ _des_set_odd_parity @809
+ _des_string_to_2keys @810
+ _des_string_to_key @811
+ _des_xcbc_encrypt @812
+ _des_xwhite_in2out @813
+ _i2a_ASN1_INTEGER @815
+ _i2a_ASN1_OBJECT @816
+ _i2a_ASN1_STRING @817
+ _i2d_ASN1_BIT_STRING @818
+ _i2d_ASN1_BOOLEAN @819
+ _i2d_ASN1_HEADER @820
+ _i2d_ASN1_IA5STRING @821
+ _i2d_ASN1_INTEGER @822
+ _i2d_ASN1_OBJECT @823
+ _i2d_ASN1_OCTET_STRING @824
+ _i2d_ASN1_PRINTABLE @825
+ _i2d_ASN1_SET @826
+ _i2d_ASN1_TYPE @827
+ _i2d_ASN1_UTCTIME @828
+ _i2d_ASN1_bytes @829
+ _i2d_DHparams @830
+ _i2d_DSAPrivateKey @831
+ _i2d_DSAPrivateKey_bio @832
+ _i2d_DSAPublicKey @834
+ _i2d_DSAparams @835
+ _i2d_NETSCAPE_SPKAC @836
+ _i2d_NETSCAPE_SPKI @837
+ _i2d_Netscape_RSA @838
+ _i2d_PKCS7 @839
+ _i2d_PKCS7_DIGEST @840
+ _i2d_PKCS7_ENCRYPT @841
+ _i2d_PKCS7_ENC_CONTENT @842
+ _i2d_PKCS7_ENVELOPE @843
+ _i2d_PKCS7_ISSUER_AND_SERIAL @844
+ _i2d_PKCS7_RECIP_INFO @845
+ _i2d_PKCS7_SIGNED @846
+ _i2d_PKCS7_SIGNER_INFO @847
+ _i2d_PKCS7_SIGN_ENVELOPE @848
+ _i2d_PKCS7_bio @926
+ _i2d_PrivateKey @851
+ _i2d_PublicKey @852
+ _i2d_RSAPrivateKey @853
+ _i2d_RSAPrivateKey_bio @854
+ _i2d_RSAPublicKey @856
+ _i2d_RSAPublicKey_bio @953
+ _i2d_X509 @857
+ _i2d_X509_ALGOR @858
+ _i2d_X509_ATTRIBUTE @859
+ _i2d_X509_CINF @860
+ _i2d_X509_CRL @861
+ _i2d_X509_CRL_INFO @862
+ _i2d_X509_CRL_bio @863
+ _i2d_X509_EXTENSION @865
+ _i2d_X509_NAME @866
+ _i2d_X509_NAME_ENTRY @867
+ _i2d_X509_PKEY @868
+ _i2d_X509_PUBKEY @869
+ _i2d_X509_REQ @870
+ _i2d_X509_REQ_INFO @871
+ _i2d_X509_REQ_bio @872
+ _i2d_X509_REVOKED @874
+ _i2d_X509_SIG @875
+ _i2d_X509_VAL @876
+ _i2d_X509_bio @877
+ _idea_cbc_encrypt @879
+ _idea_cfb64_encrypt @880
+ _idea_ecb_encrypt @881
+ _idea_encrypt @882
+ _idea_ofb64_encrypt @883
+ _idea_options @884
+ _idea_set_decrypt_key @885
+ _idea_set_encrypt_key @886
+ _lh_delete @887
+ _lh_doall @888
+ _lh_doall_arg @889
+ _lh_free @890
+ _lh_insert @891
+ _lh_new @892
+ _lh_node_stats_bio @894
+ _lh_node_usage_stats_bio @896
+ _lh_retrieve @897
+ _lh_stats_bio @899
+ _lh_strhash @900
+ _sk_delete @901
+ _sk_delete_ptr @902
+ _sk_dup @903
+ _sk_find @904
+ _sk_free @905
+ _sk_insert @906
+ _sk_new @907
+ _sk_pop @908
+ _sk_pop_free @909
+ _sk_push @910
+ _sk_set_cmp_func @911
+ _sk_shift @912
+ _sk_unshift @913
+ _sk_zero @914
+
diff --git a/ms/libeay32.def b/ms/libeay32.def
new file mode 100644
index 0000000..26595fc
--- /dev/null
+++ b/ms/libeay32.def
@@ -0,0 +1,922 @@
+;
+; Definition file for the DDL version of the LIBEAY32 library from SSLeay
+;
+
+LIBRARY LIBEAY32
+
+DESCRIPTION 'SSLeay LIBEAY32 - eay@cryptsoft.com'
+
+EXPORTS
+ SSLeay @1
+ SSLeay_add_all_algorithms @508
+ SSLeay_add_all_ciphers @509
+ SSLeay_add_all_digests @510
+ SSLeay_version @2
+ ASN1_BIT_STRING_asn1_meth @3
+ ASN1_HEADER_free @4
+ ASN1_HEADER_new @5
+ ASN1_IA5STRING_asn1_meth @6
+ ASN1_INTEGER_get @7
+ ASN1_INTEGER_set @8
+ ASN1_INTEGER_to_BN @9
+ ASN1_OBJECT_create @10
+ ASN1_OBJECT_free @11
+ ASN1_OBJECT_new @12
+ ASN1_PRINTABLE_type @13
+ ASN1_STRING_cmp @14
+ ASN1_STRING_dup @15
+ ASN1_STRING_free @16
+ ASN1_STRING_new @17
+ ASN1_STRING_print @18
+ ASN1_STRING_set @19
+ ASN1_STRING_type_new @20
+ ASN1_TYPE_free @21
+ ASN1_TYPE_get @916
+ ASN1_TYPE_new @22
+ ASN1_TYPE_set @917
+ ASN1_UNIVERSALSTRING_to_string @23
+ ASN1_UTCTIME_check @24
+ ASN1_UTCTIME_print @25
+ ASN1_UTCTIME_set @26
+ ASN1_check_infinite_end @27
+ ASN1_d2i_bio @28
+ ASN1_d2i_fp @29
+ ASN1_digest @30
+ ASN1_dup @31
+ ASN1_get_object @32
+ ASN1_i2d_bio @33
+ ASN1_i2d_fp @34
+ ASN1_object_size @35
+ ASN1_parse @36
+ ASN1_put_object @37
+ ASN1_sign @38
+ ASN1_verify @39
+ BF_cbc_encrypt @40
+ BF_cfb64_encrypt @41
+ BF_ecb_encrypt @42
+ BF_encrypt @43
+ BF_ofb64_encrypt @44
+ BF_options @45
+ BF_set_key @46
+ BIO_accept @51
+ BIO_copy_next_retry @955
+ BIO_ctrl @52
+ BIO_ctrl_int @53
+ BIO_debug_callback @54
+ BIO_dump @55
+ BIO_dup_chain @56
+ BIO_f_base64 @57
+ BIO_f_buffer @58
+ BIO_f_cipher @59
+ BIO_f_md @60
+ BIO_f_nbio_test @915
+ BIO_f_null @61
+ BIO_fd_non_fatal_error @63
+ BIO_fd_should_retry @64
+ BIO_find_type @65
+ BIO_free @66
+ BIO_free_all @67
+ BIO_get_accept_socket @69
+ BIO_get_host_ip @71
+ BIO_get_port @72
+ BIO_get_retry_BIO @73
+ BIO_get_retry_reason @74
+ BIO_gethostbyname @75
+ BIO_gets @76
+ BIO_new @78
+ BIO_new_accept @79
+ BIO_new_connect @80
+ BIO_new_fd @81
+ BIO_new_file @82
+ BIO_new_fp @83
+ BIO_new_socket @84
+ BIO_pop @85
+ BIO_printf @86
+ BIO_push @87
+ BIO_puts @88
+ BIO_read @89
+ BIO_s_accept @90
+ BIO_s_connect @91
+ BIO_s_fd @92
+ BIO_s_file @93
+ BIO_s_mem @95
+ BIO_s_null @96
+ BIO_s_socket @99
+ BIO_set @100
+ BIO_set_cipher @101
+ BIO_set_tcp_ndelay @102
+ BIO_sock_cleanup @103
+ BIO_sock_error @104
+ BIO_sock_init @105
+ BIO_sock_non_fatal_error @106
+ BIO_sock_should_retry @107
+ BIO_socket_ioctl @108
+ BIO_write @109
+ BN_CTX_free @110
+ BN_CTX_new @111
+ BN_MONT_CTX_free @112
+ BN_MONT_CTX_new @113
+ BN_MONT_CTX_set @114
+ BN_add @115
+ BN_add_word @116
+ BN_ascii2bn @117
+ BN_bin2bn @118
+ BN_bn2ascii @119
+ BN_bn2bin @120
+ BN_clear @121
+ BN_clear_bit @122
+ BN_clear_free @123
+ BN_cmp @124
+ BN_copy @125
+ BN_div @126
+ BN_div_word @127
+ BN_dup @128
+ BN_free @129
+ BN_from_montgomery @130
+ BN_gcd @131
+ BN_generate_prime @132
+ BN_get_word @133
+ BN_is_bit_set @134
+ BN_is_prime @135
+ BN_lshift @136
+ BN_lshift1 @137
+ BN_mask_bits @138
+ BN_mod @139
+ BN_mod_exp @140
+ BN_mod_exp_mont @141
+ BN_mod_exp_recp @142
+ BN_mod_exp_simple @143
+ BN_mod_inverse @144
+ BN_mod_mul @145
+ BN_mod_mul_montgomery @146
+ BN_mod_mul_reciprocal @147
+ BN_mod_word @148
+ BN_mul @149
+ BN_new @150
+ BN_num_bits @151
+ BN_num_bits_word @152
+ BN_options @153
+ BN_print @154
+ BN_print_fp @155
+ BN_rand @156
+ BN_reciprocal @157
+ BN_rshift @158
+ BN_rshift1 @159
+ BN_set_bit @160
+ BN_set_word @161
+ BN_sqr @162
+ BN_sub @163
+ BN_to_ASN1_INTEGER @164
+ BN_ucmp @165
+ BN_value_one @166
+ BUF_MEM_free @167
+ BUF_MEM_grow @168
+ BUF_MEM_new @169
+ BUF_strdup @170
+ CONF_free @171
+ CONF_get_number @172
+ CONF_get_section @173
+ CONF_get_string @174
+ CONF_load @175
+ CRYPTO_add_lock @176
+ CRYPTO_dbg_free @177
+ CRYPTO_dbg_malloc @178
+ CRYPTO_dbg_realloc @179
+ CRYPTO_dbg_remalloc @180
+ CRYPTO_free @181
+ CRYPTO_get_add_lock_callback @182
+ CRYPTO_get_id_callback @183
+ CRYPTO_get_lock_name @184
+ CRYPTO_get_locking_callback @185
+ CRYPTO_get_mem_functions @186
+ CRYPTO_lock @187
+ CRYPTO_malloc @188
+ CRYPTO_mem_ctrl @189
+ CRYPTO_mem_leaks @190
+ CRYPTO_mem_leaks_cb @191
+ CRYPTO_mem_leaks_fp @192
+ CRYPTO_realloc @193
+ CRYPTO_remalloc @194
+ CRYPTO_set_add_lock_callback @195
+ CRYPTO_set_id_callback @196
+ CRYPTO_set_locking_callback @197
+ CRYPTO_set_mem_functions @198
+ CRYPTO_thread_id @199
+ DH_check @200
+ DH_compute_key @201
+ DH_free @202
+ DH_generate_key @203
+ DH_generate_parameters @204
+ DH_new @205
+ DH_size @206
+ DHparams_print @207
+ DHparams_print_fp @208
+ DSA_free @209
+ DSA_generate_key @210
+ DSA_generate_parameters @211
+ DSA_is_prime @212
+ DSA_new @213
+ DSA_print @214
+ DSA_print_fp @215
+ DSA_sign @216
+ DSA_sign_setup @217
+ DSA_size @218
+ DSA_verify @219
+ DSAparams_print @220
+ DSAparams_print_fp @221
+ ERR_clear_error @222
+ ERR_error_string @223
+ ERR_free_strings @224
+ ERR_func_error_string @225
+ ERR_get_err_state_table @226
+ ERR_get_error @227
+ ERR_get_error_line @228
+ ERR_get_state @229
+ ERR_get_string_table @230
+ ERR_lib_error_string @231
+ ERR_load_ASN1_strings @232
+ ERR_load_BIO_strings @233
+ ERR_load_BN_strings @234
+ ERR_load_BUF_strings @235
+ ERR_load_CONF_strings @236
+ ERR_load_DH_strings @237
+ ERR_load_DSA_strings @238
+ ERR_load_ERR_strings @239
+ ERR_load_EVP_strings @240
+ ERR_load_OBJ_strings @241
+ ERR_load_PEM_strings @242
+ ERR_load_PKCS7_strings @919
+ ERR_load_RSA_strings @244
+ ERR_load_X509_strings @245
+ ERR_load_crypto_strings @246
+ ERR_load_strings @247
+ ERR_peek_error @248
+ ERR_peek_error_line @249
+ ERR_print_errors @250
+ ERR_print_errors_fp @251
+ ERR_put_error @252
+ ERR_reason_error_string @253
+ ERR_remove_state @254
+ EVP_BytesToKey @255
+ EVP_CIPHER_CTX_cleanup @256
+ EVP_CipherFinal @257
+ EVP_CipherInit @258
+ EVP_CipherUpdate @259
+ EVP_DecodeBlock @260
+ EVP_DecodeFinal @261
+ EVP_DecodeInit @262
+ EVP_DecodeUpdate @263
+ EVP_DecryptFinal @264
+ EVP_DecryptInit @265
+ EVP_DecryptUpdate @266
+ EVP_DigestFinal @267
+ EVP_DigestInit @268
+ EVP_DigestUpdate @269
+ EVP_EncodeBlock @270
+ EVP_EncodeFinal @271
+ EVP_EncodeInit @272
+ EVP_EncodeUpdate @273
+ EVP_EncryptFinal @274
+ EVP_EncryptInit @275
+ EVP_EncryptUpdate @276
+ EVP_OpenFinal @277
+ EVP_OpenInit @278
+ EVP_PKEY_assign @279
+ EVP_PKEY_copy_parameters @280
+ EVP_PKEY_free @281
+ EVP_PKEY_missing_parameters @282
+ EVP_PKEY_new @283
+ EVP_PKEY_save_parameters @284
+ EVP_PKEY_size @285
+ EVP_PKEY_type @286
+ EVP_SealFinal @287
+ EVP_SealInit @288
+ EVP_SignFinal @289
+ EVP_VerifyFinal @290
+ EVP_add_alias @291
+ EVP_add_cipher @292
+ EVP_add_digest @293
+ EVP_bf_cbc @294
+ EVP_bf_cfb @295
+ EVP_bf_ecb @296
+ EVP_bf_ofb @297
+ EVP_cleanup @298
+ EVP_delete_alias @941
+ EVP_des_cbc @299
+ EVP_des_cfb @300
+ EVP_des_ecb @301
+ EVP_des_ede @302
+ EVP_des_ede3 @303
+ EVP_des_ede3_cbc @304
+ EVP_des_ede3_cfb @305
+ EVP_des_ede3_ofb @306
+ EVP_des_ede_cbc @307
+ EVP_des_ede_cfb @308
+ EVP_des_ede_ofb @309
+ EVP_des_ofb @310
+ EVP_desx_cbc @311
+ EVP_dss @312
+ EVP_dss1 @313
+ EVP_enc_null @314
+ EVP_get_cipherbyname @315
+ EVP_get_digestbyname @316
+ EVP_get_pw_prompt @317
+ EVP_idea_cbc @318
+ EVP_idea_cfb @319
+ EVP_idea_ecb @320
+ EVP_idea_ofb @321
+ EVP_md2 @322
+ EVP_md5 @323
+ EVP_md_null @324
+ EVP_mdc2 @942
+ EVP_rc2_cbc @325
+ EVP_rc2_cfb @326
+ EVP_rc2_ecb @327
+ EVP_rc2_ofb @328
+ EVP_rc4 @329
+ EVP_read_pw_string @330
+ EVP_set_pw_prompt @331
+ EVP_sha @332
+ EVP_sha1 @333
+ MD2 @334
+ MD2_Final @335
+ MD2_Init @336
+ MD2_Update @337
+ MD2_options @338
+ MD5 @339
+ MD5_Final @340
+ MD5_Init @341
+ MD5_Update @342
+ MDC2 @343
+ MDC2_Final @344
+ MDC2_Init @345
+ MDC2_Update @346
+ NETSCAPE_SPKAC_free @347
+ NETSCAPE_SPKAC_new @348
+ NETSCAPE_SPKI_free @349
+ NETSCAPE_SPKI_new @350
+ NETSCAPE_SPKI_sign @351
+ NETSCAPE_SPKI_verify @352
+ OBJ_add_object @353
+ OBJ_bsearch @354
+ OBJ_cleanup @355
+ OBJ_cmp @356
+ OBJ_create_and_add_object @357
+ OBJ_dup @358
+ OBJ_ln2nid @359
+ OBJ_new_nid @360
+ OBJ_nid2ln @361
+ OBJ_nid2obj @362
+ OBJ_nid2sn @363
+ OBJ_obj2nid @364
+ OBJ_sn2nid @365
+ OBJ_txt2nid @366
+ PEM_ASN1_read @367
+ PEM_ASN1_read_bio @368
+ PEM_ASN1_write @369
+ PEM_ASN1_write_bio @370
+ PEM_SealFinal @371
+ PEM_SealInit @372
+ PEM_SealUpdate @373
+ PEM_SignFinal @374
+ PEM_X509_INFO_read @377
+ PEM_X509_INFO_read_bio @378
+ PEM_X509_INFO_write_bio @379
+ PEM_dek_info @380
+ PEM_do_header @381
+ PEM_get_EVP_CIPHER_INFO @382
+ PEM_proc_type @383
+ PEM_read @384
+ PEM_read_DHparams @385
+ PEM_read_DSAPrivateKey @386
+ PEM_read_DSAparams @387
+ PEM_read_PKCS7 @388
+ PEM_read_PrivateKey @389
+ PEM_read_RSAPrivateKey @390
+ PEM_read_RSAPublicKey @947
+ PEM_read_X509 @391
+ PEM_read_X509_CRL @392
+ PEM_read_X509_REQ @393
+ PEM_read_bio @394
+ PEM_read_bio_DHparams @395
+ PEM_read_bio_DSAPrivateKey @396
+ PEM_read_bio_DSAparams @397
+ PEM_read_bio_PKCS7 @398
+ PEM_read_bio_PrivateKey @399
+ PEM_read_bio_RSAPrivateKey @400
+ PEM_read_bio_RSAPublicKey @948
+ PEM_read_bio_X509 @401
+ PEM_read_bio_X509_CRL @402
+ PEM_read_bio_X509_REQ @403
+ PEM_write @404
+ PEM_write_DHparams @405
+ PEM_write_DSAPrivateKey @406
+ PEM_write_DSAparams @407
+ PEM_write_PKCS7 @408
+ PEM_write_PrivateKey @409
+ PEM_write_RSAPrivateKey @410
+ PEM_write_RSAPublicKey @949
+ PEM_write_X509 @411
+ PEM_write_X509_CRL @412
+ PEM_write_X509_REQ @413
+ PEM_write_bio @414
+ PEM_write_bio_DHparams @415
+ PEM_write_bio_DSAPrivateKey @416
+ PEM_write_bio_DSAparams @417
+ PEM_write_bio_PKCS7 @418
+ PEM_write_bio_PrivateKey @419
+ PEM_write_bio_RSAPrivateKey @420
+ PEM_write_bio_RSAPublicKey @950
+ PEM_write_bio_X509 @421
+ PEM_write_bio_X509_CRL @422
+ PEM_write_bio_X509_REQ @423
+ PKCS7_DIGEST_free @424
+ PKCS7_DIGEST_new @425
+ PKCS7_ENCRYPT_free @426
+ PKCS7_ENCRYPT_new @427
+ PKCS7_ENC_CONTENT_free @428
+ PKCS7_ENC_CONTENT_new @429
+ PKCS7_ENVELOPE_free @430
+ PKCS7_ENVELOPE_new @431
+ PKCS7_ISSUER_AND_SERIAL_digest @432
+ PKCS7_ISSUER_AND_SERIAL_free @433
+ PKCS7_ISSUER_AND_SERIAL_new @434
+ PKCS7_RECIP_INFO_free @435
+ PKCS7_RECIP_INFO_new @436
+ PKCS7_SIGNED_free @437
+ PKCS7_SIGNED_new @438
+ PKCS7_SIGNER_INFO_free @439
+ PKCS7_SIGNER_INFO_new @440
+ PKCS7_SIGNER_INFO_set @930
+ PKCS7_SIGN_ENVELOPE_free @441
+ PKCS7_SIGN_ENVELOPE_new @442
+ PKCS7_add_certificate @932
+ PKCS7_add_crl @933
+ PKCS7_add_signature @938
+ PKCS7_add_signer @931
+ PKCS7_cert_from_signer_info @939
+ PKCS7_content_free @918
+ PKCS7_content_new @934
+ PKCS7_ctrl @927
+ PKCS7_dataInit @937
+ PKCS7_dataSign @935
+ PKCS7_dataVerify @936
+ PKCS7_dup @924
+ PKCS7_free @444
+ PKCS7_get_signer_info @940
+ PKCS7_new @445
+ PKCS7_set_content @929
+ PKCS7_set_type @928
+ RAND_bytes @464
+ RAND_cleanup @465
+ RAND_file_name @466
+ RAND_load_file @467
+ RAND_screen @468
+ RAND_seed @469
+ RAND_write_file @470
+ RC2_cbc_encrypt @471
+ RC2_cfb64_encrypt @472
+ RC2_ecb_encrypt @473
+ RC2_encrypt @474
+ RC2_ofb64_encrypt @475
+ RC2_set_key @476
+ RC4 @477
+ RC4_options @478
+ RC4_set_key @479
+ RSAPrivateKey_asn1_meth @480
+ RSAPrivateKey_dup @481
+ RSAPublicKey_dup @482
+ RSA_PKCS1_SSLeay @483
+ RSA_free @484
+ RSA_generate_key @485
+ RSA_new @486
+ RSA_new_method @487
+ RSA_print @488
+ RSA_print_fp @489
+ RSA_private_decrypt @490
+ RSA_private_encrypt @491
+ RSA_public_decrypt @492
+ RSA_public_encrypt @493
+ RSA_set_default_method @494
+ RSA_sign @495
+ RSA_sign_ASN1_OCTET_STRING @496
+ RSA_size @497
+ RSA_verify @498
+ RSA_verify_ASN1_OCTET_STRING @499
+ SHA @500
+ SHA1 @501
+ SHA1_Final @502
+ SHA1_Init @503
+ SHA1_Update @504
+ SHA_Final @505
+ SHA_Init @506
+ SHA_Update @507
+ TXT_DB_create_index @511
+ TXT_DB_free @512
+ TXT_DB_get_by_index @513
+ TXT_DB_insert @514
+ TXT_DB_read @515
+ TXT_DB_write @516
+ X509_ALGOR_free @517
+ X509_ALGOR_new @518
+ X509_ATTRIBUTE_free @519
+ X509_ATTRIBUTE_new @520
+ X509_CINF_free @521
+ X509_CINF_new @522
+ X509_CRL_INFO_free @523
+ X509_CRL_INFO_new @524
+ X509_CRL_add_ext @525
+ X509_CRL_cmp @526
+ X509_CRL_delete_ext @527
+ X509_CRL_dup @528
+ X509_CRL_free @529
+ X509_CRL_get_ext @530
+ X509_CRL_get_ext_by_NID @531
+ X509_CRL_get_ext_by_OBJ @532
+ X509_CRL_get_ext_by_critical @533
+ X509_CRL_get_ext_count @534
+ X509_CRL_new @535
+ X509_CRL_sign @536
+ X509_CRL_verify @537
+ X509_EXTENSION_create_by_NID @538
+ X509_EXTENSION_create_by_OBJ @539
+ X509_EXTENSION_dup @540
+ X509_EXTENSION_free @541
+ X509_EXTENSION_get_critical @542
+ X509_EXTENSION_get_data @543
+ X509_EXTENSION_get_object @544
+ X509_EXTENSION_new @545
+ X509_EXTENSION_set_critical @546
+ X509_EXTENSION_set_data @547
+ X509_EXTENSION_set_object @548
+ X509_INFO_free @549
+ X509_INFO_new @550
+ X509_LOOKUP_by_alias @551
+ X509_LOOKUP_by_fingerprint @552
+ X509_LOOKUP_by_issuer_serial @553
+ X509_LOOKUP_by_subject @554
+ X509_LOOKUP_ctrl @555
+ X509_LOOKUP_file @556
+ X509_LOOKUP_free @557
+ X509_LOOKUP_hash_dir @558
+ X509_LOOKUP_init @559
+ X509_LOOKUP_new @560
+ X509_LOOKUP_shutdown @561
+ X509_NAME_ENTRY_create_by_NID @562
+ X509_NAME_ENTRY_create_by_OBJ @563
+ X509_NAME_ENTRY_dup @564
+ X509_NAME_ENTRY_free @565
+ X509_NAME_ENTRY_get_data @566
+ X509_NAME_ENTRY_get_object @567
+ X509_NAME_ENTRY_new @568
+ X509_NAME_ENTRY_set_data @569
+ X509_NAME_ENTRY_set_object @570
+ X509_NAME_add_entry @571
+ X509_NAME_cmp @572
+ X509_NAME_delete_entry @573
+ X509_NAME_digest @574
+ X509_NAME_dup @575
+ X509_NAME_entry_count @576
+ X509_NAME_free @577
+ X509_NAME_get_entry @578
+ X509_NAME_get_index_by_NID @579
+ X509_NAME_get_index_by_OBJ @580
+ X509_NAME_get_text_by_NID @581
+ X509_NAME_get_text_by_OBJ @582
+ X509_NAME_hash @583
+ X509_NAME_new @584
+ X509_NAME_oneline @585
+ X509_NAME_print @586
+ X509_NAME_set @587
+ X509_OBJECT_free_contents @588
+ X509_OBJECT_retrive_by_subject @589
+ X509_OBJECT_up_ref_count @590
+ X509_PKEY_free @591
+ X509_PKEY_new @592
+ X509_PUBKEY_free @593
+ X509_PUBKEY_get @594
+ X509_PUBKEY_new @595
+ X509_PUBKEY_set @596
+ X509_REQ_INFO_free @597
+ X509_REQ_INFO_new @598
+ X509_REQ_dup @599
+ X509_REQ_free @600
+ X509_REQ_get_pubkey @601
+ X509_REQ_new @602
+ X509_REQ_print @603
+ X509_REQ_print_fp @604
+ X509_REQ_set_pubkey @605
+ X509_REQ_set_subject_name @606
+ X509_REQ_set_version @607
+ X509_REQ_sign @608
+ X509_REQ_to_X509 @609
+ X509_REQ_verify @610
+ X509_REVOKED_add_ext @611
+ X509_REVOKED_delete_ext @612
+ X509_REVOKED_free @613
+ X509_REVOKED_get_ext @614
+ X509_REVOKED_get_ext_by_NID @615
+ X509_REVOKED_get_ext_by_OBJ @616
+ X509_REVOKED_get_ext_by_critical @617
+ X509_REVOKED_get_ext_count @618
+ X509_REVOKED_new @619
+ X509_SIG_free @620
+ X509_SIG_new @621
+ X509_STORE_CTX_cleanup @622
+ X509_STORE_CTX_init @623
+ X509_STORE_add_cert @624
+ X509_STORE_add_lookup @625
+ X509_STORE_free @626
+ X509_STORE_get_by_subject @627
+ X509_STORE_load_locations @628
+ X509_STORE_new @629
+ X509_STORE_set_default_paths @630
+ X509_VAL_free @631
+ X509_VAL_new @632
+ X509_add_ext @633
+ X509_asn1_meth @634
+ X509_certificate_type @635
+ X509_check_private_key @636
+ X509_cmp_current_time @637
+ X509_delete_ext @638
+ X509_digest @639
+ X509_dup @640
+ X509_find_by_issuer_and_serial @920
+ X509_find_by_subject @921
+ X509_free @641
+ X509_get_default_cert_area @642
+ X509_get_default_cert_dir @643
+ X509_get_default_cert_dir_env @644
+ X509_get_default_cert_file @645
+ X509_get_default_cert_file_env @646
+ X509_get_default_private_dir @647
+ X509_get_ext @648
+ X509_get_ext_by_NID @649
+ X509_get_ext_by_OBJ @650
+ X509_get_ext_by_critical @651
+ X509_get_ext_count @652
+ X509_get_issuer_name @653
+ X509_get_pubkey @654
+ X509_get_pubkey_parameters @655
+ X509_get_serialNumber @656
+ X509_get_subject_name @657
+ X509_gmtime_adj @658
+ X509_issuer_and_serial_cmp @659
+ X509_issuer_and_serial_hash @660
+ X509_issuer_name_cmp @661
+ X509_issuer_name_hash @662
+ X509_load_cert_file @663
+ X509_new @664
+ X509_print @665
+ X509_print_fp @666
+ X509_set_issuer_name @667
+ X509_set_notAfter @668
+ X509_set_notBefore @669
+ X509_set_pubkey @670
+ X509_set_serialNumber @671
+ X509_set_subject_name @672
+ X509_set_version @673
+ X509_sign @674
+ X509_subject_name_cmp @675
+ X509_subject_name_hash @676
+ X509_to_X509_REQ @677
+ X509_verify @678
+ X509_verify_cert @679
+ X509_verify_cert_error_string @680
+ X509v3_add_ext @681
+ X509v3_add_extension @682
+ X509v3_add_netscape_extensions @683
+ X509v3_add_standard_extensions @684
+ X509v3_cleanup_extensions @685
+ X509v3_data_type_by_NID @686
+ X509v3_data_type_by_OBJ @687
+ X509v3_delete_ext @688
+ X509v3_get_ext @689
+ X509v3_get_ext_by_NID @690
+ X509v3_get_ext_by_OBJ @691
+ X509v3_get_ext_by_critical @692
+ X509v3_get_ext_count @693
+ X509v3_pack_string @694
+ X509v3_pack_type_by_NID @695
+ X509v3_pack_type_by_OBJ @696
+ X509v3_unpack_string @697
+ a2d_ASN1_OBJECT @699
+ a2i_ASN1_INTEGER @700
+ a2i_ASN1_STRING @701
+ asn1_Finish @702
+ asn1_GetSequence @703
+ bn_div64 @704
+ bn_expand2 @705
+ bn_mul_add_word @706
+ bn_mul_word @707
+ bn_qadd @708
+ bn_qsub @709
+ bn_sqr_words @710
+ crypt @711
+ d2i_ASN1_BIT_STRING @712
+ d2i_ASN1_BOOLEAN @713
+ d2i_ASN1_HEADER @714
+ d2i_ASN1_IA5STRING @715
+ d2i_ASN1_INTEGER @716
+ d2i_ASN1_OBJECT @717
+ d2i_ASN1_OCTET_STRING @718
+ d2i_ASN1_PRINTABLE @719
+ d2i_ASN1_PRINTABLESTRING @720
+ d2i_ASN1_SET @721
+ d2i_ASN1_T61STRING @722
+ d2i_ASN1_TYPE @723
+ d2i_ASN1_UTCTIME @724
+ d2i_ASN1_bytes @725
+ d2i_ASN1_type_bytes @726
+ d2i_DHparams @727
+ d2i_DSAPrivateKey @728
+ d2i_DSAPrivateKey_bio @729
+ d2i_DSAPrivateKey_fp @730
+ d2i_DSAPublicKey @731
+ d2i_DSAparams @732
+ d2i_NETSCAPE_SPKAC @733
+ d2i_NETSCAPE_SPKI @734
+ d2i_Netscape_RSA @735
+ d2i_PKCS7 @736
+ d2i_PKCS7_DIGEST @737
+ d2i_PKCS7_ENCRYPT @738
+ d2i_PKCS7_ENC_CONTENT @739
+ d2i_PKCS7_ENVELOPE @740
+ d2i_PKCS7_ISSUER_AND_SERIAL @741
+ d2i_PKCS7_RECIP_INFO @742
+ d2i_PKCS7_SIGNED @743
+ d2i_PKCS7_SIGNER_INFO @744
+ d2i_PKCS7_SIGN_ENVELOPE @745
+ d2i_PKCS7_bio @925
+ d2i_PKCS7_fp @922
+ d2i_PrivateKey @748
+ d2i_PublicKey @749
+ d2i_RSAPrivateKey @750
+ d2i_RSAPrivateKey_bio @751
+ d2i_RSAPrivateKey_fp @752
+ d2i_RSAPublicKey @753
+ d2i_RSAPublicKey_bio @951
+ d2i_RSAPublicKey_fp @952
+ d2i_X509 @754
+ d2i_X509_ALGOR @755
+ d2i_X509_ATTRIBUTE @756
+ d2i_X509_CINF @757
+ d2i_X509_CRL @758
+ d2i_X509_CRL_INFO @759
+ d2i_X509_CRL_bio @760
+ d2i_X509_CRL_fp @761
+ d2i_X509_EXTENSION @762
+ d2i_X509_NAME @763
+ d2i_X509_NAME_ENTRY @764
+ d2i_X509_PKEY @765
+ d2i_X509_PUBKEY @766
+ d2i_X509_REQ @767
+ d2i_X509_REQ_INFO @768
+ d2i_X509_REQ_bio @769
+ d2i_X509_REQ_fp @770
+ d2i_X509_REVOKED @771
+ d2i_X509_SIG @772
+ d2i_X509_VAL @773
+ d2i_X509_bio @774
+ d2i_X509_fp @775
+ des_3cbc_encrypt @776
+ des_cbc_cksum @777
+ des_cbc_encrypt @778
+ des_cblock_print_file @779
+ des_cfb64_encrypt @780
+ des_cfb_encrypt @781
+ des_decrypt3 @782
+ des_ecb3_encrypt @783
+ des_ecb_encrypt @784
+ des_ede3_cbc_encrypt @785
+ des_ede3_cfb64_encrypt @786
+ des_ede3_ofb64_encrypt @787
+ des_enc_read @788
+ des_enc_write @789
+ des_encrypt @790
+ des_encrypt2 @791
+ des_encrypt3 @792
+ des_fcrypt @793
+ des_is_weak_key @794
+ des_key_sched @795
+ des_ncbc_encrypt @796
+ des_ofb64_encrypt @797
+ des_ofb_encrypt @798
+ des_options @799
+ des_pcbc_encrypt @800
+ des_quad_cksum @801
+ des_random_key @802
+ des_random_seed @803
+ des_read_2passwords @804
+ des_read_password @805
+ des_read_pw @806
+ des_read_pw_string @807
+ des_set_key @808
+ des_set_odd_parity @809
+ des_string_to_2keys @810
+ des_string_to_key @811
+ des_xcbc_encrypt @812
+ des_xwhite_in2out @813
+ i2a_ASN1_INTEGER @815
+ i2a_ASN1_OBJECT @816
+ i2a_ASN1_STRING @817
+ i2d_ASN1_BIT_STRING @818
+ i2d_ASN1_BOOLEAN @819
+ i2d_ASN1_HEADER @820
+ i2d_ASN1_IA5STRING @821
+ i2d_ASN1_INTEGER @822
+ i2d_ASN1_OBJECT @823
+ i2d_ASN1_OCTET_STRING @824
+ i2d_ASN1_PRINTABLE @825
+ i2d_ASN1_SET @826
+ i2d_ASN1_TYPE @827
+ i2d_ASN1_UTCTIME @828
+ i2d_ASN1_bytes @829
+ i2d_DHparams @830
+ i2d_DSAPrivateKey @831
+ i2d_DSAPrivateKey_bio @832
+ i2d_DSAPrivateKey_fp @833
+ i2d_DSAPublicKey @834
+ i2d_DSAparams @835
+ i2d_NETSCAPE_SPKAC @836
+ i2d_NETSCAPE_SPKI @837
+ i2d_Netscape_RSA @838
+ i2d_PKCS7 @839
+ i2d_PKCS7_DIGEST @840
+ i2d_PKCS7_ENCRYPT @841
+ i2d_PKCS7_ENC_CONTENT @842
+ i2d_PKCS7_ENVELOPE @843
+ i2d_PKCS7_ISSUER_AND_SERIAL @844
+ i2d_PKCS7_RECIP_INFO @845
+ i2d_PKCS7_SIGNED @846
+ i2d_PKCS7_SIGNER_INFO @847
+ i2d_PKCS7_SIGN_ENVELOPE @848
+ i2d_PKCS7_bio @926
+ i2d_PKCS7_fp @923
+ i2d_PrivateKey @851
+ i2d_PublicKey @852
+ i2d_RSAPrivateKey @853
+ i2d_RSAPrivateKey_bio @854
+ i2d_RSAPrivateKey_fp @855
+ i2d_RSAPublicKey @856
+ i2d_RSAPublicKey_bio @953
+ i2d_RSAPublicKey_fp @954
+ i2d_X509 @857
+ i2d_X509_ALGOR @858
+ i2d_X509_ATTRIBUTE @859
+ i2d_X509_CINF @860
+ i2d_X509_CRL @861
+ i2d_X509_CRL_INFO @862
+ i2d_X509_CRL_bio @863
+ i2d_X509_CRL_fp @864
+ i2d_X509_EXTENSION @865
+ i2d_X509_NAME @866
+ i2d_X509_NAME_ENTRY @867
+ i2d_X509_PKEY @868
+ i2d_X509_PUBKEY @869
+ i2d_X509_REQ @870
+ i2d_X509_REQ_INFO @871
+ i2d_X509_REQ_bio @872
+ i2d_X509_REQ_fp @873
+ i2d_X509_REVOKED @874
+ i2d_X509_SIG @875
+ i2d_X509_VAL @876
+ i2d_X509_bio @877
+ i2d_X509_fp @878
+ idea_cbc_encrypt @879
+ idea_cfb64_encrypt @880
+ idea_ecb_encrypt @881
+ idea_encrypt @882
+ idea_ofb64_encrypt @883
+ idea_options @884
+ idea_set_decrypt_key @885
+ idea_set_encrypt_key @886
+ lh_delete @887
+ lh_doall @888
+ lh_doall_arg @889
+ lh_free @890
+ lh_insert @891
+ lh_new @892
+ lh_node_stats @893
+ lh_node_stats_bio @894
+ lh_node_usage_stats @895
+ lh_node_usage_stats_bio @896
+ lh_retrieve @897
+ lh_stats @898
+ lh_stats_bio @899
+ lh_strhash @900
+ sk_delete @901
+ sk_delete_ptr @902
+ sk_dup @903
+ sk_find @904
+ sk_free @905
+ sk_insert @906
+ sk_new @907
+ sk_pop @908
+ sk_pop_free @909
+ sk_push @910
+ sk_set_cmp_func @911
+ sk_shift @912
+ sk_unshift @913
+ sk_zero @914
+
diff --git a/ms/ntdll.mak b/ms/ntdll.mak
new file mode 100644
index 0000000..f552216
--- /dev/null
+++ b/ms/ntdll.mak
@@ -0,0 +1,1621 @@
+# This makefile has been automatically generated from the SSLeay distribution.
+# This single makefile will build the complete SSLeay distribution and
+# by default leave the 'intertesting' output files in .\out and the stuff
+# that needs deleting in .\tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util\mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+INSTALLTOP=\usr\local\ssl
+
+# Set your compiler options
+CC=cl
+CFLAG=/W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN /MD
+APP_CFLAG=
+LIB_CFLAG= /GD
+APP_EX_OBJ=setargv.obj
+SHLIB_EX_OBJ=
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=wsock32.lib user32.lib gdi32.lib
+
+# The SSLeay directory
+SRC_D=.
+
+LINK=link
+LFLAGS=/nologo /subsystem:console /machine:I386 /opt:ref
+
+BN_MULW_OBJ=crypto\bn\asm\x86nt32.obj
+BN_MULW_SRC=crypto\bn\asm\x86nt32.asm
+DES_ENC_OBJ=crypto\des\asm\d-win32.obj crypto\des\asm\c-win32.obj
+DES_ENC_SRC=crypto\des\asm\d-win32.asm crypto\des\asm\c-win32.asm
+DES_CRYPT_OBJ=
+DES_CRYPT_SRC=
+BF_ENC_OBJ=crypto\bf\asm\b-win32.obj
+BF_ENC_SRC=crypto\bf\asm\b-win32.asm
+
+# The output directory for everything intersting
+OUT_D=out
+# The output directory for all the temporary muck
+TMP_D=tmp
+
+CP=copy
+RM=del
+RANLIB=
+MKDIR=mkdir
+MKLIB=lib
+MLFLAGS= /nologo /subsystem:console /machine:I386 /opt:ref /dll
+ASM=ml /Cp /coff /c /Cx
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=ssleay
+SSL=ssleay32
+CRYPTO=libeay32
+RSAGLUE=RSAglue
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+# INC_D - include directory
+BIN_D=$(OUT_D)
+TEST_D=$(OUT_D)
+LIB_D=$(OUT_D)
+INC_D=$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=$(TMP_D)
+INCL_D=$(TMP_D)
+
+O_SSL= $(LIB_D)\$(SSL).dll
+O_CRYPTO= $(LIB_D)\$(CRYPTO).dll
+O_RSAGLUE= $(LIB_D)\$(RSAGLUE).lib
+L_SSL= $(LIB_D)\$(SSL).lib
+L_CRYPTO= $(LIB_D)\$(CRYPTO).lib
+
+L_LIBS= $(L_SSL) $(L_CRYPTO)
+#L_LIBS= $(O_SSL) $(O_RSAGLUE) -lrsaref $(O_CRYPTO)
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-DFLAT_INC -I$(INC_D) -I$(INCL_D)
+APP_CFLAGS=$(INC) $(CFLAG) $(APP_CFLAG)
+LIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG)
+LIBS_DEP=$(O_CRYPTO) $(O_RSAGLUE) $(O_SSL)
+
+#############################################
+HEADER=$(INCL_D)\e_os.h \
+ $(INCL_D)\cryptlib.h $(INCL_D)\date.h $(INCL_D)\md5_locl.h \
+ $(INCL_D)\sha_locl.h $(INCL_D)\des_locl.h $(INCL_D)\rpc_des.h \
+ $(INCL_D)\podd.h $(INCL_D)\sk.h $(INCL_D)\spr.h \
+ $(INCL_D)\des_ver.h $(INCL_D)\rc2_locl.h $(INCL_D)\idea_lcl.h \
+ $(INCL_D)\bf_pi.h $(INCL_D)\bf_locl.h $(INCL_D)\bn_lcl.h \
+ $(INCL_D)\bn_prime.h $(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h \
+ $(INCL_D)\ssl_locl.h $(INCL_D)\rsaref.h $(INCL_D)\apps.h \
+ $(INCL_D)\progs.h $(INCL_D)\s_apps.h $(INCL_D)\testdsa.h \
+ $(INCL_D)\testrsa.h
+
+EXHEADER=$(INC_D)\crypto.h \
+ $(INC_D)\cryptall.h $(INC_D)\md2.h $(INC_D)\md5.h \
+ $(INC_D)\sha.h $(INC_D)\mdc2.h $(INC_D)\des.h \
+ $(INC_D)\rc4.h $(INC_D)\rc2.h $(INC_D)\idea.h \
+ $(INC_D)\blowfish.h $(INC_D)\bn.h $(INC_D)\rsa.h \
+ $(INC_D)\dsa.h $(INC_D)\dh.h $(INC_D)\buffer.h \
+ $(INC_D)\bio.h $(INC_D)\stack.h $(INC_D)\lhash.h \
+ $(INC_D)\rand.h $(INC_D)\err.h $(INC_D)\objects.h \
+ $(INC_D)\evp.h $(INC_D)\pem.h $(INC_D)\asn1.h \
+ $(INC_D)\asn1_mac.h $(INC_D)\x509.h $(INC_D)\x509_vfy.h \
+ $(INC_D)\conf.h $(INC_D)\txt_db.h $(INC_D)\pkcs7.h \
+ $(INC_D)\ssl.h $(INC_D)\ssl2.h $(INC_D)\ssl3.h \
+ $(INC_D)\ssl23.h
+
+T_OBJ=$(OBJ_D)\md2test.obj \
+ $(OBJ_D)\md5test.obj $(OBJ_D)\shatest.obj $(OBJ_D)\sha1test.obj \
+ $(OBJ_D)\mdc2test.obj $(OBJ_D)\destest.obj $(OBJ_D)\rc4test.obj \
+ $(OBJ_D)\rc2test.obj $(OBJ_D)\ideatest.obj $(OBJ_D)\bftest.obj \
+ $(OBJ_D)\bntest.obj $(OBJ_D)\exptest.obj $(OBJ_D)\dsatest.obj \
+ $(OBJ_D)\dhtest.obj $(OBJ_D)\randtest.obj $(OBJ_D)\ssltest.obj
+
+E_OBJ=$(OBJ_D)\verify.obj \
+ $(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
+ $(OBJ_D)\dh.obj $(OBJ_D)\enc.obj $(OBJ_D)\gendh.obj \
+ $(OBJ_D)\errstr.obj $(OBJ_D)\ca.obj $(OBJ_D)\gendsa.obj \
+ $(OBJ_D)\pkcs7.obj $(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj \
+ $(OBJ_D)\rsa.obj $(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj \
+ $(OBJ_D)\x509.obj $(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj \
+ $(OBJ_D)\s_client.obj $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj \
+ $(OBJ_D)\apps.obj $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj \
+ $(OBJ_D)\version.obj $(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj \
+ $(OBJ_D)\ssleay.obj
+
+CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
+ $(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\md2_dgst.obj \
+ $(OBJ_D)\md5_dgst.obj $(OBJ_D)\md2_one.obj $(OBJ_D)\md5_one.obj \
+ $(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj \
+ $(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj \
+ $(OBJ_D)\set_key.obj $(OBJ_D)\ecb_enc.obj $(OBJ_D)\ede_enc.obj \
+ $(OBJ_D)\cbc_enc.obj $(OBJ_D)\cbc3_enc.obj $(OBJ_D)\ecb3_enc.obj \
+ $(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj $(OBJ_D)\cfb_enc.obj \
+ $(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj $(OBJ_D)\enc_writ.obj \
+ $(OBJ_D)\ncbc_enc.obj $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj \
+ $(OBJ_D)\str2key.obj $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj \
+ $(OBJ_D)\rand_key.obj $(DES_ENC_OBJ) $(OBJ_D)\read2pwd.obj \
+ $(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj $(OBJ_D)\read_pwd.obj \
+ $(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj $(OBJ_D)\supp.obj \
+ $(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc2_ecb.obj $(OBJ_D)\rc2_skey.obj \
+ $(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj $(OBJ_D)\rc2ofb64.obj \
+ $(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj $(OBJ_D)\i_ofb64.obj \
+ $(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj $(OBJ_D)\bf_skey.obj \
+ $(OBJ_D)\bf_ecb.obj $(BF_ENC_OBJ) $(OBJ_D)\bf_cbc.obj \
+ $(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj $(OBJ_D)\bn_add.obj \
+ $(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj $(OBJ_D)\bn_lib.obj \
+ $(OBJ_D)\bn_mod.obj $(OBJ_D)\bn_mul.obj $(OBJ_D)\bn_print.obj \
+ $(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj $(OBJ_D)\bn_sub.obj \
+ $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_gcd.obj $(OBJ_D)\bn_prime.obj \
+ $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj $(BN_MULW_OBJ) \
+ $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj $(OBJ_D)\rsa_enc.obj \
+ $(OBJ_D)\rsa_gen.obj $(OBJ_D)\rsa_lib.obj $(OBJ_D)\rsa_sign.obj \
+ $(OBJ_D)\rsa_saos.obj $(OBJ_D)\rsa_err.obj $(OBJ_D)\dsa_gen.obj \
+ $(OBJ_D)\dsa_key.obj $(OBJ_D)\dsa_lib.obj $(OBJ_D)\dsa_vrf.obj \
+ $(OBJ_D)\dsa_sign.obj $(OBJ_D)\dsa_err.obj $(OBJ_D)\dh_gen.obj \
+ $(OBJ_D)\dh_key.obj $(OBJ_D)\dh_lib.obj $(OBJ_D)\dh_check.obj \
+ $(OBJ_D)\dh_err.obj $(OBJ_D)\buffer.obj $(OBJ_D)\buf_err.obj \
+ $(OBJ_D)\bio_lib.obj $(OBJ_D)\bio_cb.obj $(OBJ_D)\bio_err.obj \
+ $(OBJ_D)\bss_mem.obj $(OBJ_D)\bss_null.obj $(OBJ_D)\bss_fd.obj \
+ $(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj $(OBJ_D)\bss_conn.obj \
+ $(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj $(OBJ_D)\b_print.obj \
+ $(OBJ_D)\b_dump.obj $(OBJ_D)\b_sock.obj $(OBJ_D)\bss_acpt.obj \
+ $(OBJ_D)\bf_nbio.obj $(OBJ_D)\stack.obj $(OBJ_D)\lhash.obj \
+ $(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj $(OBJ_D)\randfile.obj \
+ $(OBJ_D)\err.obj $(OBJ_D)\err_all.obj $(OBJ_D)\err_prn.obj \
+ $(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj $(OBJ_D)\obj_err.obj \
+ $(OBJ_D)\encode.obj $(OBJ_D)\digest.obj $(OBJ_D)\evp_enc.obj \
+ $(OBJ_D)\evp_key.obj $(OBJ_D)\e_ecb_d.obj $(OBJ_D)\e_cbc_d.obj \
+ $(OBJ_D)\e_cfb_d.obj $(OBJ_D)\e_ofb_d.obj $(OBJ_D)\e_ecb_i.obj \
+ $(OBJ_D)\e_cbc_i.obj $(OBJ_D)\e_cfb_i.obj $(OBJ_D)\e_ofb_i.obj \
+ $(OBJ_D)\e_ecb_3d.obj $(OBJ_D)\e_cbc_3d.obj $(OBJ_D)\e_rc4.obj \
+ $(OBJ_D)\names.obj $(OBJ_D)\e_cfb_3d.obj $(OBJ_D)\e_ofb_3d.obj \
+ $(OBJ_D)\e_xcbc_d.obj $(OBJ_D)\e_ecb_r2.obj $(OBJ_D)\e_cbc_r2.obj \
+ $(OBJ_D)\e_cfb_r2.obj $(OBJ_D)\e_ofb_r2.obj $(OBJ_D)\e_ecb_bf.obj \
+ $(OBJ_D)\e_cbc_bf.obj $(OBJ_D)\e_cfb_bf.obj $(OBJ_D)\e_ofb_bf.obj \
+ $(OBJ_D)\m_null.obj $(OBJ_D)\m_md2.obj $(OBJ_D)\m_md5.obj \
+ $(OBJ_D)\m_sha.obj $(OBJ_D)\m_sha1.obj $(OBJ_D)\m_dss.obj \
+ $(OBJ_D)\m_dss1.obj $(OBJ_D)\m_mdc2.obj $(OBJ_D)\p_open.obj \
+ $(OBJ_D)\p_seal.obj $(OBJ_D)\p_sign.obj $(OBJ_D)\p_verify.obj \
+ $(OBJ_D)\p_lib.obj $(OBJ_D)\bio_md.obj $(OBJ_D)\bio_b64.obj \
+ $(OBJ_D)\bio_enc.obj $(OBJ_D)\evp_err.obj $(OBJ_D)\e_null.obj \
+ $(OBJ_D)\c_all.obj $(OBJ_D)\pem_sign.obj $(OBJ_D)\pem_seal.obj \
+ $(OBJ_D)\pem_info.obj $(OBJ_D)\pem_lib.obj $(OBJ_D)\pem_all.obj \
+ $(OBJ_D)\pem_err.obj $(OBJ_D)\a_object.obj $(OBJ_D)\a_bitstr.obj \
+ $(OBJ_D)\a_utctm.obj $(OBJ_D)\a_int.obj $(OBJ_D)\a_octet.obj \
+ $(OBJ_D)\a_print.obj $(OBJ_D)\a_type.obj $(OBJ_D)\a_set.obj \
+ $(OBJ_D)\a_dup.obj $(OBJ_D)\a_d2i_fp.obj $(OBJ_D)\a_i2d_fp.obj \
+ $(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj $(OBJ_D)\a_verify.obj \
+ $(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj $(OBJ_D)\x_pubkey.obj \
+ $(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj $(OBJ_D)\x_attrib.obj \
+ $(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj $(OBJ_D)\x_x509.obj \
+ $(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj $(OBJ_D)\x_spki.obj \
+ $(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj $(OBJ_D)\d2i_r_pu.obj \
+ $(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj $(OBJ_D)\i2d_s_pr.obj \
+ $(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj $(OBJ_D)\d2i_pu.obj \
+ $(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj $(OBJ_D)\i2d_pr.obj \
+ $(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj $(OBJ_D)\t_pkey.obj \
+ $(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj $(OBJ_D)\p7_signd.obj \
+ $(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj $(OBJ_D)\p7_evp.obj \
+ $(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj $(OBJ_D)\p7_enc.obj \
+ $(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj $(OBJ_D)\f_string.obj \
+ $(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj $(OBJ_D)\d2i_dhp.obj \
+ $(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj $(OBJ_D)\a_hdr.obj \
+ $(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj $(OBJ_D)\x_exten.obj \
+ $(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj $(OBJ_D)\asn1_err.obj \
+ $(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj $(OBJ_D)\x509_def.obj \
+ $(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj $(OBJ_D)\x509_cmp.obj \
+ $(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj $(OBJ_D)\x509_vfy.obj \
+ $(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj $(OBJ_D)\x509_err.obj \
+ $(OBJ_D)\x509name.obj $(OBJ_D)\x509_v3.obj $(OBJ_D)\x509_ext.obj \
+ $(OBJ_D)\x509pack.obj $(OBJ_D)\x509type.obj $(OBJ_D)\x509_lu.obj \
+ $(OBJ_D)\x_all.obj $(OBJ_D)\x509_txt.obj $(OBJ_D)\by_file.obj \
+ $(OBJ_D)\by_dir.obj $(OBJ_D)\v3_net.obj $(OBJ_D)\v3_x509.obj \
+ $(OBJ_D)\conf.obj $(OBJ_D)\conf_err.obj $(OBJ_D)\txt_db.obj \
+ $(OBJ_D)\pk7_lib.obj $(OBJ_D)\pkcs7err.obj $(OBJ_D)\pk7_doit.obj
+
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+ $(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+ $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s2_enc.obj $(OBJ_D)\s3_meth.obj \
+ $(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+ $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_both.obj \
+ $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj $(OBJ_D)\s23_clnt.obj \
+ $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj $(OBJ_D)\ssl_lib.obj \
+ $(OBJ_D)\ssl_err2.obj $(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj \
+ $(OBJ_D)\ssl_ciph.obj $(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj \
+ $(OBJ_D)\ssl_asn1.obj $(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj \
+ $(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj
+
+RSAGLUEOBJ=$(OBJ_D)\rsaref.obj \
+ $(OBJ_D)\rsar_err.obj
+
+T_EXE=$(TEST_D)\md2test.exe \
+ $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe $(TEST_D)\sha1test.exe \
+ $(TEST_D)\mdc2test.exe $(TEST_D)\destest.exe $(TEST_D)\rc4test.exe \
+ $(TEST_D)\rc2test.exe $(TEST_D)\ideatest.exe $(TEST_D)\bftest.exe \
+ $(TEST_D)\bntest.exe $(TEST_D)\exptest.exe $(TEST_D)\dsatest.exe \
+ $(TEST_D)\dhtest.exe $(TEST_D)\randtest.exe $(TEST_D)\ssltest.exe
+
+###################################################################
+all: banner $(OUT_D) $(TMP_D) headers lib exe
+
+banner:
+
+
+$(OUT_D):
+ $(MKDIR) $(OUT_D)
+
+$(TMP_D):
+ $(MKDIR) $(TMP_D)
+
+headers: $(HEADER) $(EXHEADER)
+
+lib: $(LIBS_DEP)
+
+exe: $(T_EXE) $(BIN_D)\$(E_EXE).exe
+
+install:
+ $(MKDIR) $(INSTALLTOP)
+ $(MKDIR) $(INSTALLTOP)\bin
+ $(MKDIR) $(INSTALLTOP)\include
+ $(MKDIR) $(INSTALLTOP)\lib
+ $(CP) $(INC_D)\*.h $(INSTALLTOP)\include
+ $(CP) $(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin
+ $(CP) $(LIB_D)\$(O_SSL) $(INSTALLTOP)\lib
+ $(CP) $(LIB_D)\$(O_CRYPTO) $(INSTALLTOP)\lib
+
+clean:
+ $(RM) $(TMP_D)\*.*
+
+vclean:
+ $(RM) $(TMP_D)\*.*
+ $(RM) $(OUT_D)\*.*
+
+$(INCL_D)\e_os.h: $(SRC_D)\.\e_os.h
+ $(CP) $(SRC_D)\.\e_os.h $(INCL_D)\e_os.h
+
+$(INCL_D)\cryptlib.h: $(SRC_D)\crypto\cryptlib.h
+ $(CP) $(SRC_D)\crypto\cryptlib.h $(INCL_D)\cryptlib.h
+
+$(INCL_D)\date.h: $(SRC_D)\crypto\date.h
+ $(CP) $(SRC_D)\crypto\date.h $(INCL_D)\date.h
+
+$(INCL_D)\md5_locl.h: $(SRC_D)\crypto\md\md5_locl.h
+ $(CP) $(SRC_D)\crypto\md\md5_locl.h $(INCL_D)\md5_locl.h
+
+$(INCL_D)\sha_locl.h: $(SRC_D)\crypto\sha\sha_locl.h
+ $(CP) $(SRC_D)\crypto\sha\sha_locl.h $(INCL_D)\sha_locl.h
+
+$(INCL_D)\des_locl.h: $(SRC_D)\crypto\des\des_locl.h
+ $(CP) $(SRC_D)\crypto\des\des_locl.h $(INCL_D)\des_locl.h
+
+$(INCL_D)\rpc_des.h: $(SRC_D)\crypto\des\rpc_des.h
+ $(CP) $(SRC_D)\crypto\des\rpc_des.h $(INCL_D)\rpc_des.h
+
+$(INCL_D)\podd.h: $(SRC_D)\crypto\des\podd.h
+ $(CP) $(SRC_D)\crypto\des\podd.h $(INCL_D)\podd.h
+
+$(INCL_D)\sk.h: $(SRC_D)\crypto\des\sk.h
+ $(CP) $(SRC_D)\crypto\des\sk.h $(INCL_D)\sk.h
+
+$(INCL_D)\spr.h: $(SRC_D)\crypto\des\spr.h
+ $(CP) $(SRC_D)\crypto\des\spr.h $(INCL_D)\spr.h
+
+$(INCL_D)\des_ver.h: $(SRC_D)\crypto\des\des_ver.h
+ $(CP) $(SRC_D)\crypto\des\des_ver.h $(INCL_D)\des_ver.h
+
+$(INCL_D)\rc2_locl.h: $(SRC_D)\crypto\rc2\rc2_locl.h
+ $(CP) $(SRC_D)\crypto\rc2\rc2_locl.h $(INCL_D)\rc2_locl.h
+
+$(INCL_D)\idea_lcl.h: $(SRC_D)\crypto\idea\idea_lcl.h
+ $(CP) $(SRC_D)\crypto\idea\idea_lcl.h $(INCL_D)\idea_lcl.h
+
+$(INCL_D)\bf_pi.h: $(SRC_D)\crypto\bf\bf_pi.h
+ $(CP) $(SRC_D)\crypto\bf\bf_pi.h $(INCL_D)\bf_pi.h
+
+$(INCL_D)\bf_locl.h: $(SRC_D)\crypto\bf\bf_locl.h
+ $(CP) $(SRC_D)\crypto\bf\bf_locl.h $(INCL_D)\bf_locl.h
+
+$(INCL_D)\bn_lcl.h: $(SRC_D)\crypto\bn\bn_lcl.h
+ $(CP) $(SRC_D)\crypto\bn\bn_lcl.h $(INCL_D)\bn_lcl.h
+
+$(INCL_D)\bn_prime.h: $(SRC_D)\crypto\bn\bn_prime.h
+ $(CP) $(SRC_D)\crypto\bn\bn_prime.h $(INCL_D)\bn_prime.h
+
+$(INCL_D)\obj_dat.h: $(SRC_D)\crypto\objects\obj_dat.h
+ $(CP) $(SRC_D)\crypto\objects\obj_dat.h $(INCL_D)\obj_dat.h
+
+$(INCL_D)\conf_lcl.h: $(SRC_D)\crypto\conf\conf_lcl.h
+ $(CP) $(SRC_D)\crypto\conf\conf_lcl.h $(INCL_D)\conf_lcl.h
+
+$(INCL_D)\ssl_locl.h: $(SRC_D)\ssl\ssl_locl.h
+ $(CP) $(SRC_D)\ssl\ssl_locl.h $(INCL_D)\ssl_locl.h
+
+$(INCL_D)\rsaref.h: $(SRC_D)\rsaref\rsaref.h
+ $(CP) $(SRC_D)\rsaref\rsaref.h $(INCL_D)\rsaref.h
+
+$(INCL_D)\apps.h: $(SRC_D)\apps\apps.h
+ $(CP) $(SRC_D)\apps\apps.h $(INCL_D)\apps.h
+
+$(INCL_D)\progs.h: $(SRC_D)\apps\progs.h
+ $(CP) $(SRC_D)\apps\progs.h $(INCL_D)\progs.h
+
+$(INCL_D)\s_apps.h: $(SRC_D)\apps\s_apps.h
+ $(CP) $(SRC_D)\apps\s_apps.h $(INCL_D)\s_apps.h
+
+$(INCL_D)\testdsa.h: $(SRC_D)\apps\testdsa.h
+ $(CP) $(SRC_D)\apps\testdsa.h $(INCL_D)\testdsa.h
+
+$(INCL_D)\testrsa.h: $(SRC_D)\apps\testrsa.h
+ $(CP) $(SRC_D)\apps\testrsa.h $(INCL_D)\testrsa.h
+
+$(INC_D)\crypto.h: $(SRC_D)\crypto\crypto.h
+ $(CP) $(SRC_D)\crypto\crypto.h $(INC_D)\crypto.h
+
+$(INC_D)\cryptall.h: $(SRC_D)\crypto\cryptall.h
+ $(CP) $(SRC_D)\crypto\cryptall.h $(INC_D)\cryptall.h
+
+$(INC_D)\md2.h: $(SRC_D)\crypto\md\md2.h
+ $(CP) $(SRC_D)\crypto\md\md2.h $(INC_D)\md2.h
+
+$(INC_D)\md5.h: $(SRC_D)\crypto\md\md5.h
+ $(CP) $(SRC_D)\crypto\md\md5.h $(INC_D)\md5.h
+
+$(INC_D)\sha.h: $(SRC_D)\crypto\sha\sha.h
+ $(CP) $(SRC_D)\crypto\sha\sha.h $(INC_D)\sha.h
+
+$(INC_D)\mdc2.h: $(SRC_D)\crypto\mdc2\mdc2.h
+ $(CP) $(SRC_D)\crypto\mdc2\mdc2.h $(INC_D)\mdc2.h
+
+$(INC_D)\des.h: $(SRC_D)\crypto\des\des.h
+ $(CP) $(SRC_D)\crypto\des\des.h $(INC_D)\des.h
+
+$(INC_D)\rc4.h: $(SRC_D)\crypto\rc4\rc4.h
+ $(CP) $(SRC_D)\crypto\rc4\rc4.h $(INC_D)\rc4.h
+
+$(INC_D)\rc2.h: $(SRC_D)\crypto\rc2\rc2.h
+ $(CP) $(SRC_D)\crypto\rc2\rc2.h $(INC_D)\rc2.h
+
+$(INC_D)\idea.h: $(SRC_D)\crypto\idea\idea.h
+ $(CP) $(SRC_D)\crypto\idea\idea.h $(INC_D)\idea.h
+
+$(INC_D)\blowfish.h: $(SRC_D)\crypto\bf\blowfish.h
+ $(CP) $(SRC_D)\crypto\bf\blowfish.h $(INC_D)\blowfish.h
+
+$(INC_D)\bn.h: $(SRC_D)\crypto\bn\bn.h
+ $(CP) $(SRC_D)\crypto\bn\bn.h $(INC_D)\bn.h
+
+$(INC_D)\rsa.h: $(SRC_D)\crypto\rsa\rsa.h
+ $(CP) $(SRC_D)\crypto\rsa\rsa.h $(INC_D)\rsa.h
+
+$(INC_D)\dsa.h: $(SRC_D)\crypto\dsa\dsa.h
+ $(CP) $(SRC_D)\crypto\dsa\dsa.h $(INC_D)\dsa.h
+
+$(INC_D)\dh.h: $(SRC_D)\crypto\dh\dh.h
+ $(CP) $(SRC_D)\crypto\dh\dh.h $(INC_D)\dh.h
+
+$(INC_D)\buffer.h: $(SRC_D)\crypto\buffer\buffer.h
+ $(CP) $(SRC_D)\crypto\buffer\buffer.h $(INC_D)\buffer.h
+
+$(INC_D)\bio.h: $(SRC_D)\crypto\bio\bio.h
+ $(CP) $(SRC_D)\crypto\bio\bio.h $(INC_D)\bio.h
+
+$(INC_D)\stack.h: $(SRC_D)\crypto\stack\stack.h
+ $(CP) $(SRC_D)\crypto\stack\stack.h $(INC_D)\stack.h
+
+$(INC_D)\lhash.h: $(SRC_D)\crypto\lhash\lhash.h
+ $(CP) $(SRC_D)\crypto\lhash\lhash.h $(INC_D)\lhash.h
+
+$(INC_D)\rand.h: $(SRC_D)\crypto\rand\rand.h
+ $(CP) $(SRC_D)\crypto\rand\rand.h $(INC_D)\rand.h
+
+$(INC_D)\err.h: $(SRC_D)\crypto\err\err.h
+ $(CP) $(SRC_D)\crypto\err\err.h $(INC_D)\err.h
+
+$(INC_D)\objects.h: $(SRC_D)\crypto\objects\objects.h
+ $(CP) $(SRC_D)\crypto\objects\objects.h $(INC_D)\objects.h
+
+$(INC_D)\evp.h: $(SRC_D)\crypto\evp\evp.h
+ $(CP) $(SRC_D)\crypto\evp\evp.h $(INC_D)\evp.h
+
+$(INC_D)\pem.h: $(SRC_D)\crypto\pem\pem.h
+ $(CP) $(SRC_D)\crypto\pem\pem.h $(INC_D)\pem.h
+
+$(INC_D)\asn1.h: $(SRC_D)\crypto\asn1\asn1.h
+ $(CP) $(SRC_D)\crypto\asn1\asn1.h $(INC_D)\asn1.h
+
+$(INC_D)\asn1_mac.h: $(SRC_D)\crypto\asn1\asn1_mac.h
+ $(CP) $(SRC_D)\crypto\asn1\asn1_mac.h $(INC_D)\asn1_mac.h
+
+$(INC_D)\x509.h: $(SRC_D)\crypto\x509\x509.h
+ $(CP) $(SRC_D)\crypto\x509\x509.h $(INC_D)\x509.h
+
+$(INC_D)\x509_vfy.h: $(SRC_D)\crypto\x509\x509_vfy.h
+ $(CP) $(SRC_D)\crypto\x509\x509_vfy.h $(INC_D)\x509_vfy.h
+
+$(INC_D)\conf.h: $(SRC_D)\crypto\conf\conf.h
+ $(CP) $(SRC_D)\crypto\conf\conf.h $(INC_D)\conf.h
+
+$(INC_D)\txt_db.h: $(SRC_D)\crypto\txt_db\txt_db.h
+ $(CP) $(SRC_D)\crypto\txt_db\txt_db.h $(INC_D)\txt_db.h
+
+$(INC_D)\pkcs7.h: $(SRC_D)\crypto\pkcs7\pkcs7.h
+ $(CP) $(SRC_D)\crypto\pkcs7\pkcs7.h $(INC_D)\pkcs7.h
+
+$(INC_D)\ssl.h: $(SRC_D)\ssl\ssl.h
+ $(CP) $(SRC_D)\ssl\ssl.h $(INC_D)\ssl.h
+
+$(INC_D)\ssl2.h: $(SRC_D)\ssl\ssl2.h
+ $(CP) $(SRC_D)\ssl\ssl2.h $(INC_D)\ssl2.h
+
+$(INC_D)\ssl3.h: $(SRC_D)\ssl\ssl3.h
+ $(CP) $(SRC_D)\ssl\ssl3.h $(INC_D)\ssl3.h
+
+$(INC_D)\ssl23.h: $(SRC_D)\ssl\ssl23.h
+ $(CP) $(SRC_D)\ssl\ssl23.h $(INC_D)\ssl23.h
+
+$(OBJ_D)\md2test.obj: $(SRC_D)\crypto\md\md2test.c
+ $(CC) /Fo$(OBJ_D)\md2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md2test.c
+
+$(OBJ_D)\md5test.obj: $(SRC_D)\crypto\md\md5test.c
+ $(CC) /Fo$(OBJ_D)\md5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md5test.c
+
+$(OBJ_D)\shatest.obj: $(SRC_D)\crypto\sha\shatest.c
+ $(CC) /Fo$(OBJ_D)\shatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\sha\shatest.c
+
+$(OBJ_D)\sha1test.obj: $(SRC_D)\crypto\sha\sha1test.c
+ $(CC) /Fo$(OBJ_D)\sha1test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\sha\sha1test.c
+
+$(OBJ_D)\mdc2test.obj: $(SRC_D)\crypto\mdc2\mdc2test.c
+ $(CC) /Fo$(OBJ_D)\mdc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2test.c
+
+$(OBJ_D)\destest.obj: $(SRC_D)\crypto\des\destest.c
+ $(CC) /Fo$(OBJ_D)\destest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\des\destest.c
+
+$(OBJ_D)\rc4test.obj: $(SRC_D)\crypto\rc4\rc4test.c
+ $(CC) /Fo$(OBJ_D)\rc4test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4test.c
+
+$(OBJ_D)\rc2test.obj: $(SRC_D)\crypto\rc2\rc2test.c
+ $(CC) /Fo$(OBJ_D)\rc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2test.c
+
+$(OBJ_D)\ideatest.obj: $(SRC_D)\crypto\idea\ideatest.c
+ $(CC) /Fo$(OBJ_D)\ideatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\idea\ideatest.c
+
+$(OBJ_D)\bftest.obj: $(SRC_D)\crypto\bf\bftest.c
+ $(CC) /Fo$(OBJ_D)\bftest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bf\bftest.c
+
+$(OBJ_D)\bntest.obj: $(SRC_D)\crypto\bn\bntest.c
+ $(CC) /Fo$(OBJ_D)\bntest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bn\bntest.c
+
+$(OBJ_D)\exptest.obj: $(SRC_D)\crypto\bn\exptest.c
+ $(CC) /Fo$(OBJ_D)\exptest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bn\exptest.c
+
+$(OBJ_D)\dsatest.obj: $(SRC_D)\crypto\dsa\dsatest.c
+ $(CC) /Fo$(OBJ_D)\dsatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\dsa\dsatest.c
+
+$(OBJ_D)\dhtest.obj: $(SRC_D)\crypto\dh\dhtest.c
+ $(CC) /Fo$(OBJ_D)\dhtest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\dh\dhtest.c
+
+$(OBJ_D)\randtest.obj: $(SRC_D)\crypto\rand\randtest.c
+ $(CC) /Fo$(OBJ_D)\randtest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rand\randtest.c
+
+$(OBJ_D)\ssltest.obj: $(SRC_D)\ssl\ssltest.c
+ $(CC) /Fo$(OBJ_D)\ssltest.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\ssltest.c
+
+$(OBJ_D)\verify.obj: $(SRC_D)\apps\verify.c
+ $(CC) /Fo$(OBJ_D)\verify.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\verify.c
+
+$(OBJ_D)\asn1pars.obj: $(SRC_D)\apps\asn1pars.c
+ $(CC) /Fo$(OBJ_D)\asn1pars.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\asn1pars.c
+
+$(OBJ_D)\req.obj: $(SRC_D)\apps\req.c
+ $(CC) /Fo$(OBJ_D)\req.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\req.c
+
+$(OBJ_D)\dgst.obj: $(SRC_D)\apps\dgst.c
+ $(CC) /Fo$(OBJ_D)\dgst.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dgst.c
+
+$(OBJ_D)\dh.obj: $(SRC_D)\apps\dh.c
+ $(CC) /Fo$(OBJ_D)\dh.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dh.c
+
+$(OBJ_D)\enc.obj: $(SRC_D)\apps\enc.c
+ $(CC) /Fo$(OBJ_D)\enc.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\enc.c
+
+$(OBJ_D)\gendh.obj: $(SRC_D)\apps\gendh.c
+ $(CC) /Fo$(OBJ_D)\gendh.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\gendh.c
+
+$(OBJ_D)\errstr.obj: $(SRC_D)\apps\errstr.c
+ $(CC) /Fo$(OBJ_D)\errstr.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\errstr.c
+
+$(OBJ_D)\ca.obj: $(SRC_D)\apps\ca.c
+ $(CC) /Fo$(OBJ_D)\ca.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ca.c
+
+$(OBJ_D)\gendsa.obj: $(SRC_D)\apps\gendsa.c
+ $(CC) /Fo$(OBJ_D)\gendsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\gendsa.c
+
+$(OBJ_D)\pkcs7.obj: $(SRC_D)\apps\pkcs7.c
+ $(CC) /Fo$(OBJ_D)\pkcs7.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\pkcs7.c
+
+$(OBJ_D)\crl2p7.obj: $(SRC_D)\apps\crl2p7.c
+ $(CC) /Fo$(OBJ_D)\crl2p7.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\crl2p7.c
+
+$(OBJ_D)\crl.obj: $(SRC_D)\apps\crl.c
+ $(CC) /Fo$(OBJ_D)\crl.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\crl.c
+
+$(OBJ_D)\rsa.obj: $(SRC_D)\apps\rsa.c
+ $(CC) /Fo$(OBJ_D)\rsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\rsa.c
+
+$(OBJ_D)\dsa.obj: $(SRC_D)\apps\dsa.c
+ $(CC) /Fo$(OBJ_D)\dsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dsa.c
+
+$(OBJ_D)\dsaparam.obj: $(SRC_D)\apps\dsaparam.c
+ $(CC) /Fo$(OBJ_D)\dsaparam.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dsaparam.c
+
+$(OBJ_D)\x509.obj: $(SRC_D)\apps\x509.c
+ $(CC) /Fo$(OBJ_D)\x509.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\x509.c
+
+$(OBJ_D)\genrsa.obj: $(SRC_D)\apps\genrsa.c
+ $(CC) /Fo$(OBJ_D)\genrsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\genrsa.c
+
+$(OBJ_D)\s_server.obj: $(SRC_D)\apps\s_server.c
+ $(CC) /Fo$(OBJ_D)\s_server.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_server.c
+
+$(OBJ_D)\s_client.obj: $(SRC_D)\apps\s_client.c
+ $(CC) /Fo$(OBJ_D)\s_client.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_client.c
+
+$(OBJ_D)\speed.obj: $(SRC_D)\apps\speed.c
+ $(CC) /Fo$(OBJ_D)\speed.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\speed.c
+
+$(OBJ_D)\s_time.obj: $(SRC_D)\apps\s_time.c
+ $(CC) /Fo$(OBJ_D)\s_time.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_time.c
+
+$(OBJ_D)\apps.obj: $(SRC_D)\apps\apps.c
+ $(CC) /Fo$(OBJ_D)\apps.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\apps.c
+
+$(OBJ_D)\s_cb.obj: $(SRC_D)\apps\s_cb.c
+ $(CC) /Fo$(OBJ_D)\s_cb.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_cb.c
+
+$(OBJ_D)\s_socket.obj: $(SRC_D)\apps\s_socket.c
+ $(CC) /Fo$(OBJ_D)\s_socket.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_socket.c
+
+$(OBJ_D)\version.obj: $(SRC_D)\apps\version.c
+ $(CC) /Fo$(OBJ_D)\version.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\version.c
+
+$(OBJ_D)\sess_id.obj: $(SRC_D)\apps\sess_id.c
+ $(CC) /Fo$(OBJ_D)\sess_id.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\sess_id.c
+
+$(OBJ_D)\ciphers.obj: $(SRC_D)\apps\ciphers.c
+ $(CC) /Fo$(OBJ_D)\ciphers.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ciphers.c
+
+$(OBJ_D)\ssleay.obj: $(SRC_D)\apps\ssleay.c
+ $(CC) /Fo$(OBJ_D)\ssleay.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ssleay.c
+
+crypto\bn\asm\x86nt32.obj: crypto\bn\asm\x86nt32.asm
+ $(ASM) /Focrypto\bn\asm\x86nt32.obj $(SRC_D)\crypto\bn\asm\x86nt32.asm
+
+crypto\des\asm\d-win32.obj: crypto\des\asm\d-win32.asm
+ $(ASM) /Focrypto\des\asm\d-win32.obj $(SRC_D)\crypto\des\asm\d-win32.asm
+
+crypto\des\asm\c-win32.obj: crypto\des\asm\c-win32.asm
+ $(ASM) /Focrypto\des\asm\c-win32.obj $(SRC_D)\crypto\des\asm\c-win32.asm
+
+crypto\bf\asm\b-win32.obj: crypto\bf\asm\b-win32.asm
+ $(ASM) /Focrypto\bf\asm\b-win32.obj $(SRC_D)\crypto\bf\asm\b-win32.asm
+
+$(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
+ $(CC) /Fo$(OBJ_D)\cryptlib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
+
+$(OBJ_D)\mem.obj: $(SRC_D)\crypto\mem.c
+ $(CC) /Fo$(OBJ_D)\mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mem.c
+
+$(OBJ_D)\cversion.obj: $(SRC_D)\crypto\cversion.c
+ $(CC) /Fo$(OBJ_D)\cversion.obj $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c
+
+$(OBJ_D)\md2_dgst.obj: $(SRC_D)\crypto\md\md2_dgst.c
+ $(CC) /Fo$(OBJ_D)\md2_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_dgst.c
+
+$(OBJ_D)\md5_dgst.obj: $(SRC_D)\crypto\md\md5_dgst.c
+ $(CC) /Fo$(OBJ_D)\md5_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_dgst.c
+
+$(OBJ_D)\md2_one.obj: $(SRC_D)\crypto\md\md2_one.c
+ $(CC) /Fo$(OBJ_D)\md2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_one.c
+
+$(OBJ_D)\md5_one.obj: $(SRC_D)\crypto\md\md5_one.c
+ $(CC) /Fo$(OBJ_D)\md5_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_one.c
+
+$(OBJ_D)\sha_dgst.obj: $(SRC_D)\crypto\sha\sha_dgst.c
+ $(CC) /Fo$(OBJ_D)\sha_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_dgst.c
+
+$(OBJ_D)\sha1dgst.obj: $(SRC_D)\crypto\sha\sha1dgst.c
+ $(CC) /Fo$(OBJ_D)\sha1dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1dgst.c
+
+$(OBJ_D)\sha_one.obj: $(SRC_D)\crypto\sha\sha_one.c
+ $(CC) /Fo$(OBJ_D)\sha_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_one.c
+
+$(OBJ_D)\sha1_one.obj: $(SRC_D)\crypto\sha\sha1_one.c
+ $(CC) /Fo$(OBJ_D)\sha1_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1_one.c
+
+$(OBJ_D)\mdc2dgst.obj: $(SRC_D)\crypto\mdc2\mdc2dgst.c
+ $(CC) /Fo$(OBJ_D)\mdc2dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2dgst.c
+
+$(OBJ_D)\mdc2_one.obj: $(SRC_D)\crypto\mdc2\mdc2_one.c
+ $(CC) /Fo$(OBJ_D)\mdc2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2_one.c
+
+$(OBJ_D)\set_key.obj: $(SRC_D)\crypto\des\set_key.c
+ $(CC) /Fo$(OBJ_D)\set_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\set_key.c
+
+$(OBJ_D)\ecb_enc.obj: $(SRC_D)\crypto\des\ecb_enc.c
+ $(CC) /Fo$(OBJ_D)\ecb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb_enc.c
+
+$(OBJ_D)\ede_enc.obj: $(SRC_D)\crypto\des\ede_enc.c
+ $(CC) /Fo$(OBJ_D)\ede_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ede_enc.c
+
+$(OBJ_D)\cbc_enc.obj: $(SRC_D)\crypto\des\cbc_enc.c
+ $(CC) /Fo$(OBJ_D)\cbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_enc.c
+
+$(OBJ_D)\cbc3_enc.obj: $(SRC_D)\crypto\des\cbc3_enc.c
+ $(CC) /Fo$(OBJ_D)\cbc3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc3_enc.c
+
+$(OBJ_D)\ecb3_enc.obj: $(SRC_D)\crypto\des\ecb3_enc.c
+ $(CC) /Fo$(OBJ_D)\ecb3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb3_enc.c
+
+$(OBJ_D)\cfb64enc.obj: $(SRC_D)\crypto\des\cfb64enc.c
+ $(CC) /Fo$(OBJ_D)\cfb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64enc.c
+
+$(OBJ_D)\cfb64ede.obj: $(SRC_D)\crypto\des\cfb64ede.c
+ $(CC) /Fo$(OBJ_D)\cfb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64ede.c
+
+$(OBJ_D)\cfb_enc.obj: $(SRC_D)\crypto\des\cfb_enc.c
+ $(CC) /Fo$(OBJ_D)\cfb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb_enc.c
+
+$(OBJ_D)\ofb64ede.obj: $(SRC_D)\crypto\des\ofb64ede.c
+ $(CC) /Fo$(OBJ_D)\ofb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64ede.c
+
+$(OBJ_D)\enc_read.obj: $(SRC_D)\crypto\des\enc_read.c
+ $(CC) /Fo$(OBJ_D)\enc_read.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_read.c
+
+$(OBJ_D)\enc_writ.obj: $(SRC_D)\crypto\des\enc_writ.c
+ $(CC) /Fo$(OBJ_D)\enc_writ.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_writ.c
+
+$(OBJ_D)\ncbc_enc.obj: $(SRC_D)\crypto\des\ncbc_enc.c
+ $(CC) /Fo$(OBJ_D)\ncbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ncbc_enc.c
+
+$(OBJ_D)\ofb64enc.obj: $(SRC_D)\crypto\des\ofb64enc.c
+ $(CC) /Fo$(OBJ_D)\ofb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64enc.c
+
+$(OBJ_D)\ofb_enc.obj: $(SRC_D)\crypto\des\ofb_enc.c
+ $(CC) /Fo$(OBJ_D)\ofb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb_enc.c
+
+$(OBJ_D)\str2key.obj: $(SRC_D)\crypto\des\str2key.c
+ $(CC) /Fo$(OBJ_D)\str2key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\str2key.c
+
+$(OBJ_D)\pcbc_enc.obj: $(SRC_D)\crypto\des\pcbc_enc.c
+ $(CC) /Fo$(OBJ_D)\pcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\pcbc_enc.c
+
+$(OBJ_D)\qud_cksm.obj: $(SRC_D)\crypto\des\qud_cksm.c
+ $(CC) /Fo$(OBJ_D)\qud_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\qud_cksm.c
+
+$(OBJ_D)\rand_key.obj: $(SRC_D)\crypto\des\rand_key.c
+ $(CC) /Fo$(OBJ_D)\rand_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rand_key.c
+
+$(OBJ_D)\des_enc.obj: $(SRC_D)\crypto\des\des_enc.c
+ $(CC) /Fo$(OBJ_D)\des_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\des_enc.c
+
+$(OBJ_D)\fcrypt_b.obj: $(SRC_D)\crypto\des\fcrypt_b.c
+ $(CC) /Fo$(OBJ_D)\fcrypt_b.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt_b.c
+
+$(OBJ_D)\read2pwd.obj: $(SRC_D)\crypto\des\read2pwd.c
+ $(CC) /Fo$(OBJ_D)\read2pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read2pwd.c
+
+$(OBJ_D)\fcrypt.obj: $(SRC_D)\crypto\des\fcrypt.c
+ $(CC) /Fo$(OBJ_D)\fcrypt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt.c
+
+$(OBJ_D)\xcbc_enc.obj: $(SRC_D)\crypto\des\xcbc_enc.c
+ $(CC) /Fo$(OBJ_D)\xcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\xcbc_enc.c
+
+$(OBJ_D)\read_pwd.obj: $(SRC_D)\crypto\des\read_pwd.c
+ $(CC) /Fo$(OBJ_D)\read_pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read_pwd.c
+
+$(OBJ_D)\rpc_enc.obj: $(SRC_D)\crypto\des\rpc_enc.c
+ $(CC) /Fo$(OBJ_D)\rpc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rpc_enc.c
+
+$(OBJ_D)\cbc_cksm.obj: $(SRC_D)\crypto\des\cbc_cksm.c
+ $(CC) /Fo$(OBJ_D)\cbc_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_cksm.c
+
+$(OBJ_D)\supp.obj: $(SRC_D)\crypto\des\supp.c
+ $(CC) /Fo$(OBJ_D)\supp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\supp.c
+
+$(OBJ_D)\rc4_enc.obj: $(SRC_D)\crypto\rc4\rc4_enc.c
+ $(CC) /Fo$(OBJ_D)\rc4_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_enc.c
+
+$(OBJ_D)\rc2_ecb.obj: $(SRC_D)\crypto\rc2\rc2_ecb.c
+ $(CC) /Fo$(OBJ_D)\rc2_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_ecb.c
+
+$(OBJ_D)\rc2_skey.obj: $(SRC_D)\crypto\rc2\rc2_skey.c
+ $(CC) /Fo$(OBJ_D)\rc2_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_skey.c
+
+$(OBJ_D)\rc2_cbc.obj: $(SRC_D)\crypto\rc2\rc2_cbc.c
+ $(CC) /Fo$(OBJ_D)\rc2_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_cbc.c
+
+$(OBJ_D)\rc2cfb64.obj: $(SRC_D)\crypto\rc2\rc2cfb64.c
+ $(CC) /Fo$(OBJ_D)\rc2cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2cfb64.c
+
+$(OBJ_D)\rc2ofb64.obj: $(SRC_D)\crypto\rc2\rc2ofb64.c
+ $(CC) /Fo$(OBJ_D)\rc2ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2ofb64.c
+
+$(OBJ_D)\i_cbc.obj: $(SRC_D)\crypto\idea\i_cbc.c
+ $(CC) /Fo$(OBJ_D)\i_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cbc.c
+
+$(OBJ_D)\i_cfb64.obj: $(SRC_D)\crypto\idea\i_cfb64.c
+ $(CC) /Fo$(OBJ_D)\i_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cfb64.c
+
+$(OBJ_D)\i_ofb64.obj: $(SRC_D)\crypto\idea\i_ofb64.c
+ $(CC) /Fo$(OBJ_D)\i_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ofb64.c
+
+$(OBJ_D)\i_ecb.obj: $(SRC_D)\crypto\idea\i_ecb.c
+ $(CC) /Fo$(OBJ_D)\i_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ecb.c
+
+$(OBJ_D)\i_skey.obj: $(SRC_D)\crypto\idea\i_skey.c
+ $(CC) /Fo$(OBJ_D)\i_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_skey.c
+
+$(OBJ_D)\bf_skey.obj: $(SRC_D)\crypto\bf\bf_skey.c
+ $(CC) /Fo$(OBJ_D)\bf_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_skey.c
+
+$(OBJ_D)\bf_ecb.obj: $(SRC_D)\crypto\bf\bf_ecb.c
+ $(CC) /Fo$(OBJ_D)\bf_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ecb.c
+
+$(OBJ_D)\bf_enc.obj: $(SRC_D)\crypto\bf\bf_enc.c
+ $(CC) /Fo$(OBJ_D)\bf_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_enc.c
+
+$(OBJ_D)\bf_cbc.obj: $(SRC_D)\crypto\bf\bf_cbc.c
+ $(CC) /Fo$(OBJ_D)\bf_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cbc.c
+
+$(OBJ_D)\bf_cfb64.obj: $(SRC_D)\crypto\bf\bf_cfb64.c
+ $(CC) /Fo$(OBJ_D)\bf_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cfb64.c
+
+$(OBJ_D)\bf_ofb64.obj: $(SRC_D)\crypto\bf\bf_ofb64.c
+ $(CC) /Fo$(OBJ_D)\bf_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ofb64.c
+
+$(OBJ_D)\bn_add.obj: $(SRC_D)\crypto\bn\bn_add.c
+ $(CC) /Fo$(OBJ_D)\bn_add.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_add.c
+
+$(OBJ_D)\bn_div.obj: $(SRC_D)\crypto\bn\bn_div.c
+ $(CC) /Fo$(OBJ_D)\bn_div.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_div.c
+
+$(OBJ_D)\bn_exp.obj: $(SRC_D)\crypto\bn\bn_exp.c
+ $(CC) /Fo$(OBJ_D)\bn_exp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp.c
+
+$(OBJ_D)\bn_lib.obj: $(SRC_D)\crypto\bn\bn_lib.c
+ $(CC) /Fo$(OBJ_D)\bn_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c
+
+$(OBJ_D)\bn_mod.obj: $(SRC_D)\crypto\bn\bn_mod.c
+ $(CC) /Fo$(OBJ_D)\bn_mod.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c
+
+$(OBJ_D)\bn_mul.obj: $(SRC_D)\crypto\bn\bn_mul.c
+ $(CC) /Fo$(OBJ_D)\bn_mul.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c
+
+$(OBJ_D)\bn_print.obj: $(SRC_D)\crypto\bn\bn_print.c
+ $(CC) /Fo$(OBJ_D)\bn_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_print.c
+
+$(OBJ_D)\bn_rand.obj: $(SRC_D)\crypto\bn\bn_rand.c
+ $(CC) /Fo$(OBJ_D)\bn_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_rand.c
+
+$(OBJ_D)\bn_shift.obj: $(SRC_D)\crypto\bn\bn_shift.c
+ $(CC) /Fo$(OBJ_D)\bn_shift.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c
+
+$(OBJ_D)\bn_sub.obj: $(SRC_D)\crypto\bn\bn_sub.c
+ $(CC) /Fo$(OBJ_D)\bn_sub.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c
+
+$(OBJ_D)\bn_word.obj: $(SRC_D)\crypto\bn\bn_word.c
+ $(CC) /Fo$(OBJ_D)\bn_word.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c
+
+$(OBJ_D)\bn_gcd.obj: $(SRC_D)\crypto\bn\bn_gcd.c
+ $(CC) /Fo$(OBJ_D)\bn_gcd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_gcd.c
+
+$(OBJ_D)\bn_prime.obj: $(SRC_D)\crypto\bn\bn_prime.c
+ $(CC) /Fo$(OBJ_D)\bn_prime.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_prime.c
+
+$(OBJ_D)\bn_err.obj: $(SRC_D)\crypto\bn\bn_err.c
+ $(CC) /Fo$(OBJ_D)\bn_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_err.c
+
+$(OBJ_D)\bn_sqr.obj: $(SRC_D)\crypto\bn\bn_sqr.c
+ $(CC) /Fo$(OBJ_D)\bn_sqr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c
+
+$(OBJ_D)\bn_mulw.obj: $(SRC_D)\crypto\bn\bn_mulw.c
+ $(CC) /Fo$(OBJ_D)\bn_mulw.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c
+
+$(OBJ_D)\bn_recp.obj: $(SRC_D)\crypto\bn\bn_recp.c
+ $(CC) /Fo$(OBJ_D)\bn_recp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c
+
+$(OBJ_D)\bn_mont.obj: $(SRC_D)\crypto\bn\bn_mont.c
+ $(CC) /Fo$(OBJ_D)\bn_mont.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mont.c
+
+$(OBJ_D)\rsa_enc.obj: $(SRC_D)\crypto\rsa\rsa_enc.c
+ $(CC) /Fo$(OBJ_D)\rsa_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_enc.c
+
+$(OBJ_D)\rsa_gen.obj: $(SRC_D)\crypto\rsa\rsa_gen.c
+ $(CC) /Fo$(OBJ_D)\rsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_gen.c
+
+$(OBJ_D)\rsa_lib.obj: $(SRC_D)\crypto\rsa\rsa_lib.c
+ $(CC) /Fo$(OBJ_D)\rsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_lib.c
+
+$(OBJ_D)\rsa_sign.obj: $(SRC_D)\crypto\rsa\rsa_sign.c
+ $(CC) /Fo$(OBJ_D)\rsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_sign.c
+
+$(OBJ_D)\rsa_saos.obj: $(SRC_D)\crypto\rsa\rsa_saos.c
+ $(CC) /Fo$(OBJ_D)\rsa_saos.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_saos.c
+
+$(OBJ_D)\rsa_err.obj: $(SRC_D)\crypto\rsa\rsa_err.c
+ $(CC) /Fo$(OBJ_D)\rsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_err.c
+
+$(OBJ_D)\dsa_gen.obj: $(SRC_D)\crypto\dsa\dsa_gen.c
+ $(CC) /Fo$(OBJ_D)\dsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_gen.c
+
+$(OBJ_D)\dsa_key.obj: $(SRC_D)\crypto\dsa\dsa_key.c
+ $(CC) /Fo$(OBJ_D)\dsa_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_key.c
+
+$(OBJ_D)\dsa_lib.obj: $(SRC_D)\crypto\dsa\dsa_lib.c
+ $(CC) /Fo$(OBJ_D)\dsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_lib.c
+
+$(OBJ_D)\dsa_vrf.obj: $(SRC_D)\crypto\dsa\dsa_vrf.c
+ $(CC) /Fo$(OBJ_D)\dsa_vrf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_vrf.c
+
+$(OBJ_D)\dsa_sign.obj: $(SRC_D)\crypto\dsa\dsa_sign.c
+ $(CC) /Fo$(OBJ_D)\dsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_sign.c
+
+$(OBJ_D)\dsa_err.obj: $(SRC_D)\crypto\dsa\dsa_err.c
+ $(CC) /Fo$(OBJ_D)\dsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_err.c
+
+$(OBJ_D)\dh_gen.obj: $(SRC_D)\crypto\dh\dh_gen.c
+ $(CC) /Fo$(OBJ_D)\dh_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_gen.c
+
+$(OBJ_D)\dh_key.obj: $(SRC_D)\crypto\dh\dh_key.c
+ $(CC) /Fo$(OBJ_D)\dh_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_key.c
+
+$(OBJ_D)\dh_lib.obj: $(SRC_D)\crypto\dh\dh_lib.c
+ $(CC) /Fo$(OBJ_D)\dh_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_lib.c
+
+$(OBJ_D)\dh_check.obj: $(SRC_D)\crypto\dh\dh_check.c
+ $(CC) /Fo$(OBJ_D)\dh_check.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_check.c
+
+$(OBJ_D)\dh_err.obj: $(SRC_D)\crypto\dh\dh_err.c
+ $(CC) /Fo$(OBJ_D)\dh_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_err.c
+
+$(OBJ_D)\buffer.obj: $(SRC_D)\crypto\buffer\buffer.c
+ $(CC) /Fo$(OBJ_D)\buffer.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buffer.c
+
+$(OBJ_D)\buf_err.obj: $(SRC_D)\crypto\buffer\buf_err.c
+ $(CC) /Fo$(OBJ_D)\buf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buf_err.c
+
+$(OBJ_D)\bio_lib.obj: $(SRC_D)\crypto\bio\bio_lib.c
+ $(CC) /Fo$(OBJ_D)\bio_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_lib.c
+
+$(OBJ_D)\bio_cb.obj: $(SRC_D)\crypto\bio\bio_cb.c
+ $(CC) /Fo$(OBJ_D)\bio_cb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_cb.c
+
+$(OBJ_D)\bio_err.obj: $(SRC_D)\crypto\bio\bio_err.c
+ $(CC) /Fo$(OBJ_D)\bio_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_err.c
+
+$(OBJ_D)\bss_mem.obj: $(SRC_D)\crypto\bio\bss_mem.c
+ $(CC) /Fo$(OBJ_D)\bss_mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_mem.c
+
+$(OBJ_D)\bss_null.obj: $(SRC_D)\crypto\bio\bss_null.c
+ $(CC) /Fo$(OBJ_D)\bss_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_null.c
+
+$(OBJ_D)\bss_fd.obj: $(SRC_D)\crypto\bio\bss_fd.c
+ $(CC) /Fo$(OBJ_D)\bss_fd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_fd.c
+
+$(OBJ_D)\bss_file.obj: $(SRC_D)\crypto\bio\bss_file.c
+ $(CC) /Fo$(OBJ_D)\bss_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_file.c
+
+$(OBJ_D)\bss_sock.obj: $(SRC_D)\crypto\bio\bss_sock.c
+ $(CC) /Fo$(OBJ_D)\bss_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
+
+$(OBJ_D)\bss_conn.obj: $(SRC_D)\crypto\bio\bss_conn.c
+ $(CC) /Fo$(OBJ_D)\bss_conn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_conn.c
+
+$(OBJ_D)\bf_null.obj: $(SRC_D)\crypto\bio\bf_null.c
+ $(CC) /Fo$(OBJ_D)\bf_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
+
+$(OBJ_D)\bf_buff.obj: $(SRC_D)\crypto\bio\bf_buff.c
+ $(CC) /Fo$(OBJ_D)\bf_buff.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_buff.c
+
+$(OBJ_D)\b_print.obj: $(SRC_D)\crypto\bio\b_print.c
+ $(CC) /Fo$(OBJ_D)\b_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_print.c
+
+$(OBJ_D)\b_dump.obj: $(SRC_D)\crypto\bio\b_dump.c
+ $(CC) /Fo$(OBJ_D)\b_dump.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_dump.c
+
+$(OBJ_D)\b_sock.obj: $(SRC_D)\crypto\bio\b_sock.c
+ $(CC) /Fo$(OBJ_D)\b_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_sock.c
+
+$(OBJ_D)\bss_acpt.obj: $(SRC_D)\crypto\bio\bss_acpt.c
+ $(CC) /Fo$(OBJ_D)\bss_acpt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_acpt.c
+
+$(OBJ_D)\bf_nbio.obj: $(SRC_D)\crypto\bio\bf_nbio.c
+ $(CC) /Fo$(OBJ_D)\bf_nbio.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c
+
+$(OBJ_D)\stack.obj: $(SRC_D)\crypto\stack\stack.c
+ $(CC) /Fo$(OBJ_D)\stack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c
+
+$(OBJ_D)\lhash.obj: $(SRC_D)\crypto\lhash\lhash.c
+ $(CC) /Fo$(OBJ_D)\lhash.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lhash.c
+
+$(OBJ_D)\lh_stats.obj: $(SRC_D)\crypto\lhash\lh_stats.c
+ $(CC) /Fo$(OBJ_D)\lh_stats.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lh_stats.c
+
+$(OBJ_D)\md_rand.obj: $(SRC_D)\crypto\rand\md_rand.c
+ $(CC) /Fo$(OBJ_D)\md_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\md_rand.c
+
+$(OBJ_D)\randfile.obj: $(SRC_D)\crypto\rand\randfile.c
+ $(CC) /Fo$(OBJ_D)\randfile.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c
+
+$(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c
+ $(CC) /Fo$(OBJ_D)\err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
+
+$(OBJ_D)\err_all.obj: $(SRC_D)\crypto\err\err_all.c
+ $(CC) /Fo$(OBJ_D)\err_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_all.c
+
+$(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c
+ $(CC) /Fo$(OBJ_D)\err_prn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c
+
+$(OBJ_D)\obj_dat.obj: $(SRC_D)\crypto\objects\obj_dat.c
+ $(CC) /Fo$(OBJ_D)\obj_dat.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c
+
+$(OBJ_D)\obj_lib.obj: $(SRC_D)\crypto\objects\obj_lib.c
+ $(CC) /Fo$(OBJ_D)\obj_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_lib.c
+
+$(OBJ_D)\obj_err.obj: $(SRC_D)\crypto\objects\obj_err.c
+ $(CC) /Fo$(OBJ_D)\obj_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_err.c
+
+$(OBJ_D)\encode.obj: $(SRC_D)\crypto\evp\encode.c
+ $(CC) /Fo$(OBJ_D)\encode.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\encode.c
+
+$(OBJ_D)\digest.obj: $(SRC_D)\crypto\evp\digest.c
+ $(CC) /Fo$(OBJ_D)\digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\digest.c
+
+$(OBJ_D)\evp_enc.obj: $(SRC_D)\crypto\evp\evp_enc.c
+ $(CC) /Fo$(OBJ_D)\evp_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_enc.c
+
+$(OBJ_D)\evp_key.obj: $(SRC_D)\crypto\evp\evp_key.c
+ $(CC) /Fo$(OBJ_D)\evp_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_key.c
+
+$(OBJ_D)\e_ecb_d.obj: $(SRC_D)\crypto\evp\e_ecb_d.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_d.c
+
+$(OBJ_D)\e_cbc_d.obj: $(SRC_D)\crypto\evp\e_cbc_d.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_d.c
+
+$(OBJ_D)\e_cfb_d.obj: $(SRC_D)\crypto\evp\e_cfb_d.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_d.c
+
+$(OBJ_D)\e_ofb_d.obj: $(SRC_D)\crypto\evp\e_ofb_d.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_d.c
+
+$(OBJ_D)\e_ecb_i.obj: $(SRC_D)\crypto\evp\e_ecb_i.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_i.c
+
+$(OBJ_D)\e_cbc_i.obj: $(SRC_D)\crypto\evp\e_cbc_i.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_i.c
+
+$(OBJ_D)\e_cfb_i.obj: $(SRC_D)\crypto\evp\e_cfb_i.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_i.c
+
+$(OBJ_D)\e_ofb_i.obj: $(SRC_D)\crypto\evp\e_ofb_i.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_i.c
+
+$(OBJ_D)\e_ecb_3d.obj: $(SRC_D)\crypto\evp\e_ecb_3d.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_3d.c
+
+$(OBJ_D)\e_cbc_3d.obj: $(SRC_D)\crypto\evp\e_cbc_3d.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_3d.c
+
+$(OBJ_D)\e_rc4.obj: $(SRC_D)\crypto\evp\e_rc4.c
+ $(CC) /Fo$(OBJ_D)\e_rc4.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_rc4.c
+
+$(OBJ_D)\names.obj: $(SRC_D)\crypto\evp\names.c
+ $(CC) /Fo$(OBJ_D)\names.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\names.c
+
+$(OBJ_D)\e_cfb_3d.obj: $(SRC_D)\crypto\evp\e_cfb_3d.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_3d.c
+
+$(OBJ_D)\e_ofb_3d.obj: $(SRC_D)\crypto\evp\e_ofb_3d.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_3d.c
+
+$(OBJ_D)\e_xcbc_d.obj: $(SRC_D)\crypto\evp\e_xcbc_d.c
+ $(CC) /Fo$(OBJ_D)\e_xcbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_xcbc_d.c
+
+$(OBJ_D)\e_ecb_r2.obj: $(SRC_D)\crypto\evp\e_ecb_r2.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r2.c
+
+$(OBJ_D)\e_cbc_r2.obj: $(SRC_D)\crypto\evp\e_cbc_r2.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r2.c
+
+$(OBJ_D)\e_cfb_r2.obj: $(SRC_D)\crypto\evp\e_cfb_r2.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r2.c
+
+$(OBJ_D)\e_ofb_r2.obj: $(SRC_D)\crypto\evp\e_ofb_r2.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r2.c
+
+$(OBJ_D)\e_ecb_bf.obj: $(SRC_D)\crypto\evp\e_ecb_bf.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_bf.c
+
+$(OBJ_D)\e_cbc_bf.obj: $(SRC_D)\crypto\evp\e_cbc_bf.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_bf.c
+
+$(OBJ_D)\e_cfb_bf.obj: $(SRC_D)\crypto\evp\e_cfb_bf.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_bf.c
+
+$(OBJ_D)\e_ofb_bf.obj: $(SRC_D)\crypto\evp\e_ofb_bf.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_bf.c
+
+$(OBJ_D)\m_null.obj: $(SRC_D)\crypto\evp\m_null.c
+ $(CC) /Fo$(OBJ_D)\m_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_null.c
+
+$(OBJ_D)\m_md2.obj: $(SRC_D)\crypto\evp\m_md2.c
+ $(CC) /Fo$(OBJ_D)\m_md2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md2.c
+
+$(OBJ_D)\m_md5.obj: $(SRC_D)\crypto\evp\m_md5.c
+ $(CC) /Fo$(OBJ_D)\m_md5.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md5.c
+
+$(OBJ_D)\m_sha.obj: $(SRC_D)\crypto\evp\m_sha.c
+ $(CC) /Fo$(OBJ_D)\m_sha.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha.c
+
+$(OBJ_D)\m_sha1.obj: $(SRC_D)\crypto\evp\m_sha1.c
+ $(CC) /Fo$(OBJ_D)\m_sha1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha1.c
+
+$(OBJ_D)\m_dss.obj: $(SRC_D)\crypto\evp\m_dss.c
+ $(CC) /Fo$(OBJ_D)\m_dss.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss.c
+
+$(OBJ_D)\m_dss1.obj: $(SRC_D)\crypto\evp\m_dss1.c
+ $(CC) /Fo$(OBJ_D)\m_dss1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss1.c
+
+$(OBJ_D)\m_mdc2.obj: $(SRC_D)\crypto\evp\m_mdc2.c
+ $(CC) /Fo$(OBJ_D)\m_mdc2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_mdc2.c
+
+$(OBJ_D)\p_open.obj: $(SRC_D)\crypto\evp\p_open.c
+ $(CC) /Fo$(OBJ_D)\p_open.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_open.c
+
+$(OBJ_D)\p_seal.obj: $(SRC_D)\crypto\evp\p_seal.c
+ $(CC) /Fo$(OBJ_D)\p_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_seal.c
+
+$(OBJ_D)\p_sign.obj: $(SRC_D)\crypto\evp\p_sign.c
+ $(CC) /Fo$(OBJ_D)\p_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_sign.c
+
+$(OBJ_D)\p_verify.obj: $(SRC_D)\crypto\evp\p_verify.c
+ $(CC) /Fo$(OBJ_D)\p_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_verify.c
+
+$(OBJ_D)\p_lib.obj: $(SRC_D)\crypto\evp\p_lib.c
+ $(CC) /Fo$(OBJ_D)\p_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_lib.c
+
+$(OBJ_D)\bio_md.obj: $(SRC_D)\crypto\evp\bio_md.c
+ $(CC) /Fo$(OBJ_D)\bio_md.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_md.c
+
+$(OBJ_D)\bio_b64.obj: $(SRC_D)\crypto\evp\bio_b64.c
+ $(CC) /Fo$(OBJ_D)\bio_b64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_b64.c
+
+$(OBJ_D)\bio_enc.obj: $(SRC_D)\crypto\evp\bio_enc.c
+ $(CC) /Fo$(OBJ_D)\bio_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_enc.c
+
+$(OBJ_D)\evp_err.obj: $(SRC_D)\crypto\evp\evp_err.c
+ $(CC) /Fo$(OBJ_D)\evp_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_err.c
+
+$(OBJ_D)\e_null.obj: $(SRC_D)\crypto\evp\e_null.c
+ $(CC) /Fo$(OBJ_D)\e_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_null.c
+
+$(OBJ_D)\c_all.obj: $(SRC_D)\crypto\evp\c_all.c
+ $(CC) /Fo$(OBJ_D)\c_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\c_all.c
+
+$(OBJ_D)\pem_sign.obj: $(SRC_D)\crypto\pem\pem_sign.c
+ $(CC) /Fo$(OBJ_D)\pem_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_sign.c
+
+$(OBJ_D)\pem_seal.obj: $(SRC_D)\crypto\pem\pem_seal.c
+ $(CC) /Fo$(OBJ_D)\pem_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_seal.c
+
+$(OBJ_D)\pem_info.obj: $(SRC_D)\crypto\pem\pem_info.c
+ $(CC) /Fo$(OBJ_D)\pem_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_info.c
+
+$(OBJ_D)\pem_lib.obj: $(SRC_D)\crypto\pem\pem_lib.c
+ $(CC) /Fo$(OBJ_D)\pem_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_lib.c
+
+$(OBJ_D)\pem_all.obj: $(SRC_D)\crypto\pem\pem_all.c
+ $(CC) /Fo$(OBJ_D)\pem_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_all.c
+
+$(OBJ_D)\pem_err.obj: $(SRC_D)\crypto\pem\pem_err.c
+ $(CC) /Fo$(OBJ_D)\pem_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_err.c
+
+$(OBJ_D)\a_object.obj: $(SRC_D)\crypto\asn1\a_object.c
+ $(CC) /Fo$(OBJ_D)\a_object.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_object.c
+
+$(OBJ_D)\a_bitstr.obj: $(SRC_D)\crypto\asn1\a_bitstr.c
+ $(CC) /Fo$(OBJ_D)\a_bitstr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bitstr.c
+
+$(OBJ_D)\a_utctm.obj: $(SRC_D)\crypto\asn1\a_utctm.c
+ $(CC) /Fo$(OBJ_D)\a_utctm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_utctm.c
+
+$(OBJ_D)\a_int.obj: $(SRC_D)\crypto\asn1\a_int.c
+ $(CC) /Fo$(OBJ_D)\a_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_int.c
+
+$(OBJ_D)\a_octet.obj: $(SRC_D)\crypto\asn1\a_octet.c
+ $(CC) /Fo$(OBJ_D)\a_octet.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_octet.c
+
+$(OBJ_D)\a_print.obj: $(SRC_D)\crypto\asn1\a_print.c
+ $(CC) /Fo$(OBJ_D)\a_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_print.c
+
+$(OBJ_D)\a_type.obj: $(SRC_D)\crypto\asn1\a_type.c
+ $(CC) /Fo$(OBJ_D)\a_type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_type.c
+
+$(OBJ_D)\a_set.obj: $(SRC_D)\crypto\asn1\a_set.c
+ $(CC) /Fo$(OBJ_D)\a_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_set.c
+
+$(OBJ_D)\a_dup.obj: $(SRC_D)\crypto\asn1\a_dup.c
+ $(CC) /Fo$(OBJ_D)\a_dup.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_dup.c
+
+$(OBJ_D)\a_d2i_fp.obj: $(SRC_D)\crypto\asn1\a_d2i_fp.c
+ $(CC) /Fo$(OBJ_D)\a_d2i_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_d2i_fp.c
+
+$(OBJ_D)\a_i2d_fp.obj: $(SRC_D)\crypto\asn1\a_i2d_fp.c
+ $(CC) /Fo$(OBJ_D)\a_i2d_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c
+
+$(OBJ_D)\a_sign.obj: $(SRC_D)\crypto\asn1\a_sign.c
+ $(CC) /Fo$(OBJ_D)\a_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c
+
+$(OBJ_D)\a_digest.obj: $(SRC_D)\crypto\asn1\a_digest.c
+ $(CC) /Fo$(OBJ_D)\a_digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_digest.c
+
+$(OBJ_D)\a_verify.obj: $(SRC_D)\crypto\asn1\a_verify.c
+ $(CC) /Fo$(OBJ_D)\a_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_verify.c
+
+$(OBJ_D)\x_algor.obj: $(SRC_D)\crypto\asn1\x_algor.c
+ $(CC) /Fo$(OBJ_D)\x_algor.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_algor.c
+
+$(OBJ_D)\x_val.obj: $(SRC_D)\crypto\asn1\x_val.c
+ $(CC) /Fo$(OBJ_D)\x_val.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_val.c
+
+$(OBJ_D)\x_pubkey.obj: $(SRC_D)\crypto\asn1\x_pubkey.c
+ $(CC) /Fo$(OBJ_D)\x_pubkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pubkey.c
+
+$(OBJ_D)\x_sig.obj: $(SRC_D)\crypto\asn1\x_sig.c
+ $(CC) /Fo$(OBJ_D)\x_sig.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_sig.c
+
+$(OBJ_D)\x_req.obj: $(SRC_D)\crypto\asn1\x_req.c
+ $(CC) /Fo$(OBJ_D)\x_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_req.c
+
+$(OBJ_D)\x_attrib.obj: $(SRC_D)\crypto\asn1\x_attrib.c
+ $(CC) /Fo$(OBJ_D)\x_attrib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_attrib.c
+
+$(OBJ_D)\x_name.obj: $(SRC_D)\crypto\asn1\x_name.c
+ $(CC) /Fo$(OBJ_D)\x_name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_name.c
+
+$(OBJ_D)\x_cinf.obj: $(SRC_D)\crypto\asn1\x_cinf.c
+ $(CC) /Fo$(OBJ_D)\x_cinf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_cinf.c
+
+$(OBJ_D)\x_x509.obj: $(SRC_D)\crypto\asn1\x_x509.c
+ $(CC) /Fo$(OBJ_D)\x_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_x509.c
+
+$(OBJ_D)\x_crl.obj: $(SRC_D)\crypto\asn1\x_crl.c
+ $(CC) /Fo$(OBJ_D)\x_crl.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_crl.c
+
+$(OBJ_D)\x_info.obj: $(SRC_D)\crypto\asn1\x_info.c
+ $(CC) /Fo$(OBJ_D)\x_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_info.c
+
+$(OBJ_D)\x_spki.obj: $(SRC_D)\crypto\asn1\x_spki.c
+ $(CC) /Fo$(OBJ_D)\x_spki.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_spki.c
+
+$(OBJ_D)\d2i_r_pr.obj: $(SRC_D)\crypto\asn1\d2i_r_pr.c
+ $(CC) /Fo$(OBJ_D)\d2i_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pr.c
+
+$(OBJ_D)\i2d_r_pr.obj: $(SRC_D)\crypto\asn1\i2d_r_pr.c
+ $(CC) /Fo$(OBJ_D)\i2d_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pr.c
+
+$(OBJ_D)\d2i_r_pu.obj: $(SRC_D)\crypto\asn1\d2i_r_pu.c
+ $(CC) /Fo$(OBJ_D)\d2i_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pu.c
+
+$(OBJ_D)\i2d_r_pu.obj: $(SRC_D)\crypto\asn1\i2d_r_pu.c
+ $(CC) /Fo$(OBJ_D)\i2d_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pu.c
+
+$(OBJ_D)\d2i_s_pr.obj: $(SRC_D)\crypto\asn1\d2i_s_pr.c
+ $(CC) /Fo$(OBJ_D)\d2i_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pr.c
+
+$(OBJ_D)\i2d_s_pr.obj: $(SRC_D)\crypto\asn1\i2d_s_pr.c
+ $(CC) /Fo$(OBJ_D)\i2d_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pr.c
+
+$(OBJ_D)\d2i_s_pu.obj: $(SRC_D)\crypto\asn1\d2i_s_pu.c
+ $(CC) /Fo$(OBJ_D)\d2i_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pu.c
+
+$(OBJ_D)\i2d_s_pu.obj: $(SRC_D)\crypto\asn1\i2d_s_pu.c
+ $(CC) /Fo$(OBJ_D)\i2d_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pu.c
+
+$(OBJ_D)\d2i_pu.obj: $(SRC_D)\crypto\asn1\d2i_pu.c
+ $(CC) /Fo$(OBJ_D)\d2i_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pu.c
+
+$(OBJ_D)\d2i_pr.obj: $(SRC_D)\crypto\asn1\d2i_pr.c
+ $(CC) /Fo$(OBJ_D)\d2i_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pr.c
+
+$(OBJ_D)\i2d_pu.obj: $(SRC_D)\crypto\asn1\i2d_pu.c
+ $(CC) /Fo$(OBJ_D)\i2d_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pu.c
+
+$(OBJ_D)\i2d_pr.obj: $(SRC_D)\crypto\asn1\i2d_pr.c
+ $(CC) /Fo$(OBJ_D)\i2d_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pr.c
+
+$(OBJ_D)\t_req.obj: $(SRC_D)\crypto\asn1\t_req.c
+ $(CC) /Fo$(OBJ_D)\t_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_req.c
+
+$(OBJ_D)\t_x509.obj: $(SRC_D)\crypto\asn1\t_x509.c
+ $(CC) /Fo$(OBJ_D)\t_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_x509.c
+
+$(OBJ_D)\t_pkey.obj: $(SRC_D)\crypto\asn1\t_pkey.c
+ $(CC) /Fo$(OBJ_D)\t_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_pkey.c
+
+$(OBJ_D)\p7_i_s.obj: $(SRC_D)\crypto\asn1\p7_i_s.c
+ $(CC) /Fo$(OBJ_D)\p7_i_s.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_i_s.c
+
+$(OBJ_D)\p7_signi.obj: $(SRC_D)\crypto\asn1\p7_signi.c
+ $(CC) /Fo$(OBJ_D)\p7_signi.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signi.c
+
+$(OBJ_D)\p7_signd.obj: $(SRC_D)\crypto\asn1\p7_signd.c
+ $(CC) /Fo$(OBJ_D)\p7_signd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signd.c
+
+$(OBJ_D)\p7_recip.obj: $(SRC_D)\crypto\asn1\p7_recip.c
+ $(CC) /Fo$(OBJ_D)\p7_recip.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_recip.c
+
+$(OBJ_D)\p7_enc_c.obj: $(SRC_D)\crypto\asn1\p7_enc_c.c
+ $(CC) /Fo$(OBJ_D)\p7_enc_c.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc_c.c
+
+$(OBJ_D)\p7_evp.obj: $(SRC_D)\crypto\asn1\p7_evp.c
+ $(CC) /Fo$(OBJ_D)\p7_evp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_evp.c
+
+$(OBJ_D)\p7_dgst.obj: $(SRC_D)\crypto\asn1\p7_dgst.c
+ $(CC) /Fo$(OBJ_D)\p7_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_dgst.c
+
+$(OBJ_D)\p7_s_e.obj: $(SRC_D)\crypto\asn1\p7_s_e.c
+ $(CC) /Fo$(OBJ_D)\p7_s_e.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_s_e.c
+
+$(OBJ_D)\p7_enc.obj: $(SRC_D)\crypto\asn1\p7_enc.c
+ $(CC) /Fo$(OBJ_D)\p7_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc.c
+
+$(OBJ_D)\p7_lib.obj: $(SRC_D)\crypto\asn1\p7_lib.c
+ $(CC) /Fo$(OBJ_D)\p7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_lib.c
+
+$(OBJ_D)\f_int.obj: $(SRC_D)\crypto\asn1\f_int.c
+ $(CC) /Fo$(OBJ_D)\f_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_int.c
+
+$(OBJ_D)\f_string.obj: $(SRC_D)\crypto\asn1\f_string.c
+ $(CC) /Fo$(OBJ_D)\f_string.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_string.c
+
+$(OBJ_D)\i2d_dhp.obj: $(SRC_D)\crypto\asn1\i2d_dhp.c
+ $(CC) /Fo$(OBJ_D)\i2d_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dhp.c
+
+$(OBJ_D)\i2d_dsap.obj: $(SRC_D)\crypto\asn1\i2d_dsap.c
+ $(CC) /Fo$(OBJ_D)\i2d_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dsap.c
+
+$(OBJ_D)\d2i_dhp.obj: $(SRC_D)\crypto\asn1\d2i_dhp.c
+ $(CC) /Fo$(OBJ_D)\d2i_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dhp.c
+
+$(OBJ_D)\d2i_dsap.obj: $(SRC_D)\crypto\asn1\d2i_dsap.c
+ $(CC) /Fo$(OBJ_D)\d2i_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dsap.c
+
+$(OBJ_D)\n_pkey.obj: $(SRC_D)\crypto\asn1\n_pkey.c
+ $(CC) /Fo$(OBJ_D)\n_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\n_pkey.c
+
+$(OBJ_D)\a_hdr.obj: $(SRC_D)\crypto\asn1\a_hdr.c
+ $(CC) /Fo$(OBJ_D)\a_hdr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_hdr.c
+
+$(OBJ_D)\x_pkey.obj: $(SRC_D)\crypto\asn1\x_pkey.c
+ $(CC) /Fo$(OBJ_D)\x_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pkey.c
+
+$(OBJ_D)\a_bool.obj: $(SRC_D)\crypto\asn1\a_bool.c
+ $(CC) /Fo$(OBJ_D)\a_bool.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bool.c
+
+$(OBJ_D)\x_exten.obj: $(SRC_D)\crypto\asn1\x_exten.c
+ $(CC) /Fo$(OBJ_D)\x_exten.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_exten.c
+
+$(OBJ_D)\asn1_par.obj: $(SRC_D)\crypto\asn1\asn1_par.c
+ $(CC) /Fo$(OBJ_D)\asn1_par.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_par.c
+
+$(OBJ_D)\asn1_lib.obj: $(SRC_D)\crypto\asn1\asn1_lib.c
+ $(CC) /Fo$(OBJ_D)\asn1_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_lib.c
+
+$(OBJ_D)\asn1_err.obj: $(SRC_D)\crypto\asn1\asn1_err.c
+ $(CC) /Fo$(OBJ_D)\asn1_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_err.c
+
+$(OBJ_D)\a_meth.obj: $(SRC_D)\crypto\asn1\a_meth.c
+ $(CC) /Fo$(OBJ_D)\a_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_meth.c
+
+$(OBJ_D)\a_bytes.obj: $(SRC_D)\crypto\asn1\a_bytes.c
+ $(CC) /Fo$(OBJ_D)\a_bytes.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bytes.c
+
+$(OBJ_D)\x509_def.obj: $(SRC_D)\crypto\x509\x509_def.c
+ $(CC) /Fo$(OBJ_D)\x509_def.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_def.c
+
+$(OBJ_D)\x509_d2.obj: $(SRC_D)\crypto\x509\x509_d2.c
+ $(CC) /Fo$(OBJ_D)\x509_d2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_d2.c
+
+$(OBJ_D)\x509_r2x.obj: $(SRC_D)\crypto\x509\x509_r2x.c
+ $(CC) /Fo$(OBJ_D)\x509_r2x.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_r2x.c
+
+$(OBJ_D)\x509_cmp.obj: $(SRC_D)\crypto\x509\x509_cmp.c
+ $(CC) /Fo$(OBJ_D)\x509_cmp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_cmp.c
+
+$(OBJ_D)\x509_obj.obj: $(SRC_D)\crypto\x509\x509_obj.c
+ $(CC) /Fo$(OBJ_D)\x509_obj.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_obj.c
+
+$(OBJ_D)\x509_req.obj: $(SRC_D)\crypto\x509\x509_req.c
+ $(CC) /Fo$(OBJ_D)\x509_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_req.c
+
+$(OBJ_D)\x509_vfy.obj: $(SRC_D)\crypto\x509\x509_vfy.c
+ $(CC) /Fo$(OBJ_D)\x509_vfy.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_vfy.c
+
+$(OBJ_D)\x509_set.obj: $(SRC_D)\crypto\x509\x509_set.c
+ $(CC) /Fo$(OBJ_D)\x509_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_set.c
+
+$(OBJ_D)\x509rset.obj: $(SRC_D)\crypto\x509\x509rset.c
+ $(CC) /Fo$(OBJ_D)\x509rset.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509rset.c
+
+$(OBJ_D)\x509_err.obj: $(SRC_D)\crypto\x509\x509_err.c
+ $(CC) /Fo$(OBJ_D)\x509_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_err.c
+
+$(OBJ_D)\x509name.obj: $(SRC_D)\crypto\x509\x509name.c
+ $(CC) /Fo$(OBJ_D)\x509name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509name.c
+
+$(OBJ_D)\x509_v3.obj: $(SRC_D)\crypto\x509\x509_v3.c
+ $(CC) /Fo$(OBJ_D)\x509_v3.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_v3.c
+
+$(OBJ_D)\x509_ext.obj: $(SRC_D)\crypto\x509\x509_ext.c
+ $(CC) /Fo$(OBJ_D)\x509_ext.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_ext.c
+
+$(OBJ_D)\x509pack.obj: $(SRC_D)\crypto\x509\x509pack.c
+ $(CC) /Fo$(OBJ_D)\x509pack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509pack.c
+
+$(OBJ_D)\x509type.obj: $(SRC_D)\crypto\x509\x509type.c
+ $(CC) /Fo$(OBJ_D)\x509type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509type.c
+
+$(OBJ_D)\x509_lu.obj: $(SRC_D)\crypto\x509\x509_lu.c
+ $(CC) /Fo$(OBJ_D)\x509_lu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_lu.c
+
+$(OBJ_D)\x_all.obj: $(SRC_D)\crypto\x509\x_all.c
+ $(CC) /Fo$(OBJ_D)\x_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x_all.c
+
+$(OBJ_D)\x509_txt.obj: $(SRC_D)\crypto\x509\x509_txt.c
+ $(CC) /Fo$(OBJ_D)\x509_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_txt.c
+
+$(OBJ_D)\by_file.obj: $(SRC_D)\crypto\x509\by_file.c
+ $(CC) /Fo$(OBJ_D)\by_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_file.c
+
+$(OBJ_D)\by_dir.obj: $(SRC_D)\crypto\x509\by_dir.c
+ $(CC) /Fo$(OBJ_D)\by_dir.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_dir.c
+
+$(OBJ_D)\v3_net.obj: $(SRC_D)\crypto\x509\v3_net.c
+ $(CC) /Fo$(OBJ_D)\v3_net.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_net.c
+
+$(OBJ_D)\v3_x509.obj: $(SRC_D)\crypto\x509\v3_x509.c
+ $(CC) /Fo$(OBJ_D)\v3_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_x509.c
+
+$(OBJ_D)\conf.obj: $(SRC_D)\crypto\conf\conf.c
+ $(CC) /Fo$(OBJ_D)\conf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf.c
+
+$(OBJ_D)\conf_err.obj: $(SRC_D)\crypto\conf\conf_err.c
+ $(CC) /Fo$(OBJ_D)\conf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
+
+$(OBJ_D)\txt_db.obj: $(SRC_D)\crypto\txt_db\txt_db.c
+ $(CC) /Fo$(OBJ_D)\txt_db.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\txt_db\txt_db.c
+
+$(OBJ_D)\pk7_lib.obj: $(SRC_D)\crypto\pkcs7\pk7_lib.c
+ $(CC) /Fo$(OBJ_D)\pk7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_lib.c
+
+$(OBJ_D)\pkcs7err.obj: $(SRC_D)\crypto\pkcs7\pkcs7err.c
+ $(CC) /Fo$(OBJ_D)\pkcs7err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pkcs7err.c
+
+$(OBJ_D)\pk7_doit.obj: $(SRC_D)\crypto\pkcs7\pk7_doit.c
+ $(CC) /Fo$(OBJ_D)\pk7_doit.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c
+
+$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
+ $(CC) /Fo$(OBJ_D)\s2_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+
+$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
+ $(CC) /Fo$(OBJ_D)\s2_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+
+$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
+ $(CC) /Fo$(OBJ_D)\s2_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+
+$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
+ $(CC) /Fo$(OBJ_D)\s2_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+ $(CC) /Fo$(OBJ_D)\s2_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+
+$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
+ $(CC) /Fo$(OBJ_D)\s2_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
+ $(CC) /Fo$(OBJ_D)\s3_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+
+$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
+ $(CC) /Fo$(OBJ_D)\s3_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+
+$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
+ $(CC) /Fo$(OBJ_D)\s3_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+
+$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
+ $(CC) /Fo$(OBJ_D)\s3_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+ $(CC) /Fo$(OBJ_D)\s3_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+
+$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
+ $(CC) /Fo$(OBJ_D)\s3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
+ $(CC) /Fo$(OBJ_D)\s3_both.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+
+$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
+ $(CC) /Fo$(OBJ_D)\s23_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+
+$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
+ $(CC) /Fo$(OBJ_D)\s23_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+
+$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
+ $(CC) /Fo$(OBJ_D)\s23_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+
+$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
+ $(CC) /Fo$(OBJ_D)\s23_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+
+$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
+ $(CC) /Fo$(OBJ_D)\s23_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
+ $(CC) /Fo$(OBJ_D)\ssl_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+
+$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
+ $(CC) /Fo$(OBJ_D)\ssl_err2.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+
+$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
+ $(CC) /Fo$(OBJ_D)\ssl_cert.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+
+$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
+ $(CC) /Fo$(OBJ_D)\ssl_sess.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+
+$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
+ $(CC) /Fo$(OBJ_D)\ssl_ciph.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+
+$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
+ $(CC) /Fo$(OBJ_D)\ssl_stat.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+
+$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
+ $(CC) /Fo$(OBJ_D)\ssl_rsa.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+
+$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
+ $(CC) /Fo$(OBJ_D)\ssl_asn1.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+
+$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
+ $(CC) /Fo$(OBJ_D)\ssl_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+
+$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
+ $(CC) /Fo$(OBJ_D)\ssl_algs.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+
+$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
+ $(CC) /Fo$(OBJ_D)\bio_ssl.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+
+$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
+ $(CC) /Fo$(OBJ_D)\ssl_err.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+
+$(OBJ_D)\rsaref.obj: $(SRC_D)\rsaref\rsaref.c
+ $(CC) /Fo$(OBJ_D)\rsaref.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsaref.c
+
+$(OBJ_D)\rsar_err.obj: $(SRC_D)\rsaref\rsar_err.c
+ $(CC) /Fo$(OBJ_D)\rsar_err.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsar_err.c
+
+$(TEST_D)\md2test.exe: $(OBJ_D)\md2test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\md2test.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\md2test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\md5test.exe: $(OBJ_D)\md5test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\md5test.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\md5test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\shatest.exe: $(OBJ_D)\shatest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\shatest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\shatest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\sha1test.exe: $(OBJ_D)\sha1test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\sha1test.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\sha1test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\mdc2test.exe: $(OBJ_D)\mdc2test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\mdc2test.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\mdc2test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\destest.exe: $(OBJ_D)\destest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\destest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\destest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\rc4test.exe: $(OBJ_D)\rc4test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\rc4test.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\rc4test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\rc2test.exe: $(OBJ_D)\rc2test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\rc2test.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\rc2test.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\ideatest.exe: $(OBJ_D)\ideatest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\ideatest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\ideatest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\bftest.exe: $(OBJ_D)\bftest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\bftest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\bftest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\bntest.exe: $(OBJ_D)\bntest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\bntest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\bntest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\exptest.exe: $(OBJ_D)\exptest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\exptest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\exptest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\dsatest.exe: $(OBJ_D)\dsatest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\dsatest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\dsatest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\dhtest.exe: $(OBJ_D)\dhtest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\dhtest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\dhtest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\randtest.exe: $(OBJ_D)\randtest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\randtest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\randtest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(TEST_D)\ssltest.exe: $(OBJ_D)\ssltest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(TEST_D)\ssltest.exe @<<
+ $(APP_EX_OBJ) $(OBJ_D)\ssltest.obj $(L_LIBS) $(EX_LIBS)
+<<
+
+$(O_SSL): $(SSLOBJ)
+ $(LINK) $(MLFLAGS) /out:$(O_SSL) /def:ms/SSLEAY32.def @<<
+ $(SHLIB_EX_OBJ) $(SSLOBJ) $(L_CRYPTO) wsock32.lib gdi32.lib
+<<
+
+$(O_RSAGLUE): $(RSAGLUEOBJ)
+ $(MKLIB) /out:$(O_RSAGLUE) @<<
+ $(RSAGLUEOBJ)
+<<
+
+$(O_CRYPTO): $(CRYPTOOBJ)
+ $(LINK) $(MLFLAGS) /out:$(O_CRYPTO) /def:ms/LIBEAY32.def @<<
+ $(SHLIB_EX_OBJ) $(CRYPTOOBJ) wsock32.lib gdi32.lib
+<<
+
+$(BIN_D)\$(E_EXE).exe: $(E_OBJ) $(LIBS_DEP)
+ $(LINK) $(LFLAGS) /out:$(BIN_D)\$(E_EXE).exe @<<
+ $(APP_EX_OBJ) $(E_OBJ) $(L_LIBS) $(EX_LIBS)
+<<
+
diff --git a/ms/req2CA.ss b/ms/req2CA.ss
new file mode 100644
index 0000000..de8862f
--- /dev/null
+++ b/ms/req2CA.ss
@@ -0,0 +1,29 @@
+Certificate Request:
+ Data:
+ Version: 0 (0x0)
+ Subject: C=AU, O=Dodgy Brothers, CN=Dodgy CA
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (512 bit)
+ Modulus (512 bit):
+ 00:dd:d5:38:92:02:bf:31:59:eb:ed:0d:e9:f8:d9:
+ 79:cb:54:d1:5c:f9:39:2f:d7:4d:38:9d:01:a0:28:
+ ca:0b:6c:0b:5d:2c:f0:72:3e:5c:57:1d:97:e5:68:
+ 88:78:30:c7:d8:3b:7b:01:b0:ef:b4:68:41:2d:53:
+ a2:ab:42:ee:bb
+ Exponent: 65537 (0x10001)
+ Attributes:
+ a0:00
+ Signature Algorithm: md5WithRSAEncryption
+ 7f:77:9e:b5:10:13:39:99:e5:fd:e1:33:54:05:19:b0:89:b8:
+ 2b:21:29:ea:f4:fd:ca:da:62:a7:8a:da:4b:33:91:27:9e:3e:
+ f4:95:46:77:57:8d:dd:fe:83:fe:24:b3:e8:27:65:94:65:d3:
+ c8:44:84:b0:ea:41:35:bb:e7:87
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA3dU4
+kgK/MVnr7Q3p+Nl5y1TRXPk5L9dNOJ0BoCjKC2wLXSzwcj5cVx2X5WiIeDDH2Dt7
+AbDvtGhBLVOiq0LuuwIDAQABoAAwDQYJKoZIhvcNAQEEBQADQQB/d561EBM5meX9
+4TNUBRmwibgrISnq9P3K2mKnitpLM5Ennj70lUZ3V43d/oP+JLPoJ2WUZdPIRISw
+6kE1u+eH
+-----END CERTIFICATE REQUEST-----
diff --git a/ms/reqCA.ss b/ms/reqCA.ss
new file mode 100644
index 0000000..fa16d45
--- /dev/null
+++ b/ms/reqCA.ss
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHzMIGeAgEAMDkxCzAJBgNVBAYTAkFVMRcwFQYDVQQKEw5Eb2RneSBCcm90aGVy
+czERMA8GA1UEAxMIRG9kZ3kgQ0EwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA3dU4
+kgK/MVnr7Q3p+Nl5y1TRXPk5L9dNOJ0BoCjKC2wLXSzwcj5cVx2X5WiIeDDH2Dt7
+AbDvtGhBLVOiq0LuuwIDAQABoAAwDQYJKoZIhvcNAQEFBQADQQDBNQXXHTOE59tY
+Z6CLBB0MrNHsIypGdGAFXroIXM8AU9Ac3P7XD1ONpqX/Qa0nN033E8bU8xpre3RI
+4/9XgBs5
+-----END CERTIFICATE REQUEST-----
diff --git a/ms/reqU.ss b/ms/reqU.ss
new file mode 100644
index 0000000..b63f2e4
--- /dev/null
+++ b/ms/reqU.ss
@@ -0,0 +1,8 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBCDCBswIBADBOMQswCQYDVQQGEwJBVTEXMBUGA1UEChMORG9kZ3kgQnJvdGhl
+cnMxEjAQBgNVBAMTCUJyb3RoZXIgMTESMBAGA1UEAxMJQnJvdGhlciAyMFwwDQYJ
+KoZIhvcNAQEBBQADSwAwSAJBAMXMcxp35YXyIsrf4o3N1r1iimo2Tl58yg5iKPhD
+XN0NeqCS5KJtBXbGMlW2LPSxMh4QKbrq6y1B/6HT8noKnAECAwEAAaAAMA0GCSqG
+SIb3DQEBAgUAA0EApF6ZEr63DAKDwgrr4oh4fWOls9tf6k0tpQ31LyCpDv/3+08O
+l5Ds40cAsSJGuswVBExuvkrDJsxxSE14Z/e1Fg==
+-----END CERTIFICATE REQUEST-----
diff --git a/ms/speed16.bat b/ms/speed16.bat
new file mode 100755
index 0000000..7ff0885
--- /dev/null
+++ b/ms/speed16.bat
@@ -0,0 +1,38 @@
+set makefile=ms\dos.bat
+
+perl Configure b
+del tmp\*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay version -v -b -f >speed.1
+out\ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+del tmp\rc4*.obj tmp\bn*.obj tmp\md2_dgst.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+del tmp\rc4*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+perl util\mk1mf.pl VC-MSDOS no-asm >m2
+del tmp\i_*.obj tmp\rc4*.obj tmp\ecb_enc.obj tmp\bn*.obj
+nmake -f m2
+nmake -f m2
+nmake -f m2
+out\ssleay speed rsa rc4 idea des >speed.4l
+
+type speed.1 >speed.log
+type speed.1l >>speed.log
+perl util\sp-diff.pl speed.1l speed.2l >>speed.log
+perl util\sp-diff.pl speed.1l speed.3l >>speed.log
+perl util\sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/ms/speed32.bat b/ms/speed32.bat
new file mode 100755
index 0000000..95f7ce9
--- /dev/null
+++ b/ms/speed32.bat
@@ -0,0 +1,37 @@
+set makefile=ms\nt.mak
+
+perl Configure b
+del tmp\*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay version -v -b -f >speed.1
+out\ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+del tmp\rc4*.obj tmp\bn*.obj tmp\md2_dgst.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+del tmp\rc4*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+del tmp\i_*.obj tmp\rc4*.obj tmp\ecb_enc.obj tmp\bn*.obj
+nmake -f %makefile%
+nmake -f %makefile%
+nmake -f %makefile%
+out\ssleay speed rsa rc4 idea des >speed.4l
+
+type speed.1 >speed.log
+type speed.1l >>speed.log
+perl util\sp-diff.pl speed.1l speed.2l >>speed.log
+perl util\sp-diff.pl speed.1l speed.3l >>speed.log
+perl util\sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/ms/ssleay16.def b/ms/ssleay16.def
new file mode 100644
index 0000000..74409f7
--- /dev/null
+++ b/ms/ssleay16.def
@@ -0,0 +1,139 @@
+;
+; Definition file for the DDL version of the SSLEAY16 library from SSLeay
+;
+
+LIBRARY SSLEAY16
+
+DESCRIPTION 'SSLeay SSLEAY16 - eay@cryptsoft.com'
+
+CODE PRELOAD MOVEABLE
+DATA PRELOAD MOVEABLE SINGLE
+
+EXETYPE WINDOWS
+
+HEAPSIZE 4096
+STACKSIZE 8192
+
+EXPORTS
+ _SSLeay_add_ssl_algorithms @109
+ _BIO_f_ssl @121
+ _BIO_new_ssl @122
+ _BIO_ssl_copy_session_id @124
+ _BIO_ssl_shutdown @131
+ _ERR_load_SSL_strings @1
+ _SSL_CIPHER_description @2
+ _SSL_CIPHER_get_bits @128
+ _SSL_CIPHER_get_name @130
+ _SSL_CIPHER_get_version @129
+ _SSL_CTX_add_client_CA @3
+ _SSL_CTX_add_session @4
+ _SSL_CTX_check_private_key @5
+ _SSL_CTX_ctrl @6
+ _SSL_CTX_flush_sessions @7
+ _SSL_CTX_free @8
+ _SSL_CTX_get_client_CA_list @9
+ _SSL_CTX_get_verify_callback @10
+ _SSL_CTX_get_verify_mode @11
+ _SSL_CTX_new @12
+ _SSL_CTX_remove_session @13
+ _SSL_CTX_set_cert_verify_cb @14
+ _SSL_CTX_set_cipher_list @15
+ _SSL_CTX_set_client_CA_list @16
+ _SSL_CTX_set_default_passwd_cb @17
+ _SSL_CTX_set_ssl_version @19
+ _SSL_CTX_set_verify @21
+ _SSL_CTX_use_PrivateKey @22
+ _SSL_CTX_use_PrivateKey_ASN1 @23
+ _SSL_CTX_use_PrivateKey_file @24
+ _SSL_CTX_use_RSAPrivateKey @25
+ _SSL_CTX_use_RSAPrivateKey_ASN1 @26
+ _SSL_CTX_use_RSAPrivateKey_file @27
+ _SSL_CTX_use_certificate @28
+ _SSL_CTX_use_certificate_ASN1 @29
+ _SSL_CTX_use_certificate_file @30
+ _SSL_SESSION_free @31
+ _SSL_SESSION_new @32
+ _SSL_SESSION_print @33
+ _SSL_accept @35
+ _SSL_add_client_CA @36
+ _SSL_alert_desc_string @37
+ _SSL_alert_desc_string_long @38
+ _SSL_alert_type_string @39
+ _SSL_alert_type_string_long @40
+ _SSL_check_private_key @41
+ _SSL_clear @42
+ _SSL_connect @43
+ _SSL_copy_session_id @44
+ _SSL_ctrl @45
+ _SSL_do_handshake @125
+ _SSL_dup @46
+ _SSL_dup_CA_list @47
+ _SSL_free @48
+ _SSL_get_certificate @49
+ _SSL_get_cipher_list @52
+ _SSL_get_ciphers @55
+ _SSL_get_client_CA_list @56
+ _SSL_get_current_cipher @127
+ _SSL_get_default_timeout @57
+ _SSL_get_error @58
+ _SSL_get_fd @59
+ _SSL_get_peer_cert_chain @60
+ _SSL_get_peer_certificate @61
+ _SSL_get_privatekey @126
+ _SSL_get_rbio @63
+ _SSL_get_read_ahead @64
+ _SSL_get_shared_ciphers @65
+ _SSL_get_ssl_method @66
+ _SSL_get_time @67
+ _SSL_get_timeout @68
+ _SSL_get_verify_mode @70
+ _SSL_get_version @71
+ _SSL_get_wbio @72
+ _SSL_load_client_CA_file @73
+ _SSL_load_error_strings @74
+ _SSL_new @75
+ _SSL_peek @76
+ _SSL_pending @77
+ _SSL_read @78
+ _SSL_renegotiate @79
+ _SSL_rstate_string @80
+ _SSL_rstate_string_long @81
+ _SSL_set_accept_state @82
+ _SSL_set_bio @83
+ _SSL_set_cipher_list @84
+ _SSL_set_client_CA_list @85
+ _SSL_set_connect_state @86
+ _SSL_set_fd @87
+ _SSL_set_read_ahead @88
+ _SSL_set_rfd @89
+ _SSL_set_session @90
+ _SSL_set_ssl_method @91
+ _SSL_set_time @92
+ _SSL_set_timeout @93
+ _SSL_set_verify @94
+ _SSL_set_wfd @95
+ _SSL_shutdown @96
+ _SSL_state_string @97
+ _SSL_state_string_long @98
+ _SSL_use_PrivateKey @99
+ _SSL_use_PrivateKey_ASN1 @100
+ _SSL_use_PrivateKey_file @101
+ _SSL_use_RSAPrivateKey @102
+ _SSL_use_RSAPrivateKey_ASN1 @103
+ _SSL_use_RSAPrivateKey_file @104
+ _SSL_use_certificate @105
+ _SSL_use_certificate_ASN1 @106
+ _SSL_use_certificate_file @107
+ _SSL_write @108
+ _SSLv23_client_method @110
+ _SSLv23_method @111
+ _SSLv23_server_method @112
+ _SSLv2_client_method @113
+ _SSLv2_method @114
+ _SSLv2_server_method @115
+ _SSLv3_client_method @116
+ _SSLv3_method @117
+ _SSLv3_server_method @118
+ _d2i_SSL_SESSION @119
+ _i2d_SSL_SESSION @120
+
diff --git a/ms/ssleay32.def b/ms/ssleay32.def
new file mode 100644
index 0000000..403d4ec
--- /dev/null
+++ b/ms/ssleay32.def
@@ -0,0 +1,132 @@
+;
+; Definition file for the DDL version of the SSLEAY32 library from SSLeay
+;
+
+LIBRARY SSLEAY32
+
+DESCRIPTION 'SSLeay SSLEAY32 - eay@cryptsoft.com'
+
+EXPORTS
+ SSLeay_add_ssl_algorithms @109
+ BIO_f_ssl @121
+ BIO_new_ssl @122
+ BIO_ssl_copy_session_id @124
+ BIO_ssl_shutdown @131
+ ERR_load_SSL_strings @1
+ SSL_CIPHER_description @2
+ SSL_CIPHER_get_bits @128
+ SSL_CIPHER_get_name @130
+ SSL_CIPHER_get_version @129
+ SSL_CTX_add_client_CA @3
+ SSL_CTX_add_session @4
+ SSL_CTX_check_private_key @5
+ SSL_CTX_ctrl @6
+ SSL_CTX_flush_sessions @7
+ SSL_CTX_free @8
+ SSL_CTX_get_client_CA_list @9
+ SSL_CTX_get_verify_callback @10
+ SSL_CTX_get_verify_mode @11
+ SSL_CTX_new @12
+ SSL_CTX_remove_session @13
+ SSL_CTX_set_cert_verify_cb @14
+ SSL_CTX_set_cipher_list @15
+ SSL_CTX_set_client_CA_list @16
+ SSL_CTX_set_default_passwd_cb @17
+ SSL_CTX_set_ssl_version @19
+ SSL_CTX_set_verify @21
+ SSL_CTX_use_PrivateKey @22
+ SSL_CTX_use_PrivateKey_ASN1 @23
+ SSL_CTX_use_PrivateKey_file @24
+ SSL_CTX_use_RSAPrivateKey @25
+ SSL_CTX_use_RSAPrivateKey_ASN1 @26
+ SSL_CTX_use_RSAPrivateKey_file @27
+ SSL_CTX_use_certificate @28
+ SSL_CTX_use_certificate_ASN1 @29
+ SSL_CTX_use_certificate_file @30
+ SSL_SESSION_free @31
+ SSL_SESSION_new @32
+ SSL_SESSION_print @33
+ SSL_SESSION_print_fp @34
+ SSL_accept @35
+ SSL_add_client_CA @36
+ SSL_alert_desc_string @37
+ SSL_alert_desc_string_long @38
+ SSL_alert_type_string @39
+ SSL_alert_type_string_long @40
+ SSL_check_private_key @41
+ SSL_clear @42
+ SSL_connect @43
+ SSL_copy_session_id @44
+ SSL_ctrl @45
+ SSL_do_handshake @125
+ SSL_dup @46
+ SSL_dup_CA_list @47
+ SSL_free @48
+ SSL_get_certificate @49
+ SSL_get_cipher_list @52
+ SSL_get_ciphers @55
+ SSL_get_client_CA_list @56
+ SSL_get_current_cipher @127
+ SSL_get_default_timeout @57
+ SSL_get_error @58
+ SSL_get_fd @59
+ SSL_get_peer_cert_chain @60
+ SSL_get_peer_certificate @61
+ SSL_get_privatekey @126
+ SSL_get_rbio @63
+ SSL_get_read_ahead @64
+ SSL_get_shared_ciphers @65
+ SSL_get_ssl_method @66
+ SSL_get_time @67
+ SSL_get_timeout @68
+ SSL_get_verify_mode @70
+ SSL_get_version @71
+ SSL_get_wbio @72
+ SSL_load_client_CA_file @73
+ SSL_load_error_strings @74
+ SSL_new @75
+ SSL_peek @76
+ SSL_pending @77
+ SSL_read @78
+ SSL_renegotiate @79
+ SSL_rstate_string @80
+ SSL_rstate_string_long @81
+ SSL_set_accept_state @82
+ SSL_set_bio @83
+ SSL_set_cipher_list @84
+ SSL_set_client_CA_list @85
+ SSL_set_connect_state @86
+ SSL_set_fd @87
+ SSL_set_read_ahead @88
+ SSL_set_rfd @89
+ SSL_set_session @90
+ SSL_set_ssl_method @91
+ SSL_set_time @92
+ SSL_set_timeout @93
+ SSL_set_verify @94
+ SSL_set_wfd @95
+ SSL_shutdown @96
+ SSL_state_string @97
+ SSL_state_string_long @98
+ SSL_use_PrivateKey @99
+ SSL_use_PrivateKey_ASN1 @100
+ SSL_use_PrivateKey_file @101
+ SSL_use_RSAPrivateKey @102
+ SSL_use_RSAPrivateKey_ASN1 @103
+ SSL_use_RSAPrivateKey_file @104
+ SSL_use_certificate @105
+ SSL_use_certificate_ASN1 @106
+ SSL_use_certificate_file @107
+ SSL_write @108
+ SSLv23_client_method @110
+ SSLv23_method @111
+ SSLv23_server_method @112
+ SSLv2_client_method @113
+ SSLv2_method @114
+ SSLv2_server_method @115
+ SSLv3_client_method @116
+ SSLv3_method @117
+ SSLv3_server_method @118
+ d2i_SSL_SESSION @119
+ i2d_SSL_SESSION @120
+
diff --git a/ms/tenc.bat b/ms/tenc.bat
new file mode 100755
index 0000000..a4fa7f3
--- /dev/null
+++ b/ms/tenc.bat
@@ -0,0 +1,14 @@
+rem called by testenc
+
+echo test %1 %2 %3 %4 %5 %6
+%ssleay% %1 %2 %3 %4 %5 %6 -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+if errorlevel 1 goto err
+
+echo test base64 %1 %2 %3 %4 %5 %6
+%ssleay% %1 %2 %3 %4 %5 %6 -a -e -bufsize 113 -k test -in %input% -out %tmp1%
+%ssleay% %1 %2 %3 %4 %5 %6 -a -d -bufsize 157 -k test -in %tmp1% -out %out1%
+%cmp% %input% %out1%
+
+:err
diff --git a/ms/test.bat b/ms/test.bat
new file mode 100755
index 0000000..e1862c5
--- /dev/null
+++ b/ms/test.bat
@@ -0,0 +1,133 @@
+@echo=off
+
+set bin=..\out
+set test=.
+
+echo destest
+%bin%\destest
+if errorlevel 1 goto done
+
+echo ideatest
+%bin%\ideatest
+if errorlevel 1 goto done
+
+echo bftest
+%bin%\bftest
+if errorlevel 1 goto done
+
+echo shatest
+%bin%\shatest
+if errorlevel 1 goto done
+
+echo sha1test
+%bin%\sha1test
+if errorlevel 1 goto done
+
+echo md5test
+%bin%\md5test
+if errorlevel 1 goto done
+
+echo md2test
+%bin%\md2test
+if errorlevel 1 goto done
+
+echo mdc2test
+%bin%\mdc2test
+if errorlevel 1 goto done
+
+echo rc2test
+%bin%\rc2test
+if errorlevel 1 goto done
+
+echo rc4test
+%bin%\rc4test
+if errorlevel 1 goto done
+
+echo randtest
+%bin%\randtest
+if errorlevel 1 goto done
+
+echo dhtest
+%bin%\dhtest
+if errorlevel 1 goto done
+
+echo exptest
+%bin%\exptest
+if errorlevel 1 goto done
+
+echo dsatest
+%bin%\dsatest
+if errorlevel 1 goto done
+
+echo testenc
+call %test%\testenc %bin%\ssleay
+if errorlevel 1 goto done
+
+echo testpem
+call %test%\testpem %bin%\ssleay
+if errorlevel 1 goto done
+
+echo verify
+copy ..\certs\*.pem cert.tmp >nul
+%bin%\ssleay verify -CAfile cert.tmp ..\certs\*.pem
+
+echo testss
+call %test%\testss %bin%\ssleay
+if errorlevel 1 goto done
+
+echo test sslv2
+%bin%\ssltest -ssl2
+if errorlevel 1 goto done
+
+echo test sslv2 with server authentication
+%bin%\ssltest -ssl2 -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with client authentication
+%bin%\ssltest -ssl2 -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2 with beoth client and server authentication
+%bin%\ssltest -ssl2 -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3
+%bin%\ssltest -ssl3
+if errorlevel 1 goto done
+
+echo test sslv3 with server authentication
+%bin%\ssltest -ssl3 -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with client authentication
+%bin%\ssltest -ssl3 -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv3 with beoth client and server authentication
+%bin%\ssltest -ssl3 -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3
+%bin%\ssltest
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with server authentication
+%bin%\ssltest -server_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with client authentication
+%bin%\ssltest -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+echo test sslv2/sslv3 with beoth client and server authentication
+%bin%\ssltest -server_auth -client_auth -CAfile cert.tmp
+if errorlevel 1 goto done
+
+
+del cert.tmp
+
+echo passed all tests
+goto end
+:done
+echo problems.....
+:end
diff --git a/ms/testenc.bat b/ms/testenc.bat
new file mode 100755
index 0000000..b46af4b
--- /dev/null
+++ b/ms/testenc.bat
@@ -0,0 +1,91 @@
+echo=off
+
+set ssleay=%1%
+set input=testenc.bat
+set tmp1=cipher.out
+set out1=clear.out
+set cmp=perl cmp.pl
+
+call tenc.bat enc
+if errorlevel 1 goto err
+
+call tenc.bat rc4
+if errorlevel 1 goto err
+
+call tenc.bat des-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cfb
+if errorlevel 1 goto err
+
+call tenc.bat des-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-ofb
+if errorlevel 1 goto err
+
+call tenc.bat des-ecb
+if errorlevel 1 goto err
+
+call tenc.bat des-ede
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3
+if errorlevel 1 goto err
+
+call tenc.bat des-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede-cbc
+if errorlevel 1 goto err
+
+call tenc.bat des-ede3-cbc
+if errorlevel 1 goto err
+
+call tenc.bat idea-ecb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cfb
+if errorlevel 1 goto err
+
+call tenc.bat idea-ofb
+if errorlevel 1 goto err
+
+call tenc.bat idea-cbc
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ecb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cfb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-ofb
+if errorlevel 1 goto err
+
+call tenc.bat rc2-cbc
+if errorlevel 1 goto err
+
+call tenc.bat bf-ecb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cfb
+if errorlevel 1 goto err
+
+call tenc.bat bf-ofb
+if errorlevel 1 goto err
+
+call tenc.bat bf-cbc
+if errorlevel 1 goto err
+
+echo OK
+del %out1%
+del %tmp1%
+:err
+
diff --git a/ms/testpem.bat b/ms/testpem.bat
new file mode 100755
index 0000000..e1e1a02
--- /dev/null
+++ b/ms/testpem.bat
@@ -0,0 +1,36 @@
+echo=off
+set ssleay=%1%
+set tmp1=pem.out
+set cmp=perl cmp.pl
+
+call tpem.bat crl ..\test\testcrl.pem
+if errorlevel 1 goto err
+
+call tpem.bat pkcs7 ..\test\testp7.pem
+if errorlevel 1 goto err
+
+call tpem.bat req ..\test\testreq.pem
+if errorlevel 1 goto err
+
+call tpem.bat req ..\test\testreq2.pem
+if errorlevel 1 goto err
+
+call tpem.bat rsa ..\test\testrsa.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\testx509.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat x509 ..\test\v3-cert1.pem
+if errorlevel 1 goto err
+
+call tpem.bat sess_id ..\test\testsid.pem
+if errorlevel 1 goto err
+
+echo OK
+del %tmp1%
+:err
+
diff --git a/ms/testss.bat b/ms/testss.bat
new file mode 100755
index 0000000..d9463bf
--- /dev/null
+++ b/ms/testss.bat
@@ -0,0 +1,98 @@
+echo=off
+
+set ssleay=..\out\ssleay
+set ssleay=%1
+
+set reqcmd=%ssleay% req
+set x509cmd=%ssleay% x509
+set verifycmd=%ssleay% verify
+
+set CAkey=keyCA.ss
+set CAcert=certCA.ss
+set CAserial=certCA.srl
+set CAreq=reqCA.ss
+set CAconf=..\test\CAss.cnf
+set CAreq2=req2CA.ss
+
+set Uconf=..\test\Uss.cnf
+set Ukey=keyU.ss
+set Ureq=reqU.ss
+set Ucert=certU.ss
+
+echo make a certificate request using 'req'
+%reqcmd% -config %CAconf% -out %CAreq% -keyout %CAkey% -new
+if errorlevel 1 goto err_req
+
+echo convert the certificate request into a self signed certificate using 'x509'
+%x509cmd% -CAcreateserial -in %CAreq% -days 30 -req -out %CAcert% -signkey %CAkey% >err.ss
+if errorlevel 1 goto err_x509
+
+echo --
+echo convert a certificate into a certificate request using 'x509'
+%x509cmd% -in %CAcert% -x509toreq -signkey %CAkey% -out %CAreq2% >err.ss
+if errorlevel 1 goto err_x509_2
+
+%reqcmd% -verify -in %CAreq% -noout
+if errorlevel 1 goto err_verify_1
+
+%reqcmd% -verify -in %CAreq2% -noout
+if errorlevel 1 goto err_verify_2
+
+%verifycmd% -CAfile %CAcert% %CAcert%
+if errorlevel 1 goto err_verify_3
+
+echo --
+echo make another certificate request using 'req'
+%reqcmd% -config %Uconf% -out %Ureq% -keyout %Ukey% -new >err.ss
+if errorlevel 1 goto err_req_gen
+
+echo --
+echo sign certificate request with the just created CA via 'x509'
+%x509cmd% -CAcreateserial -in %Ureq% -days 30 -req -out %Ucert% -CA %CAcert% -CAkey %CAkey% -CAserial %CAserial%
+if errorlevel 1 goto err_x509_sign
+
+%verifycmd% -CAfile %CAcert% %Ucert%
+echo --
+echo Certificate details
+%x509cmd% -subject -issuer -startdate -enddate -noout -in %Ucert%
+
+echo Everything appeared to work
+echo --
+echo The generated CA certificate is %CAcert%
+echo The generated CA private key is %CAkey%
+echo The current CA signing serial number is in %CAserial%
+
+echo The generated user certificate is %Ucert%
+echo The generated user private key is %Ukey%
+echo --
+
+del err.ss
+
+goto end
+
+:err_req
+echo error using 'req' to generate a certificate request
+goto end
+:err_x509
+echo error using 'x509' to self sign a certificate request
+goto end
+:err_x509_2
+echo error using 'x509' convert a certificate to a certificate request
+goto end
+:err_verify_1
+echo first generated request is invalid
+goto end
+:err_verify_2
+echo second generated request is invalid
+goto end
+:err_verify_3
+echo first generated cert is invalid
+goto end
+:err_req_gen
+echo error using 'req' to generate a certificate request
+goto end
+:err_x509_sign
+echo error using 'x509' to sign a certificate request
+goto end
+
+:end
diff --git a/ms/tpem.bat b/ms/tpem.bat
new file mode 100755
index 0000000..cd01792
--- /dev/null
+++ b/ms/tpem.bat
@@ -0,0 +1,6 @@
+rem called by testpem
+
+echo test %1 %2
+%ssleay% %1 -in %2 -out %tmp1%
+%cmp% %2 %tmp1%
+
diff --git a/ms/w31dll.mak b/ms/w31dll.mak
new file mode 100644
index 0000000..a69570a
--- /dev/null
+++ b/ms/w31dll.mak
@@ -0,0 +1,2032 @@
+# This makefile has been automatically generated from the SSLeay distribution.
+# This single makefile will build the complete SSLeay distribution and
+# by default leave the 'intertesting' output files in .\out and the stuff
+# that needs deleting in .\tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util\mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+INSTALLTOP=\usr\local\ssl
+
+# Set your compiler options
+CC=cl
+CFLAG=/ALw /Gx- /Gt256 /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+APP_CFLAG=/Gw /FPi87
+LIB_CFLAG=/Gw
+APP_EX_OBJ=setargv.obj
+SHLIB_EX_OBJ=
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=oldnames llibcewq libw winsock
+
+# The SSLeay directory
+SRC_D=.
+
+LINK=link
+LFLAGS= /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000 /PACKD:60000 /STACK:20000 /ALIGN:16
+
+BN_MULW_OBJ=crypto\bn\asm\x86w32.obj
+BN_MULW_SRC=crypto\bn\asm\x86w32.asm
+DES_ENC_OBJ=
+DES_ENC_SRC=
+DES_CRYPT_OBJ=
+DES_CRYPT_SRC=
+BF_ENC_OBJ=
+BF_ENC_SRC=
+
+# The output directory for everything intersting
+OUT_D=out
+# The output directory for all the temporary muck
+TMP_D=tmp
+
+CP=copy
+RM=del
+RANLIB=
+MKDIR=mkdir
+MKLIB=lib /PAGESIZE:1024
+MLFLAGS= /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000 /PACKD:60000
+ASM=ml /Cp /c /Cx
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=ssleay
+SSL=ssleay16
+CRYPTO=libeay16
+RSAGLUE=RSAglue
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+# INC_D - include directory
+BIN_D=$(OUT_D)
+TEST_D=$(OUT_D)
+LIB_D=$(OUT_D)
+INC_D=$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=$(TMP_D)
+INCL_D=$(TMP_D)
+
+O_SSL= $(LIB_D)\$(SSL).dll
+O_CRYPTO= $(LIB_D)\$(CRYPTO).dll
+O_RSAGLUE= $(LIB_D)\$(RSAGLUE).lib
+L_SSL= $(LIB_D)\$(SSL).lib
+L_CRYPTO= $(LIB_D)\$(CRYPTO).lib
+
+L_LIBS= $(L_SSL) $(L_CRYPTO)
+#L_LIBS= $(O_SSL) $(O_RSAGLUE) -lrsaref $(O_CRYPTO)
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-DFLAT_INC -I$(INC_D) -I$(INCL_D)
+APP_CFLAGS=$(INC) $(CFLAG) $(APP_CFLAG)
+LIB_CFLAGS=$(INC) $(CFLAG) $(LIB_CFLAG)
+LIBS_DEP=$(O_CRYPTO) $(O_RSAGLUE) $(O_SSL)
+
+#############################################
+HEADER=$(INCL_D)\e_os.h \
+ $(INCL_D)\cryptlib.h $(INCL_D)\date.h $(INCL_D)\md5_locl.h \
+ $(INCL_D)\sha_locl.h $(INCL_D)\des_locl.h $(INCL_D)\rpc_des.h \
+ $(INCL_D)\podd.h $(INCL_D)\sk.h $(INCL_D)\spr.h \
+ $(INCL_D)\des_ver.h $(INCL_D)\rc2_locl.h $(INCL_D)\idea_lcl.h \
+ $(INCL_D)\bf_pi.h $(INCL_D)\bf_locl.h $(INCL_D)\bn_lcl.h \
+ $(INCL_D)\bn_prime.h $(INCL_D)\obj_dat.h $(INCL_D)\conf_lcl.h \
+ $(INCL_D)\ssl_locl.h $(INCL_D)\rsaref.h $(INCL_D)\apps.h \
+ $(INCL_D)\progs.h $(INCL_D)\s_apps.h $(INCL_D)\testdsa.h \
+ $(INCL_D)\testrsa.h
+
+EXHEADER=$(INC_D)\crypto.h \
+ $(INC_D)\cryptall.h $(INC_D)\md2.h $(INC_D)\md5.h \
+ $(INC_D)\sha.h $(INC_D)\mdc2.h $(INC_D)\des.h \
+ $(INC_D)\rc4.h $(INC_D)\rc2.h $(INC_D)\idea.h \
+ $(INC_D)\blowfish.h $(INC_D)\bn.h $(INC_D)\rsa.h \
+ $(INC_D)\dsa.h $(INC_D)\dh.h $(INC_D)\buffer.h \
+ $(INC_D)\bio.h $(INC_D)\stack.h $(INC_D)\lhash.h \
+ $(INC_D)\rand.h $(INC_D)\err.h $(INC_D)\objects.h \
+ $(INC_D)\evp.h $(INC_D)\pem.h $(INC_D)\asn1.h \
+ $(INC_D)\asn1_mac.h $(INC_D)\x509.h $(INC_D)\x509_vfy.h \
+ $(INC_D)\conf.h $(INC_D)\txt_db.h $(INC_D)\pkcs7.h \
+ $(INC_D)\ssl.h $(INC_D)\ssl2.h $(INC_D)\ssl3.h \
+ $(INC_D)\ssl23.h
+
+T_OBJ=$(OBJ_D)\md2test.obj \
+ $(OBJ_D)\md5test.obj $(OBJ_D)\shatest.obj $(OBJ_D)\sha1test.obj \
+ $(OBJ_D)\mdc2test.obj $(OBJ_D)\destest.obj $(OBJ_D)\rc4test.obj \
+ $(OBJ_D)\rc2test.obj $(OBJ_D)\ideatest.obj $(OBJ_D)\bftest.obj \
+ $(OBJ_D)\bntest.obj $(OBJ_D)\exptest.obj $(OBJ_D)\dsatest.obj \
+ $(OBJ_D)\dhtest.obj $(OBJ_D)\randtest.obj $(OBJ_D)\ssltest.obj
+
+E_OBJ=$(OBJ_D)\verify.obj \
+ $(OBJ_D)\asn1pars.obj $(OBJ_D)\req.obj $(OBJ_D)\dgst.obj \
+ $(OBJ_D)\dh.obj $(OBJ_D)\enc.obj $(OBJ_D)\gendh.obj \
+ $(OBJ_D)\errstr.obj $(OBJ_D)\ca.obj $(OBJ_D)\gendsa.obj \
+ $(OBJ_D)\pkcs7.obj $(OBJ_D)\crl2p7.obj $(OBJ_D)\crl.obj \
+ $(OBJ_D)\rsa.obj $(OBJ_D)\dsa.obj $(OBJ_D)\dsaparam.obj \
+ $(OBJ_D)\x509.obj $(OBJ_D)\genrsa.obj $(OBJ_D)\s_server.obj \
+ $(OBJ_D)\s_client.obj $(OBJ_D)\speed.obj $(OBJ_D)\s_time.obj \
+ $(OBJ_D)\apps.obj $(OBJ_D)\s_cb.obj $(OBJ_D)\s_socket.obj \
+ $(OBJ_D)\version.obj $(OBJ_D)\sess_id.obj $(OBJ_D)\ciphers.obj \
+ $(OBJ_D)\ssleay.obj
+
+CRYPTOOBJ=$(OBJ_D)\cryptlib.obj \
+ $(OBJ_D)\mem.obj $(OBJ_D)\cversion.obj $(OBJ_D)\md2_dgst.obj \
+ $(OBJ_D)\md5_dgst.obj $(OBJ_D)\md2_one.obj $(OBJ_D)\md5_one.obj \
+ $(OBJ_D)\sha_dgst.obj $(OBJ_D)\sha1dgst.obj $(OBJ_D)\sha_one.obj \
+ $(OBJ_D)\sha1_one.obj $(OBJ_D)\mdc2dgst.obj $(OBJ_D)\mdc2_one.obj \
+ $(OBJ_D)\set_key.obj $(OBJ_D)\ecb_enc.obj $(OBJ_D)\ede_enc.obj \
+ $(OBJ_D)\cbc_enc.obj $(OBJ_D)\cbc3_enc.obj $(OBJ_D)\ecb3_enc.obj \
+ $(OBJ_D)\cfb64enc.obj $(OBJ_D)\cfb64ede.obj $(OBJ_D)\cfb_enc.obj \
+ $(OBJ_D)\ofb64ede.obj $(OBJ_D)\enc_read.obj $(OBJ_D)\enc_writ.obj \
+ $(OBJ_D)\ncbc_enc.obj $(OBJ_D)\ofb64enc.obj $(OBJ_D)\ofb_enc.obj \
+ $(OBJ_D)\str2key.obj $(OBJ_D)\pcbc_enc.obj $(OBJ_D)\qud_cksm.obj \
+ $(OBJ_D)\rand_key.obj $(OBJ_D)\des_enc.obj $(OBJ_D)\fcrypt_b.obj \
+ $(OBJ_D)\read2pwd.obj $(OBJ_D)\fcrypt.obj $(OBJ_D)\xcbc_enc.obj \
+ $(OBJ_D)\read_pwd.obj $(OBJ_D)\rpc_enc.obj $(OBJ_D)\cbc_cksm.obj \
+ $(OBJ_D)\supp.obj $(OBJ_D)\rc4_enc.obj $(OBJ_D)\rc2_ecb.obj \
+ $(OBJ_D)\rc2_skey.obj $(OBJ_D)\rc2_cbc.obj $(OBJ_D)\rc2cfb64.obj \
+ $(OBJ_D)\rc2ofb64.obj $(OBJ_D)\i_cbc.obj $(OBJ_D)\i_cfb64.obj \
+ $(OBJ_D)\i_ofb64.obj $(OBJ_D)\i_ecb.obj $(OBJ_D)\i_skey.obj \
+ $(OBJ_D)\bf_skey.obj $(OBJ_D)\bf_ecb.obj $(OBJ_D)\bf_enc.obj \
+ $(OBJ_D)\bf_cbc.obj $(OBJ_D)\bf_cfb64.obj $(OBJ_D)\bf_ofb64.obj \
+ $(OBJ_D)\bn_add.obj $(OBJ_D)\bn_div.obj $(OBJ_D)\bn_exp.obj \
+ $(OBJ_D)\bn_lib.obj $(OBJ_D)\bn_mod.obj $(OBJ_D)\bn_mul.obj \
+ $(OBJ_D)\bn_print.obj $(OBJ_D)\bn_rand.obj $(OBJ_D)\bn_shift.obj \
+ $(OBJ_D)\bn_sub.obj $(OBJ_D)\bn_word.obj $(OBJ_D)\bn_gcd.obj \
+ $(OBJ_D)\bn_prime.obj $(OBJ_D)\bn_err.obj $(OBJ_D)\bn_sqr.obj \
+ $(BN_MULW_OBJ) $(OBJ_D)\bn_recp.obj $(OBJ_D)\bn_mont.obj \
+ $(OBJ_D)\rsa_enc.obj $(OBJ_D)\rsa_gen.obj $(OBJ_D)\rsa_lib.obj \
+ $(OBJ_D)\rsa_sign.obj $(OBJ_D)\rsa_saos.obj $(OBJ_D)\rsa_err.obj \
+ $(OBJ_D)\dsa_gen.obj $(OBJ_D)\dsa_key.obj $(OBJ_D)\dsa_lib.obj \
+ $(OBJ_D)\dsa_vrf.obj $(OBJ_D)\dsa_sign.obj $(OBJ_D)\dsa_err.obj \
+ $(OBJ_D)\dh_gen.obj $(OBJ_D)\dh_key.obj $(OBJ_D)\dh_lib.obj \
+ $(OBJ_D)\dh_check.obj $(OBJ_D)\dh_err.obj $(OBJ_D)\buffer.obj \
+ $(OBJ_D)\buf_err.obj $(OBJ_D)\bio_lib.obj $(OBJ_D)\bio_cb.obj \
+ $(OBJ_D)\bio_err.obj $(OBJ_D)\bss_mem.obj $(OBJ_D)\bss_null.obj \
+ $(OBJ_D)\bss_fd.obj $(OBJ_D)\bss_file.obj $(OBJ_D)\bss_sock.obj \
+ $(OBJ_D)\bss_conn.obj $(OBJ_D)\bf_null.obj $(OBJ_D)\bf_buff.obj \
+ $(OBJ_D)\b_print.obj $(OBJ_D)\b_dump.obj $(OBJ_D)\b_sock.obj \
+ $(OBJ_D)\bss_acpt.obj $(OBJ_D)\bf_nbio.obj $(OBJ_D)\stack.obj \
+ $(OBJ_D)\lhash.obj $(OBJ_D)\lh_stats.obj $(OBJ_D)\md_rand.obj \
+ $(OBJ_D)\randfile.obj $(OBJ_D)\err.obj $(OBJ_D)\err_all.obj \
+ $(OBJ_D)\err_prn.obj $(OBJ_D)\obj_dat.obj $(OBJ_D)\obj_lib.obj \
+ $(OBJ_D)\obj_err.obj $(OBJ_D)\encode.obj $(OBJ_D)\digest.obj \
+ $(OBJ_D)\evp_enc.obj $(OBJ_D)\evp_key.obj $(OBJ_D)\e_ecb_d.obj \
+ $(OBJ_D)\e_cbc_d.obj $(OBJ_D)\e_cfb_d.obj $(OBJ_D)\e_ofb_d.obj \
+ $(OBJ_D)\e_ecb_i.obj $(OBJ_D)\e_cbc_i.obj $(OBJ_D)\e_cfb_i.obj \
+ $(OBJ_D)\e_ofb_i.obj $(OBJ_D)\e_ecb_3d.obj $(OBJ_D)\e_cbc_3d.obj \
+ $(OBJ_D)\e_rc4.obj $(OBJ_D)\names.obj $(OBJ_D)\e_cfb_3d.obj \
+ $(OBJ_D)\e_ofb_3d.obj $(OBJ_D)\e_xcbc_d.obj $(OBJ_D)\e_ecb_r2.obj \
+ $(OBJ_D)\e_cbc_r2.obj $(OBJ_D)\e_cfb_r2.obj $(OBJ_D)\e_ofb_r2.obj \
+ $(OBJ_D)\e_ecb_bf.obj $(OBJ_D)\e_cbc_bf.obj $(OBJ_D)\e_cfb_bf.obj \
+ $(OBJ_D)\e_ofb_bf.obj $(OBJ_D)\m_null.obj $(OBJ_D)\m_md2.obj \
+ $(OBJ_D)\m_md5.obj $(OBJ_D)\m_sha.obj $(OBJ_D)\m_sha1.obj \
+ $(OBJ_D)\m_dss.obj $(OBJ_D)\m_dss1.obj $(OBJ_D)\m_mdc2.obj \
+ $(OBJ_D)\p_open.obj $(OBJ_D)\p_seal.obj $(OBJ_D)\p_sign.obj \
+ $(OBJ_D)\p_verify.obj $(OBJ_D)\p_lib.obj $(OBJ_D)\bio_md.obj \
+ $(OBJ_D)\bio_b64.obj $(OBJ_D)\bio_enc.obj $(OBJ_D)\evp_err.obj \
+ $(OBJ_D)\e_null.obj $(OBJ_D)\c_all.obj $(OBJ_D)\pem_sign.obj \
+ $(OBJ_D)\pem_seal.obj $(OBJ_D)\pem_info.obj $(OBJ_D)\pem_lib.obj \
+ $(OBJ_D)\pem_all.obj $(OBJ_D)\pem_err.obj $(OBJ_D)\a_object.obj \
+ $(OBJ_D)\a_bitstr.obj $(OBJ_D)\a_utctm.obj $(OBJ_D)\a_int.obj \
+ $(OBJ_D)\a_octet.obj $(OBJ_D)\a_print.obj $(OBJ_D)\a_type.obj \
+ $(OBJ_D)\a_set.obj $(OBJ_D)\a_dup.obj $(OBJ_D)\a_d2i_fp.obj \
+ $(OBJ_D)\a_i2d_fp.obj $(OBJ_D)\a_sign.obj $(OBJ_D)\a_digest.obj \
+ $(OBJ_D)\a_verify.obj $(OBJ_D)\x_algor.obj $(OBJ_D)\x_val.obj \
+ $(OBJ_D)\x_pubkey.obj $(OBJ_D)\x_sig.obj $(OBJ_D)\x_req.obj \
+ $(OBJ_D)\x_attrib.obj $(OBJ_D)\x_name.obj $(OBJ_D)\x_cinf.obj \
+ $(OBJ_D)\x_x509.obj $(OBJ_D)\x_crl.obj $(OBJ_D)\x_info.obj \
+ $(OBJ_D)\x_spki.obj $(OBJ_D)\d2i_r_pr.obj $(OBJ_D)\i2d_r_pr.obj \
+ $(OBJ_D)\d2i_r_pu.obj $(OBJ_D)\i2d_r_pu.obj $(OBJ_D)\d2i_s_pr.obj \
+ $(OBJ_D)\i2d_s_pr.obj $(OBJ_D)\d2i_s_pu.obj $(OBJ_D)\i2d_s_pu.obj \
+ $(OBJ_D)\d2i_pu.obj $(OBJ_D)\d2i_pr.obj $(OBJ_D)\i2d_pu.obj \
+ $(OBJ_D)\i2d_pr.obj $(OBJ_D)\t_req.obj $(OBJ_D)\t_x509.obj \
+ $(OBJ_D)\t_pkey.obj $(OBJ_D)\p7_i_s.obj $(OBJ_D)\p7_signi.obj \
+ $(OBJ_D)\p7_signd.obj $(OBJ_D)\p7_recip.obj $(OBJ_D)\p7_enc_c.obj \
+ $(OBJ_D)\p7_evp.obj $(OBJ_D)\p7_dgst.obj $(OBJ_D)\p7_s_e.obj \
+ $(OBJ_D)\p7_enc.obj $(OBJ_D)\p7_lib.obj $(OBJ_D)\f_int.obj \
+ $(OBJ_D)\f_string.obj $(OBJ_D)\i2d_dhp.obj $(OBJ_D)\i2d_dsap.obj \
+ $(OBJ_D)\d2i_dhp.obj $(OBJ_D)\d2i_dsap.obj $(OBJ_D)\n_pkey.obj \
+ $(OBJ_D)\a_hdr.obj $(OBJ_D)\x_pkey.obj $(OBJ_D)\a_bool.obj \
+ $(OBJ_D)\x_exten.obj $(OBJ_D)\asn1_par.obj $(OBJ_D)\asn1_lib.obj \
+ $(OBJ_D)\asn1_err.obj $(OBJ_D)\a_meth.obj $(OBJ_D)\a_bytes.obj \
+ $(OBJ_D)\x509_def.obj $(OBJ_D)\x509_d2.obj $(OBJ_D)\x509_r2x.obj \
+ $(OBJ_D)\x509_cmp.obj $(OBJ_D)\x509_obj.obj $(OBJ_D)\x509_req.obj \
+ $(OBJ_D)\x509_vfy.obj $(OBJ_D)\x509_set.obj $(OBJ_D)\x509rset.obj \
+ $(OBJ_D)\x509_err.obj $(OBJ_D)\x509name.obj $(OBJ_D)\x509_v3.obj \
+ $(OBJ_D)\x509_ext.obj $(OBJ_D)\x509pack.obj $(OBJ_D)\x509type.obj \
+ $(OBJ_D)\x509_lu.obj $(OBJ_D)\x_all.obj $(OBJ_D)\x509_txt.obj \
+ $(OBJ_D)\by_file.obj $(OBJ_D)\by_dir.obj $(OBJ_D)\v3_net.obj \
+ $(OBJ_D)\v3_x509.obj $(OBJ_D)\conf.obj $(OBJ_D)\conf_err.obj \
+ $(OBJ_D)\txt_db.obj $(OBJ_D)\pk7_lib.obj $(OBJ_D)\pkcs7err.obj \
+ $(OBJ_D)\pk7_doit.obj
+
+SSLOBJ=$(OBJ_D)\s2_meth.obj \
+ $(OBJ_D)\s2_srvr.obj $(OBJ_D)\s2_clnt.obj $(OBJ_D)\s2_lib.obj \
+ $(OBJ_D)\s2_pkt.obj $(OBJ_D)\s2_enc.obj $(OBJ_D)\s3_meth.obj \
+ $(OBJ_D)\s3_srvr.obj $(OBJ_D)\s3_clnt.obj $(OBJ_D)\s3_lib.obj \
+ $(OBJ_D)\s3_pkt.obj $(OBJ_D)\s3_enc.obj $(OBJ_D)\s3_both.obj \
+ $(OBJ_D)\s23_meth.obj $(OBJ_D)\s23_srvr.obj $(OBJ_D)\s23_clnt.obj \
+ $(OBJ_D)\s23_lib.obj $(OBJ_D)\s23_pkt.obj $(OBJ_D)\ssl_lib.obj \
+ $(OBJ_D)\ssl_err2.obj $(OBJ_D)\ssl_cert.obj $(OBJ_D)\ssl_sess.obj \
+ $(OBJ_D)\ssl_ciph.obj $(OBJ_D)\ssl_stat.obj $(OBJ_D)\ssl_rsa.obj \
+ $(OBJ_D)\ssl_asn1.obj $(OBJ_D)\ssl_txt.obj $(OBJ_D)\ssl_algs.obj \
+ $(OBJ_D)\bio_ssl.obj $(OBJ_D)\ssl_err.obj
+
+RSAGLUEOBJ=$(OBJ_D)\rsaref.obj \
+ $(OBJ_D)\rsar_err.obj
+
+T_EXE=$(TEST_D)\md2test.exe \
+ $(TEST_D)\md5test.exe $(TEST_D)\shatest.exe $(TEST_D)\sha1test.exe \
+ $(TEST_D)\mdc2test.exe $(TEST_D)\destest.exe $(TEST_D)\rc4test.exe \
+ $(TEST_D)\rc2test.exe $(TEST_D)\ideatest.exe $(TEST_D)\bftest.exe \
+ $(TEST_D)\bntest.exe $(TEST_D)\exptest.exe $(TEST_D)\dsatest.exe \
+ $(TEST_D)\dhtest.exe $(TEST_D)\randtest.exe $(TEST_D)\ssltest.exe
+
+###################################################################
+all: banner $(OUT_D) $(TMP_D) headers lib exe
+
+banner:
+ @echo Make sure you have run 'perl Configure VC-W31-32' in the
+ @echo top level directory, if you don't have perl, you will
+ @echo need to probably edit crypto/bn/bn.h, check the
+ @echo documentation for details.
+
+
+$(OUT_D):
+ $(MKDIR) $(OUT_D)
+
+$(TMP_D):
+ $(MKDIR) $(TMP_D)
+
+headers: $(HEADER) $(EXHEADER)
+
+lib: $(LIBS_DEP)
+
+exe: $(T_EXE) $(BIN_D)\$(E_EXE).exe
+
+install:
+ $(MKDIR) $(INSTALLTOP)
+ $(MKDIR) $(INSTALLTOP)\bin
+ $(MKDIR) $(INSTALLTOP)\include
+ $(MKDIR) $(INSTALLTOP)\lib
+ $(CP) $(INC_D)\*.h $(INSTALLTOP)\include
+ $(CP) $(BIN_D)\$(E_EXE).exe $(INSTALLTOP)\bin
+ $(CP) $(LIB_D)\$(O_SSL) $(INSTALLTOP)\lib
+ $(CP) $(LIB_D)\$(O_CRYPTO) $(INSTALLTOP)\lib
+
+clean:
+ $(RM) $(TMP_D)\*.*
+
+vclean:
+ $(RM) $(TMP_D)\*.*
+ $(RM) $(OUT_D)\*.*
+
+$(INCL_D)\e_os.h: $(SRC_D)\.\e_os.h
+ $(CP) $(SRC_D)\.\e_os.h $(INCL_D)\e_os.h
+
+$(INCL_D)\cryptlib.h: $(SRC_D)\crypto\cryptlib.h
+ $(CP) $(SRC_D)\crypto\cryptlib.h $(INCL_D)\cryptlib.h
+
+$(INCL_D)\date.h: $(SRC_D)\crypto\date.h
+ $(CP) $(SRC_D)\crypto\date.h $(INCL_D)\date.h
+
+$(INCL_D)\md5_locl.h: $(SRC_D)\crypto\md\md5_locl.h
+ $(CP) $(SRC_D)\crypto\md\md5_locl.h $(INCL_D)\md5_locl.h
+
+$(INCL_D)\sha_locl.h: $(SRC_D)\crypto\sha\sha_locl.h
+ $(CP) $(SRC_D)\crypto\sha\sha_locl.h $(INCL_D)\sha_locl.h
+
+$(INCL_D)\des_locl.h: $(SRC_D)\crypto\des\des_locl.h
+ $(CP) $(SRC_D)\crypto\des\des_locl.h $(INCL_D)\des_locl.h
+
+$(INCL_D)\rpc_des.h: $(SRC_D)\crypto\des\rpc_des.h
+ $(CP) $(SRC_D)\crypto\des\rpc_des.h $(INCL_D)\rpc_des.h
+
+$(INCL_D)\podd.h: $(SRC_D)\crypto\des\podd.h
+ $(CP) $(SRC_D)\crypto\des\podd.h $(INCL_D)\podd.h
+
+$(INCL_D)\sk.h: $(SRC_D)\crypto\des\sk.h
+ $(CP) $(SRC_D)\crypto\des\sk.h $(INCL_D)\sk.h
+
+$(INCL_D)\spr.h: $(SRC_D)\crypto\des\spr.h
+ $(CP) $(SRC_D)\crypto\des\spr.h $(INCL_D)\spr.h
+
+$(INCL_D)\des_ver.h: $(SRC_D)\crypto\des\des_ver.h
+ $(CP) $(SRC_D)\crypto\des\des_ver.h $(INCL_D)\des_ver.h
+
+$(INCL_D)\rc2_locl.h: $(SRC_D)\crypto\rc2\rc2_locl.h
+ $(CP) $(SRC_D)\crypto\rc2\rc2_locl.h $(INCL_D)\rc2_locl.h
+
+$(INCL_D)\idea_lcl.h: $(SRC_D)\crypto\idea\idea_lcl.h
+ $(CP) $(SRC_D)\crypto\idea\idea_lcl.h $(INCL_D)\idea_lcl.h
+
+$(INCL_D)\bf_pi.h: $(SRC_D)\crypto\bf\bf_pi.h
+ $(CP) $(SRC_D)\crypto\bf\bf_pi.h $(INCL_D)\bf_pi.h
+
+$(INCL_D)\bf_locl.h: $(SRC_D)\crypto\bf\bf_locl.h
+ $(CP) $(SRC_D)\crypto\bf\bf_locl.h $(INCL_D)\bf_locl.h
+
+$(INCL_D)\bn_lcl.h: $(SRC_D)\crypto\bn\bn_lcl.h
+ $(CP) $(SRC_D)\crypto\bn\bn_lcl.h $(INCL_D)\bn_lcl.h
+
+$(INCL_D)\bn_prime.h: $(SRC_D)\crypto\bn\bn_prime.h
+ $(CP) $(SRC_D)\crypto\bn\bn_prime.h $(INCL_D)\bn_prime.h
+
+$(INCL_D)\obj_dat.h: $(SRC_D)\crypto\objects\obj_dat.h
+ $(CP) $(SRC_D)\crypto\objects\obj_dat.h $(INCL_D)\obj_dat.h
+
+$(INCL_D)\conf_lcl.h: $(SRC_D)\crypto\conf\conf_lcl.h
+ $(CP) $(SRC_D)\crypto\conf\conf_lcl.h $(INCL_D)\conf_lcl.h
+
+$(INCL_D)\ssl_locl.h: $(SRC_D)\ssl\ssl_locl.h
+ $(CP) $(SRC_D)\ssl\ssl_locl.h $(INCL_D)\ssl_locl.h
+
+$(INCL_D)\rsaref.h: $(SRC_D)\rsaref\rsaref.h
+ $(CP) $(SRC_D)\rsaref\rsaref.h $(INCL_D)\rsaref.h
+
+$(INCL_D)\apps.h: $(SRC_D)\apps\apps.h
+ $(CP) $(SRC_D)\apps\apps.h $(INCL_D)\apps.h
+
+$(INCL_D)\progs.h: $(SRC_D)\apps\progs.h
+ $(CP) $(SRC_D)\apps\progs.h $(INCL_D)\progs.h
+
+$(INCL_D)\s_apps.h: $(SRC_D)\apps\s_apps.h
+ $(CP) $(SRC_D)\apps\s_apps.h $(INCL_D)\s_apps.h
+
+$(INCL_D)\testdsa.h: $(SRC_D)\apps\testdsa.h
+ $(CP) $(SRC_D)\apps\testdsa.h $(INCL_D)\testdsa.h
+
+$(INCL_D)\testrsa.h: $(SRC_D)\apps\testrsa.h
+ $(CP) $(SRC_D)\apps\testrsa.h $(INCL_D)\testrsa.h
+
+$(INC_D)\crypto.h: $(SRC_D)\crypto\crypto.h
+ $(CP) $(SRC_D)\crypto\crypto.h $(INC_D)\crypto.h
+
+$(INC_D)\cryptall.h: $(SRC_D)\crypto\cryptall.h
+ $(CP) $(SRC_D)\crypto\cryptall.h $(INC_D)\cryptall.h
+
+$(INC_D)\md2.h: $(SRC_D)\crypto\md\md2.h
+ $(CP) $(SRC_D)\crypto\md\md2.h $(INC_D)\md2.h
+
+$(INC_D)\md5.h: $(SRC_D)\crypto\md\md5.h
+ $(CP) $(SRC_D)\crypto\md\md5.h $(INC_D)\md5.h
+
+$(INC_D)\sha.h: $(SRC_D)\crypto\sha\sha.h
+ $(CP) $(SRC_D)\crypto\sha\sha.h $(INC_D)\sha.h
+
+$(INC_D)\mdc2.h: $(SRC_D)\crypto\mdc2\mdc2.h
+ $(CP) $(SRC_D)\crypto\mdc2\mdc2.h $(INC_D)\mdc2.h
+
+$(INC_D)\des.h: $(SRC_D)\crypto\des\des.h
+ $(CP) $(SRC_D)\crypto\des\des.h $(INC_D)\des.h
+
+$(INC_D)\rc4.h: $(SRC_D)\crypto\rc4\rc4.h
+ $(CP) $(SRC_D)\crypto\rc4\rc4.h $(INC_D)\rc4.h
+
+$(INC_D)\rc2.h: $(SRC_D)\crypto\rc2\rc2.h
+ $(CP) $(SRC_D)\crypto\rc2\rc2.h $(INC_D)\rc2.h
+
+$(INC_D)\idea.h: $(SRC_D)\crypto\idea\idea.h
+ $(CP) $(SRC_D)\crypto\idea\idea.h $(INC_D)\idea.h
+
+$(INC_D)\blowfish.h: $(SRC_D)\crypto\bf\blowfish.h
+ $(CP) $(SRC_D)\crypto\bf\blowfish.h $(INC_D)\blowfish.h
+
+$(INC_D)\bn.h: $(SRC_D)\crypto\bn\bn.h
+ $(CP) $(SRC_D)\crypto\bn\bn.h $(INC_D)\bn.h
+
+$(INC_D)\rsa.h: $(SRC_D)\crypto\rsa\rsa.h
+ $(CP) $(SRC_D)\crypto\rsa\rsa.h $(INC_D)\rsa.h
+
+$(INC_D)\dsa.h: $(SRC_D)\crypto\dsa\dsa.h
+ $(CP) $(SRC_D)\crypto\dsa\dsa.h $(INC_D)\dsa.h
+
+$(INC_D)\dh.h: $(SRC_D)\crypto\dh\dh.h
+ $(CP) $(SRC_D)\crypto\dh\dh.h $(INC_D)\dh.h
+
+$(INC_D)\buffer.h: $(SRC_D)\crypto\buffer\buffer.h
+ $(CP) $(SRC_D)\crypto\buffer\buffer.h $(INC_D)\buffer.h
+
+$(INC_D)\bio.h: $(SRC_D)\crypto\bio\bio.h
+ $(CP) $(SRC_D)\crypto\bio\bio.h $(INC_D)\bio.h
+
+$(INC_D)\stack.h: $(SRC_D)\crypto\stack\stack.h
+ $(CP) $(SRC_D)\crypto\stack\stack.h $(INC_D)\stack.h
+
+$(INC_D)\lhash.h: $(SRC_D)\crypto\lhash\lhash.h
+ $(CP) $(SRC_D)\crypto\lhash\lhash.h $(INC_D)\lhash.h
+
+$(INC_D)\rand.h: $(SRC_D)\crypto\rand\rand.h
+ $(CP) $(SRC_D)\crypto\rand\rand.h $(INC_D)\rand.h
+
+$(INC_D)\err.h: $(SRC_D)\crypto\err\err.h
+ $(CP) $(SRC_D)\crypto\err\err.h $(INC_D)\err.h
+
+$(INC_D)\objects.h: $(SRC_D)\crypto\objects\objects.h
+ $(CP) $(SRC_D)\crypto\objects\objects.h $(INC_D)\objects.h
+
+$(INC_D)\evp.h: $(SRC_D)\crypto\evp\evp.h
+ $(CP) $(SRC_D)\crypto\evp\evp.h $(INC_D)\evp.h
+
+$(INC_D)\pem.h: $(SRC_D)\crypto\pem\pem.h
+ $(CP) $(SRC_D)\crypto\pem\pem.h $(INC_D)\pem.h
+
+$(INC_D)\asn1.h: $(SRC_D)\crypto\asn1\asn1.h
+ $(CP) $(SRC_D)\crypto\asn1\asn1.h $(INC_D)\asn1.h
+
+$(INC_D)\asn1_mac.h: $(SRC_D)\crypto\asn1\asn1_mac.h
+ $(CP) $(SRC_D)\crypto\asn1\asn1_mac.h $(INC_D)\asn1_mac.h
+
+$(INC_D)\x509.h: $(SRC_D)\crypto\x509\x509.h
+ $(CP) $(SRC_D)\crypto\x509\x509.h $(INC_D)\x509.h
+
+$(INC_D)\x509_vfy.h: $(SRC_D)\crypto\x509\x509_vfy.h
+ $(CP) $(SRC_D)\crypto\x509\x509_vfy.h $(INC_D)\x509_vfy.h
+
+$(INC_D)\conf.h: $(SRC_D)\crypto\conf\conf.h
+ $(CP) $(SRC_D)\crypto\conf\conf.h $(INC_D)\conf.h
+
+$(INC_D)\txt_db.h: $(SRC_D)\crypto\txt_db\txt_db.h
+ $(CP) $(SRC_D)\crypto\txt_db\txt_db.h $(INC_D)\txt_db.h
+
+$(INC_D)\pkcs7.h: $(SRC_D)\crypto\pkcs7\pkcs7.h
+ $(CP) $(SRC_D)\crypto\pkcs7\pkcs7.h $(INC_D)\pkcs7.h
+
+$(INC_D)\ssl.h: $(SRC_D)\ssl\ssl.h
+ $(CP) $(SRC_D)\ssl\ssl.h $(INC_D)\ssl.h
+
+$(INC_D)\ssl2.h: $(SRC_D)\ssl\ssl2.h
+ $(CP) $(SRC_D)\ssl\ssl2.h $(INC_D)\ssl2.h
+
+$(INC_D)\ssl3.h: $(SRC_D)\ssl\ssl3.h
+ $(CP) $(SRC_D)\ssl\ssl3.h $(INC_D)\ssl3.h
+
+$(INC_D)\ssl23.h: $(SRC_D)\ssl\ssl23.h
+ $(CP) $(SRC_D)\ssl\ssl23.h $(INC_D)\ssl23.h
+
+$(OBJ_D)\md2test.obj: $(SRC_D)\crypto\md\md2test.c
+ $(CC) /Fo$(OBJ_D)\md2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md2test.c
+
+$(OBJ_D)\md5test.obj: $(SRC_D)\crypto\md\md5test.c
+ $(CC) /Fo$(OBJ_D)\md5test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\md\md5test.c
+
+$(OBJ_D)\shatest.obj: $(SRC_D)\crypto\sha\shatest.c
+ $(CC) /Fo$(OBJ_D)\shatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\sha\shatest.c
+
+$(OBJ_D)\sha1test.obj: $(SRC_D)\crypto\sha\sha1test.c
+ $(CC) /Fo$(OBJ_D)\sha1test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\sha\sha1test.c
+
+$(OBJ_D)\mdc2test.obj: $(SRC_D)\crypto\mdc2\mdc2test.c
+ $(CC) /Fo$(OBJ_D)\mdc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2test.c
+
+$(OBJ_D)\destest.obj: $(SRC_D)\crypto\des\destest.c
+ $(CC) /Fo$(OBJ_D)\destest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\des\destest.c
+
+$(OBJ_D)\rc4test.obj: $(SRC_D)\crypto\rc4\rc4test.c
+ $(CC) /Fo$(OBJ_D)\rc4test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4test.c
+
+$(OBJ_D)\rc2test.obj: $(SRC_D)\crypto\rc2\rc2test.c
+ $(CC) /Fo$(OBJ_D)\rc2test.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2test.c
+
+$(OBJ_D)\ideatest.obj: $(SRC_D)\crypto\idea\ideatest.c
+ $(CC) /Fo$(OBJ_D)\ideatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\idea\ideatest.c
+
+$(OBJ_D)\bftest.obj: $(SRC_D)\crypto\bf\bftest.c
+ $(CC) /Fo$(OBJ_D)\bftest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bf\bftest.c
+
+$(OBJ_D)\bntest.obj: $(SRC_D)\crypto\bn\bntest.c
+ $(CC) /Fo$(OBJ_D)\bntest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bn\bntest.c
+
+$(OBJ_D)\exptest.obj: $(SRC_D)\crypto\bn\exptest.c
+ $(CC) /Fo$(OBJ_D)\exptest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\bn\exptest.c
+
+$(OBJ_D)\dsatest.obj: $(SRC_D)\crypto\dsa\dsatest.c
+ $(CC) /Fo$(OBJ_D)\dsatest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\dsa\dsatest.c
+
+$(OBJ_D)\dhtest.obj: $(SRC_D)\crypto\dh\dhtest.c
+ $(CC) /Fo$(OBJ_D)\dhtest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\dh\dhtest.c
+
+$(OBJ_D)\randtest.obj: $(SRC_D)\crypto\rand\randtest.c
+ $(CC) /Fo$(OBJ_D)\randtest.obj $(APP_CFLAGS) -c $(SRC_D)\crypto\rand\randtest.c
+
+$(OBJ_D)\ssltest.obj: $(SRC_D)\ssl\ssltest.c
+ $(CC) /Fo$(OBJ_D)\ssltest.obj $(APP_CFLAGS) -c $(SRC_D)\ssl\ssltest.c
+
+$(OBJ_D)\verify.obj: $(SRC_D)\apps\verify.c
+ $(CC) /Fo$(OBJ_D)\verify.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\verify.c
+
+$(OBJ_D)\asn1pars.obj: $(SRC_D)\apps\asn1pars.c
+ $(CC) /Fo$(OBJ_D)\asn1pars.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\asn1pars.c
+
+$(OBJ_D)\req.obj: $(SRC_D)\apps\req.c
+ $(CC) /Fo$(OBJ_D)\req.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\req.c
+
+$(OBJ_D)\dgst.obj: $(SRC_D)\apps\dgst.c
+ $(CC) /Fo$(OBJ_D)\dgst.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dgst.c
+
+$(OBJ_D)\dh.obj: $(SRC_D)\apps\dh.c
+ $(CC) /Fo$(OBJ_D)\dh.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dh.c
+
+$(OBJ_D)\enc.obj: $(SRC_D)\apps\enc.c
+ $(CC) /Fo$(OBJ_D)\enc.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\enc.c
+
+$(OBJ_D)\gendh.obj: $(SRC_D)\apps\gendh.c
+ $(CC) /Fo$(OBJ_D)\gendh.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\gendh.c
+
+$(OBJ_D)\errstr.obj: $(SRC_D)\apps\errstr.c
+ $(CC) /Fo$(OBJ_D)\errstr.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\errstr.c
+
+$(OBJ_D)\ca.obj: $(SRC_D)\apps\ca.c
+ $(CC) /Fo$(OBJ_D)\ca.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ca.c
+
+$(OBJ_D)\gendsa.obj: $(SRC_D)\apps\gendsa.c
+ $(CC) /Fo$(OBJ_D)\gendsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\gendsa.c
+
+$(OBJ_D)\pkcs7.obj: $(SRC_D)\apps\pkcs7.c
+ $(CC) /Fo$(OBJ_D)\pkcs7.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\pkcs7.c
+
+$(OBJ_D)\crl2p7.obj: $(SRC_D)\apps\crl2p7.c
+ $(CC) /Fo$(OBJ_D)\crl2p7.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\crl2p7.c
+
+$(OBJ_D)\crl.obj: $(SRC_D)\apps\crl.c
+ $(CC) /Fo$(OBJ_D)\crl.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\crl.c
+
+$(OBJ_D)\rsa.obj: $(SRC_D)\apps\rsa.c
+ $(CC) /Fo$(OBJ_D)\rsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\rsa.c
+
+$(OBJ_D)\dsa.obj: $(SRC_D)\apps\dsa.c
+ $(CC) /Fo$(OBJ_D)\dsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dsa.c
+
+$(OBJ_D)\dsaparam.obj: $(SRC_D)\apps\dsaparam.c
+ $(CC) /Fo$(OBJ_D)\dsaparam.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\dsaparam.c
+
+$(OBJ_D)\x509.obj: $(SRC_D)\apps\x509.c
+ $(CC) /Fo$(OBJ_D)\x509.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\x509.c
+
+$(OBJ_D)\genrsa.obj: $(SRC_D)\apps\genrsa.c
+ $(CC) /Fo$(OBJ_D)\genrsa.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\genrsa.c
+
+$(OBJ_D)\s_server.obj: $(SRC_D)\apps\s_server.c
+ $(CC) /Fo$(OBJ_D)\s_server.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_server.c
+
+$(OBJ_D)\s_client.obj: $(SRC_D)\apps\s_client.c
+ $(CC) /Fo$(OBJ_D)\s_client.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_client.c
+
+$(OBJ_D)\speed.obj: $(SRC_D)\apps\speed.c
+ $(CC) /Fo$(OBJ_D)\speed.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\speed.c
+
+$(OBJ_D)\s_time.obj: $(SRC_D)\apps\s_time.c
+ $(CC) /Fo$(OBJ_D)\s_time.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_time.c
+
+$(OBJ_D)\apps.obj: $(SRC_D)\apps\apps.c
+ $(CC) /Fo$(OBJ_D)\apps.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\apps.c
+
+$(OBJ_D)\s_cb.obj: $(SRC_D)\apps\s_cb.c
+ $(CC) /Fo$(OBJ_D)\s_cb.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_cb.c
+
+$(OBJ_D)\s_socket.obj: $(SRC_D)\apps\s_socket.c
+ $(CC) /Fo$(OBJ_D)\s_socket.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\s_socket.c
+
+$(OBJ_D)\version.obj: $(SRC_D)\apps\version.c
+ $(CC) /Fo$(OBJ_D)\version.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\version.c
+
+$(OBJ_D)\sess_id.obj: $(SRC_D)\apps\sess_id.c
+ $(CC) /Fo$(OBJ_D)\sess_id.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\sess_id.c
+
+$(OBJ_D)\ciphers.obj: $(SRC_D)\apps\ciphers.c
+ $(CC) /Fo$(OBJ_D)\ciphers.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ciphers.c
+
+$(OBJ_D)\ssleay.obj: $(SRC_D)\apps\ssleay.c
+ $(CC) /Fo$(OBJ_D)\ssleay.obj -DMONOLITH $(APP_CFLAGS) -c $(SRC_D)\apps\ssleay.c
+
+crypto\bn\asm\x86w32.obj: crypto\bn\asm\x86w32.asm
+ $(ASM) /Focrypto\bn\asm\x86w32.obj $(SRC_D)\crypto\bn\asm\x86w32.asm
+
+$(OBJ_D)\cryptlib.obj: $(SRC_D)\crypto\cryptlib.c
+ $(CC) /Fo$(OBJ_D)\cryptlib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\cryptlib.c
+
+$(OBJ_D)\mem.obj: $(SRC_D)\crypto\mem.c
+ $(CC) /Fo$(OBJ_D)\mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mem.c
+
+$(OBJ_D)\cversion.obj: $(SRC_D)\crypto\cversion.c
+ $(CC) /Fo$(OBJ_D)\cversion.obj $(LIB_CFLAGS) -DCFLAGS="\"$(CC) $(CFLAG)\"" -c $(SRC_D)\crypto\cversion.c
+
+$(OBJ_D)\md2_dgst.obj: $(SRC_D)\crypto\md\md2_dgst.c
+ $(CC) /Fo$(OBJ_D)\md2_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_dgst.c
+
+$(OBJ_D)\md5_dgst.obj: $(SRC_D)\crypto\md\md5_dgst.c
+ $(CC) /Fo$(OBJ_D)\md5_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_dgst.c
+
+$(OBJ_D)\md2_one.obj: $(SRC_D)\crypto\md\md2_one.c
+ $(CC) /Fo$(OBJ_D)\md2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md2_one.c
+
+$(OBJ_D)\md5_one.obj: $(SRC_D)\crypto\md\md5_one.c
+ $(CC) /Fo$(OBJ_D)\md5_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\md\md5_one.c
+
+$(OBJ_D)\sha_dgst.obj: $(SRC_D)\crypto\sha\sha_dgst.c
+ $(CC) /Fo$(OBJ_D)\sha_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_dgst.c
+
+$(OBJ_D)\sha1dgst.obj: $(SRC_D)\crypto\sha\sha1dgst.c
+ $(CC) /Fo$(OBJ_D)\sha1dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1dgst.c
+
+$(OBJ_D)\sha_one.obj: $(SRC_D)\crypto\sha\sha_one.c
+ $(CC) /Fo$(OBJ_D)\sha_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha_one.c
+
+$(OBJ_D)\sha1_one.obj: $(SRC_D)\crypto\sha\sha1_one.c
+ $(CC) /Fo$(OBJ_D)\sha1_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\sha\sha1_one.c
+
+$(OBJ_D)\mdc2dgst.obj: $(SRC_D)\crypto\mdc2\mdc2dgst.c
+ $(CC) /Fo$(OBJ_D)\mdc2dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2dgst.c
+
+$(OBJ_D)\mdc2_one.obj: $(SRC_D)\crypto\mdc2\mdc2_one.c
+ $(CC) /Fo$(OBJ_D)\mdc2_one.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\mdc2\mdc2_one.c
+
+$(OBJ_D)\set_key.obj: $(SRC_D)\crypto\des\set_key.c
+ $(CC) /Fo$(OBJ_D)\set_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\set_key.c
+
+$(OBJ_D)\ecb_enc.obj: $(SRC_D)\crypto\des\ecb_enc.c
+ $(CC) /Fo$(OBJ_D)\ecb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb_enc.c
+
+$(OBJ_D)\ede_enc.obj: $(SRC_D)\crypto\des\ede_enc.c
+ $(CC) /Fo$(OBJ_D)\ede_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ede_enc.c
+
+$(OBJ_D)\cbc_enc.obj: $(SRC_D)\crypto\des\cbc_enc.c
+ $(CC) /Fo$(OBJ_D)\cbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_enc.c
+
+$(OBJ_D)\cbc3_enc.obj: $(SRC_D)\crypto\des\cbc3_enc.c
+ $(CC) /Fo$(OBJ_D)\cbc3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc3_enc.c
+
+$(OBJ_D)\ecb3_enc.obj: $(SRC_D)\crypto\des\ecb3_enc.c
+ $(CC) /Fo$(OBJ_D)\ecb3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ecb3_enc.c
+
+$(OBJ_D)\cfb64enc.obj: $(SRC_D)\crypto\des\cfb64enc.c
+ $(CC) /Fo$(OBJ_D)\cfb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64enc.c
+
+$(OBJ_D)\cfb64ede.obj: $(SRC_D)\crypto\des\cfb64ede.c
+ $(CC) /Fo$(OBJ_D)\cfb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb64ede.c
+
+$(OBJ_D)\cfb_enc.obj: $(SRC_D)\crypto\des\cfb_enc.c
+ $(CC) /Fo$(OBJ_D)\cfb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cfb_enc.c
+
+$(OBJ_D)\ofb64ede.obj: $(SRC_D)\crypto\des\ofb64ede.c
+ $(CC) /Fo$(OBJ_D)\ofb64ede.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64ede.c
+
+$(OBJ_D)\enc_read.obj: $(SRC_D)\crypto\des\enc_read.c
+ $(CC) /Fo$(OBJ_D)\enc_read.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_read.c
+
+$(OBJ_D)\enc_writ.obj: $(SRC_D)\crypto\des\enc_writ.c
+ $(CC) /Fo$(OBJ_D)\enc_writ.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\enc_writ.c
+
+$(OBJ_D)\ncbc_enc.obj: $(SRC_D)\crypto\des\ncbc_enc.c
+ $(CC) /Fo$(OBJ_D)\ncbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ncbc_enc.c
+
+$(OBJ_D)\ofb64enc.obj: $(SRC_D)\crypto\des\ofb64enc.c
+ $(CC) /Fo$(OBJ_D)\ofb64enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb64enc.c
+
+$(OBJ_D)\ofb_enc.obj: $(SRC_D)\crypto\des\ofb_enc.c
+ $(CC) /Fo$(OBJ_D)\ofb_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\ofb_enc.c
+
+$(OBJ_D)\str2key.obj: $(SRC_D)\crypto\des\str2key.c
+ $(CC) /Fo$(OBJ_D)\str2key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\str2key.c
+
+$(OBJ_D)\pcbc_enc.obj: $(SRC_D)\crypto\des\pcbc_enc.c
+ $(CC) /Fo$(OBJ_D)\pcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\pcbc_enc.c
+
+$(OBJ_D)\qud_cksm.obj: $(SRC_D)\crypto\des\qud_cksm.c
+ $(CC) /Fo$(OBJ_D)\qud_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\qud_cksm.c
+
+$(OBJ_D)\rand_key.obj: $(SRC_D)\crypto\des\rand_key.c
+ $(CC) /Fo$(OBJ_D)\rand_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rand_key.c
+
+$(OBJ_D)\des_enc.obj: $(SRC_D)\crypto\des\des_enc.c
+ $(CC) /Fo$(OBJ_D)\des_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\des_enc.c
+
+$(OBJ_D)\fcrypt_b.obj: $(SRC_D)\crypto\des\fcrypt_b.c
+ $(CC) /Fo$(OBJ_D)\fcrypt_b.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt_b.c
+
+$(OBJ_D)\read2pwd.obj: $(SRC_D)\crypto\des\read2pwd.c
+ $(CC) /Fo$(OBJ_D)\read2pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read2pwd.c
+
+$(OBJ_D)\fcrypt.obj: $(SRC_D)\crypto\des\fcrypt.c
+ $(CC) /Fo$(OBJ_D)\fcrypt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\fcrypt.c
+
+$(OBJ_D)\xcbc_enc.obj: $(SRC_D)\crypto\des\xcbc_enc.c
+ $(CC) /Fo$(OBJ_D)\xcbc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\xcbc_enc.c
+
+$(OBJ_D)\read_pwd.obj: $(SRC_D)\crypto\des\read_pwd.c
+ $(CC) /Fo$(OBJ_D)\read_pwd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\read_pwd.c
+
+$(OBJ_D)\rpc_enc.obj: $(SRC_D)\crypto\des\rpc_enc.c
+ $(CC) /Fo$(OBJ_D)\rpc_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\rpc_enc.c
+
+$(OBJ_D)\cbc_cksm.obj: $(SRC_D)\crypto\des\cbc_cksm.c
+ $(CC) /Fo$(OBJ_D)\cbc_cksm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\cbc_cksm.c
+
+$(OBJ_D)\supp.obj: $(SRC_D)\crypto\des\supp.c
+ $(CC) /Fo$(OBJ_D)\supp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\des\supp.c
+
+$(OBJ_D)\rc4_enc.obj: $(SRC_D)\crypto\rc4\rc4_enc.c
+ $(CC) /Fo$(OBJ_D)\rc4_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc4\rc4_enc.c
+
+$(OBJ_D)\rc2_ecb.obj: $(SRC_D)\crypto\rc2\rc2_ecb.c
+ $(CC) /Fo$(OBJ_D)\rc2_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_ecb.c
+
+$(OBJ_D)\rc2_skey.obj: $(SRC_D)\crypto\rc2\rc2_skey.c
+ $(CC) /Fo$(OBJ_D)\rc2_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_skey.c
+
+$(OBJ_D)\rc2_cbc.obj: $(SRC_D)\crypto\rc2\rc2_cbc.c
+ $(CC) /Fo$(OBJ_D)\rc2_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2_cbc.c
+
+$(OBJ_D)\rc2cfb64.obj: $(SRC_D)\crypto\rc2\rc2cfb64.c
+ $(CC) /Fo$(OBJ_D)\rc2cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2cfb64.c
+
+$(OBJ_D)\rc2ofb64.obj: $(SRC_D)\crypto\rc2\rc2ofb64.c
+ $(CC) /Fo$(OBJ_D)\rc2ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rc2\rc2ofb64.c
+
+$(OBJ_D)\i_cbc.obj: $(SRC_D)\crypto\idea\i_cbc.c
+ $(CC) /Fo$(OBJ_D)\i_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cbc.c
+
+$(OBJ_D)\i_cfb64.obj: $(SRC_D)\crypto\idea\i_cfb64.c
+ $(CC) /Fo$(OBJ_D)\i_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_cfb64.c
+
+$(OBJ_D)\i_ofb64.obj: $(SRC_D)\crypto\idea\i_ofb64.c
+ $(CC) /Fo$(OBJ_D)\i_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ofb64.c
+
+$(OBJ_D)\i_ecb.obj: $(SRC_D)\crypto\idea\i_ecb.c
+ $(CC) /Fo$(OBJ_D)\i_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_ecb.c
+
+$(OBJ_D)\i_skey.obj: $(SRC_D)\crypto\idea\i_skey.c
+ $(CC) /Fo$(OBJ_D)\i_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\idea\i_skey.c
+
+$(OBJ_D)\bf_skey.obj: $(SRC_D)\crypto\bf\bf_skey.c
+ $(CC) /Fo$(OBJ_D)\bf_skey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_skey.c
+
+$(OBJ_D)\bf_ecb.obj: $(SRC_D)\crypto\bf\bf_ecb.c
+ $(CC) /Fo$(OBJ_D)\bf_ecb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ecb.c
+
+$(OBJ_D)\bf_enc.obj: $(SRC_D)\crypto\bf\bf_enc.c
+ $(CC) /Fo$(OBJ_D)\bf_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_enc.c
+
+$(OBJ_D)\bf_cbc.obj: $(SRC_D)\crypto\bf\bf_cbc.c
+ $(CC) /Fo$(OBJ_D)\bf_cbc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cbc.c
+
+$(OBJ_D)\bf_cfb64.obj: $(SRC_D)\crypto\bf\bf_cfb64.c
+ $(CC) /Fo$(OBJ_D)\bf_cfb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_cfb64.c
+
+$(OBJ_D)\bf_ofb64.obj: $(SRC_D)\crypto\bf\bf_ofb64.c
+ $(CC) /Fo$(OBJ_D)\bf_ofb64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bf\bf_ofb64.c
+
+$(OBJ_D)\bn_add.obj: $(SRC_D)\crypto\bn\bn_add.c
+ $(CC) /Fo$(OBJ_D)\bn_add.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_add.c
+
+$(OBJ_D)\bn_div.obj: $(SRC_D)\crypto\bn\bn_div.c
+ $(CC) /Fo$(OBJ_D)\bn_div.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_div.c
+
+$(OBJ_D)\bn_exp.obj: $(SRC_D)\crypto\bn\bn_exp.c
+ $(CC) /Fo$(OBJ_D)\bn_exp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_exp.c
+
+$(OBJ_D)\bn_lib.obj: $(SRC_D)\crypto\bn\bn_lib.c
+ $(CC) /Fo$(OBJ_D)\bn_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_lib.c
+
+$(OBJ_D)\bn_mod.obj: $(SRC_D)\crypto\bn\bn_mod.c
+ $(CC) /Fo$(OBJ_D)\bn_mod.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mod.c
+
+$(OBJ_D)\bn_mul.obj: $(SRC_D)\crypto\bn\bn_mul.c
+ $(CC) /Fo$(OBJ_D)\bn_mul.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mul.c
+
+$(OBJ_D)\bn_print.obj: $(SRC_D)\crypto\bn\bn_print.c
+ $(CC) /Fo$(OBJ_D)\bn_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_print.c
+
+$(OBJ_D)\bn_rand.obj: $(SRC_D)\crypto\bn\bn_rand.c
+ $(CC) /Fo$(OBJ_D)\bn_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_rand.c
+
+$(OBJ_D)\bn_shift.obj: $(SRC_D)\crypto\bn\bn_shift.c
+ $(CC) /Fo$(OBJ_D)\bn_shift.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_shift.c
+
+$(OBJ_D)\bn_sub.obj: $(SRC_D)\crypto\bn\bn_sub.c
+ $(CC) /Fo$(OBJ_D)\bn_sub.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sub.c
+
+$(OBJ_D)\bn_word.obj: $(SRC_D)\crypto\bn\bn_word.c
+ $(CC) /Fo$(OBJ_D)\bn_word.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_word.c
+
+$(OBJ_D)\bn_gcd.obj: $(SRC_D)\crypto\bn\bn_gcd.c
+ $(CC) /Fo$(OBJ_D)\bn_gcd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_gcd.c
+
+$(OBJ_D)\bn_prime.obj: $(SRC_D)\crypto\bn\bn_prime.c
+ $(CC) /Fo$(OBJ_D)\bn_prime.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_prime.c
+
+$(OBJ_D)\bn_err.obj: $(SRC_D)\crypto\bn\bn_err.c
+ $(CC) /Fo$(OBJ_D)\bn_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_err.c
+
+$(OBJ_D)\bn_sqr.obj: $(SRC_D)\crypto\bn\bn_sqr.c
+ $(CC) /Fo$(OBJ_D)\bn_sqr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_sqr.c
+
+$(OBJ_D)\bn_mulw.obj: $(SRC_D)\crypto\bn\bn_mulw.c
+ $(CC) /Fo$(OBJ_D)\bn_mulw.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mulw.c
+
+$(OBJ_D)\bn_recp.obj: $(SRC_D)\crypto\bn\bn_recp.c
+ $(CC) /Fo$(OBJ_D)\bn_recp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_recp.c
+
+$(OBJ_D)\bn_mont.obj: $(SRC_D)\crypto\bn\bn_mont.c
+ $(CC) /Fo$(OBJ_D)\bn_mont.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bn\bn_mont.c
+
+$(OBJ_D)\rsa_enc.obj: $(SRC_D)\crypto\rsa\rsa_enc.c
+ $(CC) /Fo$(OBJ_D)\rsa_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_enc.c
+
+$(OBJ_D)\rsa_gen.obj: $(SRC_D)\crypto\rsa\rsa_gen.c
+ $(CC) /Fo$(OBJ_D)\rsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_gen.c
+
+$(OBJ_D)\rsa_lib.obj: $(SRC_D)\crypto\rsa\rsa_lib.c
+ $(CC) /Fo$(OBJ_D)\rsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_lib.c
+
+$(OBJ_D)\rsa_sign.obj: $(SRC_D)\crypto\rsa\rsa_sign.c
+ $(CC) /Fo$(OBJ_D)\rsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_sign.c
+
+$(OBJ_D)\rsa_saos.obj: $(SRC_D)\crypto\rsa\rsa_saos.c
+ $(CC) /Fo$(OBJ_D)\rsa_saos.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_saos.c
+
+$(OBJ_D)\rsa_err.obj: $(SRC_D)\crypto\rsa\rsa_err.c
+ $(CC) /Fo$(OBJ_D)\rsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rsa\rsa_err.c
+
+$(OBJ_D)\dsa_gen.obj: $(SRC_D)\crypto\dsa\dsa_gen.c
+ $(CC) /Fo$(OBJ_D)\dsa_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_gen.c
+
+$(OBJ_D)\dsa_key.obj: $(SRC_D)\crypto\dsa\dsa_key.c
+ $(CC) /Fo$(OBJ_D)\dsa_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_key.c
+
+$(OBJ_D)\dsa_lib.obj: $(SRC_D)\crypto\dsa\dsa_lib.c
+ $(CC) /Fo$(OBJ_D)\dsa_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_lib.c
+
+$(OBJ_D)\dsa_vrf.obj: $(SRC_D)\crypto\dsa\dsa_vrf.c
+ $(CC) /Fo$(OBJ_D)\dsa_vrf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_vrf.c
+
+$(OBJ_D)\dsa_sign.obj: $(SRC_D)\crypto\dsa\dsa_sign.c
+ $(CC) /Fo$(OBJ_D)\dsa_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_sign.c
+
+$(OBJ_D)\dsa_err.obj: $(SRC_D)\crypto\dsa\dsa_err.c
+ $(CC) /Fo$(OBJ_D)\dsa_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dsa\dsa_err.c
+
+$(OBJ_D)\dh_gen.obj: $(SRC_D)\crypto\dh\dh_gen.c
+ $(CC) /Fo$(OBJ_D)\dh_gen.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_gen.c
+
+$(OBJ_D)\dh_key.obj: $(SRC_D)\crypto\dh\dh_key.c
+ $(CC) /Fo$(OBJ_D)\dh_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_key.c
+
+$(OBJ_D)\dh_lib.obj: $(SRC_D)\crypto\dh\dh_lib.c
+ $(CC) /Fo$(OBJ_D)\dh_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_lib.c
+
+$(OBJ_D)\dh_check.obj: $(SRC_D)\crypto\dh\dh_check.c
+ $(CC) /Fo$(OBJ_D)\dh_check.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_check.c
+
+$(OBJ_D)\dh_err.obj: $(SRC_D)\crypto\dh\dh_err.c
+ $(CC) /Fo$(OBJ_D)\dh_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\dh\dh_err.c
+
+$(OBJ_D)\buffer.obj: $(SRC_D)\crypto\buffer\buffer.c
+ $(CC) /Fo$(OBJ_D)\buffer.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buffer.c
+
+$(OBJ_D)\buf_err.obj: $(SRC_D)\crypto\buffer\buf_err.c
+ $(CC) /Fo$(OBJ_D)\buf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\buffer\buf_err.c
+
+$(OBJ_D)\bio_lib.obj: $(SRC_D)\crypto\bio\bio_lib.c
+ $(CC) /Fo$(OBJ_D)\bio_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_lib.c
+
+$(OBJ_D)\bio_cb.obj: $(SRC_D)\crypto\bio\bio_cb.c
+ $(CC) /Fo$(OBJ_D)\bio_cb.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_cb.c
+
+$(OBJ_D)\bio_err.obj: $(SRC_D)\crypto\bio\bio_err.c
+ $(CC) /Fo$(OBJ_D)\bio_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bio_err.c
+
+$(OBJ_D)\bss_mem.obj: $(SRC_D)\crypto\bio\bss_mem.c
+ $(CC) /Fo$(OBJ_D)\bss_mem.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_mem.c
+
+$(OBJ_D)\bss_null.obj: $(SRC_D)\crypto\bio\bss_null.c
+ $(CC) /Fo$(OBJ_D)\bss_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_null.c
+
+$(OBJ_D)\bss_fd.obj: $(SRC_D)\crypto\bio\bss_fd.c
+ $(CC) /Fo$(OBJ_D)\bss_fd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_fd.c
+
+$(OBJ_D)\bss_file.obj: $(SRC_D)\crypto\bio\bss_file.c
+ $(CC) /Fo$(OBJ_D)\bss_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_file.c
+
+$(OBJ_D)\bss_sock.obj: $(SRC_D)\crypto\bio\bss_sock.c
+ $(CC) /Fo$(OBJ_D)\bss_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_sock.c
+
+$(OBJ_D)\bss_conn.obj: $(SRC_D)\crypto\bio\bss_conn.c
+ $(CC) /Fo$(OBJ_D)\bss_conn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_conn.c
+
+$(OBJ_D)\bf_null.obj: $(SRC_D)\crypto\bio\bf_null.c
+ $(CC) /Fo$(OBJ_D)\bf_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_null.c
+
+$(OBJ_D)\bf_buff.obj: $(SRC_D)\crypto\bio\bf_buff.c
+ $(CC) /Fo$(OBJ_D)\bf_buff.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_buff.c
+
+$(OBJ_D)\b_print.obj: $(SRC_D)\crypto\bio\b_print.c
+ $(CC) /Fo$(OBJ_D)\b_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_print.c
+
+$(OBJ_D)\b_dump.obj: $(SRC_D)\crypto\bio\b_dump.c
+ $(CC) /Fo$(OBJ_D)\b_dump.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_dump.c
+
+$(OBJ_D)\b_sock.obj: $(SRC_D)\crypto\bio\b_sock.c
+ $(CC) /Fo$(OBJ_D)\b_sock.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\b_sock.c
+
+$(OBJ_D)\bss_acpt.obj: $(SRC_D)\crypto\bio\bss_acpt.c
+ $(CC) /Fo$(OBJ_D)\bss_acpt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bss_acpt.c
+
+$(OBJ_D)\bf_nbio.obj: $(SRC_D)\crypto\bio\bf_nbio.c
+ $(CC) /Fo$(OBJ_D)\bf_nbio.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\bio\bf_nbio.c
+
+$(OBJ_D)\stack.obj: $(SRC_D)\crypto\stack\stack.c
+ $(CC) /Fo$(OBJ_D)\stack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\stack\stack.c
+
+$(OBJ_D)\lhash.obj: $(SRC_D)\crypto\lhash\lhash.c
+ $(CC) /Fo$(OBJ_D)\lhash.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lhash.c
+
+$(OBJ_D)\lh_stats.obj: $(SRC_D)\crypto\lhash\lh_stats.c
+ $(CC) /Fo$(OBJ_D)\lh_stats.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\lhash\lh_stats.c
+
+$(OBJ_D)\md_rand.obj: $(SRC_D)\crypto\rand\md_rand.c
+ $(CC) /Fo$(OBJ_D)\md_rand.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\md_rand.c
+
+$(OBJ_D)\randfile.obj: $(SRC_D)\crypto\rand\randfile.c
+ $(CC) /Fo$(OBJ_D)\randfile.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\rand\randfile.c
+
+$(OBJ_D)\err.obj: $(SRC_D)\crypto\err\err.c
+ $(CC) /Fo$(OBJ_D)\err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err.c
+
+$(OBJ_D)\err_all.obj: $(SRC_D)\crypto\err\err_all.c
+ $(CC) /Fo$(OBJ_D)\err_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_all.c
+
+$(OBJ_D)\err_prn.obj: $(SRC_D)\crypto\err\err_prn.c
+ $(CC) /Fo$(OBJ_D)\err_prn.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\err\err_prn.c
+
+$(OBJ_D)\obj_dat.obj: $(SRC_D)\crypto\objects\obj_dat.c
+ $(CC) /Fo$(OBJ_D)\obj_dat.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_dat.c
+
+$(OBJ_D)\obj_lib.obj: $(SRC_D)\crypto\objects\obj_lib.c
+ $(CC) /Fo$(OBJ_D)\obj_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_lib.c
+
+$(OBJ_D)\obj_err.obj: $(SRC_D)\crypto\objects\obj_err.c
+ $(CC) /Fo$(OBJ_D)\obj_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\objects\obj_err.c
+
+$(OBJ_D)\encode.obj: $(SRC_D)\crypto\evp\encode.c
+ $(CC) /Fo$(OBJ_D)\encode.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\encode.c
+
+$(OBJ_D)\digest.obj: $(SRC_D)\crypto\evp\digest.c
+ $(CC) /Fo$(OBJ_D)\digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\digest.c
+
+$(OBJ_D)\evp_enc.obj: $(SRC_D)\crypto\evp\evp_enc.c
+ $(CC) /Fo$(OBJ_D)\evp_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_enc.c
+
+$(OBJ_D)\evp_key.obj: $(SRC_D)\crypto\evp\evp_key.c
+ $(CC) /Fo$(OBJ_D)\evp_key.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_key.c
+
+$(OBJ_D)\e_ecb_d.obj: $(SRC_D)\crypto\evp\e_ecb_d.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_d.c
+
+$(OBJ_D)\e_cbc_d.obj: $(SRC_D)\crypto\evp\e_cbc_d.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_d.c
+
+$(OBJ_D)\e_cfb_d.obj: $(SRC_D)\crypto\evp\e_cfb_d.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_d.c
+
+$(OBJ_D)\e_ofb_d.obj: $(SRC_D)\crypto\evp\e_ofb_d.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_d.c
+
+$(OBJ_D)\e_ecb_i.obj: $(SRC_D)\crypto\evp\e_ecb_i.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_i.c
+
+$(OBJ_D)\e_cbc_i.obj: $(SRC_D)\crypto\evp\e_cbc_i.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_i.c
+
+$(OBJ_D)\e_cfb_i.obj: $(SRC_D)\crypto\evp\e_cfb_i.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_i.c
+
+$(OBJ_D)\e_ofb_i.obj: $(SRC_D)\crypto\evp\e_ofb_i.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_i.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_i.c
+
+$(OBJ_D)\e_ecb_3d.obj: $(SRC_D)\crypto\evp\e_ecb_3d.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_3d.c
+
+$(OBJ_D)\e_cbc_3d.obj: $(SRC_D)\crypto\evp\e_cbc_3d.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_3d.c
+
+$(OBJ_D)\e_rc4.obj: $(SRC_D)\crypto\evp\e_rc4.c
+ $(CC) /Fo$(OBJ_D)\e_rc4.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_rc4.c
+
+$(OBJ_D)\names.obj: $(SRC_D)\crypto\evp\names.c
+ $(CC) /Fo$(OBJ_D)\names.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\names.c
+
+$(OBJ_D)\e_cfb_3d.obj: $(SRC_D)\crypto\evp\e_cfb_3d.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_3d.c
+
+$(OBJ_D)\e_ofb_3d.obj: $(SRC_D)\crypto\evp\e_ofb_3d.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_3d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_3d.c
+
+$(OBJ_D)\e_xcbc_d.obj: $(SRC_D)\crypto\evp\e_xcbc_d.c
+ $(CC) /Fo$(OBJ_D)\e_xcbc_d.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_xcbc_d.c
+
+$(OBJ_D)\e_ecb_r2.obj: $(SRC_D)\crypto\evp\e_ecb_r2.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_r2.c
+
+$(OBJ_D)\e_cbc_r2.obj: $(SRC_D)\crypto\evp\e_cbc_r2.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_r2.c
+
+$(OBJ_D)\e_cfb_r2.obj: $(SRC_D)\crypto\evp\e_cfb_r2.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_r2.c
+
+$(OBJ_D)\e_ofb_r2.obj: $(SRC_D)\crypto\evp\e_ofb_r2.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_r2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_r2.c
+
+$(OBJ_D)\e_ecb_bf.obj: $(SRC_D)\crypto\evp\e_ecb_bf.c
+ $(CC) /Fo$(OBJ_D)\e_ecb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ecb_bf.c
+
+$(OBJ_D)\e_cbc_bf.obj: $(SRC_D)\crypto\evp\e_cbc_bf.c
+ $(CC) /Fo$(OBJ_D)\e_cbc_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cbc_bf.c
+
+$(OBJ_D)\e_cfb_bf.obj: $(SRC_D)\crypto\evp\e_cfb_bf.c
+ $(CC) /Fo$(OBJ_D)\e_cfb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_cfb_bf.c
+
+$(OBJ_D)\e_ofb_bf.obj: $(SRC_D)\crypto\evp\e_ofb_bf.c
+ $(CC) /Fo$(OBJ_D)\e_ofb_bf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_ofb_bf.c
+
+$(OBJ_D)\m_null.obj: $(SRC_D)\crypto\evp\m_null.c
+ $(CC) /Fo$(OBJ_D)\m_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_null.c
+
+$(OBJ_D)\m_md2.obj: $(SRC_D)\crypto\evp\m_md2.c
+ $(CC) /Fo$(OBJ_D)\m_md2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md2.c
+
+$(OBJ_D)\m_md5.obj: $(SRC_D)\crypto\evp\m_md5.c
+ $(CC) /Fo$(OBJ_D)\m_md5.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_md5.c
+
+$(OBJ_D)\m_sha.obj: $(SRC_D)\crypto\evp\m_sha.c
+ $(CC) /Fo$(OBJ_D)\m_sha.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha.c
+
+$(OBJ_D)\m_sha1.obj: $(SRC_D)\crypto\evp\m_sha1.c
+ $(CC) /Fo$(OBJ_D)\m_sha1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_sha1.c
+
+$(OBJ_D)\m_dss.obj: $(SRC_D)\crypto\evp\m_dss.c
+ $(CC) /Fo$(OBJ_D)\m_dss.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss.c
+
+$(OBJ_D)\m_dss1.obj: $(SRC_D)\crypto\evp\m_dss1.c
+ $(CC) /Fo$(OBJ_D)\m_dss1.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_dss1.c
+
+$(OBJ_D)\m_mdc2.obj: $(SRC_D)\crypto\evp\m_mdc2.c
+ $(CC) /Fo$(OBJ_D)\m_mdc2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\m_mdc2.c
+
+$(OBJ_D)\p_open.obj: $(SRC_D)\crypto\evp\p_open.c
+ $(CC) /Fo$(OBJ_D)\p_open.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_open.c
+
+$(OBJ_D)\p_seal.obj: $(SRC_D)\crypto\evp\p_seal.c
+ $(CC) /Fo$(OBJ_D)\p_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_seal.c
+
+$(OBJ_D)\p_sign.obj: $(SRC_D)\crypto\evp\p_sign.c
+ $(CC) /Fo$(OBJ_D)\p_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_sign.c
+
+$(OBJ_D)\p_verify.obj: $(SRC_D)\crypto\evp\p_verify.c
+ $(CC) /Fo$(OBJ_D)\p_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_verify.c
+
+$(OBJ_D)\p_lib.obj: $(SRC_D)\crypto\evp\p_lib.c
+ $(CC) /Fo$(OBJ_D)\p_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\p_lib.c
+
+$(OBJ_D)\bio_md.obj: $(SRC_D)\crypto\evp\bio_md.c
+ $(CC) /Fo$(OBJ_D)\bio_md.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_md.c
+
+$(OBJ_D)\bio_b64.obj: $(SRC_D)\crypto\evp\bio_b64.c
+ $(CC) /Fo$(OBJ_D)\bio_b64.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_b64.c
+
+$(OBJ_D)\bio_enc.obj: $(SRC_D)\crypto\evp\bio_enc.c
+ $(CC) /Fo$(OBJ_D)\bio_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\bio_enc.c
+
+$(OBJ_D)\evp_err.obj: $(SRC_D)\crypto\evp\evp_err.c
+ $(CC) /Fo$(OBJ_D)\evp_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\evp_err.c
+
+$(OBJ_D)\e_null.obj: $(SRC_D)\crypto\evp\e_null.c
+ $(CC) /Fo$(OBJ_D)\e_null.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\e_null.c
+
+$(OBJ_D)\c_all.obj: $(SRC_D)\crypto\evp\c_all.c
+ $(CC) /Fo$(OBJ_D)\c_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\evp\c_all.c
+
+$(OBJ_D)\pem_sign.obj: $(SRC_D)\crypto\pem\pem_sign.c
+ $(CC) /Fo$(OBJ_D)\pem_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_sign.c
+
+$(OBJ_D)\pem_seal.obj: $(SRC_D)\crypto\pem\pem_seal.c
+ $(CC) /Fo$(OBJ_D)\pem_seal.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_seal.c
+
+$(OBJ_D)\pem_info.obj: $(SRC_D)\crypto\pem\pem_info.c
+ $(CC) /Fo$(OBJ_D)\pem_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_info.c
+
+$(OBJ_D)\pem_lib.obj: $(SRC_D)\crypto\pem\pem_lib.c
+ $(CC) /Fo$(OBJ_D)\pem_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_lib.c
+
+$(OBJ_D)\pem_all.obj: $(SRC_D)\crypto\pem\pem_all.c
+ $(CC) /Fo$(OBJ_D)\pem_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_all.c
+
+$(OBJ_D)\pem_err.obj: $(SRC_D)\crypto\pem\pem_err.c
+ $(CC) /Fo$(OBJ_D)\pem_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pem\pem_err.c
+
+$(OBJ_D)\a_object.obj: $(SRC_D)\crypto\asn1\a_object.c
+ $(CC) /Fo$(OBJ_D)\a_object.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_object.c
+
+$(OBJ_D)\a_bitstr.obj: $(SRC_D)\crypto\asn1\a_bitstr.c
+ $(CC) /Fo$(OBJ_D)\a_bitstr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bitstr.c
+
+$(OBJ_D)\a_utctm.obj: $(SRC_D)\crypto\asn1\a_utctm.c
+ $(CC) /Fo$(OBJ_D)\a_utctm.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_utctm.c
+
+$(OBJ_D)\a_int.obj: $(SRC_D)\crypto\asn1\a_int.c
+ $(CC) /Fo$(OBJ_D)\a_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_int.c
+
+$(OBJ_D)\a_octet.obj: $(SRC_D)\crypto\asn1\a_octet.c
+ $(CC) /Fo$(OBJ_D)\a_octet.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_octet.c
+
+$(OBJ_D)\a_print.obj: $(SRC_D)\crypto\asn1\a_print.c
+ $(CC) /Fo$(OBJ_D)\a_print.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_print.c
+
+$(OBJ_D)\a_type.obj: $(SRC_D)\crypto\asn1\a_type.c
+ $(CC) /Fo$(OBJ_D)\a_type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_type.c
+
+$(OBJ_D)\a_set.obj: $(SRC_D)\crypto\asn1\a_set.c
+ $(CC) /Fo$(OBJ_D)\a_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_set.c
+
+$(OBJ_D)\a_dup.obj: $(SRC_D)\crypto\asn1\a_dup.c
+ $(CC) /Fo$(OBJ_D)\a_dup.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_dup.c
+
+$(OBJ_D)\a_d2i_fp.obj: $(SRC_D)\crypto\asn1\a_d2i_fp.c
+ $(CC) /Fo$(OBJ_D)\a_d2i_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_d2i_fp.c
+
+$(OBJ_D)\a_i2d_fp.obj: $(SRC_D)\crypto\asn1\a_i2d_fp.c
+ $(CC) /Fo$(OBJ_D)\a_i2d_fp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_i2d_fp.c
+
+$(OBJ_D)\a_sign.obj: $(SRC_D)\crypto\asn1\a_sign.c
+ $(CC) /Fo$(OBJ_D)\a_sign.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_sign.c
+
+$(OBJ_D)\a_digest.obj: $(SRC_D)\crypto\asn1\a_digest.c
+ $(CC) /Fo$(OBJ_D)\a_digest.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_digest.c
+
+$(OBJ_D)\a_verify.obj: $(SRC_D)\crypto\asn1\a_verify.c
+ $(CC) /Fo$(OBJ_D)\a_verify.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_verify.c
+
+$(OBJ_D)\x_algor.obj: $(SRC_D)\crypto\asn1\x_algor.c
+ $(CC) /Fo$(OBJ_D)\x_algor.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_algor.c
+
+$(OBJ_D)\x_val.obj: $(SRC_D)\crypto\asn1\x_val.c
+ $(CC) /Fo$(OBJ_D)\x_val.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_val.c
+
+$(OBJ_D)\x_pubkey.obj: $(SRC_D)\crypto\asn1\x_pubkey.c
+ $(CC) /Fo$(OBJ_D)\x_pubkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pubkey.c
+
+$(OBJ_D)\x_sig.obj: $(SRC_D)\crypto\asn1\x_sig.c
+ $(CC) /Fo$(OBJ_D)\x_sig.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_sig.c
+
+$(OBJ_D)\x_req.obj: $(SRC_D)\crypto\asn1\x_req.c
+ $(CC) /Fo$(OBJ_D)\x_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_req.c
+
+$(OBJ_D)\x_attrib.obj: $(SRC_D)\crypto\asn1\x_attrib.c
+ $(CC) /Fo$(OBJ_D)\x_attrib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_attrib.c
+
+$(OBJ_D)\x_name.obj: $(SRC_D)\crypto\asn1\x_name.c
+ $(CC) /Fo$(OBJ_D)\x_name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_name.c
+
+$(OBJ_D)\x_cinf.obj: $(SRC_D)\crypto\asn1\x_cinf.c
+ $(CC) /Fo$(OBJ_D)\x_cinf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_cinf.c
+
+$(OBJ_D)\x_x509.obj: $(SRC_D)\crypto\asn1\x_x509.c
+ $(CC) /Fo$(OBJ_D)\x_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_x509.c
+
+$(OBJ_D)\x_crl.obj: $(SRC_D)\crypto\asn1\x_crl.c
+ $(CC) /Fo$(OBJ_D)\x_crl.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_crl.c
+
+$(OBJ_D)\x_info.obj: $(SRC_D)\crypto\asn1\x_info.c
+ $(CC) /Fo$(OBJ_D)\x_info.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_info.c
+
+$(OBJ_D)\x_spki.obj: $(SRC_D)\crypto\asn1\x_spki.c
+ $(CC) /Fo$(OBJ_D)\x_spki.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_spki.c
+
+$(OBJ_D)\d2i_r_pr.obj: $(SRC_D)\crypto\asn1\d2i_r_pr.c
+ $(CC) /Fo$(OBJ_D)\d2i_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pr.c
+
+$(OBJ_D)\i2d_r_pr.obj: $(SRC_D)\crypto\asn1\i2d_r_pr.c
+ $(CC) /Fo$(OBJ_D)\i2d_r_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pr.c
+
+$(OBJ_D)\d2i_r_pu.obj: $(SRC_D)\crypto\asn1\d2i_r_pu.c
+ $(CC) /Fo$(OBJ_D)\d2i_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_r_pu.c
+
+$(OBJ_D)\i2d_r_pu.obj: $(SRC_D)\crypto\asn1\i2d_r_pu.c
+ $(CC) /Fo$(OBJ_D)\i2d_r_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_r_pu.c
+
+$(OBJ_D)\d2i_s_pr.obj: $(SRC_D)\crypto\asn1\d2i_s_pr.c
+ $(CC) /Fo$(OBJ_D)\d2i_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pr.c
+
+$(OBJ_D)\i2d_s_pr.obj: $(SRC_D)\crypto\asn1\i2d_s_pr.c
+ $(CC) /Fo$(OBJ_D)\i2d_s_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pr.c
+
+$(OBJ_D)\d2i_s_pu.obj: $(SRC_D)\crypto\asn1\d2i_s_pu.c
+ $(CC) /Fo$(OBJ_D)\d2i_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_s_pu.c
+
+$(OBJ_D)\i2d_s_pu.obj: $(SRC_D)\crypto\asn1\i2d_s_pu.c
+ $(CC) /Fo$(OBJ_D)\i2d_s_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_s_pu.c
+
+$(OBJ_D)\d2i_pu.obj: $(SRC_D)\crypto\asn1\d2i_pu.c
+ $(CC) /Fo$(OBJ_D)\d2i_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pu.c
+
+$(OBJ_D)\d2i_pr.obj: $(SRC_D)\crypto\asn1\d2i_pr.c
+ $(CC) /Fo$(OBJ_D)\d2i_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_pr.c
+
+$(OBJ_D)\i2d_pu.obj: $(SRC_D)\crypto\asn1\i2d_pu.c
+ $(CC) /Fo$(OBJ_D)\i2d_pu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pu.c
+
+$(OBJ_D)\i2d_pr.obj: $(SRC_D)\crypto\asn1\i2d_pr.c
+ $(CC) /Fo$(OBJ_D)\i2d_pr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_pr.c
+
+$(OBJ_D)\t_req.obj: $(SRC_D)\crypto\asn1\t_req.c
+ $(CC) /Fo$(OBJ_D)\t_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_req.c
+
+$(OBJ_D)\t_x509.obj: $(SRC_D)\crypto\asn1\t_x509.c
+ $(CC) /Fo$(OBJ_D)\t_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_x509.c
+
+$(OBJ_D)\t_pkey.obj: $(SRC_D)\crypto\asn1\t_pkey.c
+ $(CC) /Fo$(OBJ_D)\t_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\t_pkey.c
+
+$(OBJ_D)\p7_i_s.obj: $(SRC_D)\crypto\asn1\p7_i_s.c
+ $(CC) /Fo$(OBJ_D)\p7_i_s.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_i_s.c
+
+$(OBJ_D)\p7_signi.obj: $(SRC_D)\crypto\asn1\p7_signi.c
+ $(CC) /Fo$(OBJ_D)\p7_signi.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signi.c
+
+$(OBJ_D)\p7_signd.obj: $(SRC_D)\crypto\asn1\p7_signd.c
+ $(CC) /Fo$(OBJ_D)\p7_signd.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_signd.c
+
+$(OBJ_D)\p7_recip.obj: $(SRC_D)\crypto\asn1\p7_recip.c
+ $(CC) /Fo$(OBJ_D)\p7_recip.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_recip.c
+
+$(OBJ_D)\p7_enc_c.obj: $(SRC_D)\crypto\asn1\p7_enc_c.c
+ $(CC) /Fo$(OBJ_D)\p7_enc_c.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc_c.c
+
+$(OBJ_D)\p7_evp.obj: $(SRC_D)\crypto\asn1\p7_evp.c
+ $(CC) /Fo$(OBJ_D)\p7_evp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_evp.c
+
+$(OBJ_D)\p7_dgst.obj: $(SRC_D)\crypto\asn1\p7_dgst.c
+ $(CC) /Fo$(OBJ_D)\p7_dgst.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_dgst.c
+
+$(OBJ_D)\p7_s_e.obj: $(SRC_D)\crypto\asn1\p7_s_e.c
+ $(CC) /Fo$(OBJ_D)\p7_s_e.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_s_e.c
+
+$(OBJ_D)\p7_enc.obj: $(SRC_D)\crypto\asn1\p7_enc.c
+ $(CC) /Fo$(OBJ_D)\p7_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_enc.c
+
+$(OBJ_D)\p7_lib.obj: $(SRC_D)\crypto\asn1\p7_lib.c
+ $(CC) /Fo$(OBJ_D)\p7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\p7_lib.c
+
+$(OBJ_D)\f_int.obj: $(SRC_D)\crypto\asn1\f_int.c
+ $(CC) /Fo$(OBJ_D)\f_int.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_int.c
+
+$(OBJ_D)\f_string.obj: $(SRC_D)\crypto\asn1\f_string.c
+ $(CC) /Fo$(OBJ_D)\f_string.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\f_string.c
+
+$(OBJ_D)\i2d_dhp.obj: $(SRC_D)\crypto\asn1\i2d_dhp.c
+ $(CC) /Fo$(OBJ_D)\i2d_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dhp.c
+
+$(OBJ_D)\i2d_dsap.obj: $(SRC_D)\crypto\asn1\i2d_dsap.c
+ $(CC) /Fo$(OBJ_D)\i2d_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\i2d_dsap.c
+
+$(OBJ_D)\d2i_dhp.obj: $(SRC_D)\crypto\asn1\d2i_dhp.c
+ $(CC) /Fo$(OBJ_D)\d2i_dhp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dhp.c
+
+$(OBJ_D)\d2i_dsap.obj: $(SRC_D)\crypto\asn1\d2i_dsap.c
+ $(CC) /Fo$(OBJ_D)\d2i_dsap.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\d2i_dsap.c
+
+$(OBJ_D)\n_pkey.obj: $(SRC_D)\crypto\asn1\n_pkey.c
+ $(CC) /Fo$(OBJ_D)\n_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\n_pkey.c
+
+$(OBJ_D)\a_hdr.obj: $(SRC_D)\crypto\asn1\a_hdr.c
+ $(CC) /Fo$(OBJ_D)\a_hdr.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_hdr.c
+
+$(OBJ_D)\x_pkey.obj: $(SRC_D)\crypto\asn1\x_pkey.c
+ $(CC) /Fo$(OBJ_D)\x_pkey.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_pkey.c
+
+$(OBJ_D)\a_bool.obj: $(SRC_D)\crypto\asn1\a_bool.c
+ $(CC) /Fo$(OBJ_D)\a_bool.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bool.c
+
+$(OBJ_D)\x_exten.obj: $(SRC_D)\crypto\asn1\x_exten.c
+ $(CC) /Fo$(OBJ_D)\x_exten.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\x_exten.c
+
+$(OBJ_D)\asn1_par.obj: $(SRC_D)\crypto\asn1\asn1_par.c
+ $(CC) /Fo$(OBJ_D)\asn1_par.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_par.c
+
+$(OBJ_D)\asn1_lib.obj: $(SRC_D)\crypto\asn1\asn1_lib.c
+ $(CC) /Fo$(OBJ_D)\asn1_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_lib.c
+
+$(OBJ_D)\asn1_err.obj: $(SRC_D)\crypto\asn1\asn1_err.c
+ $(CC) /Fo$(OBJ_D)\asn1_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\asn1_err.c
+
+$(OBJ_D)\a_meth.obj: $(SRC_D)\crypto\asn1\a_meth.c
+ $(CC) /Fo$(OBJ_D)\a_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_meth.c
+
+$(OBJ_D)\a_bytes.obj: $(SRC_D)\crypto\asn1\a_bytes.c
+ $(CC) /Fo$(OBJ_D)\a_bytes.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\asn1\a_bytes.c
+
+$(OBJ_D)\x509_def.obj: $(SRC_D)\crypto\x509\x509_def.c
+ $(CC) /Fo$(OBJ_D)\x509_def.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_def.c
+
+$(OBJ_D)\x509_d2.obj: $(SRC_D)\crypto\x509\x509_d2.c
+ $(CC) /Fo$(OBJ_D)\x509_d2.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_d2.c
+
+$(OBJ_D)\x509_r2x.obj: $(SRC_D)\crypto\x509\x509_r2x.c
+ $(CC) /Fo$(OBJ_D)\x509_r2x.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_r2x.c
+
+$(OBJ_D)\x509_cmp.obj: $(SRC_D)\crypto\x509\x509_cmp.c
+ $(CC) /Fo$(OBJ_D)\x509_cmp.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_cmp.c
+
+$(OBJ_D)\x509_obj.obj: $(SRC_D)\crypto\x509\x509_obj.c
+ $(CC) /Fo$(OBJ_D)\x509_obj.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_obj.c
+
+$(OBJ_D)\x509_req.obj: $(SRC_D)\crypto\x509\x509_req.c
+ $(CC) /Fo$(OBJ_D)\x509_req.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_req.c
+
+$(OBJ_D)\x509_vfy.obj: $(SRC_D)\crypto\x509\x509_vfy.c
+ $(CC) /Fo$(OBJ_D)\x509_vfy.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_vfy.c
+
+$(OBJ_D)\x509_set.obj: $(SRC_D)\crypto\x509\x509_set.c
+ $(CC) /Fo$(OBJ_D)\x509_set.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_set.c
+
+$(OBJ_D)\x509rset.obj: $(SRC_D)\crypto\x509\x509rset.c
+ $(CC) /Fo$(OBJ_D)\x509rset.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509rset.c
+
+$(OBJ_D)\x509_err.obj: $(SRC_D)\crypto\x509\x509_err.c
+ $(CC) /Fo$(OBJ_D)\x509_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_err.c
+
+$(OBJ_D)\x509name.obj: $(SRC_D)\crypto\x509\x509name.c
+ $(CC) /Fo$(OBJ_D)\x509name.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509name.c
+
+$(OBJ_D)\x509_v3.obj: $(SRC_D)\crypto\x509\x509_v3.c
+ $(CC) /Fo$(OBJ_D)\x509_v3.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_v3.c
+
+$(OBJ_D)\x509_ext.obj: $(SRC_D)\crypto\x509\x509_ext.c
+ $(CC) /Fo$(OBJ_D)\x509_ext.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_ext.c
+
+$(OBJ_D)\x509pack.obj: $(SRC_D)\crypto\x509\x509pack.c
+ $(CC) /Fo$(OBJ_D)\x509pack.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509pack.c
+
+$(OBJ_D)\x509type.obj: $(SRC_D)\crypto\x509\x509type.c
+ $(CC) /Fo$(OBJ_D)\x509type.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509type.c
+
+$(OBJ_D)\x509_lu.obj: $(SRC_D)\crypto\x509\x509_lu.c
+ $(CC) /Fo$(OBJ_D)\x509_lu.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_lu.c
+
+$(OBJ_D)\x_all.obj: $(SRC_D)\crypto\x509\x_all.c
+ $(CC) /Fo$(OBJ_D)\x_all.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x_all.c
+
+$(OBJ_D)\x509_txt.obj: $(SRC_D)\crypto\x509\x509_txt.c
+ $(CC) /Fo$(OBJ_D)\x509_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\x509_txt.c
+
+$(OBJ_D)\by_file.obj: $(SRC_D)\crypto\x509\by_file.c
+ $(CC) /Fo$(OBJ_D)\by_file.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_file.c
+
+$(OBJ_D)\by_dir.obj: $(SRC_D)\crypto\x509\by_dir.c
+ $(CC) /Fo$(OBJ_D)\by_dir.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\by_dir.c
+
+$(OBJ_D)\v3_net.obj: $(SRC_D)\crypto\x509\v3_net.c
+ $(CC) /Fo$(OBJ_D)\v3_net.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_net.c
+
+$(OBJ_D)\v3_x509.obj: $(SRC_D)\crypto\x509\v3_x509.c
+ $(CC) /Fo$(OBJ_D)\v3_x509.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\x509\v3_x509.c
+
+$(OBJ_D)\conf.obj: $(SRC_D)\crypto\conf\conf.c
+ $(CC) /Fo$(OBJ_D)\conf.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf.c
+
+$(OBJ_D)\conf_err.obj: $(SRC_D)\crypto\conf\conf_err.c
+ $(CC) /Fo$(OBJ_D)\conf_err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\conf\conf_err.c
+
+$(OBJ_D)\txt_db.obj: $(SRC_D)\crypto\txt_db\txt_db.c
+ $(CC) /Fo$(OBJ_D)\txt_db.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\txt_db\txt_db.c
+
+$(OBJ_D)\pk7_lib.obj: $(SRC_D)\crypto\pkcs7\pk7_lib.c
+ $(CC) /Fo$(OBJ_D)\pk7_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_lib.c
+
+$(OBJ_D)\pkcs7err.obj: $(SRC_D)\crypto\pkcs7\pkcs7err.c
+ $(CC) /Fo$(OBJ_D)\pkcs7err.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pkcs7err.c
+
+$(OBJ_D)\pk7_doit.obj: $(SRC_D)\crypto\pkcs7\pk7_doit.c
+ $(CC) /Fo$(OBJ_D)\pk7_doit.obj $(LIB_CFLAGS) -c $(SRC_D)\crypto\pkcs7\pk7_doit.c
+
+$(OBJ_D)\s2_meth.obj: $(SRC_D)\ssl\s2_meth.c
+ $(CC) /Fo$(OBJ_D)\s2_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_meth.c
+
+$(OBJ_D)\s2_srvr.obj: $(SRC_D)\ssl\s2_srvr.c
+ $(CC) /Fo$(OBJ_D)\s2_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_srvr.c
+
+$(OBJ_D)\s2_clnt.obj: $(SRC_D)\ssl\s2_clnt.c
+ $(CC) /Fo$(OBJ_D)\s2_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_clnt.c
+
+$(OBJ_D)\s2_lib.obj: $(SRC_D)\ssl\s2_lib.c
+ $(CC) /Fo$(OBJ_D)\s2_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_lib.c
+
+$(OBJ_D)\s2_pkt.obj: $(SRC_D)\ssl\s2_pkt.c
+ $(CC) /Fo$(OBJ_D)\s2_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_pkt.c
+
+$(OBJ_D)\s2_enc.obj: $(SRC_D)\ssl\s2_enc.c
+ $(CC) /Fo$(OBJ_D)\s2_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s2_enc.c
+
+$(OBJ_D)\s3_meth.obj: $(SRC_D)\ssl\s3_meth.c
+ $(CC) /Fo$(OBJ_D)\s3_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_meth.c
+
+$(OBJ_D)\s3_srvr.obj: $(SRC_D)\ssl\s3_srvr.c
+ $(CC) /Fo$(OBJ_D)\s3_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_srvr.c
+
+$(OBJ_D)\s3_clnt.obj: $(SRC_D)\ssl\s3_clnt.c
+ $(CC) /Fo$(OBJ_D)\s3_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_clnt.c
+
+$(OBJ_D)\s3_lib.obj: $(SRC_D)\ssl\s3_lib.c
+ $(CC) /Fo$(OBJ_D)\s3_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_lib.c
+
+$(OBJ_D)\s3_pkt.obj: $(SRC_D)\ssl\s3_pkt.c
+ $(CC) /Fo$(OBJ_D)\s3_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_pkt.c
+
+$(OBJ_D)\s3_enc.obj: $(SRC_D)\ssl\s3_enc.c
+ $(CC) /Fo$(OBJ_D)\s3_enc.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_enc.c
+
+$(OBJ_D)\s3_both.obj: $(SRC_D)\ssl\s3_both.c
+ $(CC) /Fo$(OBJ_D)\s3_both.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s3_both.c
+
+$(OBJ_D)\s23_meth.obj: $(SRC_D)\ssl\s23_meth.c
+ $(CC) /Fo$(OBJ_D)\s23_meth.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_meth.c
+
+$(OBJ_D)\s23_srvr.obj: $(SRC_D)\ssl\s23_srvr.c
+ $(CC) /Fo$(OBJ_D)\s23_srvr.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_srvr.c
+
+$(OBJ_D)\s23_clnt.obj: $(SRC_D)\ssl\s23_clnt.c
+ $(CC) /Fo$(OBJ_D)\s23_clnt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_clnt.c
+
+$(OBJ_D)\s23_lib.obj: $(SRC_D)\ssl\s23_lib.c
+ $(CC) /Fo$(OBJ_D)\s23_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_lib.c
+
+$(OBJ_D)\s23_pkt.obj: $(SRC_D)\ssl\s23_pkt.c
+ $(CC) /Fo$(OBJ_D)\s23_pkt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\s23_pkt.c
+
+$(OBJ_D)\ssl_lib.obj: $(SRC_D)\ssl\ssl_lib.c
+ $(CC) /Fo$(OBJ_D)\ssl_lib.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_lib.c
+
+$(OBJ_D)\ssl_err2.obj: $(SRC_D)\ssl\ssl_err2.c
+ $(CC) /Fo$(OBJ_D)\ssl_err2.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err2.c
+
+$(OBJ_D)\ssl_cert.obj: $(SRC_D)\ssl\ssl_cert.c
+ $(CC) /Fo$(OBJ_D)\ssl_cert.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_cert.c
+
+$(OBJ_D)\ssl_sess.obj: $(SRC_D)\ssl\ssl_sess.c
+ $(CC) /Fo$(OBJ_D)\ssl_sess.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_sess.c
+
+$(OBJ_D)\ssl_ciph.obj: $(SRC_D)\ssl\ssl_ciph.c
+ $(CC) /Fo$(OBJ_D)\ssl_ciph.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_ciph.c
+
+$(OBJ_D)\ssl_stat.obj: $(SRC_D)\ssl\ssl_stat.c
+ $(CC) /Fo$(OBJ_D)\ssl_stat.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_stat.c
+
+$(OBJ_D)\ssl_rsa.obj: $(SRC_D)\ssl\ssl_rsa.c
+ $(CC) /Fo$(OBJ_D)\ssl_rsa.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_rsa.c
+
+$(OBJ_D)\ssl_asn1.obj: $(SRC_D)\ssl\ssl_asn1.c
+ $(CC) /Fo$(OBJ_D)\ssl_asn1.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_asn1.c
+
+$(OBJ_D)\ssl_txt.obj: $(SRC_D)\ssl\ssl_txt.c
+ $(CC) /Fo$(OBJ_D)\ssl_txt.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_txt.c
+
+$(OBJ_D)\ssl_algs.obj: $(SRC_D)\ssl\ssl_algs.c
+ $(CC) /Fo$(OBJ_D)\ssl_algs.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_algs.c
+
+$(OBJ_D)\bio_ssl.obj: $(SRC_D)\ssl\bio_ssl.c
+ $(CC) /Fo$(OBJ_D)\bio_ssl.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\bio_ssl.c
+
+$(OBJ_D)\ssl_err.obj: $(SRC_D)\ssl\ssl_err.c
+ $(CC) /Fo$(OBJ_D)\ssl_err.obj $(LIB_CFLAGS) -c $(SRC_D)\ssl\ssl_err.c
+
+$(OBJ_D)\rsaref.obj: $(SRC_D)\rsaref\rsaref.c
+ $(CC) /Fo$(OBJ_D)\rsaref.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsaref.c
+
+$(OBJ_D)\rsar_err.obj: $(SRC_D)\rsaref\rsar_err.c
+ $(CC) /Fo$(OBJ_D)\rsar_err.obj $(LIB_CFLAGS) -c $(SRC_D)\rsaref\rsar_err.c
+
+$(TEST_D)\md2test.exe: $(OBJ_D)\md2test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\md2test.obj
+ $(TEST_D)\md2test.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\md5test.exe: $(OBJ_D)\md5test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\md5test.obj
+ $(TEST_D)\md5test.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\shatest.exe: $(OBJ_D)\shatest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\shatest.obj
+ $(TEST_D)\shatest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\sha1test.exe: $(OBJ_D)\sha1test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\sha1test.obj
+ $(TEST_D)\sha1test.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\mdc2test.exe: $(OBJ_D)\mdc2test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\mdc2test.obj
+ $(TEST_D)\mdc2test.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\destest.exe: $(OBJ_D)\destest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\destest.obj
+ $(TEST_D)\destest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\rc4test.exe: $(OBJ_D)\rc4test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\rc4test.obj
+ $(TEST_D)\rc4test.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\rc2test.exe: $(OBJ_D)\rc2test.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\rc2test.obj
+ $(TEST_D)\rc2test.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\ideatest.exe: $(OBJ_D)\ideatest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\ideatest.obj
+ $(TEST_D)\ideatest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\bftest.exe: $(OBJ_D)\bftest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\bftest.obj
+ $(TEST_D)\bftest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\bntest.exe: $(OBJ_D)\bntest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\bntest.obj
+ $(TEST_D)\bntest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\exptest.exe: $(OBJ_D)\exptest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\exptest.obj
+ $(TEST_D)\exptest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\dsatest.exe: $(OBJ_D)\dsatest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\dsatest.obj
+ $(TEST_D)\dsatest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\dhtest.exe: $(OBJ_D)\dhtest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\dhtest.obj
+ $(TEST_D)\dhtest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\randtest.exe: $(OBJ_D)\randtest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\randtest.obj
+ $(TEST_D)\randtest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(TEST_D)\ssltest.exe: $(OBJ_D)\ssltest.obj $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) $(OBJ_D)\ssltest.obj
+ $(TEST_D)\ssltest.exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
+$(O_SSL): $(SSLOBJ)
+ $(LINK) $(MLFLAGS) @<<
+ $(SHLIB_EX_OBJ) +
+ $(OBJ_D)\bio_ssl.obj +
+ $(OBJ_D)\s23_clnt.obj +
+ $(OBJ_D)\s23_lib.obj +
+ $(OBJ_D)\s23_meth.obj +
+ $(OBJ_D)\s23_pkt.obj +
+ $(OBJ_D)\s23_srvr.obj +
+ $(OBJ_D)\s2_clnt.obj +
+ $(OBJ_D)\s2_enc.obj +
+ $(OBJ_D)\s2_lib.obj +
+ $(OBJ_D)\s2_meth.obj +
+ $(OBJ_D)\s2_pkt.obj +
+ $(OBJ_D)\s2_srvr.obj +
+ $(OBJ_D)\s3_both.obj +
+ $(OBJ_D)\s3_clnt.obj +
+ $(OBJ_D)\s3_enc.obj +
+ $(OBJ_D)\s3_lib.obj +
+ $(OBJ_D)\s3_meth.obj +
+ $(OBJ_D)\s3_pkt.obj +
+ $(OBJ_D)\s3_srvr.obj +
+ $(OBJ_D)\ssl_algs.obj +
+ $(OBJ_D)\ssl_asn1.obj +
+ $(OBJ_D)\ssl_cert.obj +
+ $(OBJ_D)\ssl_ciph.obj +
+ $(OBJ_D)\ssl_err.obj +
+ $(OBJ_D)\ssl_err2.obj +
+ $(OBJ_D)\ssl_lib.obj +
+ $(OBJ_D)\ssl_rsa.obj +
+ $(OBJ_D)\ssl_sess.obj +
+ $(OBJ_D)\ssl_stat.obj +
+ $(OBJ_D)\ssl_txt.obj +
+
+ $(O_SSL)
+
+ $(L_CRYPTO) winsock oldnames ldllcew libw
+ms\ssleay16.def;
+<<
+ implib /noignorecase /nowep $(L_SSL) $(O_SSL)
+
+$(O_RSAGLUE): $(RSAGLUEOBJ)
+ del $(O_RSAGLUE)
+ $(MKLIB) @<<
+$(O_RSAGLUE)
+y
++$(OBJ_D)\rsar_err.obj &
++$(OBJ_D)\rsaref.obj &
+
+
+<<
+
+$(O_CRYPTO): $(CRYPTOOBJ)
+ $(LINK) $(MLFLAGS) @<<
+ $(SHLIB_EX_OBJ) +
+ $(BN_MULW_OBJ) +
+ $(OBJ_D)\a_bitstr.obj +
+ $(OBJ_D)\a_bool.obj +
+ $(OBJ_D)\a_bytes.obj +
+ $(OBJ_D)\a_d2i_fp.obj +
+ $(OBJ_D)\a_digest.obj +
+ $(OBJ_D)\a_dup.obj +
+ $(OBJ_D)\a_hdr.obj +
+ $(OBJ_D)\a_i2d_fp.obj +
+ $(OBJ_D)\a_int.obj +
+ $(OBJ_D)\a_meth.obj +
+ $(OBJ_D)\a_object.obj +
+ $(OBJ_D)\a_octet.obj +
+ $(OBJ_D)\a_print.obj +
+ $(OBJ_D)\a_set.obj +
+ $(OBJ_D)\a_sign.obj +
+ $(OBJ_D)\a_type.obj +
+ $(OBJ_D)\a_utctm.obj +
+ $(OBJ_D)\a_verify.obj +
+ $(OBJ_D)\asn1_err.obj +
+ $(OBJ_D)\asn1_lib.obj +
+ $(OBJ_D)\asn1_par.obj +
+ $(OBJ_D)\b_dump.obj +
+ $(OBJ_D)\b_print.obj +
+ $(OBJ_D)\b_sock.obj +
+ $(OBJ_D)\bf_buff.obj +
+ $(OBJ_D)\bf_cbc.obj +
+ $(OBJ_D)\bf_cfb64.obj +
+ $(OBJ_D)\bf_ecb.obj +
+ $(OBJ_D)\bf_enc.obj +
+ $(OBJ_D)\bf_nbio.obj +
+ $(OBJ_D)\bf_null.obj +
+ $(OBJ_D)\bf_ofb64.obj +
+ $(OBJ_D)\bf_skey.obj +
+ $(OBJ_D)\bio_b64.obj +
+ $(OBJ_D)\bio_cb.obj +
+ $(OBJ_D)\bio_enc.obj +
+ $(OBJ_D)\bio_err.obj +
+ $(OBJ_D)\bio_lib.obj +
+ $(OBJ_D)\bio_md.obj +
+ $(OBJ_D)\bn_add.obj +
+ $(OBJ_D)\bn_div.obj +
+ $(OBJ_D)\bn_err.obj +
+ $(OBJ_D)\bn_exp.obj +
+ $(OBJ_D)\bn_gcd.obj +
+ $(OBJ_D)\bn_lib.obj +
+ $(OBJ_D)\bn_mod.obj +
+ $(OBJ_D)\bn_mont.obj +
+ $(OBJ_D)\bn_mul.obj +
+ $(OBJ_D)\bn_prime.obj +
+ $(OBJ_D)\bn_print.obj +
+ $(OBJ_D)\bn_rand.obj +
+ $(OBJ_D)\bn_recp.obj +
+ $(OBJ_D)\bn_shift.obj +
+ $(OBJ_D)\bn_sqr.obj +
+ $(OBJ_D)\bn_sub.obj +
+ $(OBJ_D)\bn_word.obj +
+ $(OBJ_D)\bss_acpt.obj +
+ $(OBJ_D)\bss_conn.obj +
+ $(OBJ_D)\bss_fd.obj +
+ $(OBJ_D)\bss_file.obj +
+ $(OBJ_D)\bss_mem.obj +
+ $(OBJ_D)\bss_null.obj +
+ $(OBJ_D)\bss_sock.obj +
+ $(OBJ_D)\buf_err.obj +
+ $(OBJ_D)\buffer.obj +
+ $(OBJ_D)\by_dir.obj +
+ $(OBJ_D)\by_file.obj +
+ $(OBJ_D)\c_all.obj +
+ $(OBJ_D)\cbc3_enc.obj +
+ $(OBJ_D)\cbc_cksm.obj +
+ $(OBJ_D)\cbc_enc.obj +
+ $(OBJ_D)\cfb64ede.obj +
+ $(OBJ_D)\cfb64enc.obj +
+ $(OBJ_D)\cfb_enc.obj +
+ $(OBJ_D)\conf.obj +
+ $(OBJ_D)\conf_err.obj +
+ $(OBJ_D)\cryptlib.obj +
+ $(OBJ_D)\cversion.obj +
+ $(OBJ_D)\d2i_dhp.obj +
+ $(OBJ_D)\d2i_dsap.obj +
+ $(OBJ_D)\d2i_pr.obj +
+ $(OBJ_D)\d2i_pu.obj +
+ $(OBJ_D)\d2i_r_pr.obj +
+ $(OBJ_D)\d2i_r_pu.obj +
+ $(OBJ_D)\d2i_s_pr.obj +
+ $(OBJ_D)\d2i_s_pu.obj +
+ $(OBJ_D)\des_enc.obj +
+ $(OBJ_D)\dh_check.obj +
+ $(OBJ_D)\dh_err.obj +
+ $(OBJ_D)\dh_gen.obj +
+ $(OBJ_D)\dh_key.obj +
+ $(OBJ_D)\dh_lib.obj +
+ $(OBJ_D)\digest.obj +
+ $(OBJ_D)\dsa_err.obj +
+ $(OBJ_D)\dsa_gen.obj +
+ $(OBJ_D)\dsa_key.obj +
+ $(OBJ_D)\dsa_lib.obj +
+ $(OBJ_D)\dsa_sign.obj +
+ $(OBJ_D)\dsa_vrf.obj +
+ $(OBJ_D)\e_cbc_3d.obj +
+ $(OBJ_D)\e_cbc_bf.obj +
+ $(OBJ_D)\e_cbc_d.obj +
+ $(OBJ_D)\e_cbc_i.obj +
+ $(OBJ_D)\e_cbc_r2.obj +
+ $(OBJ_D)\e_cfb_3d.obj +
+ $(OBJ_D)\e_cfb_bf.obj +
+ $(OBJ_D)\e_cfb_d.obj +
+ $(OBJ_D)\e_cfb_i.obj +
+ $(OBJ_D)\e_cfb_r2.obj +
+ $(OBJ_D)\e_ecb_3d.obj +
+ $(OBJ_D)\e_ecb_bf.obj +
+ $(OBJ_D)\e_ecb_d.obj +
+ $(OBJ_D)\e_ecb_i.obj +
+ $(OBJ_D)\e_ecb_r2.obj +
+ $(OBJ_D)\e_null.obj +
+ $(OBJ_D)\e_ofb_3d.obj +
+ $(OBJ_D)\e_ofb_bf.obj +
+ $(OBJ_D)\e_ofb_d.obj +
+ $(OBJ_D)\e_ofb_i.obj +
+ $(OBJ_D)\e_ofb_r2.obj +
+ $(OBJ_D)\e_rc4.obj +
+ $(OBJ_D)\e_xcbc_d.obj +
+ $(OBJ_D)\ecb3_enc.obj +
+ $(OBJ_D)\ecb_enc.obj +
+ $(OBJ_D)\ede_enc.obj +
+ $(OBJ_D)\enc_read.obj +
+ $(OBJ_D)\enc_writ.obj +
+ $(OBJ_D)\encode.obj +
+ $(OBJ_D)\err.obj +
+ $(OBJ_D)\err_all.obj +
+ $(OBJ_D)\err_prn.obj +
+ $(OBJ_D)\evp_enc.obj +
+ $(OBJ_D)\evp_err.obj +
+ $(OBJ_D)\evp_key.obj +
+ $(OBJ_D)\f_int.obj +
+ $(OBJ_D)\f_string.obj +
+ $(OBJ_D)\fcrypt.obj +
+ $(OBJ_D)\fcrypt_b.obj +
+ $(OBJ_D)\i2d_dhp.obj +
+ $(OBJ_D)\i2d_dsap.obj +
+ $(OBJ_D)\i2d_pr.obj +
+ $(OBJ_D)\i2d_pu.obj +
+ $(OBJ_D)\i2d_r_pr.obj +
+ $(OBJ_D)\i2d_r_pu.obj +
+ $(OBJ_D)\i2d_s_pr.obj +
+ $(OBJ_D)\i2d_s_pu.obj +
+ $(OBJ_D)\i_cbc.obj +
+ $(OBJ_D)\i_cfb64.obj +
+ $(OBJ_D)\i_ecb.obj +
+ $(OBJ_D)\i_ofb64.obj +
+ $(OBJ_D)\i_skey.obj +
+ $(OBJ_D)\lh_stats.obj +
+ $(OBJ_D)\lhash.obj +
+ $(OBJ_D)\m_dss.obj +
+ $(OBJ_D)\m_dss1.obj +
+ $(OBJ_D)\m_md2.obj +
+ $(OBJ_D)\m_md5.obj +
+ $(OBJ_D)\m_mdc2.obj +
+ $(OBJ_D)\m_null.obj +
+ $(OBJ_D)\m_sha.obj +
+ $(OBJ_D)\m_sha1.obj +
+ $(OBJ_D)\md2_dgst.obj +
+ $(OBJ_D)\md2_one.obj +
+ $(OBJ_D)\md5_dgst.obj +
+ $(OBJ_D)\md5_one.obj +
+ $(OBJ_D)\md_rand.obj +
+ $(OBJ_D)\mdc2_one.obj +
+ $(OBJ_D)\mdc2dgst.obj +
+ $(OBJ_D)\mem.obj +
+ $(OBJ_D)\n_pkey.obj +
+ $(OBJ_D)\names.obj +
+ $(OBJ_D)\ncbc_enc.obj +
+ $(OBJ_D)\obj_dat.obj +
+ $(OBJ_D)\obj_err.obj +
+ $(OBJ_D)\obj_lib.obj +
+ $(OBJ_D)\ofb64ede.obj +
+ $(OBJ_D)\ofb64enc.obj +
+ $(OBJ_D)\ofb_enc.obj +
+ $(OBJ_D)\p7_dgst.obj +
+ $(OBJ_D)\p7_enc.obj +
+ $(OBJ_D)\p7_enc_c.obj +
+ $(OBJ_D)\p7_evp.obj +
+ $(OBJ_D)\p7_i_s.obj +
+ $(OBJ_D)\p7_lib.obj +
+ $(OBJ_D)\p7_recip.obj +
+ $(OBJ_D)\p7_s_e.obj +
+ $(OBJ_D)\p7_signd.obj +
+ $(OBJ_D)\p7_signi.obj +
+ $(OBJ_D)\p_lib.obj +
+ $(OBJ_D)\p_open.obj +
+ $(OBJ_D)\p_seal.obj +
+ $(OBJ_D)\p_sign.obj +
+ $(OBJ_D)\p_verify.obj +
+ $(OBJ_D)\pcbc_enc.obj +
+ $(OBJ_D)\pem_all.obj +
+ $(OBJ_D)\pem_err.obj +
+ $(OBJ_D)\pem_info.obj +
+ $(OBJ_D)\pem_lib.obj +
+ $(OBJ_D)\pem_seal.obj +
+ $(OBJ_D)\pem_sign.obj +
+ $(OBJ_D)\pk7_doit.obj +
+ $(OBJ_D)\pk7_lib.obj +
+ $(OBJ_D)\pkcs7err.obj +
+ $(OBJ_D)\qud_cksm.obj +
+ $(OBJ_D)\rand_key.obj +
+ $(OBJ_D)\randfile.obj +
+ $(OBJ_D)\rc2_cbc.obj +
+ $(OBJ_D)\rc2_ecb.obj +
+ $(OBJ_D)\rc2_skey.obj +
+ $(OBJ_D)\rc2cfb64.obj +
+ $(OBJ_D)\rc2ofb64.obj +
+ $(OBJ_D)\rc4_enc.obj +
+ $(OBJ_D)\read2pwd.obj +
+ $(OBJ_D)\read_pwd.obj +
+ $(OBJ_D)\rpc_enc.obj +
+ $(OBJ_D)\rsa_enc.obj +
+ $(OBJ_D)\rsa_err.obj +
+ $(OBJ_D)\rsa_gen.obj +
+ $(OBJ_D)\rsa_lib.obj +
+ $(OBJ_D)\rsa_saos.obj +
+ $(OBJ_D)\rsa_sign.obj +
+ $(OBJ_D)\set_key.obj +
+ $(OBJ_D)\sha1_one.obj +
+ $(OBJ_D)\sha1dgst.obj +
+ $(OBJ_D)\sha_dgst.obj +
+ $(OBJ_D)\sha_one.obj +
+ $(OBJ_D)\stack.obj +
+ $(OBJ_D)\str2key.obj +
+ $(OBJ_D)\supp.obj +
+ $(OBJ_D)\t_pkey.obj +
+ $(OBJ_D)\t_req.obj +
+ $(OBJ_D)\t_x509.obj +
+ $(OBJ_D)\txt_db.obj +
+ $(OBJ_D)\v3_net.obj +
+ $(OBJ_D)\v3_x509.obj +
+ $(OBJ_D)\x509_cmp.obj +
+ $(OBJ_D)\x509_d2.obj +
+ $(OBJ_D)\x509_def.obj +
+ $(OBJ_D)\x509_err.obj +
+ $(OBJ_D)\x509_ext.obj +
+ $(OBJ_D)\x509_lu.obj +
+ $(OBJ_D)\x509_obj.obj +
+ $(OBJ_D)\x509_r2x.obj +
+ $(OBJ_D)\x509_req.obj +
+ $(OBJ_D)\x509_set.obj +
+ $(OBJ_D)\x509_txt.obj +
+ $(OBJ_D)\x509_v3.obj +
+ $(OBJ_D)\x509_vfy.obj +
+ $(OBJ_D)\x509name.obj +
+ $(OBJ_D)\x509pack.obj +
+ $(OBJ_D)\x509rset.obj +
+ $(OBJ_D)\x509type.obj +
+ $(OBJ_D)\x_algor.obj +
+ $(OBJ_D)\x_all.obj +
+ $(OBJ_D)\x_attrib.obj +
+ $(OBJ_D)\x_cinf.obj +
+ $(OBJ_D)\x_crl.obj +
+ $(OBJ_D)\x_exten.obj +
+ $(OBJ_D)\x_info.obj +
+ $(OBJ_D)\x_name.obj +
+ $(OBJ_D)\x_pkey.obj +
+ $(OBJ_D)\x_pubkey.obj +
+ $(OBJ_D)\x_req.obj +
+ $(OBJ_D)\x_sig.obj +
+ $(OBJ_D)\x_spki.obj +
+ $(OBJ_D)\x_val.obj +
+ $(OBJ_D)\x_x509.obj +
+ $(OBJ_D)\xcbc_enc.obj +
+
+ $(O_CRYPTO)
+
+ winsock oldnames ldllcew libw
+ms\libeay16.def;
+<<
+ implib /noignorecase /nowep $(L_CRYPTO) $(O_CRYPTO)
+
+$(BIN_D)\$(E_EXE).exe: $(E_OBJ) $(LIBS_DEP)
+ $(LINK) $(LFLAGS) @<<
+ $(APP_EX_OBJ) +
+ $(OBJ_D)\apps.obj +
+ $(OBJ_D)\asn1pars.obj +
+ $(OBJ_D)\ca.obj +
+ $(OBJ_D)\ciphers.obj +
+ $(OBJ_D)\crl.obj +
+ $(OBJ_D)\crl2p7.obj +
+ $(OBJ_D)\dgst.obj +
+ $(OBJ_D)\dh.obj +
+ $(OBJ_D)\dsa.obj +
+ $(OBJ_D)\dsaparam.obj +
+ $(OBJ_D)\enc.obj +
+ $(OBJ_D)\errstr.obj +
+ $(OBJ_D)\gendh.obj +
+ $(OBJ_D)\gendsa.obj +
+ $(OBJ_D)\genrsa.obj +
+ $(OBJ_D)\pkcs7.obj +
+ $(OBJ_D)\req.obj +
+ $(OBJ_D)\rsa.obj +
+ $(OBJ_D)\s_cb.obj +
+ $(OBJ_D)\s_client.obj +
+ $(OBJ_D)\s_server.obj +
+ $(OBJ_D)\s_socket.obj +
+ $(OBJ_D)\s_time.obj +
+ $(OBJ_D)\sess_id.obj +
+ $(OBJ_D)\speed.obj +
+ $(OBJ_D)\ssleay.obj +
+ $(OBJ_D)\verify.obj +
+ $(OBJ_D)\version.obj +
+ $(OBJ_D)\x509.obj +
+
+ $(BIN_D)\$(E_EXE).exe
+
+ $(L_LIBS) $(EX_LIBS)
+
+<<
+
diff --git a/mt/README b/mt/README
new file mode 100644
index 0000000..fc933c3
--- /dev/null
+++ b/mt/README
@@ -0,0 +1,10 @@
+Mutithreading testing area.
+
+Since this stuff is very very platorm specific, this is not part of the
+normal build. Have a read of doc/threads.doc.
+
+mttest will do some testing and will currently build under Windows NT/95
+and solaris. The IRIX stuff is not finished.
+
+I have tested this program on a 12 CPU ultra sparc box (solaris 2.5.1)
+and things seem to work ok.
diff --git a/mt/mttest.c b/mt/mttest.c
new file mode 100644
index 0000000..3a927a2
--- /dev/null
+++ b/mt/mttest.c
@@ -0,0 +1,1005 @@
+/* mt/mttest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef LINUX
+#include <typedefs.h>
+#endif
+#ifdef WIN32
+#include <windows.h>
+#endif
+#ifdef SOLARIS
+#include <synch.h>
+#include <thread.h>
+#endif
+#ifdef IRIX
+#include <ulocks.h>
+#include <sys/prctl.h>
+#endif
+#include "lhash.h"
+#include "crypto.h"
+#include "buffer.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifdef WIN16
+#define APPS_WIN16
+#include "../crypto/buffer/bss_file.c"
+#endif
+
+#define TEST_SERVER_CERT "../apps/server.pem"
+#define TEST_CLIENT_CERT "../apps/client.pem"
+
+#define MAX_THREAD_NUMBER 100
+
+#ifndef NOPROTO
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+ int error,char *arg);
+void thread_setup(void);
+void thread_cleanup(void);
+void do_threads(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+void irix_locking_callback(int mode,int type,char *file,int line);
+void solaris_locking_callback(int mode,int type,char *file,int line);
+void win32_locking_callback(int mode,int type,char *file,int line);
+void linux_locking_callback(int mode,int type,char *file,int line);
+unsigned long irix_thread_id(void );
+unsigned long solaris_thread_id(void );
+unsigned long linix_thread_id(void );
+#else
+int MS_CALLBACK verify_callback();
+void thread_setup();
+void thread_cleanup();
+void do_threads();
+void irix_locking_callback();
+void solaris_locking_callback();
+void win32_locking_callback();
+void linux_locking_callback();
+unsigned long irix_thread_id();
+unsigned long solaris_thread_id();
+unsigned long linix_thread_id();
+#endif
+
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+
+static char *cipher=NULL;
+int verbose=0;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+
+int thread_number=10;
+int number_of_loops=10;
+int reconnect=0;
+int cache_stats=0;
+
+#ifndef NOPROTO
+int doit(char *ctx[4]);
+#else
+int doit();
+#endif
+
+static void print_stats(fp,ctx)
+FILE *fp;
+SSL_CTX *ctx;
+{
+ fprintf(fp,"%4ld items in the session cache\n",
+ SSL_CTX_sess_number(ctx));
+ fprintf(fp,"%4d client connects (SSL_connect())\n",
+ SSL_CTX_sess_connect(ctx));
+ fprintf(fp,"%4d client connects that finished\n",
+ SSL_CTX_sess_connect_good(ctx));
+ fprintf(fp,"%4d server connects (SSL_accept())\n",
+ SSL_CTX_sess_accept(ctx));
+ fprintf(fp,"%4d server connects that finished\n",
+ SSL_CTX_sess_accept_good(ctx));
+ fprintf(fp,"%4d session cache hits\n",SSL_CTX_sess_hits(ctx));
+ fprintf(fp,"%4d session cache misses\n",SSL_CTX_sess_misses(ctx));
+ fprintf(fp,"%4d session cache timeouts\n",SSL_CTX_sess_timeouts(ctx));
+ }
+
+static void sv_usage()
+ {
+ fprintf(stderr,"usage: ssltest [args ...]\n");
+ fprintf(stderr,"\n");
+ fprintf(stderr," -server_auth - check server certificate\n");
+ fprintf(stderr," -client_auth - do client authentication\n");
+ fprintf(stderr," -v - more output\n");
+ fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
+ fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
+ fprintf(stderr," -threads arg - number of threads\n");
+ fprintf(stderr," -loops arg - number of 'connections', per thread\n");
+ fprintf(stderr," -reconnect - reuse session-id's\n");
+ fprintf(stderr," -stats - server session-id cache stats\n");
+ fprintf(stderr," -cert arg - server certificate/key\n");
+ fprintf(stderr," -ccert arg - client certificate/key\n");
+ fprintf(stderr," -ssl3 - just SSLv3n\n");
+ }
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int ret=1;
+ int client_auth=0;
+ int server_auth=0;
+ SSL_CTX *s_ctx=NULL;
+ SSL_CTX *c_ctx=NULL;
+ char *scert=TEST_SERVER_CERT;
+ char *ccert=TEST_CLIENT_CERT;
+ SSL_METHOD *ssl_method=SSLv23_method();
+
+ if (bio_err == NULL)
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ if (bio_stdout == NULL)
+ bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-server_auth") == 0)
+ server_auth=1;
+ else if (strcmp(*argv,"-client_auth") == 0)
+ client_auth=1;
+ else if (strcmp(*argv,"-reconnect") == 0)
+ reconnect=1;
+ else if (strcmp(*argv,"-stats") == 0)
+ cache_stats=1;
+ else if (strcmp(*argv,"-ssl3") == 0)
+ ssl_method=SSLv3_method();
+ else if (strcmp(*argv,"-ssl2") == 0)
+ ssl_method=SSLv2_method();
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ scert= *(++argv);
+ }
+ else if (strcmp(*argv,"-ccert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ ccert= *(++argv);
+ }
+ else if (strcmp(*argv,"-threads") == 0)
+ {
+ if (--argc < 1) goto bad;
+ thread_number= atoi(*(++argv));
+ if (thread_number == 0) thread_number=1;
+ if (thread_number > MAX_THREAD_NUMBER)
+ thread_number=MAX_THREAD_NUMBER;
+ }
+ else if (strcmp(*argv,"-loops") == 0)
+ {
+ if (--argc < 1) goto bad;
+ number_of_loops= atoi(*(++argv));
+ if (number_of_loops == 0) number_of_loops=1;
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+
+ SSL_load_error_strings();
+ SSLeay_add_ssl_algorithms();
+
+ c_ctx=SSL_CTX_new(ssl_method);
+ s_ctx=SSL_CTX_new(ssl_method);
+ if ((c_ctx == NULL) || (s_ctx == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ SSL_CTX_set_session_cache_mode(s_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+ SSL_CTX_set_session_cache_mode(c_ctx,
+ SSL_SESS_CACHE_NO_AUTO_CLEAR|SSL_SESS_CACHE_SERVER);
+
+ SSL_CTX_use_certificate_file(s_ctx,scert,SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(s_ctx,scert,SSL_FILETYPE_PEM);
+
+ if (client_auth)
+ {
+ SSL_CTX_use_certificate_file(c_ctx,ccert,
+ SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(c_ctx,ccert,
+ SSL_FILETYPE_PEM);
+ }
+
+ if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx)))
+ {
+ fprintf(stderr,"SSL_load_verify_locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth)
+ {
+ fprintf(stderr,"client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ }
+ if (server_auth)
+ {
+ fprintf(stderr,"server authentication\n");
+ SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
+ verify_callback);
+ }
+
+ thread_setup();
+ do_threads(s_ctx,c_ctx);
+ thread_cleanup();
+end:
+
+ if (c_ctx != NULL)
+ {
+ fprintf(stderr,"Client SSL_CTX stats then free it\n");
+ print_stats(stderr,c_ctx);
+ SSL_CTX_free(c_ctx);
+ }
+ if (s_ctx != NULL)
+ {
+ fprintf(stderr,"Server SSL_CTX stats then free it\n");
+ print_stats(stderr,s_ctx);
+ if (cache_stats)
+ {
+ fprintf(stderr,"-----\n");
+ lh_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n");
+ /* lh_node_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n"); */
+ lh_node_usage_stats(SSL_CTX_sessions(s_ctx),stderr);
+ fprintf(stderr,"-----\n");
+ }
+ SSL_CTX_free(s_ctx);
+ fprintf(stderr,"done free\n");
+ }
+ exit(ret);
+ return(0);
+ }
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int ndoit(ssl_ctx)
+SSL_CTX *ssl_ctx[2];
+ {
+ int i;
+ int ret;
+ char *ctx[4];
+
+ ctx[0]=(char *)ssl_ctx[0];
+ ctx[1]=(char *)ssl_ctx[1];
+
+ if (reconnect)
+ {
+ ctx[2]=(char *)SSL_new(ssl_ctx[0]);
+ ctx[3]=(char *)SSL_new(ssl_ctx[1]);
+ }
+ else
+ {
+ ctx[2]=NULL;
+ ctx[3]=NULL;
+ }
+
+ fprintf(stdout,"started thread %lu\n",CRYPTO_thread_id());
+ for (i=0; i<number_of_loops; i++)
+ {
+/* fprintf(stderr,"%4d %2d ctx->ref (%3d,%3d)\n",
+ CRYPTO_thread_id(),i,
+ ssl_ctx[0]->references,
+ ssl_ctx[1]->references); */
+ /* pthread_delay_np(&tm);*/
+
+ ret=doit(ctx);
+ if (ret != 0)
+ {
+ fprintf(stdout,"error[%d] %lu - %d\n",
+ i,CRYPTO_thread_id(),ret);
+ return(ret);
+ }
+ }
+ fprintf(stdout,"DONE %lu\n",CRYPTO_thread_id());
+ if (reconnect)
+ {
+ SSL_free((SSL *)ctx[2]);
+ SSL_free((SSL *)ctx[3]);
+ }
+ return(0);
+ }
+
+int doit(ctx)
+char *ctx[4];
+ {
+ SSL_CTX *s_ctx,*c_ctx;
+ static char cbuf[200],sbuf[200];
+ SSL *c_ssl=NULL;
+ SSL *s_ssl=NULL;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int c_r,c_w,s_r,s_w;
+ int c_want,s_want;
+ int i;
+ int done=0;
+ int c_write,s_write;
+ int do_server=0,do_client=0;
+
+ s_ctx=(SSL_CTX *)ctx[0];
+ c_ctx=(SSL_CTX *)ctx[1];
+
+ if (ctx[2] != NULL)
+ s_ssl=(SSL *)ctx[2];
+ else
+ s_ssl=SSL_new(s_ctx);
+
+ if (ctx[3] != NULL)
+ c_ssl=(SSL *)ctx[3];
+ else
+ c_ssl=SSL_new(c_ctx);
+
+ if ((s_ssl == NULL) || (c_ssl == NULL)) goto err;
+
+ c_to_s=BIO_new(BIO_s_mem());
+ s_to_c=BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL)) goto err;
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl,s_to_c,c_to_s);
+ BIO_set_ssl(c_bio,c_ssl,(ctx[2] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,(ctx[3] == NULL)?BIO_CLOSE:BIO_NOCLOSE);
+
+ c_r=0; s_r=1;
+ c_w=1; s_w=0;
+ c_want=W_WRITE;
+ s_want=0;
+ c_write=1,s_write=0;
+
+ /* We can always do writes */
+ for (;;)
+ {
+ do_server=0;
+ do_client=0;
+
+ i=(int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w) do_server=1;
+
+ i=(int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w) do_client=1;
+
+ if (do_server && verbose)
+ {
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+ else if (s_write)
+ printf("server:SSL_write()\n");
+ else
+ printf("server:SSL_read()\n");
+ }
+
+ if (do_client && verbose)
+ {
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+ else if (c_write)
+ printf("client:SSL_write()\n");
+ else
+ printf("client:SSL_read()\n");
+ }
+
+ if (!do_client && !do_server)
+ {
+ fprintf(stdout,"ERROR IN STARTUP\n");
+ break;
+ }
+ if (do_client && !(done & C_DONE))
+ {
+ if (c_write)
+ {
+ i=BIO_write(c_bio,"hello from client\n",18);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ /* ok */
+ c_write=0;
+ }
+ }
+ else
+ {
+ i=BIO_read(c_bio,cbuf,100);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ done|=C_DONE;
+#ifdef undef
+ fprintf(stdout,"CLIENT:from server:");
+ fwrite(cbuf,1,i,stdout);
+ fflush(stdout);
+#endif
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE))
+ {
+ if (!s_write)
+ {
+ i=BIO_read(s_bio,sbuf,100);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ s_write=1;
+ s_w=1;
+#ifdef undef
+ fprintf(stdout,"SERVER:from client:");
+ fwrite(sbuf,1,i,stdout);
+ fflush(stdout);
+#endif
+ }
+ }
+ else
+ {
+ i=BIO_write(s_bio,"hello from server\n",18);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors_fp(stderr);
+ return(1);
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL SERVER STARTUP FAILED\n");
+ return(1);
+ }
+ else
+ {
+ s_write=0;
+ s_r=1;
+ done|=S_DONE;
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE)) break;
+ }
+
+ SSL_set_shutdown(c_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ SSL_set_shutdown(s_ssl,SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+
+#ifdef undef
+ fprintf(stdout,"DONE\n");
+#endif
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+
+ if (s_ssl != NULL)
+ {
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+ }
+ if (c_ssl != NULL)
+ {
+ c_ssl->rbio=NULL;
+ c_ssl->wbio=NULL;
+ }
+
+ /* The SSL's are optionally freed in the following calls */
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+
+ if (c_bio != NULL) BIO_free(c_bio);
+ if (s_bio != NULL) BIO_free(s_bio);
+ return(0);
+ }
+
+int MS_CALLBACK verify_callback(ok, xs, xi, depth, error, arg)
+int ok;
+X509 *xs;
+X509 *xi;
+int depth;
+int error;
+char *arg;
+ {
+ char buf[256];
+
+ if (verbose)
+ {
+ X509_NAME_oneline(X509_get_subject_name(xs),buf,256);
+ if (ok)
+ fprintf(stderr,"depth=%d %s\n",depth,buf);
+ else
+ fprintf(stderr,"depth=%d error=%d %s\n",depth,error,buf);
+ }
+ return(ok);
+ }
+
+#define THREAD_STACK_SIZE (16*1024)
+
+#ifdef WIN32
+
+static HANDLE lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=CreateMutex(NULL,FALSE,NULL);
+ }
+
+ CRYPTO_set_locking_callback((void (*)(int,int,char *,int))win32_locking_callback);
+ /* id callback defined */
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ CloseHandle(lock_cs[i]);
+ }
+
+void win32_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ WaitForSingleObject(lock_cs[type],INFINITE);
+ }
+ else
+ {
+ ReleaseMutex(lock_cs[type]);
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ double ret;
+ SSL_CTX *ssl_ctx[2];
+ DWORD thread_id[MAX_THREAD_NUMBER];
+ HANDLE thread_handle[MAX_THREAD_NUMBER];
+ int i;
+ SYSTEMTIME start,end;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ GetSystemTime(&start);
+ for (i=0; i<thread_number; i++)
+ {
+ thread_handle[i]=CreateThread(NULL,
+ THREAD_STACK_SIZE,
+ (LPTHREAD_START_ROUTINE)ndoit,
+ (void *)ssl_ctx,
+ 0L,
+ &(thread_id[i]));
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i+=50)
+ {
+ int j;
+
+ j=(thread_number < (i+50))?(thread_number-i):50;
+
+ if (WaitForMultipleObjects(j,
+ (CONST HANDLE *)&(thread_handle[i]),TRUE,INFINITE)
+ == WAIT_FAILED)
+ {
+ fprintf(stderr,"WaitForMultipleObjects failed:%d\n",GetLastError());
+ exit(1);
+ }
+ }
+ GetSystemTime(&end);
+
+ if (start.wDayOfWeek > end.wDayOfWeek) end.wDayOfWeek+=7;
+ ret=(end.wDayOfWeek-start.wDayOfWeek)*24;
+
+ ret=(ret+end.wHour-start.wHour)*60;
+ ret=(ret+end.wMinute-start.wMinute)*60;
+ ret=(ret+end.wSecond-start.wSecond);
+ ret+=(end.wMilliseconds-start.wMilliseconds)/1000.0;
+
+ printf("win32 threads done - %.3f seconds\n",ret);
+ }
+
+#endif
+
+#ifdef SOLARIS
+
+static mutex_t lock_cs[CRYPTO_NUM_LOCKS];
+/*static rwlock_t lock_cs[CRYPTO_NUM_LOCKS]; */
+static long lock_count[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_count[i]=0;
+ /* rwlock_init(&(lock_cs[i]),USYNC_THREAD,NULL); */
+ mutex_init(&(lock_cs[i]),USYNC_THREAD,NULL);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())solaris_thread_id);
+ CRYPTO_set_locking_callback((void (*)())solaris_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+fprintf(stderr,"cleanup\n");
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ /* rwlock_destroy(&(lock_cs[i])); */
+ mutex_destroy(&(lock_cs[i]));
+ fprintf(stderr,"%8ld:%s\n",lock_count[i],CRYPTO_get_lock_name(i));
+ }
+fprintf(stderr,"done cleanup\n");
+ }
+
+void solaris_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+#ifdef undef
+fprintf(stderr,"thread=%4d mode=%s lock=%s %s:%d\n",
+ CRYPTO_thread_id(),
+ (mode&CRYPTO_LOCK)?"l":"u",
+ (type&CRYPTO_READ)?"r":"w",file,line);
+#endif
+
+/*
+if (CRYPTO_LOCK_SSL_CERT == type)
+ fprintf(stderr,"(t,m,f,l) %ld %d %s %d\n",
+ CRYPTO_thread_id(),
+ mode,file,line);
+*/
+ if (mode & CRYPTO_LOCK)
+ {
+ /* if (mode & CRYPTO_READ)
+ rw_rdlock(&(lock_cs[type]));
+ else
+ rw_wrlock(&(lock_cs[type])); */
+
+ mutex_lock(&(lock_cs[type]));
+ lock_count[type]++;
+ }
+ else
+ {
+/* rw_unlock(&(lock_cs[type])); */
+ mutex_unlock(&(lock_cs[type]));
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ thread_t thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ thr_setconcurrency(thread_number);
+ for (i=0; i<thread_number; i++)
+ {
+ thr_create(NULL, THREAD_STACK_SIZE,
+ (void *(*)())ndoit,
+ (void *)ssl_ctx,
+ 0L,
+ &(thread_ctx[i]));
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ thr_join(thread_ctx[i],NULL,NULL);
+ }
+
+ printf("solaris threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long solaris_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)thr_self();
+ return(ret);
+ }
+#endif
+
+#ifdef IRIX
+
+
+static usptr_t *arena;
+static usema_t *lock_cs[CRYPTO_NUM_LOCKS];
+
+void thread_setup()
+ {
+ int i;
+ char filename[20];
+
+ strcpy(filename,"/tmp/mttest.XXXXXX");
+ mktemp(filename);
+
+ usconfig(CONF_STHREADIOOFF);
+ usconfig(CONF_STHREADMALLOCOFF);
+ usconfig(CONF_INITUSERS,100);
+ usconfig(CONF_LOCKTYPE,US_DEBUGPLUS);
+ arena=usinit(filename);
+ unlink(filename);
+
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ lock_cs[i]=usnewsema(arena,1);
+ }
+
+ CRYPTO_set_id_callback((unsigned long (*)())irix_thread_id);
+ CRYPTO_set_locking_callback((void (*)())irix_locking_callback);
+ }
+
+void thread_cleanup()
+ {
+ int i;
+
+ CRYPTO_set_locking_callback(NULL);
+ for (i=0; i<CRYPTO_NUM_LOCKS; i++)
+ {
+ char buf[10];
+
+ sprintf(buf,"%2d:",i);
+ usdumpsema(lock_cs[i],stdout,buf);
+ usfreesema(lock_cs[i],arena);
+ }
+ }
+
+void irix_locking_callback(mode,type,file,line)
+int mode;
+int type;
+char *file;
+int line;
+ {
+ if (mode & CRYPTO_LOCK)
+ {
+ printf("lock %d\n",type);
+ uspsema(lock_cs[type]);
+ }
+ else
+ {
+ printf("unlock %d\n",type);
+ usvsema(lock_cs[type]);
+ }
+ }
+
+void do_threads(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ SSL_CTX *ssl_ctx[2];
+ int thread_ctx[MAX_THREAD_NUMBER];
+ int i;
+
+ ssl_ctx[0]=s_ctx;
+ ssl_ctx[1]=c_ctx;
+
+ for (i=0; i<thread_number; i++)
+ {
+ thread_ctx[i]=sproc((void (*)())ndoit,
+ PR_SADDR|PR_SFDS,(void *)ssl_ctx);
+ }
+
+ printf("reaping\n");
+ for (i=0; i<thread_number; i++)
+ {
+ wait(NULL);
+ }
+
+ printf("irix threads done (%d,%d)\n",
+ s_ctx->references,c_ctx->references);
+ }
+
+unsigned long irix_thread_id()
+ {
+ unsigned long ret;
+
+ ret=(unsigned long)getpid();
+ return(ret);
+ }
+#endif
+
diff --git a/mt/profile.sh b/mt/profile.sh
new file mode 100644
index 0000000..de5eb06
--- /dev/null
+++ b/mt/profile.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -p -DSOLARIS -I../include -g mttest.c -o mttest -L/usr/lib/libc -ldl -L.. -lthread -lssl -lcrypto -lnsl -lsocket
+
diff --git a/mt/ptest.bat b/mt/ptest.bat
new file mode 100755
index 0000000..ccaccae
--- /dev/null
+++ b/mt/ptest.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+purify cl /O2 -DWIN32 /MD -I..\out mttest.c /Femttest ..\out\ssl32.lib ..\out\crypt32.lib
+
diff --git a/mt/purify.sh b/mt/purify.sh
new file mode 100644
index 0000000..57c4017
--- /dev/null
+++ b/mt/purify.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+purify cc -DSOLARIS -I../include -g mttest.c -o mttest -L.. -lthread -lssl -lcrypto -lnsl -lsocket
+
diff --git a/mt/solaris.sh b/mt/solaris.sh
new file mode 100644
index 0000000..f6a90b1
--- /dev/null
+++ b/mt/solaris.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+/bin/rm -f mttest
+cc -DSOLARIS -I../include -g mttest.c -o mttest -L.. -lthread -lssl -lcrypto -lnsl -lsocket
+
diff --git a/mt/win32.bat b/mt/win32.bat
new file mode 100755
index 0000000..56089f6
--- /dev/null
+++ b/mt/win32.bat
@@ -0,0 +1,4 @@
+del mttest.exe
+
+cl /O2 -DWIN32 /MD -I..\out mttest.c /Femttest ..\out\ssleay32.lib ..\out\libeay32.lib
+
diff --git a/rsaref/Makefile.ssl b/rsaref/Makefile.ssl
new file mode 100644
index 0000000..e0e4fb7
--- /dev/null
+++ b/rsaref/Makefile.ssl
@@ -0,0 +1,85 @@
+#
+# SSLeay/rsaref/Makefile
+#
+
+DIR= rsaref
+TOP= ..
+CC= cc
+INCLUDES= -I../crypto -I../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=rsaref
+ERRC=rsar_err
+GENERAL=Makefile
+TEST=
+APPS=
+
+LIB=$(TOP)/libRSAglue.a
+LIBSRC= rsaref.c $(ERRC).c
+LIBOBJ= rsaref.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER=
+HEADER= $(EXHEADER) rsaref.h
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ..; $(MAKE) DIRS=rsaref all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../test $(TEST)
+ $(TOP)/util/mklink.sh ../apps $(APPS)
+
+install:
+
+# @for i in $(EXHEADER) ; \
+# do \
+# (cp $$i $(INSTALLTOP)/include/$$i; \
+# chmod 644 $(INSTALLTOP)/include/$$i ); \
+# done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../crypto/err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/rsaref/rsar_err.c b/rsaref/rsar_err.c
new file mode 100644
index 0000000..b77f3e7c
--- /dev/null
+++ b/rsaref/rsar_err.c
@@ -0,0 +1,124 @@
+/* lib/rsaref/rsaref_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "rsaref.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA RSAREF_str_functs[]=
+ {
+{ERR_PACK(0,RSAREF_F_BN_REF_MOD_EXP,0), "BN_REF_MOD_EXP"},
+{ERR_PACK(0,RSAREF_F_RSAREF_BN2BIN,0), "RSAREF_BN2BIN"},
+{ERR_PACK(0,RSAREF_F_RSA_BN2BIN,0), "RSA_BN2BIN"},
+{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_DECRYPT,0), "RSA_PRIVATE_DECRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_PRIVATE_ENCRYPT,0), "RSA_PRIVATE_ENCRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_DECRYPT,0), "RSA_PUBLIC_DECRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_PUBLIC_ENCRYPT,0), "RSA_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_REF_BN2BIN,0), "RSA_REF_BN2BIN"},
+{ERR_PACK(0,RSAREF_F_RSA_REF_MOD_EXP,0), "RSA_REF_MOD_EXP"},
+{ERR_PACK(0,RSAREF_F_RSA_REF_PRIVATE_DECRYPT,0), "RSA_REF_PRIVATE_DECRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,0), "RSA_REF_PRIVATE_ENCRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_REF_PUBLIC_DECRYPT,0), "RSA_REF_PUBLIC_DECRYPT"},
+{ERR_PACK(0,RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,0), "RSA_REF_PUBLIC_ENCRYPT"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA RSAREF_str_reasons[]=
+ {
+{RE_CONTENT_ENCODING ,"content encoding"},
+{RE_DATA ,"data"},
+{RE_DIGEST_ALGORITHM ,"digest algorithm"},
+{RE_ENCODING ,"encoding"},
+{RE_KEY ,"key"},
+{RE_KEY_ENCODING ,"key encoding"},
+{RE_LEN ,"len"},
+{RE_MODULUS_LEN ,"modulus len"},
+{RE_NEED_RANDOM ,"need random"},
+{RE_PRIVATE_KEY ,"private key"},
+{RE_PUBLIC_KEY ,"public key"},
+{RE_SIGNATURE ,"signature"},
+{RE_SIGNATURE_ENCODING ,"signature encoding"},
+{RE_ENCRYPTION_ALGORITHM ,"encryption algorithm"},
+{RSAREF_R_CONTENT_ENCODING ,"content encoding"},
+{RSAREF_R_DATA ,"data"},
+{RSAREF_R_DIGEST_ALGORITHM ,"digest algorithm"},
+{RSAREF_R_ENCODING ,"encoding"},
+{RSAREF_R_ENCRYPTION_ALGORITHM ,"encryption algorithm"},
+{RSAREF_R_KEY ,"key"},
+{RSAREF_R_KEY_ENCODING ,"key encoding"},
+{RSAREF_R_LEN ,"len"},
+{RSAREF_R_MODULUS_LEN ,"modulus len"},
+{RSAREF_R_NEED_RANDOM ,"need random"},
+{RSAREF_R_PRIVATE_KEY ,"private key"},
+{RSAREF_R_PUBLIC_KEY ,"public key"},
+{RSAREF_R_SIGNATURE ,"signature"},
+{RSAREF_R_SIGNATURE_ENCODING ,"signature encoding"},
+{0,NULL},
+ };
+
+void ERR_load_RSAREF_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_functs);
+ ERR_load_strings(ERR_LIB_RSAREF,RSAREF_str_reasons);
+ }
+ }
diff --git a/rsaref/rsaref.c b/rsaref/rsaref.c
new file mode 100644
index 0000000..ac4fe01
--- /dev/null
+++ b/rsaref/rsaref.c
@@ -0,0 +1,351 @@
+/* rsaref/rsaref.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "cryptlib.h"
+#include "bn.h"
+#include "rsa.h"
+#include "rsaref.h"
+#include "rand.h"
+
+/*
+ * RSAREFerr(RSAREF_F_RSA_REF_BN2BIN,RSAREF_R_CONTENT_ENCODING);
+ * RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,RSAREF_R_DATA);
+ * RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,RSAREF_R_DIGEST_ALGORITHM);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,RSAREF_R_ENCODING);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_KEY);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_KEY_ENCODING);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_LEN);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_MODULUS_LEN);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_NEED_RANDOM);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_PRIVATE_KEY);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_PUBLIC_KEY);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_SIGNATURE);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_SIGNATURE_ENCODING);
+ * RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,RSAREF_R_ENCRYPTION_ALGORITHM);
+ * RSAREFerr(RSAREF_F_RSAREF_BN2BIN,ERR_R_BN_LIB);
+ */
+
+#ifndef NOPROTO
+static int RSAref_bn2bin(BIGNUM * from, unsigned char* to, int max);
+#ifdef undef
+static BIGNUM* RSAref_bin2bn(unsigned char* from, BIGNUM * to, int max);
+#endif
+static int RSAref_Public_eay2ref(RSA * from, RSArefPublicKey * to);
+static int RSAref_Private_eay2ref(RSA * from, RSArefPrivateKey * to);
+int RSA_ref_private_decrypt(int len, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+int RSA_ref_private_encrypt(int len, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+int RSA_ref_public_encrypt(int len, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+int RSA_ref_public_decrypt(int len, unsigned char *from,
+ unsigned char *to, RSA *rsa, int padding);
+static int BN_ref_mod_exp(BIGNUM *r,BIGNUM *a,BIGNUM *p,BIGNUM *m, BN_CTX *ctx);
+static int RSA_ref_mod_exp(BIGNUM *r0, BIGNUM *I, RSA *rsa);
+#else
+
+static int RSAref_bn2bin();
+#ifdef undef
+static BIGNUM* RSAref_bin2bn();
+#endif
+static int RSAref_Public_eay2ref();
+static int RSAref_Private_eay2ref();
+static int BN_ref_mod_exp();
+static int RSA_ref_mod_exp();
+int RSA_ref_private_decrypt();
+int RSA_ref_private_encrypt();
+int RSA_ref_public_encrypt();
+int RSA_ref_public_decrypt();
+static int BN_ref_mod_exp();
+static int RSA_ref_mod_exp();
+#endif
+
+static RSA_METHOD rsa_pkcs1_ref_meth={
+ "RSAref PKCS#1 RSA",
+ RSA_ref_public_encrypt,
+ RSA_ref_public_decrypt,
+ RSA_ref_private_encrypt,
+ RSA_ref_private_decrypt,
+ RSA_ref_mod_exp,
+ BN_ref_mod_exp,
+ NULL,
+ NULL,
+ };
+
+RSA_METHOD *RSA_PKCS1_RSAref()
+ {
+ return(&rsa_pkcs1_ref_meth);
+ }
+
+static int RSA_ref_mod_exp(r0, I, rsa)
+BIGNUM *r0;
+BIGNUM *I;
+RSA *rsa;
+ {
+ RSAREFerr(RSAREF_F_RSA_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(0);
+ }
+
+static int BN_ref_mod_exp(r,a,p,m,ctx)
+BIGNUM *r,*a,*p,*m;
+BN_CTX *ctx;
+ {
+ RSAREFerr(RSAREF_F_BN_REF_MOD_EXP,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(0);
+ }
+
+static int RSAref_bn2bin(from,to,max)
+BIGNUM *from;
+unsigned char *to; /* [max] */
+int max;
+ {
+ int i;
+
+ i=BN_num_bytes(from);
+ if (i > max)
+ {
+ RSAREFerr(RSAREF_F_RSAREF_BN2BIN,RSAREF_R_LEN);
+ return(0);
+ }
+
+ memset(to,0,(unsigned int)max);
+ if (!BN_bn2bin(from,&(to[max-i])))
+ return(0);
+ return(1);
+ }
+
+#ifdef undef
+static BIGNUM *RSAref_bin2bn(from,to,max)
+unsigned char *from; /* [max] */
+BIGNUM *to;
+int max;
+ {
+ int i;
+ BIGNUM *ret;
+
+ for (i=0; i<max; i++)
+ if (from[i]) break;
+
+ ret=BN_bin2bn(&(from[i]),max-i,to);
+ return(ret);
+ }
+
+static int RSAref_Public_ref2eay(from,to)
+RSArefPublicKey *from;
+RSA *to;
+ {
+ to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN);
+ to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN);
+ if ((to->n == NULL) || (to->e == NULL)) return(0);
+ return(1);
+ }
+#endif
+
+static int RSAref_Public_eay2ref(from,to)
+RSA *from;
+RSArefPublicKey *to;
+ {
+ to->bits=BN_num_bits(from->n);
+ if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
+ if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
+ return(1);
+ }
+
+#ifdef undef
+static int RSAref_Private_ref2eay(from,to)
+RSArefPrivateKey *from;
+RSA *to;
+ {
+ if ((to->n=RSAref_bin2bn(from->m,NULL,RSAref_MAX_LEN)) == NULL)
+ return(0);
+ if ((to->e=RSAref_bin2bn(from->e,NULL,RSAref_MAX_LEN)) == NULL)
+ return(0);
+ if ((to->d=RSAref_bin2bn(from->d,NULL,RSAref_MAX_LEN)) == NULL)
+ return(0);
+ if ((to->p=RSAref_bin2bn(from->prime[0],NULL,RSAref_MAX_PLEN)) == NULL)
+ return(0);
+ if ((to->q=RSAref_bin2bn(from->prime[1],NULL,RSAref_MAX_PLEN)) == NULL)
+ return(0);
+ if ((to->dmp1=RSAref_bin2bn(from->pexp[0],NULL,RSAref_MAX_PLEN))
+ == NULL)
+ return(0);
+ if ((to->dmq1=RSAref_bin2bn(from->pexp[1],NULL,RSAref_MAX_PLEN))
+ == NULL)
+ return(0);
+ if ((to->iqmp=RSAref_bin2bn(from->coef,NULL,RSAref_MAX_PLEN)) == NULL)
+ return(0);
+ return(1);
+ }
+#endif
+
+static int RSAref_Private_eay2ref(from,to)
+RSA *from;
+RSArefPrivateKey *to;
+ {
+ to->bits=BN_num_bits(from->n);
+ if (!RSAref_bn2bin(from->n,to->m,RSAref_MAX_LEN)) return(0);
+ if (!RSAref_bn2bin(from->e,to->e,RSAref_MAX_LEN)) return(0);
+ if (!RSAref_bn2bin(from->d,to->d,RSAref_MAX_LEN)) return(0);
+ if (!RSAref_bn2bin(from->p,to->prime[0],RSAref_MAX_PLEN)) return(0);
+ if (!RSAref_bn2bin(from->q,to->prime[1],RSAref_MAX_PLEN)) return(0);
+ if (!RSAref_bn2bin(from->dmp1,to->pexp[0],RSAref_MAX_PLEN)) return(0);
+ if (!RSAref_bn2bin(from->dmq1,to->pexp[1],RSAref_MAX_PLEN)) return(0);
+ if (!RSAref_bn2bin(from->iqmp,to->coef,RSAref_MAX_PLEN)) return(0);
+ return(1);
+ }
+
+int RSA_ref_private_decrypt(len,from,to,rsa,padding)
+int len;
+unsigned char *from,*to;
+RSA *rsa;
+int padding;
+ {
+ int i,outlen= -1;
+ RSArefPrivateKey RSAkey;
+
+ if (!RSAref_Private_eay2ref(rsa,&RSAkey))
+ goto err;
+ if ((i=RSAPrivateDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
+ {
+ RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_DECRYPT,i);
+ outlen= -1;
+ }
+err:
+ memset(&RSAkey,0,sizeof(RSAkey));
+ return(outlen);
+ }
+
+int RSA_ref_private_encrypt(len,from,to,rsa,padding)
+int len;
+unsigned char *from,*to;
+RSA *rsa;
+int padding;
+ {
+ int i,outlen= -1;
+ RSArefPrivateKey RSAkey;
+
+ if (!RSAref_Private_eay2ref(rsa,&RSAkey))
+ goto err;
+ if ((i=RSAPrivateEncrypt(to,&outlen,from,len,&RSAkey)) != 0)
+ {
+ RSAREFerr(RSAREF_F_RSA_REF_PRIVATE_ENCRYPT,i);
+ outlen= -1;
+ }
+err:
+ memset(&RSAkey,0,sizeof(RSAkey));
+ return(outlen);
+ }
+
+int RSA_ref_public_decrypt(len,from,to,rsa,padding)
+int len;
+unsigned char *from,*to;
+RSA *rsa;
+int padding;
+ {
+ int i,outlen= -1;
+ RSArefPublicKey RSAkey;
+
+ if (!RSAref_Public_eay2ref(rsa,&RSAkey))
+ goto err;
+ if ((i=RSAPublicDecrypt(to,&outlen,from,len,&RSAkey)) != 0)
+ {
+ RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_DECRYPT,i);
+ outlen= -1;
+ }
+err:
+ memset(&RSAkey,0,sizeof(RSAkey));
+ return(outlen);
+ }
+
+int RSA_ref_public_encrypt(len,from,to,rsa,padding)
+int len;
+unsigned char *from,*to;
+RSA *rsa;
+int padding;
+ {
+ int outlen= -1;
+ int i;
+ RSArefPublicKey RSAkey;
+ RSARandomState rnd;
+ unsigned char buf[16];
+
+ R_RandomInit(&rnd);
+ R_GetRandomBytesNeeded((unsigned int *)&i,&rnd);
+ while (i > 0)
+ {
+ RAND_bytes(buf,16);
+ R_RandomUpdate(&rnd,buf,(unsigned int)((i>16)?16:i));
+ i-=16;
+ }
+
+ if (!RSAref_Public_eay2ref(rsa,&RSAkey))
+ goto err;
+ if ((i=RSAPublicEncrypt(to,&outlen,from,len,&RSAkey,&rnd)) != 0)
+ {
+ RSAREFerr(RSAREF_F_RSA_REF_PUBLIC_ENCRYPT,i);
+ outlen= -1;
+ goto err;
+ }
+err:
+ memset(&RSAkey,0,sizeof(RSAkey));
+ R_RandomFinal(&rnd);
+ memset(&rnd,0,sizeof(rnd));
+ return(outlen);
+ }
+
diff --git a/rsaref/rsaref.err b/rsaref/rsaref.err
new file mode 100644
index 0000000..89f83b8
--- /dev/null
+++ b/rsaref/rsaref.err
@@ -0,0 +1,32 @@
+/* Error codes for the RSAREF functions. */
+
+/* Function codes. */
+#define RSAREF_F_BN_REF_MOD_EXP 100
+#define RSAREF_F_RSAREF_BN2BIN 101
+#define RSAREF_F_RSA_BN2BIN 102
+#define RSAREF_F_RSA_PRIVATE_DECRYPT 103
+#define RSAREF_F_RSA_PRIVATE_ENCRYPT 104
+#define RSAREF_F_RSA_PUBLIC_DECRYPT 105
+#define RSAREF_F_RSA_PUBLIC_ENCRYPT 106
+#define RSAREF_F_RSA_REF_BN2BIN 107
+#define RSAREF_F_RSA_REF_MOD_EXP 108
+#define RSAREF_F_RSA_REF_PRIVATE_DECRYPT 109
+#define RSAREF_F_RSA_REF_PRIVATE_ENCRYPT 110
+#define RSAREF_F_RSA_REF_PUBLIC_DECRYPT 111
+#define RSAREF_F_RSA_REF_PUBLIC_ENCRYPT 112
+
+/* Reason codes. */
+#define RSAREF_R_CONTENT_ENCODING 1024
+#define RSAREF_R_DATA 1025
+#define RSAREF_R_DIGEST_ALGORITHM 1026
+#define RSAREF_R_ENCODING 1027
+#define RSAREF_R_ENCRYPTION_ALGORITHM 1037
+#define RSAREF_R_KEY 1028
+#define RSAREF_R_KEY_ENCODING 1029
+#define RSAREF_R_LEN 1030
+#define RSAREF_R_MODULUS_LEN 1031
+#define RSAREF_R_NEED_RANDOM 1032
+#define RSAREF_R_PRIVATE_KEY 1033
+#define RSAREF_R_PUBLIC_KEY 1034
+#define RSAREF_R_SIGNATURE 1035
+#define RSAREF_R_SIGNATURE_ENCODING 1036
diff --git a/rsaref/rsaref.h b/rsaref/rsaref.h
new file mode 100644
index 0000000..52fc469
--- /dev/null
+++ b/rsaref/rsaref.h
@@ -0,0 +1,186 @@
+/* rsaref/rsaref.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_RSAREF_H
+#define HEADER_RSAREF_H
+
+#include "rsa.h"
+
+/* RSAeuro */
+/*#define RSAref_MAX_BITS 2048*/
+
+/* RSAref */
+#define RSAref_MAX_BITS 1024
+
+#define RSAref_MIN_BITS 508
+#define RSAref_MAX_LEN ((RSAref_MAX_BITS+7)/8)
+#define RSAref_MAX_PBITS (RSAref_MAX_BITS+1)/2
+#define RSAref_MAX_PLEN ((RSAref_MAX_PBITS+7)/8)
+
+typedef struct RSArefPublicKey_st
+ {
+ unsigned int bits;
+ unsigned char m[RSAref_MAX_LEN];
+ unsigned char e[RSAref_MAX_LEN];
+ } RSArefPublicKey;
+
+typedef struct RSArefPrivateKey_st
+ {
+ unsigned int bits;
+ unsigned char m[RSAref_MAX_LEN];
+ unsigned char e[RSAref_MAX_LEN];
+ unsigned char d[RSAref_MAX_LEN];
+ unsigned char prime[2][RSAref_MAX_PLEN];/* p & q */
+ unsigned char pexp[2][RSAref_MAX_PLEN]; /* dmp1 & dmq1 */
+ unsigned char coef[RSAref_MAX_PLEN]; /* iqmp */
+ } RSArefPrivateKey;
+
+typedef struct RSARandomState_st
+ {
+ unsigned int needed;
+ unsigned char state[16];
+ unsigned int outputnum;
+ unsigned char output[16];
+ } RSARandomState;
+
+#define RE_CONTENT_ENCODING 0x0400
+#define RE_DATA 0x0401
+#define RE_DIGEST_ALGORITHM 0x0402
+#define RE_ENCODING 0x0403
+#define RE_KEY 0x0404
+#define RE_KEY_ENCODING 0x0405
+#define RE_LEN 0x0406
+#define RE_MODULUS_LEN 0x0407
+#define RE_NEED_RANDOM 0x0408
+#define RE_PRIVATE_KEY 0x0409
+#define RE_PUBLIC_KEY 0x040a
+#define RE_SIGNATURE 0x040b
+#define RE_SIGNATURE_ENCODING 0x040c
+#define RE_ENCRYPTION_ALGORITHM 0x040d
+
+#ifndef NOPROTO
+int RSAPrivateDecrypt(unsigned char *to, int *outlen, unsigned char *from,
+ int len, RSArefPrivateKey *RSAkey);
+int RSAPrivateEncrypt(unsigned char *to, int *outlen, unsigned char *from,
+ int len, RSArefPrivateKey *RSAkey);
+int RSAPublicDecrypt(unsigned char *to, int *outlen, unsigned char *from,
+ int len, RSArefPublicKey *RSAkey);
+int RSAPublicEncrypt(unsigned char *to, int *outlen, unsigned char *from,
+ int len, RSArefPublicKey *RSAkey,RSARandomState *rnd);
+int R_RandomInit(RSARandomState *rnd);
+int R_GetRandomBytesNeeded(unsigned int *,RSARandomState *rnd);
+int R_RandomUpdate(RSARandomState *rnd, unsigned char *data, unsigned int n);
+int R_RandomFinal(RSARandomState *rnd);
+
+void ERR_load_RSAREF_strings(void );
+RSA_METHOD *RSA_PKCS1_RSAref(void );
+
+#else
+int RSAPrivateDecrypt();
+int RSAPrivateEncrypt();
+int RSAPublicDecrypt();
+int RSAPublicEncrypt();
+int R_RandomInit();
+int R_GetRandomBytesNeeded();
+int R_RandomUpdate();
+int R_RandomFinal();
+
+void ERR_load_RSAREF_strings();
+RSA_METHOD *RSA_PKCS1_RSAref();
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the RSAREF functions. */
+
+/* Function codes. */
+#define RSAREF_F_BN_REF_MOD_EXP 100
+#define RSAREF_F_RSAREF_BN2BIN 101
+#define RSAREF_F_RSA_BN2BIN 102
+#define RSAREF_F_RSA_PRIVATE_DECRYPT 103
+#define RSAREF_F_RSA_PRIVATE_ENCRYPT 104
+#define RSAREF_F_RSA_PUBLIC_DECRYPT 105
+#define RSAREF_F_RSA_PUBLIC_ENCRYPT 106
+#define RSAREF_F_RSA_REF_BN2BIN 107
+#define RSAREF_F_RSA_REF_MOD_EXP 108
+#define RSAREF_F_RSA_REF_PRIVATE_DECRYPT 109
+#define RSAREF_F_RSA_REF_PRIVATE_ENCRYPT 110
+#define RSAREF_F_RSA_REF_PUBLIC_DECRYPT 111
+#define RSAREF_F_RSA_REF_PUBLIC_ENCRYPT 112
+
+/* Reason codes. */
+#define RSAREF_R_CONTENT_ENCODING 1024
+#define RSAREF_R_DATA 1025
+#define RSAREF_R_DIGEST_ALGORITHM 1026
+#define RSAREF_R_ENCODING 1027
+#define RSAREF_R_ENCRYPTION_ALGORITHM 1037
+#define RSAREF_R_KEY 1028
+#define RSAREF_R_KEY_ENCODING 1029
+#define RSAREF_R_LEN 1030
+#define RSAREF_R_MODULUS_LEN 1031
+#define RSAREF_R_NEED_RANDOM 1032
+#define RSAREF_R_PRIVATE_KEY 1033
+#define RSAREF_R_PUBLIC_KEY 1034
+#define RSAREF_R_SIGNATURE 1035
+#define RSAREF_R_SIGNATURE_ENCODING 1036
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/shlib/README b/shlib/README
new file mode 100644
index 0000000..fea07a5
--- /dev/null
+++ b/shlib/README
@@ -0,0 +1 @@
+Only the windows NT and, linux builds have been tested for SSLeay 0.8.0
diff --git a/shlib/irix.sh b/shlib/irix.sh
new file mode 100644
index 0000000..22e4e6a
--- /dev/null
+++ b/shlib/irix.sh
@@ -0,0 +1,7 @@
+FLAGS="-DTERMIOS -O2 -mips2 -DB_ENDIAN -fomit-frame-pointer -Wall -Iinclude"
+SHFLAGS="-DPIC -fpic"
+
+gcc -c -Icrypto $SHFLAGS $FLAGS -o crypto.o crypto/crypto.c
+ld -shared -o libcrypto.so crypto.o
+gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
+ld -shared -o libssl.so ssl.o
diff --git a/shlib/libcrypto.so.0 b/shlib/libcrypto.so.0
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/shlib/libcrypto.so.0
diff --git a/shlib/libssl.so.0 b/shlib/libssl.so.0
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/shlib/libssl.so.0
diff --git a/shlib/linux.sh b/shlib/linux.sh
new file mode 100644
index 0000000..4d2b98d
--- /dev/null
+++ b/shlib/linux.sh
@@ -0,0 +1,56 @@
+#!/bin/sh
+
+echo "#define DATE \"`date`\"" >crypto/date.h
+
+major="0"
+minor="8.0"
+slib=libssl
+clib=libcrypto
+CC=gcc
+CPP='gcc -E'
+AS=as
+FLAGS='-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall'
+#FLAGS='-DTERMIO -g2 -ggdb -DL_ENDIAN -m486 -Wall -DREF_CHECK -DCRYPTO_MDEBUG'
+INCLUDE='-Iinclude -Icrypto -Issl'
+SHFLAGS='-DPIC -fpic'
+
+CFLAGS="$FLAGS $INCLUDE $SHFLAGS"
+ASM_OBJ="";
+
+echo compiling bignum assember
+$AS -o bn_asm.o crypto/bn/asm/x86-lnx.s
+CFLAGS="$CFLAGS -DBN_ASM"
+ASM_OBJ="$ASM_OBJ bn_asm.o"
+
+echo compiling des assember
+$CPP -DELF crypto/des/asm/dx86unix.cpp | $AS -o des_enc.o
+$CPP -DELF crypto/des/asm/cx86unix.cpp | $AS -o fcrypt-b.o
+CFLAGS="$CFLAGS -DDES_ASM"
+ASM_OBJ="$ASM_OBJ des_enc.o fcrypt-b.o"
+
+echo compiling blowfish assember
+$CPP -DELF crypto/bf/asm/bx86unix.cpp | $AS -o bf_enc.o
+CFLAGS="$CFLAGS -DBF_ASM"
+ASM_OBJ="$ASM_OBJ bf_enc.o"
+
+echo compiling $clib
+$CC -c $CFLAGS -DCFLAGS="\"$FLAGS\"" -o crypto.o crypto/crypto.c
+
+echo linking $clib.so
+gcc $CFLAGS -shared -Wl,-soname,$clib.so.$major -o $clib.so.$major.$minor crypto.o $ASM_OBJ
+/bin/rm -f $clib.so $clib.$major
+ln -s $clib.so.$major.$minor $clib.so
+ln -s $clib.so.$major.$minor $clib.so.$major
+
+echo compiling $slib.so
+$CC -c $CFLAGS -o ssl.o ssl/ssl.c
+
+echo building $slib.so
+gcc $CFLAGS -shared -Wl,-soname,$slib.so.$major -o $slib.so.$major.$minor ssl.o
+/bin/rm -f $slib.so $slib.$mahor
+ln -s $slib.so.$major.$minor $slib.so
+ln -s $slib.so.$major.$minor $slib.so.$major
+
+echo building ssleay executable
+gcc $CFLAGS -o ssleay apps/eay.c -L. -lssl -lcrypto
+
diff --git a/shlib/solaris.sh b/shlib/solaris.sh
new file mode 100644
index 0000000..03475f1
--- /dev/null
+++ b/shlib/solaris.sh
@@ -0,0 +1,36 @@
+#!/bin/sh
+
+echo "#define DATE \"`date`\"" >crypto/date.h
+
+major="0"
+minor="8.0"
+slib=libssl
+clib=libcrypto
+CC=gcc
+CPP='gcc -E'
+AS=as
+#FLAGS='-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -mv8 -Wall'
+FLAGS='-DTERMIO -g2 -ggdb -DL_ENDIAN -Wall -DREF_CHECK -DCRYPTO_MDEBUG'
+INCLUDE='-Iinclude -Icrypto -Issl'
+SHFLAGS='-DPIC -fpic'
+
+CFLAGS="$FLAGS $INCLUDE $SHFLAGS"
+ASM_OBJ="";
+
+echo compiling bignum assember
+$AS -o bn_asm.o crypto/bn/asm/sparc.s
+CFLAGS="$CFLAGS -DBN_ASM"
+ASM_OBJ="$ASM_OBJ bn_asm.o"
+
+echo compiling $clib
+$CC -c $CFLAGS -DCFLAGS="\"$FLAGS\"" -o crypto.o crypto/crypto.c
+
+echo linking $clib.so
+gcc $CFLAGS -shared -o $clib.so.$major.$minor crypto.o $ASM_OBJ -lnsl -lsocket
+
+echo compiling $slib.so
+$CC -c $CFLAGS -o ssl.o ssl/ssl.c
+
+echo building $slib.so
+gcc $CFLAGS -shared -o $slib.so ssl.o -L. -lcrypto
+
diff --git a/shlib/sun.sh b/shlib/sun.sh
new file mode 100644
index 0000000..a890bbd
--- /dev/null
+++ b/shlib/sun.sh
@@ -0,0 +1,8 @@
+FLAGS="-DTERMIO -O3 -DB_ENDIAN -fomit-frame-pointer -mv8 -Wall -Iinclude"
+SHFLAGS="-DPIC -fpic"
+
+gcc -c -Icrypto $SHFLAGS -fpic $FLAGS -o crypto.o crypto/crypto.c
+ld -G -z text -o libcrypto.so crypto.o
+
+gcc -c -Issl $SHFLAGS $FLAGS -o ssl.o ssl/ssl.c
+ld -G -z text -o libssl.so ssl.o
diff --git a/shlib/win32.bat b/shlib/win32.bat
new file mode 100755
index 0000000..c807a99
--- /dev/null
+++ b/shlib/win32.bat
@@ -0,0 +1,18 @@
+rem win32 dll build
+
+set OPTIONS1=-DDES_ASM -DBN_ASM -DBF_ASM -DFLAT_INC -Iout -Itmp -DL_ENDIAN
+set OPTIONS2=/W3 /WX /Ox /Gs0 /GF /Gy /nologo
+
+set OPTIONS=%OPTIONS1% %OPTIONS2%
+
+rem ml /coff /c crypto\bf\asm\b-win32.asm
+rem ml /coff /c crypto\des\asm\c-win32.asm
+rem ml /coff /c crypto\des\asm\d-win32.asm
+rem ml /coff /c crypto\bn\asm\x86nt32.asm
+
+cl /Focrypto.obj -DWIN32 %OPTIONS% -c crypto\crypto.c
+cl /Fossl.obj -DWIN32 %OPTIONS% -c ssl\ssl.c
+cl /Foeay.obj -DWIN32 %OPTIONS% -c apps\eay.c
+
+cl /Fessleay.exe %OPTIONS% eay.obj ssl.obj crypto.obj crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib wsock32.lib
+
diff --git a/shlib/win32dll.bat b/shlib/win32dll.bat
new file mode 100755
index 0000000..294c94c
--- /dev/null
+++ b/shlib/win32dll.bat
@@ -0,0 +1,13 @@
+rem win32 dll build
+
+set OPTIONS1=-DDES_ASM -DBN_ASM -DBF_ASM -DFLAT_INC -Iout -Itmp -DL_ENDIAN
+set OPTIONS2=/W3 /WX /Ox /Gf /nologo
+
+set OPTIONS=%OPTIONS1% %OPTIONS2%
+
+cl /Felibeay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\libeay32.def crypto\crypto.c crypto\bf\asm\b-win32.obj crypto\des\asm\c-win32.obj crypto\des\asm\d-win32.obj crypto\bn\asm\x86nt32.obj user32.lib gdi32.lib wsock32.lib
+
+cl /Fessleay32.dll /GD /MD /LD -DWIN32 %OPTIONS% ms\ssleay32.def ssl\ssl.c libeay32.lib
+
+cl /Fessleay.exe /MD -DWIN32 %OPTIONS% apps\eay.c ssleay32.lib libeay32.lib user32.lib wsock32.lib
+
diff --git a/ssl/Makefile.ssl b/ssl/Makefile.ssl
new file mode 100644
index 0000000..f6f40e4
--- /dev/null
+++ b/ssl/Makefile.ssl
@@ -0,0 +1,98 @@
+#
+# SSLeay/ssl/Makefile
+#
+
+DIR= ssl
+TOP= ..
+CC= cc
+INCLUDES= -I../crypto -I../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+AR= ar r
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+ERR=ssl
+ERRC=ssl_err
+GENERAL=Makefile README
+TEST=ssltest.c
+APPS=
+
+LIB=$(TOP)/libssl.a
+LIBSRC= \
+ s2_meth.c s2_srvr.c s2_clnt.c s2_lib.c s2_pkt.c s2_enc.c \
+ s3_meth.c s3_srvr.c s3_clnt.c s3_lib.c s3_pkt.c s3_enc.c s3_both.c \
+ s23_meth.c s23_srvr.c s23_clnt.c s23_lib.c s23_pkt.c \
+ ssl_lib.c ssl_err2.c ssl_cert.c ssl_sess.c \
+ ssl_ciph.c ssl_stat.c ssl_rsa.c \
+ ssl_asn1.c ssl_txt.c ssl_algs.c \
+ bio_ssl.c $(ERRC).c
+LIBOBJ= \
+ s2_meth.o s2_srvr.o s2_clnt.o s2_lib.o s2_pkt.o s2_enc.o \
+ s3_meth.o s3_srvr.o s3_clnt.o s3_lib.o s3_pkt.o s3_enc.o s3_both.o \
+ s23_meth.o s23_srvr.o s23_clnt.o s23_lib.o s23_pkt.o \
+ ssl_lib.o ssl_err2.o ssl_cert.o ssl_sess.o \
+ ssl_ciph.o ssl_stat.o ssl_rsa.o \
+ ssl_asn1.o ssl_txt.o ssl_algs.o \
+ bio_ssl.o $(ERRC).o
+
+SRC= $(LIBSRC)
+
+EXHEADER= ssl.h ssl2.h ssl3.h ssl23.h
+HEADER= $(EXHEADER) ssl_locl.h
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: lib
+
+lib: $(LIBOBJ)
+ $(AR) $(LIB) $(LIBOBJ)
+ sh $(TOP)/util/ranlib.sh $(LIB)
+ @touch lib
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+ $(TOP)/util/mklink.sh ../include $(EXHEADER)
+ $(TOP)/util/mklink.sh ../test $(TEST)
+ $(TOP)/util/mklink.sh ../apps $(APPS)
+
+install:
+ @for i in $(EXHEADER) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/include/$$i; \
+ chmod 644 $(INSTALLTOP)/include/$$i ); \
+ done;
+
+tags:
+ ctags $(SRC)
+
+tests:
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(LIBSRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+ perl $(TOP)/util/err-ins.pl $(ERR).err $(ERR).h
+ perl ../crypto/err/err_genc.pl $(ERR).h $(ERRC).c
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/ssl/bio_ssl.c b/ssl/bio_ssl.c
new file mode 100644
index 0000000..6c0baba
--- /dev/null
+++ b/ssl/bio_ssl.c
@@ -0,0 +1,432 @@
+/* ssl/bio_ssl.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include "bio.h"
+#include "err.h"
+#include "ssl.h"
+
+#ifndef NOPROTO
+static int ssl_write(BIO *h,char *buf,int num);
+static int ssl_read(BIO *h,char *buf,int size);
+static int ssl_puts(BIO *h,char *str);
+static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int ssl_new(BIO *h);
+static int ssl_free(BIO *data);
+#else
+static int ssl_write();
+static int ssl_read();
+static int ssl_puts();
+static long ssl_ctrl();
+static int ssl_new();
+static int ssl_free();
+#endif
+
+static BIO_METHOD methods_sslp=
+ {
+ BIO_TYPE_SSL,"ssl",
+ ssl_write,
+ ssl_read,
+ ssl_puts,
+ NULL, /* ssl_gets, */
+ ssl_ctrl,
+ ssl_new,
+ ssl_free,
+ };
+
+BIO_METHOD *BIO_f_ssl()
+ {
+ return(&methods_sslp);
+ }
+
+static int ssl_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->ptr=NULL; /* The SSL structure */
+ bi->flags=0;
+ return(1);
+ }
+
+static int ssl_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr);
+ if (a->shutdown)
+ {
+ if (a->init) SSL_free((SSL *)a->ptr);
+ a->init=0;
+ a->flags=0;
+ a->ptr=NULL;
+ }
+ return(1);
+ }
+
+static int ssl_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=1;
+ int inflags,outflags;
+ SSL *ssl;
+ int retry_reason=0;
+
+ if (out == NULL) return(0);
+ ssl=(SSL *)b->ptr;
+
+ inflags=outflags=b->flags;
+
+ outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY);
+
+ if (!SSL_is_init_finished(ssl))
+ {
+ ret=SSL_do_handshake(ssl);
+#if 0
+ if (ret > 0)
+ {
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ ret= -1;
+ goto end;
+ }
+#endif
+ }
+ if (ret > 0)
+ ret=SSL_read(ssl,out,outl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_NONE:
+ if (ret <= 0) break;
+ break;
+ case SSL_ERROR_WANT_READ:
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ retry_reason=BIO_RR_CONNECT;
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_ZERO_RETURN:
+ default:
+ break;
+ }
+
+ b->retry_reason=retry_reason;
+ b->flags=outflags;
+ return(ret);
+ }
+
+static int ssl_write(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret;
+ int inflags,outflags,retry_reason=0;
+ SSL *ssl;
+
+ if (out == NULL) return(0);
+ ssl=(SSL *)b->ptr;
+
+ inflags=outflags=b->flags;
+
+ outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY);
+
+ ret=SSL_do_handshake(ssl);
+ if (ret > 0)
+ ret=SSL_write(ssl,out,outl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_NONE:
+ if (ret <= 0) break;
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_READ:
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ retry_reason=BIO_RR_CONNECT;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ default:
+ break;
+ }
+
+ b->retry_reason=retry_reason;
+ b->flags=outflags;
+ return(ret);
+ }
+
+static long ssl_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ SSL **sslp,*ssl;
+ BIO *dbio,*bio;
+ long ret=1;
+
+ ssl=(SSL *)b->ptr;
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ SSL_shutdown(ssl);
+
+ if (ssl->handshake_func == ssl->method->ssl_connect)
+ SSL_set_connect_state(ssl);
+ else if (ssl->handshake_func == ssl->method->ssl_accept)
+ SSL_set_accept_state(ssl);
+
+ SSL_clear(ssl);
+
+ if (b->next_bio != NULL)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ else if (ssl->rbio != NULL)
+ ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ else
+ ret=1;
+ break;
+ case BIO_CTRL_EOF:
+ case BIO_CTRL_INFO:
+ ret=0;
+ break;
+ case BIO_C_SSL_MODE:
+ if (num) /* client mode */
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+ break;
+ case BIO_C_SET_SSL:
+ ssl_free(b);
+ b->shutdown=(int)num;
+ b->ptr=ptr;
+ ssl=(SSL *)ptr;
+ bio=SSL_get_rbio(ssl);
+ if (bio != NULL)
+ {
+ if (b->next_bio != NULL)
+ BIO_push(bio,b->next_bio);
+ b->next_bio=bio;
+ }
+ b->init=1;
+ break;
+ case BIO_C_GET_SSL:
+ if (ptr != NULL)
+ {
+ sslp=(SSL **)ptr;
+ *sslp=ssl;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING:
+ ret=SSL_pending(ssl);
+ if (ret == 0)
+ ret=BIO_pending(ssl->rbio);
+ break;
+ case BIO_CTRL_FLUSH:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_PUSH:
+ if (b->next_bio != NULL)
+ {
+ SSL_set_bio(ssl,b->next_bio,b->next_bio);
+ b->next_bio->references++;
+ }
+ break;
+ case BIO_CTRL_POP:
+ /* ugly bit of a hack */
+ if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+ {
+ BIO_free_all(ssl->wbio);
+ }
+ ssl->wbio=NULL;
+ ssl->rbio=NULL;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+
+ b->retry_reason=0;
+ ret=(int)SSL_do_handshake(ssl);
+
+ switch (SSL_get_error(ssl,(int)ret))
+ {
+ case SSL_ERROR_WANT_READ:
+ BIO_set_flags(b,
+ BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_set_flags(b,
+ BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ BIO_set_flags(b,
+ BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ b->retry_reason=b->next_bio->retry_reason;
+ break;
+ default:
+ break;
+ }
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if (dbio->ptr != NULL)
+ SSL_free((SSL *)dbio->ptr);
+ dbio->ptr=(char *)SSL_dup(ssl);
+ ret=(dbio->ptr != NULL);
+ break;
+ default:
+ return(0);
+ break;
+ }
+ return(ret);
+ }
+
+static int ssl_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=BIO_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_ssl(ctx,client)
+SSL_CTX *ctx;
+int client;
+ {
+ BIO *ret;
+ SSL *ssl;
+
+ if ((ret=BIO_new(BIO_f_ssl())) == NULL)
+ return(NULL);
+ if ((ssl=SSL_new(ctx)) == NULL)
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ if (client)
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+
+ BIO_set_ssl(ret,ssl,BIO_CLOSE);
+ return(ret);
+ }
+
+int BIO_ssl_copy_session_id(t,f)
+BIO *t,*f;
+ {
+ t=BIO_find_type(t,BIO_TYPE_SSL);
+ f=BIO_find_type(f,BIO_TYPE_SSL);
+ if ((t == NULL) || (f == NULL))
+ return(0);
+ if ((t->ptr == NULL) || (f->ptr == NULL))
+ return(0);
+ SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr);
+ return(1);
+ }
+
+void BIO_ssl_shutdown(b)
+BIO *b;
+ {
+ SSL *s;
+
+ while (b != NULL)
+ {
+ if (b->method->type == BIO_TYPE_SSL)
+ {
+ s=(SSL *)b->ptr;
+ SSL_shutdown(s);
+ break;
+ }
+ b=b->next_bio;
+ }
+ }
diff --git a/ssl/bio_ssl.orig.c b/ssl/bio_ssl.orig.c
new file mode 100644
index 0000000..25147d1
--- /dev/null
+++ b/ssl/bio_ssl.orig.c
@@ -0,0 +1,440 @@
+/* ssl/bio_ssl.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include "bio.h"
+#include "err.h"
+#include "ssl.h"
+
+#ifndef NOPROTO
+static int ssl_write(BIO *h,char *buf,int num);
+static int ssl_read(BIO *h,char *buf,int size);
+static int ssl_puts(BIO *h,char *str);
+static long ssl_ctrl(BIO *h,int cmd,long arg1,char *arg2);
+static int ssl_new(BIO *h);
+static int ssl_free(BIO *data);
+#else
+static int ssl_write();
+static int ssl_read();
+static int ssl_puts();
+static long ssl_ctrl();
+static int ssl_new();
+static int ssl_free();
+#endif
+
+static BIO_METHOD methods_sslp=
+ {
+ BIO_TYPE_SSL,"ssl",
+ ssl_write,
+ ssl_read,
+ ssl_puts,
+ NULL, /* ssl_gets, */
+ ssl_ctrl,
+ ssl_new,
+ ssl_free,
+ };
+
+BIO_METHOD *BIO_f_ssl()
+ {
+ return(&methods_sslp);
+ }
+
+static int ssl_new(bi)
+BIO *bi;
+ {
+ bi->init=0;
+ bi->ptr=NULL; /* The SSL structure */
+ bi->flags=0;
+ return(1);
+ }
+
+static int ssl_free(a)
+BIO *a;
+ {
+ if (a == NULL) return(0);
+ if (a->ptr != NULL) SSL_shutdown((SSL *)a->ptr);
+ if (a->shutdown)
+ {
+ if (a->init) SSL_free((SSL *)a->ptr);
+ a->init=0;
+ a->flags=0;
+ a->ptr=NULL;
+ }
+ return(1);
+ }
+
+static int ssl_read(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret=1,dr,dw;
+ int inflags,outflags;
+ SSL *ssl;
+ int retry_reason=0;
+
+ if (out == NULL) return(0);
+ ssl=(SSL *)b->ptr;
+
+ inflags=outflags=b->flags;
+
+ dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ;
+ dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE;
+
+ outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_WRITE|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ);
+
+ if (!SSL_is_init_finished(ssl))
+ {
+ ret=SSL_do_handshake(ssl);
+#if 0
+ if (ret > 0)
+ {
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
+ ret= -1;
+ goto end;
+ }
+#endif
+ }
+ if (ret > 0)
+ ret=SSL_read(ssl,out,outl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_NONE:
+ if (ret <= 0) break;
+ if (dw)
+ outflags|=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_READ:
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
+ retry_reason=BIO_RR_CONNECT;
+ break;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ case SSL_ERROR_ZERO_RETURN:
+ default:
+ break;
+ }
+
+ b->retry_reason=retry_reason;
+ b->flags=outflags;
+ return(ret);
+ }
+
+static int ssl_write(b,out,outl)
+BIO *b;
+char *out;
+int outl;
+ {
+ int ret,dr,dw;
+ int inflags,outflags,retry_reason=0;
+ SSL *ssl;
+
+ if (out == NULL) return(0);
+ ssl=(SSL *)b->ptr;
+
+ inflags=outflags=b->flags;
+
+ dr=inflags&BIO_FLAGS_PROTOCOL_DELAYED_READ;
+ dw=inflags&BIO_FLAGS_PROTOCOL_DELAYED_WRITE;
+
+ outflags&= ~(BIO_FLAGS_RWS|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_WRITE|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ);
+
+ ret=SSL_do_handshake(ssl);
+ if (ret > 0)
+ ret=SSL_write(ssl,out,outl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_NONE:
+ if (ret <= 0) break;
+ if (dr)
+ outflags|=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ outflags=(BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
+ break;
+ case SSL_ERROR_WANT_READ:
+ outflags=(BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
+ break;
+ case SSL_ERROR_WANT_X509_LOOKUP:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_WRITE|dr);
+ retry_reason=BIO_RR_SSL_X509_LOOKUP;
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ outflags=(BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY|
+ BIO_FLAGS_PROTOCOL_DELAYED_READ|dw);
+ retry_reason=BIO_RR_CONNECT;
+ case SSL_ERROR_SYSCALL:
+ case SSL_ERROR_SSL:
+ default:
+ break;
+ }
+
+ b->retry_reason=retry_reason;
+ b->flags=outflags;
+ return(ret);
+ }
+
+static long ssl_ctrl(b,cmd,num,ptr)
+BIO *b;
+int cmd;
+long num;
+char *ptr;
+ {
+ SSL **sslp,*ssl;
+ BIO *dbio,*bio;
+ long ret=1;
+
+ ssl=(SSL *)b->ptr;
+ switch (cmd)
+ {
+ case BIO_CTRL_RESET:
+ SSL_shutdown(ssl);
+
+ if (ssl->handshake_func == ssl->method->ssl_connect)
+ SSL_set_connect_state(ssl);
+ else if (ssl->handshake_func == ssl->method->ssl_accept)
+ SSL_set_accept_state(ssl);
+
+ SSL_clear(ssl);
+
+ if (b->next_bio != NULL)
+ ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
+ else if (ssl->rbio != NULL)
+ ret=BIO_ctrl(ssl->rbio,cmd,num,ptr);
+ else
+ ret=1;
+ break;
+ case BIO_CTRL_EOF:
+ case BIO_CTRL_INFO:
+ ret=0;
+ break;
+ case BIO_C_SSL_MODE:
+ if (num) /* client mode */
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+ break;
+ case BIO_C_SET_SSL:
+ ssl_free(b);
+ b->shutdown=(int)num;
+ b->ptr=ptr;
+ ssl=(SSL *)ptr;
+ bio=SSL_get_rbio(ssl);
+ if (bio != NULL)
+ {
+ if (b->next_bio != NULL)
+ BIO_push(bio,b->next_bio);
+ b->next_bio=bio;
+ }
+ b->init=1;
+ break;
+ case BIO_C_GET_SSL:
+ if (ptr != NULL)
+ {
+ sslp=(SSL **)ptr;
+ *sslp=ssl;
+ }
+ break;
+ case BIO_CTRL_GET_CLOSE:
+ ret=b->shutdown;
+ break;
+ case BIO_CTRL_SET_CLOSE:
+ b->shutdown=(int)num;
+ break;
+ case BIO_CTRL_WPENDING:
+ ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ break;
+ case BIO_CTRL_PENDING:
+ ret=SSL_pending(ssl);
+ if (ret == 0)
+ ret=BIO_pending(ssl->rbio);
+ break;
+ case BIO_CTRL_FLUSH:
+ BIO_clear_retry_flags(b);
+ ret=BIO_ctrl(ssl->wbio,cmd,num,ptr);
+ BIO_copy_next_retry(b);
+ break;
+ case BIO_CTRL_PUSH:
+ if (b->next_bio != NULL)
+ {
+ SSL_set_bio(ssl,b->next_bio,b->next_bio);
+ b->next_bio->references++;
+ }
+ break;
+ case BIO_CTRL_POP:
+ /* ugly bit of a hack */
+ if (ssl->rbio != ssl->wbio) /* we are in trouble :-( */
+ {
+ BIO_free_all(ssl->wbio);
+ }
+ ssl->wbio=NULL;
+ ssl->rbio=NULL;
+ break;
+ case BIO_C_DO_STATE_MACHINE:
+ BIO_clear_retry_flags(b);
+
+ b->retry_reason=0;
+ ret=(int)SSL_do_handshake(ssl);
+
+ switch (SSL_get_error(ssl,ret))
+ {
+ case SSL_ERROR_WANT_READ:
+ BIO_set_flags(b,
+ BIO_FLAGS_READ|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_WRITE:
+ BIO_set_flags(b,
+ BIO_FLAGS_WRITE|BIO_FLAGS_SHOULD_RETRY);
+ break;
+ case SSL_ERROR_WANT_CONNECT:
+ BIO_set_flags(b,
+ BIO_FLAGS_IO_SPECIAL|BIO_FLAGS_SHOULD_RETRY);
+ b->retry_reason=b->next_bio->retry_reason;
+ break;
+ default:
+ break;
+ }
+ break;
+ case BIO_CTRL_DUP:
+ dbio=(BIO *)ptr;
+ if (dbio->ptr != NULL)
+ SSL_free((SSL *)dbio->ptr);
+ dbio->ptr=(char *)SSL_dup(ssl);
+ ret=(dbio->ptr != NULL);
+ break;
+ default:
+ return(0);
+ break;
+ }
+ return(ret);
+ }
+
+static int ssl_puts(bp,str)
+BIO *bp;
+char *str;
+ {
+ int n,ret;
+
+ n=strlen(str);
+ ret=BIO_write(bp,str,n);
+ return(ret);
+ }
+
+BIO *BIO_new_ssl(ctx,client)
+SSL_CTX *ctx;
+int client;
+ {
+ BIO *ret;
+ SSL *ssl;
+
+ if ((ret=BIO_new(BIO_f_ssl())) == NULL)
+ return(NULL);
+ if ((ssl=SSL_new(ctx)) == NULL)
+ {
+ BIO_free(ret);
+ return(NULL);
+ }
+ if (client)
+ SSL_set_connect_state(ssl);
+ else
+ SSL_set_accept_state(ssl);
+
+ BIO_set_ssl(ret,ssl,BIO_CLOSE);
+ return(ret);
+ }
+
+int BIO_ssl_copy_session_id(t,f)
+BIO *t,*f;
+ {
+ t=BIO_find_type(t,BIO_TYPE_SSL);
+ f=BIO_find_type(f,BIO_TYPE_SSL);
+ if ((t == NULL) || (f == NULL))
+ return(0);
+ if ((t->ptr == NULL) || (f->ptr == NULL))
+ return(0);
+ SSL_copy_session_id((SSL *)t->ptr,(SSL *)f->ptr);
+ return(1);
+ }
+
+
diff --git a/ssl/build b/ssl/build
new file mode 100644
index 0000000..d330835
--- /dev/null
+++ b/ssl/build
@@ -0,0 +1,6 @@
+#!/bin/sh
+for i in BUILD_SSLV23 BUILD_SSLV2 BUILD_SSLV3 BUILD_SSL_COMMON BUILD_SSL_BIO BUILD_SSL_OPTIONAL
+do
+time gcc -D$i -o $i.o -c -I. -I../include -O3 -fomit-frame-pointer ssl.c
+done
+
diff --git a/ssl/changes.ssl b/ssl/changes.ssl
new file mode 100644
index 0000000..ab94b95
--- /dev/null
+++ b/ssl/changes.ssl
@@ -0,0 +1,10 @@
+
+Must do a
+SSL_init_eay_ciphers();
+before calls to SSL_CTX_new()
+
+SSL_CTX *SSL_CTX_new(void ) -> SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
+
+SSL_CTX_set_cert_verify_cb -> the callback is now
+int callback(char *arg,SSL *s,X509 *xs,STACK *cert_chain);
+where the 'cert_chain' has been added.
diff --git a/ssl/f b/ssl/f
new file mode 100644
index 0000000..8730ef5
--- /dev/null
+++ b/ssl/f
@@ -0,0 +1,40 @@
+/* return the actual cipher being used */
+char *SSL_CIPHER_get_name(c)
+SSL_CIPHER *c;
+ {
+ if (c != NULL)
+ return(c->name);
+ return("UNKNOWN");
+ }
+
+/* number of bits for symetric cipher */
+int SSL_CIPHER_get_bits(c,alg_bits)
+SSL_CIPHER *c;
+int *alg_bits;
+ {
+ int ret=0,a=0;
+ EVP_CIPHER *enc;
+
+ if (c != NULL)
+ {
+ if (!ssl_cipher_get_evp(c,&enc,NULL))
+ return(0);
+
+ a=EVP_CIPHER_key_length(enc)*8;
+
+ if (s->session->cipher->algorithms & SSL_EXP)
+ {
+ if (c->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ ret=64;
+ else
+ ret=40;
+ }
+ else
+ ret=a;
+ }
+
+ if (alg_bits != NULL) *alg_bits=a;
+
+ return(ret);
+ }
+
diff --git a/ssl/readme b/ssl/readme
new file mode 100644
index 0000000..ca17484
--- /dev/null
+++ b/ssl/readme
@@ -0,0 +1,277 @@
+22 Jun 1996
+This file belongs in ../apps, but I'll leave it here because it deals
+with SSL :-) It is rather dated but it gives you an idea of how
+things work.
+===
+
+17 Jul 1995
+I have been changing things quite a bit and have not fully updated
+this file, so take what you read with a grain of salt
+eric
+===
+The s_client and s_server programs can be used to test SSL capable
+IP/port addresses and the verification of the X509 certificates in use
+by these services. I strongly advise having a look at the code to get
+an idea of how to use the authentication under SSLeay. Any feedback
+on changes and improvements would be greatly accepted.
+
+This file will probably be gibberish unless you have read
+rfc1421, rfc1422, rfc1423 and rfc1424 which describe PEM
+authentication.
+
+A Brief outline (and examples) how to use them to do so.
+
+NOTE:
+The environment variable SSL_CIPER is used to specify the prefered
+cipher to use, play around with setting it's value to combinations of
+RC4-MD5, EXP-RC4-MD5, CBC-DES-MD5, CBC3-DES-MD5, CFB-DES-NULL
+in a : separated list.
+
+This directory contains 3 X509 certificates which can be used by these programs.
+client.pem: a file containing a certificate and private key to be used
+ by s_client.
+server.pem :a file containing a certificate and private key to be used
+ by s_server.
+eay1024.pem:the certificate used to sign client.pem and server.pem.
+ This would be your CA's certificate. There is also a link
+ from the file a8556381.0 to eay1024.PEM. The value a8556381
+ is returned by 'x509 -hash -noout <eay1024.pem' and is the
+ value used by X509 verification routines to 'find' this
+ certificte when search a directory for it.
+ [the above is not true any more, the CA cert is
+ ../certs/testca.pem which is signed by ../certs/mincomca.pem]
+
+When testing the s_server, you may get
+bind: Address already in use
+errors. These indicate the port is still being held by the unix
+kernel and you are going to have to wait for it to let go of it. If
+this is the case, remember to use the port commands on the s_server and
+s_client to talk on an alternative port.
+
+=====
+s_client.
+This program can be used to connect to any IP/hostname:port that is
+talking SSL. Once connected, it will attempt to authenticate the
+certificate it was passed and if everything works as expected, a 2
+directional channel will be open. Any text typed will be sent to the
+other end. type Q<cr> to exit. Flags are as follows.
+-host arg : Arg is the host or IP address to connect to.
+-port arg : Arg is the port to connect to (https is 443).
+-verify arg : Turn on authentication of the server certificate.
+ : Arg specifies the 'depth', this will covered below.
+-cert arg : The optional certificate to use. This certificate
+ : will be returned to the server if the server
+ : requests it for client authentication.
+-key arg : The private key that matches the certificate
+ : specified by the -cert option. If this is not
+ : specified (but -cert is), the -cert file will be
+ : searched for the Private key. Both files are
+ : assumed to be in PEM format.
+-CApath arg : When to look for certificates when 'verifying' the
+ : certificate from the server.
+-CAfile arg : A file containing certificates to be used for
+ : 'verifying' the server certificate.
+-reconnect : Once a connection has been made, drop it and
+ : reconnect with same session-id. This is for testing :-).
+
+The '-verify n' parameter specifies not only to verify the servers
+certificate but to also only take notice of 'n' levels. The best way
+to explain is to show via examples.
+Given
+s_server -cert server.PEM is running.
+
+s_client
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:1
+ CIPHER is CBC-DES-MD5
+What has happened is that the 'SSLeay demo server' certificate's
+issuer ('CA') could not be found but because verify is not on, we
+don't care and the connection has been made anyway. It is now 'up'
+using CBC-DES-MD5 mode. This is an unauthenticate secure channel.
+You may not be talking to the right person but the data going to them
+is encrypted.
+
+s_client -verify 0
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:1
+ CIPHER is CBC-DES-MD5
+We are 'verifying' but only to depth 0, so since the 'SSLeay demo server'
+certificate passed the date and checksum, we are happy to proceed.
+
+s_client -verify 1
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:0
+ ERROR
+ verify error:unable to get issuer certificate
+In this case we failed to make the connection because we could not
+authenticate the certificate because we could not find the
+'CA' certificate.
+
+s_client -verify 1 -CAfile eay1024.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+We loaded the certificates from the file eay1024.PEM. Everything
+checked out and so we made the connection.
+
+s_client -verify 1 -CApath .
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+We looked in out local directory for issuer certificates and 'found'
+a8556381.0 and so everything is ok.
+
+It is worth noting that 'CA' is a self certified certificate. If you
+are passed one of these, it will fail to 'verify' at depth 0 because
+we need to lookup the certifier of a certificate from some information
+that we trust and keep locally.
+
+SSL_CIPHER=CBC3-DES-MD5:RC4-MD5
+export SSL_CIPHER
+s_client -verify 10 -CApath . -reconnect
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ drop the connection and reconnect with the same session id
+ CIPHER is CBC3-DES-MD5
+This has done a full connection and then re-estabished it with the
+same session id but a new socket. No RSA stuff occures on the second
+connection. Note that we said we would prefer to use CBC3-DES-MD5
+encryption and so, since the server supports it, we are.
+
+=====
+s_server
+This program accepts SSL connections on a specified port
+Once connected, it will estabish an SSL connection and optionaly
+attempt to authenticate the client. A 2 directional channel will be
+open. Any text typed will be sent to the other end. Type Q<cr> to exit.
+Flags are as follows.
+-port arg : Arg is the port to listen on.
+-verify arg : Turn on authentication of the client if they have a
+ : certificate. Arg specifies the 'depth'.
+-Verify arg : Turn on authentication of the client. If they don't
+ : have a valid certificate, drop the connection.
+-cert arg : The certificate to use. This certificate
+ : will be passed to the client. If it is not
+ : specified, it will default to server.PEM
+-key arg : The private key that matches the certificate
+ : specified by the -cert option. If this is not
+ : specified (but -cert is), the -cert file will be
+ : searched for the Private key. Both files are
+ : assumed to be in PEM format. Default is server.PEM
+-CApath arg : When to look for certificates when 'verifying' the
+ : certificate from the client.
+-CAfile arg : A file containing certificates to be used for
+ : 'verifying' the client certificate.
+
+For the following 'demo' I will specify the s_server command and
+the s_client command and then list the output from the s_server.
+s_server
+s_client
+ CONNECTED
+ CIPHER is CBC-DES-MD5
+Everything up and running
+
+s_server -verify 0
+s_client
+ CONNECTED
+ CIPHER is CBC-DES-MD5
+Ok since no certificate was returned and we don't care.
+
+s_server -verify 0
+./s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:1
+ CIPHER is CBC-DES-MD5
+Ok since we were only verifying to level 0
+
+s_server -verify 4
+s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ issuer= /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify error:num=1:unable to get issuer certificate
+ verify return:0
+ ERROR
+ verify error:unable to get issuer certificate
+Bad because we could not authenticate the returned certificate.
+
+s_server -verify 4 -CApath .
+s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+Ok because we could authenticate the returned certificate :-).
+
+s_server -Verify 0 -CApath .
+s_client
+ CONNECTED
+ ERROR
+ SSL error:function is:REQUEST_CERTIFICATE
+ :error is :client end did not return a certificate
+Error because no certificate returned.
+
+s_server -Verify 4 -CApath .
+s_client -cert client.PEM
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+Full authentication of the client.
+
+So in summary to do full authentication of both ends
+s_server -Verify 9 -CApath .
+s_client -cert client.PEM -CApath . -verify 9
+From the server side
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo client
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+From the client side
+ CONNECTED
+ depth=0 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=SSLeay demo server
+ verify return:1
+ depth=1 /C=AU/SOP=QLD/O=Mincom Pty. Ltd./OU=CS/CN=CA
+ verify return:1
+ CIPHER is CBC-DES-MD5
+
+For general probing of the 'internet https' servers for the
+distribution area, run
+s_client -host www.netscape.com -port 443 -verify 4 -CApath ../rsa/hash
+Then enter
+GET /
+and you should be talking to the https server on that host.
+
+www.rsa.com was refusing to respond to connections on 443 when I was
+testing.
+
+have fun :-).
+
+eric
diff --git a/ssl/s23_clnt.c b/ssl/s23_clnt.c
new file mode 100644
index 0000000..57d3623
--- /dev/null
+++ b/ssl/s23_clnt.c
@@ -0,0 +1,444 @@
+/* ssl/s23_clnt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+#ifndef NOPROTO
+static int ssl23_client_hello(SSL *s);
+static int ssl23_get_server_hello(SSL *s);
+#else
+static int ssl23_client_hello();
+static int ssl23_get_server_hello();
+#endif
+
+static SSL_METHOD *ssl23_get_client_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv2_client_method());
+ else if (ver == 3)
+ return(SSLv3_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_client_data,
+ (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+ SSLv23_client_data.ssl_connect=ssl23_connect;
+ SSLv23_client_data.get_ssl_method=ssl23_get_client_method;
+ }
+ return(&SSLv23_client_data);
+ }
+
+int ssl23_connect(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL);
+ void (*cb)()=NULL;
+ int ret= -1;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
+ case SSL_ST_OK|SSL_ST_CONNECT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=3;
+ s->type=SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL23_ST_CW_CLNT_HELLO_A;
+ s->ctx->sess_connect++;
+ s->init_num=0;
+ break;
+
+ case SSL23_ST_CW_CLNT_HELLO_A:
+ case SSL23_ST_CW_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl23_client_hello(s);
+ if (ret <= 0) goto end;
+ s->state=SSL23_ST_CR_SRVR_HELLO_A;
+ s->init_num=0;
+
+ break;
+
+ case SSL23_ST_CR_SRVR_HELLO_A:
+ case SSL23_ST_CR_SRVR_HELLO_B:
+ ret=ssl23_get_server_hello(s);
+ if (ret >= 0) cb=NULL;
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL23_CONNECT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ if (s->debug) BIO_flush(s->wbio);
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_CONNECT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
+ return(ret);
+ }
+
+
+static int ssl23_client_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i,ch_len;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL23_ST_CW_CLNT_HELLO_A)
+ {
+#if 0
+ /* don't reuse session-id's */
+ if (!ssl_get_new_session(s,0))
+ {
+ return(-1);
+ }
+#endif
+
+ p=s->s3->client_random;
+ RAND_bytes(p,SSL3_RANDOM_SIZE);
+
+ /* Do the message type and length last */
+ d= &(buf[2]);
+ p=d+9;
+
+ *(d++)=SSL2_MT_CLIENT_HELLO;
+ *(d++)=SSL3_VERSION_MAJOR;
+ *(d++)=SSL3_VERSION_MINOR;
+
+ /* Ciphers supported */
+ i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),p);
+ if (i == 0)
+ {
+ /* no ciphers */
+ SSLerr(SSL_F_SSL23_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+ return(-1);
+ }
+ s2n(i,d);
+ p+=i;
+
+ /* put in the session-id, zero since there is no
+ * reuse. */
+#if 0
+ s->session->session_id_length=0;
+#endif
+ s2n(0,d);
+
+ if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+ ch_len=SSL2_CHALLENGE_LENGTH;
+ else
+ ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+ /* write out sslv2 challenge */
+ if (SSL3_RANDOM_SIZE < ch_len)
+ i=SSL3_RANDOM_SIZE;
+ else
+ i=ch_len;
+ s2n(i,d);
+ memset(&(s->s3->client_random[0]),0,SSL3_RANDOM_SIZE);
+ RAND_bytes(&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ memcpy(p,&(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+ p+=i;
+
+ i= p- &(buf[2]);
+ buf[0]=((i>>8)&0xff)|0x80;
+ buf[1]=(i&0xff);
+
+ s->state=SSL23_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num=i+2;
+ s->init_off=0;
+
+ ssl3_finish_mac(s,&(buf[2]),i);
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl23_write_bytes(s));
+ }
+
+static int ssl23_get_server_hello(s)
+SSL *s;
+ {
+ char buf[8];
+ unsigned char *p;
+ int i,ch_len;
+ int n;
+ BIO *bbio;
+
+ n=ssl23_read_bytes(s,7);
+
+ if (n != 7) return(n);
+ p=s->packet;
+
+ memcpy(buf,p,n);
+
+ if ((p[0] & 0x80) && (p[2] == SSL2_MT_SERVER_HELLO) &&
+ (p[5] == 0x00) && (p[6] == 0x02))
+ {
+ /* we are talking sslv2 */
+ /* we need to clean up the SSLv3 setup and put in the
+ * sslv2 stuff. */
+
+ if (s->s2 == NULL)
+ {
+ if (!ssl2_new(s))
+ goto err;
+ }
+ else
+ ssl2_clear(s);
+
+ if (s->ctx->options & SSL_OP_NETSCAPE_CHALLENGE_BUG)
+ ch_len=SSL2_CHALLENGE_LENGTH;
+ else
+ ch_len=SSL2_MAX_CHALLENGE_LENGTH;
+
+ /* write out sslv2 challenge */
+ i=(SSL3_RANDOM_SIZE < ch_len)
+ ?SSL3_RANDOM_SIZE:ch_len;
+ s->s2->challenge_length=i;
+ memcpy(s->s2->challenge,
+ &(s->s3->client_random[SSL3_RANDOM_SIZE-i]),i);
+
+ if (s->s3 != NULL) ssl3_free(s);
+
+ if (!BUF_MEM_grow(s->init_buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
+ goto err;
+ }
+
+ s->state=SSL2_ST_GET_SERVER_HELLO_A;
+ s->s2->ssl2_rollback=1;
+
+ /* setup the 5 bytes we have read so we get them from
+ * the sslv2 buffer */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s2->rbuf[0]);
+ memcpy(s->packet,buf,n);
+ s->s2->rbuf_left=n;
+ s->s2->rbuf_offs=0;
+
+ /* we have already written one */
+ s->s2->write_sequence=1;
+
+ s->method=SSLv2_client_method();
+ s->handshake_func=s->method->ssl_connect;
+ }
+ else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ (p[2] == SSL3_VERSION_MINOR) &&
+ (p[5] == SSL3_MT_SERVER_HELLO))
+ {
+ /* we have sslv3 */
+
+ if (s->bbio == NULL)
+ {
+ bbio=BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
+ goto err;
+ }
+ s->bbio=bbio;
+ }
+ else
+ bbio=s->bbio;
+
+ BIO_reset(bbio);
+ if (!BIO_set_write_buffer_size(bbio,16*1024))
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,ERR_R_BUF_LIB);
+ goto err;
+ }
+
+ /* start the buffering */
+ s->wbio=BIO_push(s->bbio,s->wbio);
+
+ /* we are in this state */
+ s->state=SSL3_ST_CR_SRVR_HELLO_A;
+
+ /* put the 5 bytes we have read into the input buffer
+ * for SSLv3 */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s3->rbuf.buf[0]);
+ memcpy(s->packet,buf,n);
+ s->s3->rbuf.left=n;
+ s->s3->rbuf.offset=0;
+
+ s->method=SSLv3_client_method();
+ s->handshake_func=s->method->ssl_connect;
+ }
+ else if ((p[0] == SSL3_RT_ALERT) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ (p[2] == SSL3_VERSION_MINOR) &&
+ (p[3] == 0) &&
+ (p[4] == 2))
+ {
+ void (*cb)()=NULL;
+ int j;
+
+ /* An alert */
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ i=p[5];
+ if (cb != NULL)
+ {
+ j=(i<<8)|p[6];
+ cb(s,SSL_CB_READ_ALERT,j);
+ }
+
+ s->rwstate=SSL_NOTHING;
+ SSLerr(SSL_F_SSL3_READ_BYTES,1000+p[6]);
+ goto err;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL23_GET_SERVER_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+ }
+ s->init_num=0;
+
+ /* Since, if we are sending a ssl23 client hello, we are not
+ * reusing a session-id */
+ if (!ssl_get_new_session(s,0))
+ goto err;
+
+ s->first_packet=1;
+ return(SSL_connect(s));
+err:
+ return(-1);
+ }
+
diff --git a/ssl/s23_lib.c b/ssl/s23_lib.c
new file mode 100644
index 0000000..ff19adc
--- /dev/null
+++ b/ssl/s23_lib.c
@@ -0,0 +1,232 @@
+/* ssl/s23_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static int ssl23_num_ciphers(void );
+static SSL_CIPHER *ssl23_get_cipher(unsigned int u);
+static int ssl23_read(SSL *s, char *buf, int len);
+static int ssl23_write(SSL *s, char *buf, int len);
+static long ssl23_default_timeout(void );
+static int ssl23_put_cipher_by_char(SSL_CIPHER *c, unsigned char *p);
+static SSL_CIPHER *ssl23_get_cipher_by_char(unsigned char *p);
+#else
+static int ssl23_num_ciphers();
+static SSL_CIPHER *ssl23_get_cipher();
+static int ssl23_read();
+static int ssl23_write();
+static long ssl23_default_timeout();
+static int ssl23_put_cipher_by_char();
+static SSL_CIPHER *ssl23_get_cipher_by_char();
+#endif
+
+char *SSL23_version_str="SSLv2/3 compatablity part of SSLeay 0.7.0 30-Jan-1997";
+
+static SSL_METHOD SSLv23_data= {
+ 3,
+ ssl3_new,
+ ssl3_clear,
+ ssl3_free,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl23_read,
+ ssl_undefined_function,
+ ssl23_write,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl3_ctrl,
+ ssl3_ctx_ctrl,
+ ssl23_get_cipher_by_char,
+ ssl23_put_cipher_by_char,
+ ssl_undefined_function,
+ ssl23_num_ciphers,
+ ssl23_get_cipher,
+ ssl_bad_method,
+ ssl23_default_timeout,
+ };
+
+static long ssl23_default_timeout()
+ {
+ return(300);
+ }
+
+SSL_METHOD *sslv23_base_method()
+ {
+ return(&SSLv23_data);
+ }
+
+static int ssl23_num_ciphers()
+ {
+ return(ssl3_num_ciphers()+ssl2_num_ciphers());
+ }
+
+static SSL_CIPHER *ssl23_get_cipher(u)
+unsigned int u;
+ {
+ unsigned int uu=ssl3_num_ciphers();
+
+ if (u < uu)
+ return(ssl3_get_cipher(u));
+ else
+ return(ssl2_get_cipher(u-uu));
+ }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+static SSL_CIPHER *ssl23_get_cipher_by_char(p)
+unsigned char *p;
+ {
+ SSL_CIPHER c,*cp;
+ unsigned long id;
+ int n;
+
+ n=ssl3_num_ciphers();
+ id=0x03000000|((unsigned long)p[0]<<16L)|
+ ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
+ c.id=id;
+ cp=ssl3_get_cipher_by_char(p);
+ if (cp == NULL)
+ cp=ssl2_get_cipher_by_char(p);
+ return(cp);
+ }
+
+static int ssl23_put_cipher_by_char(c,p)
+SSL_CIPHER *c;
+unsigned char *p;
+ {
+ long l;
+
+ /* We can write SSLv2 and SSLv3 ciphers */
+ if (p != NULL)
+ {
+ l=c->id;
+ p[0]=((unsigned char)(l>>16L))&0xFF;
+ p[1]=((unsigned char)(l>> 8L))&0xFF;
+ p[2]=((unsigned char)(l ))&0xFF;
+ }
+ return(3);
+ }
+
+static int ssl23_read(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int n;
+
+#if 0
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+#endif
+ errno=0;
+ if (SSL_in_init(s) && (!s->in_handshake))
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL23_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ return(SSL_read(s,buf,len));
+ }
+ else
+ {
+ ssl_undefined_function(s);
+ return(-1);
+ }
+ }
+
+static int ssl23_write(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int n;
+
+#if 0
+ if (s->shutdown & SSL_SENT_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+#endif
+ errno=0;
+ if (SSL_in_init(s) && (!s->in_handshake))
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL23_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ return(SSL_write(s,buf,len));
+ }
+ else
+ {
+ ssl_undefined_function(s);
+ return(-1);
+ }
+ }
diff --git a/ssl/s23_meth.c b/ssl/s23_meth.c
new file mode 100644
index 0000000..dbe282b
--- /dev/null
+++ b/ssl/s23_meth.c
@@ -0,0 +1,90 @@
+/* ssl/s23_meth.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *ssl23_get_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv23_method());
+ else if (ver == 3)
+ return(SSLv3_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_data,(char *)sslv23_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv23_data.ssl_connect=ssl23_connect;
+ SSLv23_data.ssl_accept=ssl23_accept;
+ SSLv23_data.get_ssl_method=ssl23_get_method;
+ }
+ return(&SSLv23_data);
+ }
+
diff --git a/ssl/s23_pkt.c b/ssl/s23_pkt.c
new file mode 100644
index 0000000..e9b2add
--- /dev/null
+++ b/ssl/s23_pkt.c
@@ -0,0 +1,120 @@
+/* ssl/s23_pkt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "evp.h"
+#include "buffer.h"
+#include "ssl_locl.h"
+
+int ssl23_write_bytes(s)
+SSL *s;
+ {
+ int i,num,tot;
+ char *buf;
+
+ buf=s->init_buf->data;
+ tot=s->init_off;
+ num=s->init_num;
+ for (;;)
+ {
+ s->rwstate=SSL_WRITING;
+ i=BIO_write(s->wbio,&(buf[tot]),num);
+ if (i < 0)
+ {
+ s->init_off=tot;
+ s->init_num=num;
+ return(i);
+ }
+ s->rwstate=SSL_NOTHING;
+ if (i == num) return(tot+i);
+
+ num-=i;
+ tot+=i;
+ }
+ }
+
+/* only return when we have read 'n' bytes */
+int ssl23_read_bytes(s,n)
+SSL *s;
+int n;
+ {
+ unsigned char *p;
+ int j;
+
+ if (s->packet_length < (unsigned int)n)
+ {
+ p=s->packet;
+
+ for (;;)
+ {
+ s->rwstate=SSL_READING;
+ j=BIO_read(s->rbio,(char *)&(p[s->packet_length]),
+ n-s->packet_length);
+ if (j <= 0)
+ return(j);
+ s->rwstate=SSL_NOTHING;
+ s->packet_length+=j;
+ if (s->packet_length >= (unsigned int)n)
+ return(s->packet_length);
+ }
+ }
+ return(n);
+ }
+
diff --git a/ssl/s23_srvr.c b/ssl/s23_srvr.c
new file mode 100644
index 0000000..398f005
--- /dev/null
+++ b/ssl/s23_srvr.c
@@ -0,0 +1,474 @@
+/* ssl/s23_srvr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+#ifndef NOPROTO
+int ssl23_get_client_hello(SSL *s);
+#else
+int ssl23_get_client_hello();
+#endif
+
+static SSL_METHOD *ssl23_get_server_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv2_server_method());
+ else if (ver == 3)
+ return(SSLv3_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_server_data,
+ (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+ SSLv23_server_data.ssl_accept=ssl23_accept;
+ SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
+ }
+ return(&SSLv23_server_data);
+ }
+
+int ssl23_accept(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL);
+ void (*cb)()=NULL;
+ int ret= -1;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=3;
+ s->type=SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL23_ST_SR_CLNT_HELLO_A;
+ s->ctx->sess_accept++;
+ s->init_num=0;
+ break;
+
+ case SSL23_ST_SR_CLNT_HELLO_A:
+ case SSL23_ST_SR_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl23_get_client_hello(s);
+ if (ret >= 0) cb=NULL;
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+
+int ssl23_get_client_hello(s)
+SSL *s;
+ {
+ char buf_space[8];
+ char *buf= &(buf_space[0]);
+ unsigned char *p,*d,*dd;
+ unsigned int i;
+ unsigned int csl,sil,cl;
+ int n=0,j;
+ BIO *bbio;
+ int type=0,use_sslv2_strong=0;
+
+ /* read the initial header */
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
+ {
+ if (!ssl3_setup_buffers(s)) goto err;
+
+ n=ssl23_read_bytes(s,7);
+ if (n != 7) return(n);
+
+ p=s->packet;
+
+ memcpy(buf,p,n);
+
+ if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
+ {
+ /* SSLv2 header */
+ if ((p[3] == 0x00) && (p[4] == 0x02))
+ {
+ /* SSLv2 */
+ type=1;
+ }
+ else if (p[3] == SSL3_VERSION_MAJOR)
+ {
+ if (s->ctx->options & SSL_OP_NON_EXPORT_FIRST)
+ {
+ STACK *sk;
+ SSL_CIPHER *c;
+ int ne2,ne3;
+
+ j=((p[0]&0x7f)<<8)|p[1];
+ if (j > (1024*4))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
+ goto err;
+ }
+
+ n=ssl23_read_bytes(s,j+2);
+ if (n <= 0) return(n);
+ p=s->packet;
+
+ if ((buf=Malloc(n)) == NULL)
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ memcpy(buf,p,n);
+
+ p+=5;
+ n2s(p,csl);
+ p+=4;
+
+ sk=ssl_bytes_to_cipher_list(
+ s,p,csl,NULL);
+ if (sk != NULL)
+ {
+ ne2=ne3=0;
+ for (j=0; j<sk_num(sk); j++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,j);
+ if (!(c->algorithms & SSL_EXP))
+ {
+ if ((c->id>>24L) == 2L)
+ ne2=1;
+ else
+ ne3=1;
+ }
+ }
+ if (ne2 && !ne3)
+ {
+ type=1;
+ use_sslv2_strong=1;
+ goto next_bit;
+ }
+ }
+ }
+ /* SSLv3 */
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+ }
+ }
+ else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ (p[5] == SSL3_MT_CLIENT_HELLO))
+ {
+ /* true SSLv3 */
+ type=3;
+ }
+ /* I will not introduce error codes since that will probably
+ * disrupt the error codes alread allocated and could play
+ * havoc with dynamic allocation. Upgrade to 0.9.x :-)
+ */
+ else if ((strncmp("GET ", (char *)p,4) == 0) ||
+ (strncmp("POST ",(char *)p,5) == 0) ||
+ (strncmp("HEAD ",(char *)p,5) == 0) ||
+ (strncmp("PUT ", (char *)p,4) == 0))
+ {
+ goto err;
+ }
+ else if (strncmp("CONNECT",(char *)p,7) == 0)
+ {
+ goto err;
+ }
+ }
+
+next_bit:
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
+ {
+ /* we have a SSLv3 in a SSLv2 header */
+ type=2;
+ p=s->packet;
+ n=((p[0]&0x7f)<<8)|p[1];
+ if (n > (1024*4))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
+ goto err;
+ }
+
+ j=ssl23_read_bytes(s,n+2);
+ if (j <= 0) return(j);
+
+ ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2);
+
+ p=s->packet;
+ p+=5;
+ n2s(p,csl);
+ n2s(p,sil);
+ n2s(p,cl);
+ d=(unsigned char *)s->init_buf->data;
+ if ((csl+sil+cl+11) != s->packet_length)
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ *(d++)=SSL3_VERSION_MAJOR;
+ *(d++)=SSL3_VERSION_MINOR;
+
+ /* lets populate the random area */
+ /* get the chalenge_length */
+ i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
+ memset(d,0,SSL3_RANDOM_SIZE);
+ memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
+ d+=SSL3_RANDOM_SIZE;
+
+ /* no session-id reuse */
+ *(d++)=0;
+
+ /* ciphers */
+ j=0;
+ dd=d;
+ d+=2;
+ for (i=0; i<csl; i+=3)
+ {
+ if (p[i] != 0) continue;
+ *(d++)=p[i+1];
+ *(d++)=p[i+2];
+ j+=2;
+ }
+ s2n(j,dd);
+
+ /* compression */
+ *(d++)=1;
+ *(d++)=0;
+
+ i=(d-(unsigned char *)s->init_buf->data);
+
+ /* get the data reused from the init_buf */
+ s->s3->tmp.reuse_message=1;
+ s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
+ s->s3->tmp.message_size=i;
+ }
+
+ if (type == 1)
+ {
+ /* we are talking sslv2 */
+ /* we need to clean up the SSLv3 setup and put in the
+ * sslv2 stuff. */
+
+ if (s->s2 == NULL)
+ {
+ if (!ssl2_new(s))
+ goto err;
+ }
+ else
+ ssl2_clear(s);
+
+ if (s->s3 != NULL) ssl3_free(s);
+
+ if (!BUF_MEM_grow(s->init_buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ goto err;
+ }
+
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+ if ((s->ctx->options & SSL_OP_MSIE_SSLV2_RSA_PADDING) ||
+ use_sslv2_strong)
+ s->s2->ssl2_rollback=0;
+ else
+ s->s2->ssl2_rollback=1;
+
+ /* setup the 5 bytes we have read so we get them from
+ * the sslv2 buffer */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s2->rbuf[0]);
+ memcpy(s->packet,buf,n);
+ s->s2->rbuf_left=n;
+ s->s2->rbuf_offs=0;
+
+ s->method=SSLv2_server_method();
+ s->handshake_func=s->method->ssl_accept;
+ }
+
+ if ((type == 2) || (type == 3))
+ {
+ /* we have sslv3 */
+
+ if (s->bbio == NULL)
+ {
+ bbio=BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+ goto err;
+ s->bbio=bbio;
+ }
+ else
+ bbio=s->bbio;
+ BIO_reset(bbio);
+ if (!BIO_set_write_buffer_size(bbio,16*1024))
+ goto err;
+ s->wbio=BIO_push(bbio,s->wbio);
+
+ /* we are in this state */
+ s->state=SSL3_ST_SR_CLNT_HELLO_A;
+
+ if (type == 3)
+ {
+ /* put the 'n' bytes we have read into the input buffer
+ * for SSLv3 */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s3->rbuf.buf[0]);
+ memcpy(s->packet,buf,n);
+ s->s3->rbuf.left=n;
+ s->s3->rbuf.offset=0;
+ }
+ else
+ {
+ s->packet_length=0;
+ s->s3->rbuf.left=0;
+ s->s3->rbuf.offset=0;
+ }
+
+ s->method=SSLv3_server_method();
+ s->handshake_func=s->method->ssl_accept;
+ }
+
+ if ((type < 1) || (type > 3))
+ {
+ /* bad, very bad */
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+ }
+ s->init_num=0;
+
+ if (buf != buf_space) Free(buf);
+ s->first_packet=1;
+ return(SSL_accept(s));
+err:
+ if (buf != buf_space) Free(buf);
+ return(-1);
+ }
+
diff --git a/ssl/s2_clnt.c b/ssl/s2_clnt.c
new file mode 100644
index 0000000..67578a4
--- /dev/null
+++ b/ssl/s2_clnt.c
@@ -0,0 +1,982 @@
+/* ssl/s2_clnt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#ifndef NO_MD5
+#include "md5.h"
+#endif
+#include "rand.h"
+#include "buffer.h"
+#include "objects.h"
+#include "ssl_locl.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int get_server_finished(SSL *s);
+static int get_server_verify(SSL *s);
+static int get_server_hello(SSL *s);
+static int client_hello(SSL *s);
+static int client_master_key(SSL *s);
+static int client_finished(SSL *s);
+static int client_certificate(SSL *s);
+static int ssl_rsa_public_encrypt(CERT *c, int len, unsigned char *from,
+ unsigned char *to,int padding);
+#else
+static int get_server_finished();
+static int get_server_verify();
+static int get_server_hello();
+static int client_hello();
+static int client_master_key();
+static int client_finished();
+static int client_certificate();
+static int ssl_rsa_public_encrypt();
+#endif
+
+#define BREAK break
+
+static SSL_METHOD *ssl2_get_client_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv2_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv2_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv2_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv2_client_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_client_data.ssl_connect=ssl2_connect;
+ SSLv2_client_data.get_ssl_method=ssl2_get_client_method;
+ }
+ return(&SSLv2_client_data);
+ }
+
+int ssl2_connect(s)
+SSL *s;
+ {
+ unsigned long l=time(NULL);
+ BUF_MEM *buf=NULL;
+ int ret= -1;
+ void (*cb)()=NULL;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ /* init things to blank */
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch (s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
+ case SSL_ST_OK|SSL_ST_CONNECT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=2;
+ s->type=SSL_ST_CONNECT;
+
+ buf=s->init_buf;
+ if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_CLIENT_HELLO_A;
+ s->ctx->sess_connect++;
+ s->handshake_func=ssl2_connect;
+ BREAK;
+
+ case SSL2_ST_SEND_CLIENT_HELLO_A:
+ case SSL2_ST_SEND_CLIENT_HELLO_B:
+ s->shutdown=0;
+ ret=client_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_GET_SERVER_HELLO_A:
+ case SSL2_ST_GET_SERVER_HELLO_B:
+ ret=get_server_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ if (!s->hit) /* new session */
+ {
+ s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_A;
+ BREAK;
+ }
+ else
+ {
+ s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
+ break;
+ }
+
+ case SSL2_ST_SEND_CLIENT_MASTER_KEY_A:
+ case SSL2_ST_SEND_CLIENT_MASTER_KEY_B:
+ ret=client_master_key(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_CLIENT_START_ENCRYPTION;
+ break;
+
+ case SSL2_ST_CLIENT_START_ENCRYPTION:
+ /* Ok, we now have all the stuff needed to
+ * start encrypting, so lets fire it up :-) */
+ if (!ssl2_enc_init(s,1))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->s2->clear_text=0;
+ s->state=SSL2_ST_SEND_CLIENT_FINISHED_A;
+ break;
+
+ case SSL2_ST_SEND_CLIENT_FINISHED_A:
+ case SSL2_ST_SEND_CLIENT_FINISHED_B:
+ ret=client_finished(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_VERIFY_A;
+ break;
+
+ case SSL2_ST_GET_SERVER_VERIFY_A:
+ case SSL2_ST_GET_SERVER_VERIFY_B:
+ ret=get_server_verify(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_FINISHED_A;
+ break;
+
+ case SSL2_ST_GET_SERVER_FINISHED_A:
+ case SSL2_ST_GET_SERVER_FINISHED_B:
+ ret=get_server_finished(s);
+ if (ret <= 0) goto end;
+ break;
+
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_A:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_B:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_C:
+ case SSL2_ST_SEND_CLIENT_CERTIFICATE_D:
+ case SSL2_ST_X509_GET_CLIENT_CERTIFICATE:
+ ret=client_certificate(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_GET_SERVER_FINISHED_A;
+ break;
+
+ case SSL_ST_OK:
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+ s->init_num=0;
+ /* ERR_clear_error();*/
+
+ /* If we want to cache session-ids in the client
+ * and we sucessfully add the session-id to the
+ * cache, and there is a callback, then pass it out.
+ * 26/11/96 - eay - only add if not a re-used session.
+ */
+
+ ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+
+ ret=1;
+ /* s->server=0; */
+ s->ctx->sess_connect_good++;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ break;
+ default:
+ SSLerr(SSL_F_SSL2_CONNECT,SSL_R_UNKNOWN_STATE);
+ return(-1);
+ /* break; */
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_CONNECT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
+ return(ret);
+ }
+
+static int get_server_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p;
+ int i,j;
+ STACK *sk,*cl;
+
+ buf=(unsigned char *)s->init_buf->data;
+ p=buf;
+ if (s->state == SSL2_ST_GET_SERVER_HELLO_A)
+ {
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),11-s->init_num);
+ if (i < (11-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
+
+ if (*(p++) != SSL2_MT_SERVER_HELLO)
+ {
+ if (p[-1] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_SERVER_HELLO,
+ SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ s->hit=(*(p++))?1:0;
+ s->s2->tmp.cert_type= *(p++);
+ n2s(p,i);
+ if (i < s->version) s->version=i;
+ n2s(p,i); s->s2->tmp.cert_length=i;
+ n2s(p,i); s->s2->tmp.csl=i;
+ n2s(p,i); s->s2->tmp.conn_id_length=i;
+ s->state=SSL2_ST_GET_SERVER_HELLO_B;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_GET_SERVER_HELLO_B */
+ j=s->s2->tmp.cert_length+s->s2->tmp.csl+s->s2->tmp.conn_id_length
+ - s->init_num;
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),j);
+ if (i != j) return(ssl2_part_read(s,SSL_F_GET_SERVER_HELLO,i));
+
+ /* things are looking good */
+
+ p=buf;
+ if (s->hit)
+ {
+ if (s->s2->tmp.cert_length != 0)
+ {
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_LENGTH_NOT_ZERO);
+ return(-1);
+ }
+ if (s->s2->tmp.cert_type != 0)
+ {
+ if (!(s->ctx->options &
+ SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG))
+ {
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CERT_TYPE_NOT_ZERO);
+ return(-1);
+ }
+ }
+ if (s->s2->tmp.csl != 0)
+ {
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_REUSE_CIPHER_LIST_NOT_ZERO);
+ return(-1);
+ }
+ }
+ else
+ {
+#ifdef undef
+ /* very bad */
+ memset(s->session->session_id,0,
+ SSL_MAX_SSL_SESSION_ID_LENGTH_IN_BYTES);
+ s->session->session_id_length=0;
+ */
+#endif
+
+ /* we need to do this incase we were trying to reuse a
+ * client session but others are already reusing it.
+ * If this was a new 'blank' session ID, the session-id
+ * length will still be 0 */
+ if (s->session->session_id_length > 0)
+ {
+ if (!ssl_get_new_session(s,0))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+
+ if (ssl2_set_certificate(s,s->s2->tmp.cert_type,
+ s->s2->tmp.cert_length,p) <= 0)
+ {
+ ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
+ return(-1);
+ }
+ p+=s->s2->tmp.cert_length;
+
+ if (s->s2->tmp.csl == 0)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_LIST);
+ return(-1);
+ }
+
+ /* We have just received a list of ciphers back from the
+ * server. We need to get the ones that match, then select
+ * the one we want the most :-). */
+
+ /* load the ciphers */
+ sk=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.csl,
+ &s->session->ciphers);
+ p+=s->s2->tmp.csl;
+ if (sk == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
+ return(-1);
+ }
+
+ sk_set_cmp_func(sk,ssl_cipher_ptr_id_cmp);
+
+ /* get the array of ciphers we will accept */
+ cl=ssl_get_ciphers_by_id(s);
+
+ /* In theory we could have ciphers sent back that we
+ * don't want to use but that does not matter since we
+ * will check against the list we origionally sent and
+ * for performance reasons we should not bother to match
+ * the two lists up just to check. */
+ for (i=0; i<sk_num(cl); i++)
+ {
+ if (sk_find(sk,sk_value(cl,i)) >= 0)
+ break;
+ }
+
+ if (i >= sk_num(cl))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_NO_CIPHER_MATCH);
+ return(-1);
+ }
+ s->session->cipher=(SSL_CIPHER *)sk_value(cl,i);
+ }
+
+ if ((s->session != NULL) && (s->session->peer != NULL))
+ X509_free(s->session->peer);
+
+ /* hmmm, can we have the problem of the other session with this
+ * cert, Free's it before we increment the reference count. */
+ CRYPTO_w_lock(CRYPTO_LOCK_X509);
+ s->session->peer=s->session->cert->key->x509;
+ s->session->peer->references++;
+ CRYPTO_w_unlock(CRYPTO_LOCK_X509);
+
+ s->s2->conn_id_length=s->s2->tmp.conn_id_length;
+ memcpy(s->s2->conn_id,p,s->s2->tmp.conn_id_length);
+ return(1);
+ }
+
+static int client_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+/* CIPHER **cipher;*/
+ int i,n,j;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_CLIENT_HELLO_A)
+ {
+ if ((s->session == NULL) ||
+ (s->session->ssl_version != s->version))
+ {
+ if (!ssl_get_new_session(s,0))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+ /* else use the pre-loaded session */
+
+ p=buf; /* header */
+ d=p+9; /* data section */
+ *(p++)=SSL2_MT_CLIENT_HELLO; /* type */
+ s2n(SSL2_CLIENT_VERSION,p); /* version */
+ n=j=0;
+
+ n=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),d);
+ d+=n;
+
+ if (n == 0)
+ {
+ SSLerr(SSL_F_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+ return(-1);
+ }
+
+ s2n(n,p); /* cipher spec num bytes */
+
+ if ((s->session->session_id_length > 0) &&
+ (s->session->session_id_length <=
+ SSL2_MAX_SSL_SESSION_ID_LENGTH))
+ {
+ i=s->session->session_id_length;
+ s2n(i,p); /* session id length */
+ memcpy(d,s->session->session_id,(unsigned int)i);
+ d+=i;
+ }
+ else
+ {
+ s2n(0,p);
+ }
+
+ s->s2->challenge_length=SSL2_CHALLENGE_LENGTH;
+ s2n(SSL2_CHALLENGE_LENGTH,p); /* challenge length */
+ /*challenge id data*/
+ RAND_bytes(s->s2->challenge,SSL2_CHALLENGE_LENGTH);
+ memcpy(d,s->s2->challenge,SSL2_CHALLENGE_LENGTH);
+ d+=SSL2_CHALLENGE_LENGTH;
+
+ s->state=SSL2_ST_SEND_CLIENT_HELLO_B;
+ s->init_num=d-buf;
+ s->init_off=0;
+ }
+ /* SSL2_ST_SEND_CLIENT_HELLO_B */
+ return(ssl2_do_write(s));
+ }
+
+static int client_master_key(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int clear,enc,karg,i;
+ SSL_SESSION *sess;
+ EVP_CIPHER *c;
+ EVP_MD *md;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_CLIENT_MASTER_KEY_A)
+ {
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return(-1);
+ }
+ sess=s->session;
+ p=buf;
+ d=p+10;
+ *(p++)=SSL2_MT_CLIENT_MASTER_KEY;/* type */
+
+ i=ssl_put_cipher_by_char(s,sess->cipher,p);
+ p+=i;
+
+ /* make key_arg data */
+ i=EVP_CIPHER_iv_length(c);
+ sess->key_arg_length=i;
+ if (i > 0) RAND_bytes(sess->key_arg,i);
+
+ /* make a master key */
+ i=EVP_CIPHER_key_length(c);
+ sess->master_key_length=i;
+ if (i > 0) RAND_bytes(sess->master_key,i);
+
+ if (sess->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ enc=8;
+ else if (sess->cipher->algorithms & SSL_EXP)
+ enc=5;
+ else
+ enc=i;
+
+ if (i < enc)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_CIPHER_TABLE_SRC_ERROR);
+ return(-1);
+ }
+ clear=i-enc;
+ s2n(clear,p);
+ memcpy(d,sess->master_key,(unsigned int)clear);
+ d+=clear;
+
+ enc=ssl_rsa_public_encrypt(sess->cert,enc,
+ &(sess->master_key[clear]),d,
+ (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
+ if (enc <= 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_CLIENT_MASTER_KEY,SSL_R_PUBLIC_KEY_ENCRYPT_ERROR);
+ return(-1);
+ }
+ s2n(enc,p);
+ d+=enc;
+ karg=sess->key_arg_length;
+ s2n(karg,p); /* key arg size */
+ memcpy(d,sess->key_arg,(unsigned int)karg);
+ d+=karg;
+
+ s->state=SSL2_ST_SEND_CLIENT_MASTER_KEY_B;
+ s->init_num=d-buf;
+ s->init_off=0;
+ }
+
+ /* SSL2_ST_SEND_CLIENT_MASTER_KEY_B */
+ return(ssl2_do_write(s));
+ }
+
+static int client_finished(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_CLIENT_FINISHED_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_CLIENT_FINISHED;
+ memcpy(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length);
+
+ s->state=SSL2_ST_SEND_CLIENT_FINISHED_B;
+ s->init_num=s->s2->conn_id_length+1;
+ s->init_off=0;
+ }
+ return(ssl2_do_write(s));
+ }
+
+/* read the data and then respond */
+static int client_certificate(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i;
+ unsigned int n;
+ int cert_ch_len=0;
+ unsigned char *cert_ch;
+
+ buf=(unsigned char *)s->init_buf->data;
+ cert_ch= &(buf[2]);
+
+ /* We have a cert associated with the SSL, so attach it to
+ * the session if it does not have one */
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_A)
+ {
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),
+ SSL2_MAX_CERT_CHALLENGE_LENGTH+1-s->init_num);
+ if (i<(SSL2_MIN_CERT_CHALLENGE_LENGTH+1-s->init_num))
+ return(ssl2_part_read(s,SSL_F_CLIENT_CERTIFICATE,i));
+
+ /* type=buf[0]; */
+ /* type eq x509 */
+ if (buf[1] != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
+ {
+ ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+ SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_AUTHENTICATION_TYPE);
+ return(-1);
+ }
+ cert_ch_len=i-1;
+
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL))
+ {
+ s->state=SSL2_ST_X509_GET_CLIENT_CERTIFICATE;
+ }
+ else
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+ }
+
+ if (s->state == SSL2_ST_X509_GET_CLIENT_CERTIFICATE)
+ {
+ X509 *x509=NULL;
+ EVP_PKEY *pkey=NULL;
+
+ /* If we get an error we need to
+ * ssl->rwstate=SSL_X509_LOOKUP;
+ * return(error);
+ * We should then be retried when things are ok and we
+ * can get a cert or not */
+
+ i=0;
+ if (s->ctx->client_cert_cb != NULL)
+ {
+ i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
+ }
+
+ if (i < 0)
+ {
+ s->rwstate=SSL_X509_LOOKUP;
+ return(-1);
+ }
+ s->rwstate=SSL_NOTHING;
+
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL))
+ {
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_C;
+ if ( !SSL_use_certificate(s,x509) ||
+ !SSL_use_PrivateKey(s,pkey))
+ {
+ i=0;
+ }
+ X509_free(x509);
+ EVP_PKEY_free(pkey);
+ }
+ else if (i == 1)
+ {
+ if (x509 != NULL) X509_free(x509);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ SSLerr(SSL_F_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ i=0;
+ }
+
+ if (i == 0)
+ {
+ /* We have no client certificate to respond with
+ * so send the correct error message back */
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_B;
+ p=buf;
+ *(p++)=SSL2_MT_ERROR;
+ s2n(SSL2_PE_NO_CERTIFICATE,p);
+ s->init_off=0;
+ s->init_num=3;
+ /* Write is done at the end */
+ }
+ }
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_B)
+ {
+ return(ssl2_do_write(s));
+ }
+
+ if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_C)
+ {
+ EVP_MD_CTX ctx;
+
+ /* ok, now we calculate the checksum
+ * do it first so we can reuse buf :-) */
+ p=buf;
+ EVP_SignInit(&ctx,EVP_md5());
+ EVP_SignUpdate(&ctx,s->s2->key_material,
+ (unsigned int)s->s2->key_material_length);
+ EVP_SignUpdate(&ctx,cert_ch,(unsigned int)cert_ch_len);
+ n=i2d_X509(s->session->cert->key->x509,&p);
+ EVP_SignUpdate(&ctx,buf,(unsigned int)n);
+
+ p=buf;
+ d=p+6;
+ *(p++)=SSL2_MT_CLIENT_CERTIFICATE;
+ *(p++)=SSL2_CT_X509_CERTIFICATE;
+ n=i2d_X509(s->cert->key->x509,&d);
+ s2n(n,p);
+
+ if (!EVP_SignFinal(&ctx,d,&n,s->cert->key->privatekey))
+ {
+ /* this is not good. If things have failed it
+ * means there so something wrong with the key.
+ * We will contiune with a 0 length signature
+ */
+ }
+ memset(&ctx,0,sizeof(ctx));
+ s2n(n,p);
+ d+=n;
+
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_D;
+ s->init_num=d-buf;
+ s->init_off=0;
+ }
+ /* if (s->state == SSL2_ST_SEND_CLIENT_CERTIFICATE_D) */
+ return(ssl2_do_write(s));
+ }
+
+static int get_server_verify(s)
+SSL *s;
+ {
+ unsigned char *p;
+ int i;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_SERVER_VERIFY_A)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+ if (i < (1-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
+
+ s->state= SSL2_ST_GET_SERVER_VERIFY_B;
+ s->init_num=0;
+ if (*p != SSL2_MT_SERVER_VERIFY)
+ {
+ if (p[0] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_VERIFY,
+ SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_SERVER_VERIFY,
+ SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ }
+
+ p=(unsigned char *)s->init_buf->data;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),
+ (unsigned int)s->s2->challenge_length-s->init_num);
+ if (i < ((int)s->s2->challenge_length-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_VERIFY,i));
+ if (memcmp(p,s->s2->challenge,(unsigned int)s->s2->challenge_length) != 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_VERIFY,SSL_R_CHALLENGE_IS_DIFFERENT);
+ return(-1);
+ }
+ return(1);
+ }
+
+static int get_server_finished(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p;
+ int i;
+
+ buf=(unsigned char *)s->init_buf->data;
+ p=buf;
+ if (s->state == SSL2_ST_GET_SERVER_FINISHED_A)
+ {
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),1-s->init_num);
+ if (i < (1-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
+ s->init_num=i;
+ if (*p == SSL2_MT_REQUEST_CERTIFICATE)
+ {
+ s->state=SSL2_ST_SEND_CLIENT_CERTIFICATE_A;
+ return(1);
+ }
+ else if (*p != SSL2_MT_SERVER_FINISHED)
+ {
+ if (p[0] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ s->state=SSL_ST_OK;
+ s->init_num=0;
+ }
+
+ i=ssl2_read(s,(char *)&(buf[s->init_num]),
+ SSL2_SSL_SESSION_ID_LENGTH-s->init_num);
+ if (i < (SSL2_SSL_SESSION_ID_LENGTH-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_SERVER_FINISHED,i));
+
+ if (!s->hit) /* new session */
+ {
+ /* new session-id */
+ s->session->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
+ memcpy(s->session->session_id,p,SSL2_SSL_SESSION_ID_LENGTH);
+ }
+ else
+ {
+ if (!(s->ctx->options & SSL_OP_MICROSOFT_SESS_ID_BUG))
+ {
+ if (memcmp(buf,s->session->session_id,
+ (unsigned int)s->session->session_id_length) != 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_SERVER_FINISHED,SSL_R_SSL_SESSION_ID_IS_DIFFERENT);
+ return(-1);
+ }
+ }
+ }
+ return(1);
+ }
+
+/* loads in the certificate from the server */
+int ssl2_set_certificate(s, type, len, data)
+SSL *s;
+int type;
+int len;
+unsigned char *data;
+ {
+ STACK *sk=NULL;
+ EVP_PKEY *pkey=NULL;
+ CERT *c=NULL;
+ int i;
+ X509 *x509=NULL;
+ int ret=0;
+
+ x509=d2i_X509(NULL,&data,(long)len);
+ if (x509 == NULL)
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_X509_LIB);
+ goto err;
+ }
+
+ if (((sk=sk_new_null()) == NULL) ||
+ (!sk_push(sk,(char *)x509)))
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ i=ssl_verify_cert_chain(s,sk);
+
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
+ goto err;
+ }
+
+ /* cert for ssl */
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ ret= -1;
+ goto err;
+ }
+
+ /* cert for session */
+ if (s->session->cert) ssl_cert_free(s->session->cert);
+ s->session->cert=c;
+
+/* c->cert_type=type; */
+
+ c->pkeys[SSL_PKEY_RSA_ENC].x509=x509;
+ c->key= &(c->pkeys[SSL_PKEY_RSA_ENC]);
+
+ pkey=X509_get_pubkey(x509);
+ x509=NULL;
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY);
+ goto err;
+ }
+ if (pkey->type != EVP_PKEY_RSA)
+ {
+ SSLerr(SSL_F_SSL2_SET_CERTIFICATE,SSL_R_PUBLIC_KEY_NOT_RSA);
+ goto err;
+ }
+
+ if (!ssl_set_cert_type(c,SSL2_CT_X509_CERTIFICATE))
+ goto err;
+ ret=1;
+err:
+ if (sk != NULL) sk_free(sk);
+ if (x509 != NULL) X509_free(x509);
+ return(ret);
+ }
+
+static int ssl_rsa_public_encrypt(c, len, from, to, padding)
+CERT *c;
+int len;
+unsigned char *from;
+unsigned char *to;
+int padding;
+ {
+ EVP_PKEY *pkey=NULL;
+ int i= -1;
+
+ if ((c == NULL) || (c->key->x509 == NULL) ||
+ ((pkey=X509_get_pubkey(c->key->x509)) == NULL))
+ {
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_NO_PUBLICKEY);
+ return(-1);
+ }
+ if (pkey->type != EVP_PKEY_RSA)
+ {
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+ goto end;
+ }
+
+ /* we have the public key */
+ i=RSA_public_encrypt(len,from,to,pkey->pkey.rsa,padding);
+ if (i < 0)
+ SSLerr(SSL_F_SSL_RSA_PUBLIC_ENCRYPT,ERR_R_RSA_LIB);
+end:
+ return(i);
+ }
+
diff --git a/ssl/s2_enc.c b/ssl/s2_enc.c
new file mode 100644
index 0000000..b915f09
--- /dev/null
+++ b/ssl/s2_enc.c
@@ -0,0 +1,187 @@
+/* ssl/s2_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+
+#define RS 0
+#define WS 1
+
+int ssl2_enc_init(s, client)
+SSL *s;
+int client;
+ {
+ /* Max number of bytes needed */
+ EVP_CIPHER_CTX *rs,*ws;
+ EVP_CIPHER *c;
+ EVP_MD *md;
+ int num;
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_SSL2_ENC_INIT,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return(0);
+ }
+
+ s->read_hash=md;
+ s->write_hash=md;
+
+ if ((s->enc_read_ctx == NULL) &&
+ ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ if ((s->enc_write_ctx == NULL) &&
+ ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+
+ rs= s->enc_read_ctx;
+ ws= s->enc_write_ctx;
+
+ num=c->key_len;
+ s->s2->key_material_length=num*2;
+
+ ssl2_generate_key_material(s);
+
+ EVP_EncryptInit(ws,c,&(s->s2->key_material[(client)?num:0]),
+ s->session->key_arg);
+ EVP_DecryptInit(rs,c,&(s->s2->key_material[(client)?0:num]),
+ s->session->key_arg);
+ s->s2->read_key= &(s->s2->key_material[(client)?0:num]);
+ s->s2->write_key= &(s->s2->key_material[(client)?num:0]);
+ return(1);
+err:
+ SSLerr(SSL_F_SSL2_ENC_INIT,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+/* read/writes from s->s2->mac_data using length for encrypt and
+ * decrypt. It sets the s->s2->padding, s->[rw]length and
+ * s->s2->pad_data ptr if we are encrypting */
+void ssl2_enc(s,send)
+SSL *s;
+int send;
+ {
+ EVP_CIPHER_CTX *ds;
+ unsigned long l;
+ int bs;
+
+ if (send)
+ {
+ ds=s->enc_write_ctx;
+ l=s->s2->wlength;
+ }
+ else
+ {
+ ds=s->enc_read_ctx;
+ l=s->s2->rlength;
+ }
+
+ /* check for NULL cipher */
+ if (ds == NULL) return;
+
+
+ bs=ds->cipher->block_size;
+ /* This should be using (bs-1) and bs instead of 7 and 8, but
+ * what the hell. */
+ if (bs == 8)
+ l=(l+7)/8*8;
+
+ EVP_Cipher(ds,s->s2->mac_data,s->s2->mac_data,l);
+ }
+
+void ssl2_mac(s, md,send)
+SSL *s;
+unsigned char *md;
+int send;
+ {
+ EVP_MD_CTX c;
+ unsigned char sequence[4],*p,*sec,*act;
+ unsigned long seq;
+ unsigned int len;
+
+ if (send)
+ {
+ seq=s->s2->write_sequence;
+ sec=s->s2->write_key;
+ len=s->s2->wact_data_length;
+ act=s->s2->wact_data;
+ }
+ else
+ {
+ seq=s->s2->read_sequence;
+ sec=s->s2->read_key;
+ len=s->s2->ract_data_length;
+ act=s->s2->ract_data;
+ }
+
+ p= &(sequence[0]);
+ l2n(seq,p);
+
+ /* There has to be a MAC algorithm. */
+ EVP_DigestInit(&c,s->read_hash);
+ EVP_DigestUpdate(&c,sec,
+ EVP_CIPHER_CTX_key_length(s->enc_read_ctx));
+ EVP_DigestUpdate(&c,act,len);
+ /* the above line also does the pad data */
+ EVP_DigestUpdate(&c,sequence,4);
+ EVP_DigestFinal(&c,md,NULL);
+ /* some would say I should zero the md context */
+ }
+
diff --git a/ssl/s2_lib.c b/ssl/s2_lib.c
new file mode 100644
index 0000000..fb91582
--- /dev/null
+++ b/ssl/s2_lib.c
@@ -0,0 +1,455 @@
+/* ssl/s2_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "rsa.h"
+#include "objects.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static int ssl2_ok(SSL *s);
+static long ssl2_default_timeout(void );
+#else
+static int ssl2_ok();
+static long ssl2_default_timeout();
+#endif
+
+char *ssl2_version_str="SSLv2 part of SSLeay 0.8.1b 29-Jun-1998";
+
+#define SSL2_NUM_CIPHERS (sizeof(ssl2_ciphers)/sizeof(SSL_CIPHER))
+
+SSL_CIPHER ssl2_ciphers[]={
+/* NULL_WITH_MD5 v3 */
+#if 0
+ {
+ 1,
+ SSL2_TXT_NULL_WITH_MD5,
+ SSL2_CK_NULL_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL|SSL_MD5|SSL_EXP|SSL_SSLV2,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+/* RC4_128_EXPORT40_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_128_EXPORT40_WITH_MD5,
+ SSL2_CK_RC4_128_EXPORT40_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_EXP|SSL_SSLV2,
+ SSL2_CF_5_BYTE_ENC,
+ SSL_ALL_CIPHERS,
+ },
+/* RC4_128_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC4_128_WITH_MD5,
+ SSL2_CK_RC4_128_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* RC2_128_CBC_EXPORT40_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5,
+ SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_EXP|SSL_SSLV2,
+ SSL2_CF_5_BYTE_ENC,
+ SSL_ALL_CIPHERS,
+ },
+/* RC2_128_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_RC2_128_CBC_WITH_MD5,
+ SSL2_CK_RC2_128_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC2|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* IDEA_128_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_IDEA_128_CBC_WITH_MD5,
+ SSL2_CK_IDEA_128_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_IDEA|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* DES_64_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_DES_64_CBC_WITH_MD5,
+ SSL2_CK_DES_64_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* DES_64_CBC_WITH_SHA */
+#if 0
+ {
+ 1,
+ SSL2_TXT_DES_64_CBC_WITH_SHA,
+ SSL2_CK_DES_64_CBC_WITH_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA0|SSL_NOT_EXP|SSL_SSLV2|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+/* DES_192_EDE3_CBC_WITH_MD5 */
+ {
+ 1,
+ SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5,
+ SSL2_CK_DES_192_EDE3_CBC_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_MD5|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* DES_192_EDE3_CBC_WITH_SHA */
+#if 0
+ {
+ 1,
+ SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA,
+ SSL2_CK_DES_192_EDE3_CBC_WITH_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_3DES|SSL_SHA0|SSL_NOT_EXP|SSL_SSLV2|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+/* RC4_64_WITH_MD5 */
+#if 1
+ {
+ 1,
+ SSL2_TXT_RC4_64_WITH_MD5,
+ SSL2_CK_RC4_64_WITH_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4|SSL_MD5|SSL_SSLV2|SSL_LOW,
+ SSL2_CF_8_BYTE_ENC,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+/* NULL SSLeay (testing) */
+#if 0
+ {
+ 0,
+ SSL2_TXT_NULL,
+ SSL2_CK_NULL,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+#endif
+
+/* end of list :-) */
+ };
+
+static SSL_METHOD SSLv2_data= {
+ 2,
+ ssl2_new, /* local */
+ ssl2_clear, /* local */
+ ssl2_free, /* local */
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl2_read,
+ ssl2_peek,
+ ssl2_write,
+ ssl2_shutdown,
+ ssl2_ok,
+ ssl2_ctrl, /* local */
+ ssl2_ctx_ctrl, /* local */
+ ssl2_get_cipher_by_char,
+ ssl2_put_cipher_by_char,
+ ssl2_pending,
+ ssl2_num_ciphers,
+ ssl2_get_cipher,
+ ssl_bad_method,
+ ssl2_default_timeout,
+ };
+
+static long ssl2_default_timeout()
+ {
+ return(300);
+ }
+
+SSL_METHOD *sslv2_base_method()
+ {
+ return(&SSLv2_data);
+ }
+
+int ssl2_num_ciphers()
+ {
+ return(SSL2_NUM_CIPHERS);
+ }
+
+SSL_CIPHER *ssl2_get_cipher(u)
+unsigned int u;
+ {
+ if (u < SSL2_NUM_CIPHERS)
+ return(&(ssl2_ciphers[SSL2_NUM_CIPHERS-1-u]));
+ else
+ return(NULL);
+ }
+
+int ssl2_pending(s)
+SSL *s;
+ {
+ return(s->s2->ract_data_length);
+ }
+
+int ssl2_new(s)
+SSL *s;
+ {
+ SSL2_CTX *s2;
+
+ if ((s2=(SSL2_CTX *)Malloc(sizeof(SSL2_CTX))) == NULL) goto err;
+
+ if ((s2->rbuf=(unsigned char *)Malloc(
+ SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+ if ((s2->wbuf=(unsigned char *)Malloc(
+ SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2)) == NULL) goto err;
+ s->s2=s2;
+
+ ssl2_clear(s);
+ return(1);
+err:
+ if (s2 != NULL)
+ {
+ if (s2->wbuf != NULL) Free(s2->wbuf);
+ if (s2->rbuf != NULL) Free(s2->rbuf);
+ Free(s2);
+ }
+ return(0);
+ }
+
+void ssl2_free(s)
+SSL *s;
+ {
+ SSL2_CTX *s2;
+
+ s2=s->s2;
+ if (s2->rbuf != NULL) Free(s2->rbuf);
+ if (s2->wbuf != NULL) Free(s2->wbuf);
+ memset(s2,0,sizeof(SSL2_CTX));
+ Free(s2);
+ s->s2=NULL;
+ }
+
+void ssl2_clear(s)
+SSL *s;
+ {
+ SSL2_CTX *s2;
+ unsigned char *rbuf,*wbuf;
+
+ s2=s->s2;
+
+ rbuf=s2->rbuf;
+ wbuf=s2->wbuf;
+
+ memset(s2,0,sizeof(SSL2_CTX));
+
+ s2->rbuf=rbuf;
+ s2->wbuf=wbuf;
+ s2->clear_text=1;
+ s2->first_packet=0;
+ s->packet=s2->rbuf;
+ s->version=2;
+ s->packet_length=0;
+ }
+
+long ssl2_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(0);
+ }
+
+long ssl2_ctx_ctrl(ctx,cmd,larg,parg)
+SSL_CTX *ctx;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(0);
+ }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+SSL_CIPHER *ssl2_get_cipher_by_char(p)
+unsigned char *p;
+ {
+ static int init=1;
+ static SSL_CIPHER *sorted[SSL2_NUM_CIPHERS];
+ SSL_CIPHER c,*cp= &c,**cpp;
+ unsigned long id;
+ int i;
+
+ if (init)
+ {
+ init=0;
+
+ for (i=0; i<SSL2_NUM_CIPHERS; i++)
+ sorted[i]= &(ssl2_ciphers[i]);
+
+ qsort( (char *)sorted,
+ SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ FP_ICC ssl_cipher_ptr_id_cmp);
+ }
+
+ id=0x02000000L|((unsigned long)p[0]<<16L)|
+ ((unsigned long)p[1]<<8L)|(unsigned long)p[2];
+ c.id=id;
+ cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
+ (char *)sorted,
+ SSL2_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ (int (*)())ssl_cipher_ptr_id_cmp);
+ if ((cpp == NULL) || !(*cpp)->valid)
+ return(NULL);
+ else
+ return(*cpp);
+ }
+
+int ssl2_put_cipher_by_char(c,p)
+SSL_CIPHER *c;
+unsigned char *p;
+ {
+ long l;
+
+ if (p != NULL)
+ {
+ l=c->id;
+ if ((l & 0xff000000) != 0x02000000) return(0);
+ p[0]=((unsigned char)(l>>16L))&0xFF;
+ p[1]=((unsigned char)(l>> 8L))&0xFF;
+ p[2]=((unsigned char)(l ))&0xFF;
+ }
+ return(3);
+ }
+
+void ssl2_generate_key_material(s)
+SSL *s;
+ {
+ unsigned int i;
+ MD5_CTX ctx;
+ unsigned char *km;
+ unsigned char c='0';
+
+ km=s->s2->key_material;
+ for (i=0; i<s->s2->key_material_length; i+=MD5_DIGEST_LENGTH)
+ {
+ MD5_Init(&ctx);
+
+ MD5_Update(&ctx,s->session->master_key,s->session->master_key_length);
+ MD5_Update(&ctx,(unsigned char *)&c,1);
+ c++;
+ MD5_Update(&ctx,s->s2->challenge,s->s2->challenge_length);
+ MD5_Update(&ctx,s->s2->conn_id,s->s2->conn_id_length);
+ MD5_Final(km,&ctx);
+ km+=MD5_DIGEST_LENGTH;
+ }
+ }
+
+void ssl2_return_error(s,err)
+SSL *s;
+int err;
+ {
+ if (!s->error)
+ {
+ s->error=3;
+ s->error_code=err;
+
+ ssl2_write_error(s);
+ }
+ }
+
+
+void ssl2_write_error(s)
+SSL *s;
+ {
+ char buf[3];
+ int i,error;
+
+ buf[0]=SSL2_MT_ERROR;
+ buf[1]=(s->error_code>>8)&0xff;
+ buf[2]=(s->error_code)&0xff;
+
+/* state=s->rwstate;*/
+ error=s->error;
+ s->error=0;
+ i=ssl2_write(s,&(buf[3-error]),error);
+/* if (i == error) s->rwstate=state; */
+
+ if (i < 0)
+ s->error=error;
+ else if (i != s->error)
+ s->error=error-i;
+ /* else
+ s->error=0; */
+ }
+
+static int ssl2_ok(s)
+SSL *s;
+ {
+ return(1);
+ }
+
+int ssl2_shutdown(s)
+SSL *s;
+ {
+ s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ return(1);
+ }
+
diff --git a/ssl/s2_meth.c b/ssl/s2_meth.c
new file mode 100644
index 0000000..0b8c2ac
--- /dev/null
+++ b/ssl/s2_meth.c
@@ -0,0 +1,88 @@
+/* ssl/s2_meth.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *ssl2_get_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv2_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv2_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv2_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv2_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_data.ssl_connect=ssl2_connect;
+ SSLv2_data.ssl_accept=ssl2_accept;
+ SSLv2_data.get_ssl_method=ssl2_get_method;
+ }
+ return(&SSLv2_data);
+ }
+
diff --git a/ssl/s2_pkt.c b/ssl/s2_pkt.c
new file mode 100644
index 0000000..84bea33
--- /dev/null
+++ b/ssl/s2_pkt.c
@@ -0,0 +1,651 @@
+/* ssl/s2_pkt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "ssl_locl.h"
+
+/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_NO_CIPHER);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_NO_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_UNKNOWN_REMOTE_ERROR_TYPE);
+ */
+
+#ifndef NOPROTO
+static int read_n(SSL *s,unsigned int n,unsigned int max,unsigned int extend);
+static int do_ssl_write(SSL *s, const char *buf, unsigned int len);
+static int write_pending(SSL *s, const char *buf, unsigned int len);
+static int ssl_mt_error(int n);
+#else
+static int read_n();
+static int do_ssl_write();
+static int write_pending();
+static int ssl_mt_error();
+#endif
+
+int ssl2_peek(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int ret;
+
+ ret=ssl2_read(s,buf,len);
+ if (ret > 0)
+ {
+ s->s2->ract_data_length+=ret;
+ s->s2->ract_data-=ret;
+ }
+ return(ret);
+ }
+
+/* SSL_read -
+ * This routine will return 0 to len bytes, decrypted etc if required.
+ */
+int ssl2_read(s, buf, len)
+SSL *s;
+char *buf;
+int len;
+ {
+ int n;
+ unsigned char mac[MAX_MAC_SIZE];
+ unsigned char *p;
+ int i;
+ unsigned int mac_size=0;
+
+ if (SSL_in_init(s) && !s->in_handshake)
+ {
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+
+ errno=0;
+ s->rwstate=SSL_NOTHING;
+ if (len <= 0) return(len);
+
+ if (s->s2->ract_data_length != 0) /* read from buffer */
+ {
+ if (len > s->s2->ract_data_length)
+ n=s->s2->ract_data_length;
+ else
+ n=len;
+
+ memcpy(buf,s->s2->ract_data,(unsigned int)n);
+ s->s2->ract_data_length-=n;
+ s->s2->ract_data+=n;
+ if (s->s2->ract_data_length == 0)
+ s->rstate=SSL_ST_READ_HEADER;
+ return(n);
+ }
+
+ if (s->rstate == SSL_ST_READ_HEADER)
+ {
+ if (s->first_packet)
+ {
+ n=read_n(s,5,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
+ if (n <= 0) return(n); /* error or non-blocking */
+ s->first_packet=0;
+ p=s->packet;
+ if (!((p[0] & 0x80) && (
+ (p[2] == SSL2_MT_CLIENT_HELLO) ||
+ (p[2] == SSL2_MT_SERVER_HELLO))))
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_NON_SSLV2_INITIAL_PACKET);
+ return(-1);
+ }
+ }
+ else
+ {
+ n=read_n(s,2,SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2,0);
+ if (n <= 0) return(n); /* error or non-blocking */
+ }
+ /* part read stuff */
+
+ s->rstate=SSL_ST_READ_BODY;
+ p=s->packet;
+ /* Do header */
+ /*s->s2->padding=0;*/
+ s->s2->escape=0;
+ s->s2->rlength=(((unsigned int)p[0])<<8)|((unsigned int)p[1]);
+ if ((p[0] & TWO_BYTE_BIT)) /* Two byte header? */
+ {
+ s->s2->three_byte_header=0;
+ s->s2->rlength&=TWO_BYTE_MASK;
+ }
+ else
+ {
+ s->s2->three_byte_header=1;
+ s->s2->rlength&=THREE_BYTE_MASK;
+
+ /* security >s2->escape */
+ s->s2->escape=((p[0] & SEC_ESC_BIT))?1:0;
+ }
+ }
+
+ if (s->rstate == SSL_ST_READ_BODY)
+ {
+ n=s->s2->rlength+2+s->s2->three_byte_header;
+ if (n > (int)s->packet_length)
+ {
+ n-=s->packet_length;
+ i=read_n(s,(unsigned int)n,(unsigned int)n,1);
+ if (i <= 0) return(i); /* ERROR */
+ }
+
+ p= &(s->packet[2]);
+ s->rstate=SSL_ST_READ_HEADER;
+ if (s->s2->three_byte_header)
+ s->s2->padding= *(p++);
+ else s->s2->padding=0;
+
+ /* Data portion */
+ if (s->s2->clear_text)
+ {
+ s->s2->mac_data=p;
+ s->s2->ract_data=p;
+ s->s2->pad_data=NULL;
+ }
+ else
+ {
+ mac_size=EVP_MD_size(s->read_hash);
+ s->s2->mac_data=p;
+ s->s2->ract_data= &p[mac_size];
+ s->s2->pad_data= &p[mac_size+
+ s->s2->rlength-s->s2->padding];
+ }
+
+ s->s2->ract_data_length=s->s2->rlength;
+ /* added a check for length > max_size in case
+ * encryption was not turned on yet due to an error */
+ if ((!s->s2->clear_text) &&
+ (s->s2->rlength >= mac_size))
+ {
+ ssl2_enc(s,0);
+ s->s2->ract_data_length-=mac_size;
+ ssl2_mac(s,mac,0);
+ s->s2->ract_data_length-=s->s2->padding;
+ if ( (memcmp(mac,s->s2->mac_data,
+ (unsigned int)mac_size) != 0) ||
+ (s->s2->rlength%EVP_CIPHER_CTX_block_size(s->enc_read_ctx) != 0))
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_MAC_DECODE);
+ return(SSL_RWERR_BAD_MAC_DECODE);
+ }
+ }
+ INC32(s->s2->read_sequence); /* expect next number */
+ /* s->s2->ract_data is now available for processing */
+
+ /* If a 0 byte packet was sent, return 0, otherwise
+ * we play havoc with people using select with
+ * blocking sockets. Let them handle a packet at a time,
+ * they should really be using non-blocking sockets. */
+ if (s->s2->ract_data_length == 0)
+ return(0);
+ return(ssl2_read(s,buf,len));
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL2_READ,SSL_R_BAD_STATE);
+ return(SSL_RWERR_INTERNAL_ERROR);
+ }
+ }
+
+static int read_n(s, n, max, extend)
+SSL *s;
+unsigned int n;
+unsigned int max;
+unsigned int extend;
+ {
+ int i,off,newb;
+
+ /* if there is stuff still in the buffer from a previous read,
+ * and there is more than we want, take some. */
+ if (s->s2->rbuf_left >= (int)n)
+ {
+ if (extend)
+ s->packet_length+=n;
+ else
+ {
+ s->packet= &(s->s2->rbuf[s->s2->rbuf_offs]);
+ s->packet_length=n;
+ }
+ s->s2->rbuf_left-=n;
+ s->s2->rbuf_offs+=n;
+ return(n);
+ }
+
+ if (!s->read_ahead) max=n;
+ if (max > (unsigned int)(SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2))
+ max=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER+2;
+
+
+ /* Else we want more than we have.
+ * First, if there is some left or we want to extend */
+ off=0;
+ if ((s->s2->rbuf_left != 0) || ((s->packet_length != 0) && extend))
+ {
+ newb=s->s2->rbuf_left;
+ if (extend)
+ {
+ off=s->packet_length;
+ if (s->packet != s->s2->rbuf)
+ memcpy(s->s2->rbuf,s->packet,
+ (unsigned int)newb+off);
+ }
+ else if (s->s2->rbuf_offs != 0)
+ {
+ memcpy(s->s2->rbuf,&(s->s2->rbuf[s->s2->rbuf_offs]),
+ (unsigned int)newb);
+ s->s2->rbuf_offs=0;
+ }
+ s->s2->rbuf_left=0;
+ }
+ else
+ newb=0;
+
+ /* off is the offset to start writing too.
+ * r->s2->rbuf_offs is the 'unread data', now 0.
+ * newb is the number of new bytes so far
+ */
+ s->packet=s->s2->rbuf;
+ while (newb < (int)n)
+ {
+ errno=0;
+ if (s->rbio != NULL)
+ {
+ s->rwstate=SSL_READING;
+ i=BIO_read(s->rbio,(char *)&(s->s2->rbuf[off+newb]),
+ max-newb);
+ }
+ else
+ {
+ SSLerr(SSL_F_READ_N,SSL_R_READ_BIO_NOT_SET);
+ i= -1;
+ }
+#ifdef PKT_DEBUG
+ if (s->debug & 0x01) sleep(1);
+#endif
+ if (i <= 0)
+ {
+ s->s2->rbuf_left+=newb;
+ return(i);
+ }
+ newb+=i;
+ }
+
+ /* record unread data */
+ if (newb > (int)n)
+ {
+ s->s2->rbuf_offs=n+off;
+ s->s2->rbuf_left=newb-n;
+ }
+ else
+ {
+ s->s2->rbuf_offs=0;
+ s->s2->rbuf_left=0;
+ }
+ if (extend)
+ s->packet_length+=n;
+ else
+ s->packet_length=n;
+ s->rwstate=SSL_NOTHING;
+ return(n);
+ }
+
+int ssl2_write(s, buf, len)
+SSL *s;
+const char *buf;
+int len;
+ {
+ unsigned int n,tot;
+ int i;
+
+ if (SSL_in_init(s) && !s->in_handshake)
+ {
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL2_WRITE,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+
+ if (s->error)
+ {
+ ssl2_write_error(s);
+ if (s->error)
+ return(-1);
+ }
+
+ errno=0;
+ s->rwstate=SSL_NOTHING;
+ if (len <= 0) return(len);
+
+ tot=s->s2->wnum;
+ s->s2->wnum=0;
+
+ n=(len-tot);
+ for (;;)
+ {
+ i=do_ssl_write(s,&(buf[tot]),n);
+ if (i <= 0)
+ {
+ s->s2->wnum=tot;
+ return(i);
+ }
+ if (i == (int)n) return(tot+i);
+
+ n-=i;
+ tot+=i;
+ }
+ }
+
+static int write_pending(s,buf,len)
+SSL *s;
+const char *buf;
+unsigned int len;
+ {
+ int i;
+
+ /* s->s2->wpend_len != 0 MUST be true. */
+
+ /* check that they have given us the same buffer to
+ * write */
+ if ((s->s2->wpend_tot != (int)len) || (s->s2->wpend_buf != buf))
+ {
+ SSLerr(SSL_F_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
+ return(SSL_RWERR_BAD_WRITE_RETRY);
+ }
+
+ for (;;)
+ {
+ errno=0;
+ if (s->wbio != NULL)
+ {
+ s->rwstate=SSL_WRITING;
+ i=BIO_write(s->wbio,
+ (char *)&(s->s2->write_ptr[s->s2->wpend_off]),
+ (unsigned int)s->s2->wpend_len);
+ }
+ else
+ {
+ SSLerr(SSL_F_WRITE_PENDING,SSL_R_WRITE_BIO_NOT_SET);
+ i= -1;
+ }
+#ifdef PKT_DEBUG
+ if (s->debug & 0x01) sleep(1);
+#endif
+ if (i == s->s2->wpend_len)
+ {
+ s->s2->wpend_len=0;
+ s->rwstate=SSL_NOTHING;
+ return(s->s2->wpend_ret);
+ }
+ else if (i <= 0)
+ return(i);
+ s->s2->wpend_off+=i;
+ s->s2->wpend_len-=i;
+ }
+ }
+
+static int do_ssl_write(s, buf, len)
+SSL *s;
+const char *buf;
+unsigned int len;
+ {
+ unsigned int j,k,olen,p,mac_size,bs;
+ register unsigned char *pp;
+
+ olen=len;
+
+ /* first check if there is data from an encryption waiting to
+ * be sent - it must be sent because the other end is waiting.
+ * This will happen with non-blocking IO. We print it and then
+ * return.
+ */
+ if (s->s2->wpend_len != 0) return(write_pending(s,buf,len));
+
+ /* set mac_size to mac size */
+ if (s->s2->clear_text)
+ mac_size=0;
+ else
+ mac_size=EVP_MD_size(s->write_hash);
+
+ /* lets set the pad p */
+ if (s->s2->clear_text)
+ {
+ if (len > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+ len=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
+ p=0;
+ s->s2->three_byte_header=0;
+ /* len=len; */
+ }
+ else
+ {
+ bs=EVP_CIPHER_CTX_block_size(s->enc_read_ctx);
+ j=len+mac_size;
+ if ((j > SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER) &&
+ (!s->s2->escape))
+ {
+ if (j > SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER)
+ j=SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER;
+ /* set k to the max number of bytes with 2
+ * byte header */
+ k=j-(j%bs);
+ /* how many data bytes? */
+ len=k-mac_size;
+ s->s2->three_byte_header=0;
+ p=0;
+ }
+ else if ((bs <= 1) && (!s->s2->escape))
+ {
+ /* len=len; */
+ s->s2->three_byte_header=0;
+ p=0;
+ }
+ else /* 3 byte header */
+ {
+ /*len=len; */
+ p=(j%bs);
+ p=(p == 0)?0:(bs-p);
+ if (s->s2->escape)
+ s->s2->three_byte_header=1;
+ else
+ s->s2->three_byte_header=(p == 0)?0:1;
+ }
+ }
+ /* mac_size is the number of MAC bytes
+ * len is the number of data bytes we are going to send
+ * p is the number of padding bytes
+ * if p == 0, it is a 2 byte header */
+
+ s->s2->wlength=len;
+ s->s2->padding=p;
+ s->s2->mac_data= &(s->s2->wbuf[3]);
+ s->s2->wact_data= &(s->s2->wbuf[3+mac_size]);
+ /* we copy the data into s->s2->wbuf */
+ memcpy(s->s2->wact_data,buf,len);
+#ifdef PURIFY
+ if (p)
+ memset(&(s->s2->wact_data[len]),0,p);
+#endif
+
+ if (!s->s2->clear_text)
+ {
+ s->s2->wact_data_length=len+p;
+ ssl2_mac(s,s->s2->mac_data,1);
+ s->s2->wlength+=p+mac_size;
+ ssl2_enc(s,1);
+ }
+
+ /* package up the header */
+ s->s2->wpend_len=s->s2->wlength;
+ if (s->s2->three_byte_header) /* 3 byte header */
+ {
+ pp=s->s2->mac_data;
+ pp-=3;
+ pp[0]=(s->s2->wlength>>8)&(THREE_BYTE_MASK>>8);
+ if (s->s2->escape) pp[0]|=SEC_ESC_BIT;
+ pp[1]=s->s2->wlength&0xff;
+ pp[2]=s->s2->padding;
+ s->s2->wpend_len+=3;
+ }
+ else
+ {
+ pp=s->s2->mac_data;
+ pp-=2;
+ pp[0]=((s->s2->wlength>>8)&(TWO_BYTE_MASK>>8))|TWO_BYTE_BIT;
+ pp[1]=s->s2->wlength&0xff;
+ s->s2->wpend_len+=2;
+ }
+ s->s2->write_ptr=pp;
+
+ INC32(s->s2->write_sequence); /* expect next number */
+
+ /* lets try to actually write the data */
+ s->s2->wpend_tot=olen;
+ s->s2->wpend_buf=(char *)buf;
+
+ s->s2->wpend_ret=len;
+
+ s->s2->wpend_off=0;
+ return(write_pending(s,buf,olen));
+ }
+
+int ssl2_part_read(s,f,i)
+SSL *s;
+unsigned long f;
+int i;
+ {
+ unsigned char *p;
+ int j;
+
+ /* check for error */
+ if ((s->init_num == 0) && (i >= 3))
+ {
+ p=(unsigned char *)s->init_buf->data;
+ if (p[0] == SSL2_MT_ERROR)
+ {
+ j=(p[1]<<8)|p[2];
+ SSLerr((int)f,ssl_mt_error(j));
+ }
+ }
+
+ if (i < 0)
+ {
+ /* ssl2_return_error(s); */
+ /* for non-blocking io,
+ * this is not fatal */
+ return(i);
+ }
+ else
+ {
+ s->init_num+=i;
+ return(0);
+ }
+ }
+
+int ssl2_do_write(s)
+SSL *s;
+ {
+ int ret;
+
+ ret=ssl2_write(s,(char *)&(s->init_buf->data[s->init_off]),
+ s->init_num);
+ if (ret == s->init_num)
+ return(1);
+ if (ret < 0)
+ return(-1);
+ s->init_off+=ret;
+ s->init_num-=ret;
+ return(0);
+ }
+
+static int ssl_mt_error(n)
+int n;
+ {
+ int ret;
+
+ switch (n)
+ {
+ case SSL2_PE_NO_CIPHER:
+ ret=SSL_R_PEER_ERROR_NO_CIPHER;
+ break;
+ case SSL2_PE_NO_CERTIFICATE:
+ ret=SSL_R_PEER_ERROR_NO_CERTIFICATE;
+ break;
+ case SSL2_PE_BAD_CERTIFICATE:
+ ret=SSL_R_PEER_ERROR_CERTIFICATE;
+ break;
+ case SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE:
+ ret=SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE;
+ break;
+ default:
+ ret=SSL_R_UNKNOWN_REMOTE_ERROR_TYPE;
+ break;
+ }
+ return(ret);
+ }
diff --git a/ssl/s2_srvr.c b/ssl/s2_srvr.c
new file mode 100644
index 0000000..0112397
--- /dev/null
+++ b/ssl/s2_srvr.c
@@ -0,0 +1,983 @@
+/* ssl/s2_srvr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#ifdef NO_MD5
+#include "md5.h"
+#endif
+#include "bio.h"
+#include "rand.h"
+#include "objects.h"
+#include "ssl_locl.h"
+#include "evp.h"
+
+#ifndef NOPROTO
+static int get_client_master_key(SSL *s);
+static int get_client_hello(SSL *s);
+static int server_hello(SSL *s);
+static int get_client_finished(SSL *s);
+static int server_verify(SSL *s);
+static int server_finish(SSL *s);
+static int request_certificate(SSL *s);
+static int ssl_rsa_private_decrypt(CERT *c, int len, unsigned char *from,
+ unsigned char *to,int padding);
+#else
+static int get_client_master_key();
+static int get_client_hello();
+static int server_hello();
+static int get_client_finished();
+static int server_verify();
+static int server_finish();
+static int request_certificate();
+static int ssl_rsa_private_decrypt();
+#endif
+
+#define BREAK break
+
+static SSL_METHOD *ssl2_get_server_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv2_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv2_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv2_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv2_server_data,(char *)sslv2_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv2_server_data.ssl_accept=ssl2_accept;
+ SSLv2_server_data.get_ssl_method=ssl2_get_server_method;
+ }
+ return(&SSLv2_server_data);
+ }
+
+int ssl2_accept(s)
+SSL *s;
+ {
+ unsigned long l=time(NULL);
+ BUF_MEM *buf=NULL;
+ int ret= -1;
+ long num1;
+ void (*cb)()=NULL;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&l,sizeof(l));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ /* init things to blank */
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ if (((s->session == NULL) || (s->session->cert == NULL)) &&
+ (s->cert == NULL))
+ {
+ SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+ return(-1);
+ }
+
+ errno=0;
+ for (;;)
+ {
+ state=s->state;
+
+ switch (s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=2;
+ s->type=SSL_ST_ACCEPT;
+
+ buf=s->init_buf;
+ if ((buf == NULL) && ((buf=BUF_MEM_new()) == NULL))
+ { ret= -1; goto end; }
+ if (!BUF_MEM_grow(buf,(int)
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ { ret= -1; goto end; }
+ s->init_buf=buf;
+ s->init_num=0;
+ s->ctx->sess_accept++;
+ s->handshake_func=ssl2_accept;
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_GET_CLIENT_HELLO_A:
+ case SSL2_ST_GET_CLIENT_HELLO_B:
+ case SSL2_ST_GET_CLIENT_HELLO_C:
+ s->shutdown=0;
+ ret=get_client_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_SERVER_HELLO_A;
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_HELLO_A:
+ case SSL2_ST_SEND_SERVER_HELLO_B:
+ ret=server_hello(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ if (!s->hit)
+ {
+ s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_A;
+ BREAK;
+ }
+ else
+ {
+ s->state=SSL2_ST_SERVER_START_ENCRYPTION;
+ BREAK;
+ }
+ case SSL2_ST_GET_CLIENT_MASTER_KEY_A:
+ case SSL2_ST_GET_CLIENT_MASTER_KEY_B:
+ ret=get_client_master_key(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SERVER_START_ENCRYPTION;
+ BREAK;
+
+ case SSL2_ST_SERVER_START_ENCRYPTION:
+ /* Ok we how have sent all the stuff needed to
+ * start encrypting, the next packet back will
+ * be encrypted. */
+ if (!ssl2_enc_init(s,0))
+ { ret= -1; goto end; }
+ s->s2->clear_text=0;
+ s->state=SSL2_ST_SEND_SERVER_VERIFY_A;
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_VERIFY_A:
+ case SSL2_ST_SEND_SERVER_VERIFY_B:
+ ret=server_verify(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ if (s->hit)
+ {
+ /* If we are in here, we have been
+ * buffering the output, so we need to
+ * flush it and remove buffering from
+ * future traffic */
+ s->state=SSL2_ST_SEND_SERVER_VERIFY_C;
+ BREAK;
+ }
+ else
+ {
+ s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
+ break;
+ }
+
+ case SSL2_ST_SEND_SERVER_VERIFY_C:
+ /* get the number of bytes to write */
+ num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+ if (num1 != 0)
+ {
+ s->rwstate=SSL_WRITING;
+ num1=BIO_flush(s->wbio);
+ if (num1 <= 0) { ret= -1; goto end; }
+ s->rwstate=SSL_NOTHING;
+ }
+
+ /* flushed and now remove buffering */
+ s->wbio=BIO_pop(s->wbio);
+
+ s->state=SSL2_ST_GET_CLIENT_FINISHED_A;
+ BREAK;
+
+ case SSL2_ST_GET_CLIENT_FINISHED_A:
+ case SSL2_ST_GET_CLIENT_FINISHED_B:
+ ret=get_client_finished(s);
+ if (ret <= 0)
+ goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_A;
+ BREAK;
+
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_A:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_B:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_C:
+ case SSL2_ST_SEND_REQUEST_CERTIFICATE_D:
+ /* don't do a 'request certificate' if we
+ * don't want to, or we already have one, and
+ * we only want to do it once. */
+ if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
+ {
+ s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
+ break;
+ }
+ else
+ {
+ ret=request_certificate(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_SERVER_FINISHED_A;
+ }
+ BREAK;
+
+ case SSL2_ST_SEND_SERVER_FINISHED_A:
+ case SSL2_ST_SEND_SERVER_FINISHED_B:
+ ret=server_finish(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL_ST_OK;
+ break;
+
+ case SSL_ST_OK:
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+ s->init_num=0;
+ /* ERR_clear_error();*/
+
+ ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+
+ s->ctx->sess_accept_good++;
+ /* s->server=1; */
+ ret=1;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ BREAK;
+
+ default:
+ SSLerr(SSL_F_SSL2_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ BREAK;
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ s->in_handshake--;
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ return(ret);
+ }
+
+static int get_client_master_key(s)
+SSL *s;
+ {
+ int export,i,n,keya,ek;
+ unsigned char *p;
+ SSL_CIPHER *cp;
+ EVP_CIPHER *c;
+ EVP_MD *md;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_MASTER_KEY_A)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),10-s->init_num);
+
+ if (i < (10-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
+ if (*(p++) != SSL2_MT_CLIENT_MASTER_KEY)
+ {
+ if (p[-1] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_PEER_ERROR);
+ return(-1);
+ }
+
+ cp=ssl2_get_cipher_by_char(p);
+ if (cp == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,
+ SSL_R_NO_CIPHER_MATCH);
+ return(-1);
+ }
+ s->session->cipher= cp;
+
+ p+=3;
+ n2s(p,i); s->s2->tmp.clear=i;
+ n2s(p,i); s->s2->tmp.enc=i;
+ n2s(p,i); s->session->key_arg_length=i;
+ s->state=SSL2_ST_GET_CLIENT_MASTER_KEY_B;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_GET_CLIENT_MASTER_KEY_B */
+ p=(unsigned char *)s->init_buf->data;
+ keya=s->session->key_arg_length;
+ n=s->s2->tmp.clear+s->s2->tmp.enc+keya - s->init_num;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),n);
+ if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_MASTER_KEY,i));
+
+ memcpy(s->session->key_arg,&(p[s->s2->tmp.clear+s->s2->tmp.enc]),
+ (unsigned int)keya);
+
+ if (s->session->cert->key->privatekey == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_NO_PRIVATEKEY);
+ return(-1);
+ }
+ i=ssl_rsa_private_decrypt(s->cert,s->s2->tmp.enc,
+ &(p[s->s2->tmp.clear]),&(p[s->s2->tmp.clear]),
+ (s->s2->ssl2_rollback)?RSA_SSLV23_PADDING:RSA_PKCS1_PADDING);
+
+ export=(s->session->cipher->algorithms & SSL_EXP)?1:0;
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&md))
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CIPHER);
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS);
+ return(0);
+ }
+
+ if (s->session->cipher->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ {
+ export=1;
+ ek=8;
+ }
+ else
+ ek=5;
+
+ /* bad decrypt */
+#if 1
+ /* If a bad decrypt, continue with protocol but with a
+ * dud master secret */
+ if ((i < 0) ||
+ ((!export && (i != EVP_CIPHER_key_length(c)))
+ || ( export && ((i != ek) || (s->s2->tmp.clear+i !=
+ EVP_CIPHER_key_length(c))))))
+ {
+ if (export)
+ i=ek;
+ else
+ i=EVP_CIPHER_key_length(c);
+ RAND_bytes(p,i);
+ }
+#else
+ if (i < 0)
+ {
+ error=1;
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_BAD_RSA_DECRYPT);
+ }
+ /* incorrect number of key bytes for non export cipher */
+ else if ((!export && (i != EVP_CIPHER_key_length(c)))
+ || ( export && ((i != ek) || (s->s2->tmp.clear+i !=
+ EVP_CIPHER_key_length(c)))))
+ {
+ error=1;
+ SSLerr(SSL_F_GET_CLIENT_MASTER_KEY,SSL_R_WRONG_NUMBER_OF_KEY_BITS);
+ }
+ if (error)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+#endif
+
+ if (export) i+=s->s2->tmp.clear;
+ s->session->master_key_length=i;
+ memcpy(s->session->master_key,p,(unsigned int)i);
+ return(1);
+ }
+
+static int get_client_hello(s)
+SSL *s;
+ {
+ int i,n;
+ unsigned char *p;
+ STACK *cs; /* a stack of SSL_CIPHERS */
+ STACK *cl; /* the ones we want to use */
+ int z;
+
+ /* This is a bit of a hack to check for the correct packet
+ * type the first time round. */
+ if (s->state == SSL2_ST_GET_CLIENT_HELLO_A)
+ {
+ s->first_packet=1;
+ s->state=SSL2_ST_GET_CLIENT_HELLO_B;
+ }
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_HELLO_B)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),9-s->init_num);
+ if (i < (9-s->init_num))
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
+
+ if (*(p++) != SSL2_MT_CLIENT_HELLO)
+ {
+ if (p[-1] != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ n2s(p,i);
+ if (i < s->version) s->version=i;
+ n2s(p,i); s->s2->tmp.cipher_spec_length=i;
+ n2s(p,i); s->s2->tmp.session_id_length=i;
+ n2s(p,i); s->s2->challenge_length=i;
+ if ( (i < SSL2_MIN_CHALLENGE_LENGTH) ||
+ (i > SSL2_MAX_CHALLENGE_LENGTH))
+ {
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_INVALID_CHALLENGE_LENGTH);
+ return(-1);
+ }
+ s->state=SSL2_ST_GET_CLIENT_HELLO_C;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_GET_CLIENT_HELLO_C */
+ p=(unsigned char *)s->init_buf->data;
+ n=s->s2->tmp.cipher_spec_length+s->s2->challenge_length+
+ s->s2->tmp.session_id_length-s->init_num;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),n);
+ if (i != n) return(ssl2_part_read(s,SSL_F_GET_CLIENT_HELLO,i));
+
+ /* get session-id before cipher stuff so we can get out session
+ * structure if it is cached */
+ /* session-id */
+ if ((s->s2->tmp.session_id_length != 0) &&
+ (s->s2->tmp.session_id_length != SSL2_SSL_SESSION_ID_LENGTH))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_BAD_SSL_SESSION_ID_LENGTH);
+ return(-1);
+ }
+
+ if (s->s2->tmp.session_id_length == 0)
+ {
+ if (!ssl_get_new_session(s,1))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+ else
+ {
+ i=ssl_get_prev_session(s,s->s2->tmp.session_id_length,
+ &(p[s->s2->tmp.cipher_spec_length]));
+ if (i == 1)
+ { /* previous session */
+ s->hit=1;
+ }
+ else if (i == -1)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ else
+ {
+ if (s->cert == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
+ SSLerr(SSL_F_GET_CLIENT_HELLO,SSL_R_NO_CERTIFICATE_SET);
+ return(-1);
+ }
+
+ if (!ssl_get_new_session(s,1))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ return(-1);
+ }
+ }
+ }
+
+ if (!s->hit)
+ {
+ cs=ssl_bytes_to_cipher_list(s,p,s->s2->tmp.cipher_spec_length,
+ &s->session->ciphers);
+ if (cs == NULL) goto mem_err;
+
+ cl=ssl_get_ciphers_by_id(s);
+
+ for (z=0; z<sk_num(cs); z++)
+ {
+ if (sk_find(cl,sk_value(cs,z)) < 0)
+ {
+ sk_delete(cs,z);
+ z--;
+ }
+ }
+
+ /* s->session->ciphers should now have a list of
+ * ciphers that are on both the client and server.
+ * This list is ordered by the order the client sent
+ * the ciphers.
+ */
+ }
+ p+=s->s2->tmp.cipher_spec_length;
+ /* done cipher selection */
+
+ /* session id extracted already */
+ p+=s->s2->tmp.session_id_length;
+
+ /* challenge */
+ memcpy(s->s2->challenge,p,(unsigned int)s->s2->challenge_length);
+ return(1);
+mem_err:
+ SSLerr(SSL_F_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+static int server_hello(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ int n,hit;
+ STACK *sk;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_SEND_SERVER_HELLO_A)
+ {
+ d=p+11;
+ *(p++)=SSL2_MT_SERVER_HELLO; /* type */
+ hit=s->hit;
+ *(p++)=(unsigned char)hit;
+ if (!hit)
+ { /* else add cert to session */
+ CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ if (s->session->cert != NULL)
+ ssl_cert_free(s->session->cert);
+ s->session->cert=s->cert;
+ }
+ else /* We have a session id-cache hit, if the
+ * session-id has no certificate listed against
+ * the 'cert' structure, grab the 'old' one
+ * listed against the SSL connection */
+ {
+ if (s->session->cert == NULL)
+ {
+ CRYPTO_add(&s->cert->references,1,
+ CRYPTO_LOCK_SSL_CERT);
+ s->session->cert=s->cert;
+ }
+ }
+
+ if (s->session->cert == NULL)
+ {
+ ssl2_return_error(s,SSL2_PE_NO_CERTIFICATE);
+ SSLerr(SSL_F_SERVER_HELLO,SSL_R_NO_CERTIFICATE_SPECIFIED);
+ return(-1);
+ }
+
+ if (hit)
+ {
+ *(p++)=0; /* no certificate type */
+ s2n(s->version,p); /* version */
+ s2n(0,p); /* cert len */
+ s2n(0,p); /* ciphers len */
+ }
+ else
+ {
+ /* EAY EAY */
+ /* put certificate type */
+ *(p++)=SSL2_CT_X509_CERTIFICATE;
+ s2n(s->version,p); /* version */
+ n=i2d_X509(s->cert->key->x509,NULL);
+ s2n(n,p); /* certificate length */
+ i2d_X509(s->cert->key->x509,&d);
+ n=0;
+
+ /* lets send out the ciphers we like in the
+ * prefered order */
+ sk= s->session->ciphers;
+ n=ssl_cipher_list_to_bytes(s,s->session->ciphers,d);
+ d+=n;
+ s2n(n,p); /* add cipher length */
+ }
+
+ /* make and send conn_id */
+ s2n(SSL2_CONNECTION_ID_LENGTH,p); /* add conn_id length */
+ s->s2->conn_id_length=SSL2_CONNECTION_ID_LENGTH;
+ RAND_bytes(s->s2->conn_id,(int)s->s2->conn_id_length);
+ memcpy(d,s->s2->conn_id,SSL2_CONNECTION_ID_LENGTH);
+ d+=SSL2_CONNECTION_ID_LENGTH;
+
+ s->state=SSL2_ST_SEND_SERVER_HELLO_B;
+ s->init_num=d-(unsigned char *)s->init_buf->data;
+ s->init_off=0;
+ }
+ /* SSL2_ST_SEND_SERVER_HELLO_B */
+ /* If we are using TCP/IP, the performace is bad if we do 2
+ * writes without a read between them. This occurs when
+ * Session-id reuse is used, so I will put in a buffering module
+ */
+ if (s->hit)
+ {
+ BIO *buf;
+
+ if (s->bbio == NULL)
+ {
+ buf=BIO_new(BIO_f_buffer());
+ if (buf == NULL)
+ {
+ SSLerr(SSL_F_SERVER_HELLO,ERR_LIB_BUF);
+ return(-1);
+ }
+ s->bbio=buf;
+ }
+ else
+ buf=s->bbio;
+
+ BIO_reset(buf);
+ s->wbio=BIO_push(buf,s->wbio);
+ }
+
+ return(ssl2_do_write(s));
+ }
+
+static int get_client_finished(s)
+SSL *s;
+ {
+ unsigned char *p;
+ int i;
+
+ p=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL2_ST_GET_CLIENT_FINISHED_A)
+ {
+ i=ssl2_read(s,(char *)&(p[s->init_num]),1-s->init_num);
+ if (i < 1-s->init_num)
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
+
+ if (*p != SSL2_MT_CLIENT_FINISHED)
+ {
+ if (*p != SSL2_MT_ERROR)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_READ_WRONG_PACKET_TYPE);
+ }
+ else
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_PEER_ERROR);
+ return(-1);
+ }
+ s->init_num=0;
+ s->state=SSL2_ST_GET_CLIENT_FINISHED_B;
+ }
+
+ /* SSL2_ST_GET_CLIENT_FINISHED_B */
+ i=ssl2_read(s,(char *)&(p[s->init_num]),s->s2->conn_id_length-s->init_num);
+ if (i < (int)s->s2->conn_id_length-s->init_num)
+ {
+ return(ssl2_part_read(s,SSL_F_GET_CLIENT_FINISHED,i));
+ }
+ if (memcmp(p,s->s2->conn_id,(unsigned int)s->s2->conn_id_length) != 0)
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_GET_CLIENT_FINISHED,SSL_R_CONNECTION_ID_IS_DIFFERENT);
+ return(-1);
+ }
+ return(1);
+ }
+
+static int server_verify(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_SERVER_VERIFY_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_SERVER_VERIFY;
+ memcpy(p,s->s2->challenge,(unsigned int)s->s2->challenge_length);
+ /* p+=s->s2->challenge_length; */
+
+ s->state=SSL2_ST_SEND_SERVER_VERIFY_B;
+ s->init_num=s->s2->challenge_length+1;
+ s->init_off=0;
+ }
+ return(ssl2_do_write(s));
+ }
+
+static int server_finish(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL2_ST_SEND_SERVER_FINISHED_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_SERVER_FINISHED;
+
+ memcpy(p,s->session->session_id,
+ (unsigned int)s->session->session_id_length);
+ /* p+=s->session->session_id_length; */
+
+ s->state=SSL2_ST_SEND_SERVER_FINISHED_B;
+ s->init_num=s->session->session_id_length+1;
+ s->init_off=0;
+ }
+
+ /* SSL2_ST_SEND_SERVER_FINISHED_B */
+ return(ssl2_do_write(s));
+ }
+
+/* send the request and check the response */
+static int request_certificate(s)
+SSL *s;
+ {
+ unsigned char *p,*p2,*buf2;
+ unsigned char *ccd;
+ int i,j,ctype,ret= -1;
+ X509 *x509=NULL;
+ STACK *sk=NULL;
+
+ ccd=s->s2->tmp.ccl;
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL2_MT_REQUEST_CERTIFICATE;
+ *(p++)=SSL2_AT_MD5_WITH_RSA_ENCRYPTION;
+ RAND_bytes(ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+ memcpy(p,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_B;
+ s->init_num=SSL2_MIN_CERT_CHALLENGE_LENGTH+2;
+ s->init_off=0;
+ }
+
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_B)
+ {
+ i=ssl2_do_write(s);
+ if (i <= 0)
+ {
+ ret=i;
+ goto end;
+ }
+
+ s->init_num=0;
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_C;
+ }
+
+ if (s->state == SSL2_ST_SEND_REQUEST_CERTIFICATE_C)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),6-s->init_num);
+ if (i < 3)
+ {
+ ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
+ goto end;
+ }
+
+ if ((*p == SSL2_MT_ERROR) && (i >= 3))
+ {
+ n2s(p,i);
+ if (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT)
+ {
+ ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ goto end;
+ }
+ ret=1;
+ goto end;
+ }
+ if ((*(p++) != SSL2_MT_CLIENT_CERTIFICATE) || (i < 6))
+ {
+ ssl2_return_error(s,SSL2_PE_UNDEFINED_ERROR);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_SHORT_READ);
+ goto end;
+ }
+ /* ok we have a response */
+ /* certificate type, there is only one right now. */
+ ctype= *(p++);
+ if (ctype != SSL2_AT_MD5_WITH_RSA_ENCRYPTION)
+ {
+ ssl2_return_error(s,SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE);
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_RESPONSE_ARGUMENT);
+ goto end;
+ }
+ n2s(p,i); s->s2->tmp.clen=i;
+ n2s(p,i); s->s2->tmp.rlen=i;
+ s->state=SSL2_ST_SEND_REQUEST_CERTIFICATE_D;
+ s->init_num=0;
+ }
+
+ /* SSL2_ST_SEND_REQUEST_CERTIFICATE_D */
+ p=(unsigned char *)s->init_buf->data;
+ j=s->s2->tmp.clen+s->s2->tmp.rlen-s->init_num;
+ i=ssl2_read(s,(char *)&(p[s->init_num]),j);
+ if (i < j)
+ {
+ ret=ssl2_part_read(s,SSL_F_REQUEST_CERTIFICATE,i);
+ goto end;
+ }
+
+ x509=(X509 *)d2i_X509(NULL,&p,(long)s->s2->tmp.clen);
+ if (x509 == NULL)
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_X509_LIB);
+ goto msg_end;
+ }
+
+ if (((sk=sk_new_null()) == NULL) || (!sk_push(sk,(char *)x509)))
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto msg_end;
+ }
+
+ i=ssl_verify_cert_chain(s,sk);
+
+ if (i) /* we like the packet, now check the chksum */
+ {
+ EVP_MD_CTX ctx;
+ EVP_PKEY *pkey=NULL;
+
+ EVP_VerifyInit(&ctx,EVP_md5());
+ EVP_VerifyUpdate(&ctx,s->s2->key_material,
+ (unsigned int)s->s2->key_material_length);
+ EVP_VerifyUpdate(&ctx,ccd,SSL2_MIN_CERT_CHALLENGE_LENGTH);
+
+ i=i2d_X509(s->session->cert->key->x509,NULL);
+ buf2=(unsigned char *)Malloc((unsigned int)i);
+ if (buf2 == NULL)
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto msg_end;
+ }
+ p2=buf2;
+ i=i2d_X509(s->session->cert->key->x509,&p2);
+ EVP_VerifyUpdate(&ctx,buf2,(unsigned int)i);
+ Free(buf2);
+
+ pkey=X509_get_pubkey(x509);
+ if (pkey == NULL) goto end;
+ i=EVP_VerifyFinal(&ctx,p,s->s2->tmp.rlen,pkey);
+ memset(&ctx,0,sizeof(ctx));
+
+ if (i)
+ {
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+ s->session->peer=x509;
+ CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
+ ret=1;
+ goto end;
+ }
+ else
+ {
+ SSLerr(SSL_F_REQUEST_CERTIFICATE,SSL_R_BAD_CHECKSUM);
+ goto msg_end;
+ }
+ }
+ else
+ {
+msg_end:
+ ssl2_return_error(s,SSL2_PE_BAD_CERTIFICATE);
+ }
+end:
+ if (sk != NULL) sk_free(sk);
+ if (x509 != NULL) X509_free(x509);
+ return(ret);
+ }
+
+static int ssl_rsa_private_decrypt(c, len, from, to,padding)
+CERT *c;
+int len;
+unsigned char *from;
+unsigned char *to;
+int padding;
+ {
+ RSA *rsa;
+ int i;
+
+ if ((c == NULL) || (c->key->privatekey == NULL))
+ {
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_NO_PRIVATEKEY);
+ return(-1);
+ }
+ if (c->key->privatekey->type != EVP_PKEY_RSA)
+ {
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,SSL_R_PUBLIC_KEY_IS_NOT_RSA);
+ return(-1);
+ }
+ rsa=c->key->privatekey->pkey.rsa;
+
+ /* we have the public key */
+ i=RSA_private_decrypt(len,from,to,rsa,padding);
+ if (i < 0)
+ SSLerr(SSL_F_SSL_RSA_PRIVATE_DECRYPT,ERR_R_RSA_LIB);
+ return(i);
+ }
+
diff --git a/ssl/s3_both.c b/ssl/s3_both.c
new file mode 100644
index 0000000..1d710ee
--- /dev/null
+++ b/ssl/s3_both.c
@@ -0,0 +1,444 @@
+/* ssl/s3_both.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+/* SSL3err(SSL_F_SSL3_GET_FINISHED,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ */
+
+unsigned char ssl3_server_finished_const[4]=
+ {SSL3_MD_SERVER_FINISHED_CONST};
+unsigned char ssl3_client_finished_const[4]=
+ {SSL3_MD_CLIENT_FINISHED_CONST};
+
+int ssl3_send_finished(s,a,b,sender)
+SSL *s;
+int a;
+int b;
+unsigned char *sender;
+ {
+ unsigned char *p,*d;
+ int i;
+ unsigned long l;
+
+ if (s->state == a)
+ {
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+
+ i=ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),sender,p);
+ p+=i;
+ l=i;
+ i=ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),sender,p);
+ l+=i;
+
+ *(d++)=SSL3_MT_FINISHED;
+ l2n3(l,d);
+ s->init_num=(int)l+4;
+ s->init_off=0;
+
+ s->state=b;
+ }
+
+ /* SSL3_ST_SEND_xxxxxx_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+int ssl3_get_finished(s,a,b,sender)
+SSL *s;
+int a;
+int b;
+unsigned char *sender;
+ {
+ int al,i,j,ok;
+ long n;
+ unsigned char *p;
+
+ /* the mac has already been generated when we received the
+ * change cipher spec message and is in s->s3->tmp.in_dgst[12]
+ */
+
+ n=ssl3_get_message(s,
+ a,
+ b,
+ SSL3_MT_FINISHED,
+ 64, /* should actually be 36+4 :-) */
+ &ok);
+
+ if (!ok) return((int)n);
+
+ /* If this occurs if we has missed a message */
+ if (!s->s3->change_cipher_spec)
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_GOT_A_FIN_BEFORE_A_CCS);
+ goto f_err;
+ }
+ s->s3->change_cipher_spec=0;
+
+ p=(unsigned char *)s->init_buf->data;
+
+ i=EVP_MD_CTX_size(&(s->s3->finish_dgst1));
+ j=EVP_MD_CTX_size(&(s->s3->finish_dgst2));
+
+ if ((i+j) != n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_BAD_DIGEST_LENGTH);
+ goto f_err;
+ }
+
+ if ( (memcmp( p, &(s->s3->tmp.finish_md1[0]),i) != 0) ||
+ (memcmp(&(p[i]),&(s->s3->tmp.finish_md2[0]),j) != 0))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_FINISHED,SSL_R_DIGEST_CHECK_FAILED);
+ goto f_err;
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ return(0);
+ }
+
+/* for these 2 messages, we need to
+ * ssl->enc_read_ctx re-init
+ * ssl->s3->read_sequence zero
+ * ssl->s3->read_mac_secret re-init
+ * ssl->session->read_sym_enc assign
+ * ssl->session->read_compression assign
+ * ssl->session->read_hash assign
+ */
+int ssl3_send_change_cipher_spec(s,a,b)
+SSL *s;
+int a,b;
+ {
+ unsigned char *p;
+
+ if (s->state == a)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *p=SSL3_MT_CCS;
+ s->init_num=1;
+ s->init_off=0;
+
+ s->state=b;
+ }
+
+ /* SSL3_ST_CW_CHANGE_B */
+ return(ssl3_do_write(s,SSL3_RT_CHANGE_CIPHER_SPEC));
+ }
+
+unsigned long ssl3_output_cert_chain(s,x)
+SSL *s;
+X509 *x;
+ {
+ unsigned char *p;
+ int n,i;
+ unsigned long l=7;
+ BUF_MEM *buf;
+ X509_STORE_CTX xs_ctx;
+ X509_OBJECT obj;
+
+ X509_STORE_CTX_init(&xs_ctx,s->ctx->cert_store,NULL,NULL);
+
+ buf=s->init_buf;
+ for (;;)
+ {
+ n=i2d_X509(x,NULL);
+ if (!BUF_MEM_grow(buf,(int)(n+l+3)))
+ {
+ SSLerr(SSL_F_SSL3_OUTPUT_CERT_CHAIN,ERR_R_BUF_LIB);
+ return(0);
+ }
+ p=(unsigned char *)&(buf->data[l]);
+ l2n3(n,p);
+ i2d_X509(x,&p);
+ l+=n+3;
+ if (X509_NAME_cmp(X509_get_subject_name(x),
+ X509_get_issuer_name(x)) == 0) break;
+
+ i=X509_STORE_get_by_subject(&xs_ctx,X509_LU_X509,
+ X509_get_issuer_name(x),&obj);
+ if (i <= 0) break;
+ x=obj.data.x509;
+ /* Count is one too high since the X509_STORE_get uped the
+ * ref count */
+ X509_free(x);
+ }
+
+ X509_STORE_CTX_cleanup(&xs_ctx);
+
+ l-=7;
+ p=(unsigned char *)&(buf->data[4]);
+ l2n3(l,p);
+ l+=3;
+ p=(unsigned char *)&(buf->data[0]);
+ *(p++)=SSL3_MT_CERTIFICATE;
+ l2n3(l,p);
+ l+=4;
+ return(l);
+ }
+
+long ssl3_get_message(s,st1,stn,mt,max,ok)
+SSL *s;
+int st1,stn,mt;
+long max;
+int *ok;
+ {
+ unsigned char *p;
+ unsigned long l;
+ long n;
+ int i,al;
+
+ if (s->s3->tmp.reuse_message)
+ {
+ s->s3->tmp.reuse_message=0;
+ if ((mt >= 0) && (s->s3->tmp.message_type != mt))
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ *ok=1;
+ return((int)s->s3->tmp.message_size);
+ }
+
+ p=(unsigned char *)s->init_buf->data;
+
+ if (s->state == st1)
+ {
+ i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,
+ (char *)&(p[s->init_num]),
+ 4-s->init_num);
+ if (i < (4-s->init_num))
+ {
+ *ok=0;
+ return(ssl3_part_read(s,i));
+ }
+
+ if ((mt >= 0) && (*p != mt))
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_UNEXPECTED_MESSAGE);
+ goto f_err;
+ }
+ s->s3->tmp.message_type= *(p++);
+
+ n2l3(p,l);
+ if (l > (unsigned long)max)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,SSL_R_EXCESSIVE_MESSAGE_SIZE);
+ goto f_err;
+ }
+ if (l && !BUF_MEM_grow(s->init_buf,(int)l))
+ {
+ SSLerr(SSL_F_SSL3_GET_MESSAGE,ERR_R_BUF_LIB);
+ goto err;
+ }
+ s->s3->tmp.message_size=l;
+ s->state=stn;
+
+ s->init_num=0;
+ }
+
+ /* next state (stn) */
+ p=(unsigned char *)s->init_buf->data;
+ n=s->s3->tmp.message_size;
+ if (n > 0)
+ {
+ i=ssl3_read_bytes(s,SSL3_RT_HANDSHAKE,
+ (char *)&(p[s->init_num]),(int)n);
+ if (i != (int)n)
+ {
+ *ok=0;
+ return(ssl3_part_read(s,i));
+ }
+ }
+ *ok=1;
+ return(n);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ *ok=0;
+ return(-1);
+ }
+
+int ssl_cert_type(x,pkey)
+X509 *x;
+EVP_PKEY *pkey;
+ {
+ EVP_PKEY *pk;
+ int ret= -1,i,j;
+
+ if (pkey == NULL)
+ pk=X509_get_pubkey(x);
+ else
+ pk=pkey;
+ if (pk == NULL) goto err;
+
+ i=pk->type;
+ if (i == EVP_PKEY_RSA)
+ {
+ ret=SSL_PKEY_RSA_ENC;
+ if (x != NULL)
+ {
+ j=X509_get_ext_count(x);
+ /* check to see if this is a signing only certificate */
+ /* EAY EAY EAY EAY */
+ }
+ }
+ else if (i == EVP_PKEY_DSA)
+ {
+ ret=SSL_PKEY_DSA_SIGN;
+ }
+ else if (i == EVP_PKEY_DH)
+ {
+ /* if we just have a key, we needs to be guess */
+
+ if (x == NULL)
+ ret=SSL_PKEY_DH_DSA;
+ else
+ {
+ j=X509_get_signature_type(x);
+ if (j == EVP_PKEY_RSA)
+ ret=SSL_PKEY_DH_RSA;
+ else if (j== EVP_PKEY_DSA)
+ ret=SSL_PKEY_DH_DSA;
+ else ret= -1;
+ }
+ }
+ else
+ ret= -1;
+
+err:
+ return(ret);
+ }
+
+int ssl_verify_alarm_type(type)
+int type;
+ {
+ int al;
+
+ switch(type)
+ {
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT:
+
+ case X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE:
+ case X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY:
+ case X509_V_ERR_CERT_SIGNATURE_FAILURE:
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD:
+ case X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD:
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ case X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN:
+ case X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY:
+ case X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE:
+ al=SSL3_AD_BAD_CERTIFICATE;
+ break;
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ al=SSL3_AD_CERTIFICATE_EXPIRED;
+ break;
+ default:
+ al=SSL3_AD_CERTIFICATE_UNKNOWN;
+ break;
+ }
+ return(al);
+ }
+
+int ssl3_setup_buffers(s)
+SSL *s;
+ {
+ unsigned char *p;
+ unsigned int extra;
+
+ if (s->s3->rbuf.buf == NULL)
+ {
+ if (s->ctx->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+ extra=SSL3_RT_MAX_EXTRA;
+ else
+ extra=0;
+ if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE+extra))
+ == NULL)
+ goto err;
+ s->s3->rbuf.buf=p;
+ }
+
+ if (s->s3->wbuf.buf == NULL)
+ {
+ if ((p=(unsigned char *)Malloc(SSL3_RT_MAX_PACKET_SIZE))
+ == NULL)
+ goto err;
+ s->s3->wbuf.buf=p;
+ }
+ s->packet= &(s->s3->rbuf.buf[0]);
+ return(1);
+err:
+ SSLerr(SSL_F_SSL3_SETUP_BUFFERS,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
new file mode 100644
index 0000000..4f551d2
--- /dev/null
+++ b/ssl/s3_clnt.c
@@ -0,0 +1,1642 @@
+/* ssl/s3_clnt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+/* SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_SERVER_DONE,ERR_R_MALLOC_FAILURE);
+SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
+ */
+
+#ifndef NOPROTO
+static int ssl3_client_hello(SSL *s);
+static int ssl3_get_server_hello(SSL *s);
+static int ssl3_get_certificate_request(SSL *s);
+static int ca_dn_cmp(X509_NAME **a,X509_NAME **b);
+static int ssl3_get_server_done(SSL *s);
+static int ssl3_send_client_verify(SSL *s);
+static int ssl3_send_client_certificate(SSL *s);
+static int ssl3_send_client_key_exchange(SSL *s);
+static int ssl3_get_key_exchange(SSL *s);
+static int ssl3_get_server_certificate(SSL *s);
+static int ssl3_check_cert_and_algorithm(SSL *s);
+#else
+static int ssl3_client_hello();
+static int ssl3_get_server_hello();
+static int ssl3_get_certificate_request();
+static int ca_dn_cmp();
+static int ssl3_get_server_done();
+static int ssl3_send_client_verify();
+static int ssl3_send_client_certificate();
+static int ssl3_send_client_key_exchange();
+static int ssl3_get_key_exchange();
+static int ssl3_get_server_certificate();
+static int ssl3_check_cert_and_algorithm();
+#endif
+
+static SSL_METHOD *ssl3_get_client_method(ver)
+int ver;
+ {
+ if (ver == 3)
+ return(SSLv3_client_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv3_client_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv3_client_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv3_client_data,(char *)sslv3_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv3_client_data.ssl_connect=ssl3_connect;
+ SSLv3_client_data.get_ssl_method=ssl3_get_client_method;
+ }
+ return(&SSLv3_client_data);
+ }
+
+int ssl3_connect(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL),l;
+ long num1;
+ void (*cb)()=NULL;
+ int ret= -1;
+ BIO *bbio,*under;
+ int new_state,state,skip=0;;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_RENEGOTIATE:
+ s->new_session=1;
+ s->state=SSL_ST_CONNECT;
+ /* break */
+ case SSL_ST_BEFORE:
+ case SSL_ST_CONNECT:
+ case SSL_ST_BEFORE|SSL_ST_CONNECT:
+ case SSL_ST_OK|SSL_ST_CONNECT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=3;
+ s->type=SSL_ST_CONNECT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ if (!ssl3_setup_buffers(s)) { ret= -1; goto end; }
+
+ /* setup buffing BIO */
+ if (s->bbio == NULL)
+ {
+ bbio=BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+ {
+ SSLerr(SSL_F_SSL3_CONNECT,ERR_LIB_BUF);
+ ret= -1;
+ goto end;
+ }
+ s->bbio=bbio;
+ }
+ else
+ bbio=s->bbio;
+
+ BIO_reset(bbio);
+ if (!BIO_set_write_buffer_size(bbio,16*1024))
+ {
+ SSLerr(SSL_F_SSL3_CONNECT,ERR_LIB_BUF);
+ ret= -1;
+ goto end;
+ }
+
+ /* don't push the buffering BIO quite yet */
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL3_ST_CW_CLNT_HELLO_A;
+ s->ctx->sess_connect++;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_CLNT_HELLO_A:
+ case SSL3_ST_CW_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl3_client_hello(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CR_SRVR_HELLO_A;
+ s->init_num=0;
+
+ /* turn on buffering for the next lot of output */
+ s->wbio=BIO_push(s->bbio,s->wbio);
+
+ break;
+
+ case SSL3_ST_CR_SRVR_HELLO_A:
+ case SSL3_ST_CR_SRVR_HELLO_B:
+ ret=ssl3_get_server_hello(s);
+ if (ret <= 0) goto end;
+ if (s->hit)
+ s->state=SSL3_ST_CR_FINISHED_A;
+ else
+ s->state=SSL3_ST_CR_CERT_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_CERT_A:
+ case SSL3_ST_CR_CERT_B:
+ /* Check if it is anon DH */
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ {
+ ret=ssl3_get_server_certificate(s);
+ if (ret <= 0) goto end;
+ }
+ else
+ skip=1;
+ s->state=SSL3_ST_CR_KEY_EXCH_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_KEY_EXCH_A:
+ case SSL3_ST_CR_KEY_EXCH_B:
+ ret=ssl3_get_key_exchange(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CR_CERT_REQ_A;
+ s->init_num=0;
+
+ /* at this point we check that we have the
+ * required stuff from the server */
+ if (!ssl3_check_cert_and_algorithm(s))
+ {
+ ret= -1;
+ goto end;
+ }
+ break;
+
+ case SSL3_ST_CR_CERT_REQ_A:
+ case SSL3_ST_CR_CERT_REQ_B:
+ ret=ssl3_get_certificate_request(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CR_SRVR_DONE_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_SRVR_DONE_A:
+ case SSL3_ST_CR_SRVR_DONE_B:
+ ret=ssl3_get_server_done(s);
+ if (ret <= 0) goto end;
+ if (s->s3->tmp.cert_req)
+ s->state=SSL3_ST_CW_CERT_A;
+ else
+ s->state=SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num=0;
+
+ break;
+
+ case SSL3_ST_CW_CERT_A:
+ case SSL3_ST_CW_CERT_B:
+ case SSL3_ST_CW_CERT_C:
+ ret=ssl3_send_client_certificate(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_KEY_EXCH_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_KEY_EXCH_A:
+ case SSL3_ST_CW_KEY_EXCH_B:
+ ret=ssl3_send_client_key_exchange(s);
+ if (ret <= 0) goto end;
+ l=s->s3->tmp.new_cipher->algorithms;
+ /* EAY EAY EAY need to check for DH fix cert
+ * sent back */
+ if ((s->s3->tmp.cert_req) && 1)
+ {
+ s->state=SSL3_ST_CW_CERT_VRFY_A;
+ }
+ else
+ {
+ s->state=SSL3_ST_CW_CHANGE_A;
+ s->s3->change_cipher_spec=0;
+ }
+
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_CERT_VRFY_A:
+ case SSL3_ST_CW_CERT_VRFY_B:
+ ret=ssl3_send_client_verify(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_CHANGE_A;
+ s->init_num=0;
+ s->s3->change_cipher_spec=0;
+ break;
+
+ case SSL3_ST_CW_CHANGE_A:
+ case SSL3_ST_CW_CHANGE_B:
+ ret=ssl3_send_change_cipher_spec(s,
+ SSL3_ST_CW_CHANGE_A,SSL3_ST_CW_CHANGE_B);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_FINISHED_A;
+ s->init_num=0;
+
+ s->session->cipher=s->s3->tmp.new_cipher;
+ if (!ssl3_setup_key_block(s))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ if (!ssl3_change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_CLIENT_WRITE))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ break;
+
+ case SSL3_ST_CW_FINISHED_A:
+ case SSL3_ST_CW_FINISHED_B:
+ ret=ssl3_send_finished(s,
+ SSL3_ST_CW_FINISHED_A,SSL3_ST_CW_FINISHED_B,
+ &(ssl3_client_finished_const[0]));
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_CW_FLUSH;
+
+ /* clear flags */
+ s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+ if (s->hit)
+ {
+ s->s3->tmp.next_state=SSL_ST_OK;
+ if (s->s3->flags & SSL3_FLAGS_DELAY_CLIENT_FINISHED)
+ {
+ s->state=SSL_ST_OK;
+ s->s3->flags|=SSL3_FLAGS_POP_BUFFER;
+ s->s3->delay_buf_pop_ret=0;
+ }
+ }
+ else
+ {
+ s->s3->tmp.next_state=SSL3_ST_CR_FINISHED_A;
+ }
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CR_FINISHED_A:
+ case SSL3_ST_CR_FINISHED_B:
+
+ ret=ssl3_get_finished(s,SSL3_ST_CR_FINISHED_A,
+ SSL3_ST_CR_FINISHED_B,
+ &(ssl3_server_finished_const[0]));
+ if (ret <= 0) goto end;
+
+ if (s->hit)
+ s->state=SSL3_ST_CW_CHANGE_A;
+ else
+ s->state=SSL_ST_OK;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_CW_FLUSH:
+ /* number of bytes to be flushed */
+ num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+ if (num1 > 0)
+ {
+ s->rwstate=SSL_WRITING;
+ num1=BIO_flush(s->wbio);
+ if (num1 <= 0) { ret= -1; goto end; }
+ s->rwstate=SSL_NOTHING;
+ }
+
+ s->state=s->s3->tmp.next_state;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+
+ if (!(s->s3->flags & SSL3_FLAGS_POP_BUFFER))
+ {
+ /* remove buffering */
+ under=BIO_pop(s->wbio);
+ if (under != NULL)
+ s->wbio=under;
+ else
+ abort(); /* ok */
+
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+ }
+ /* else do it later */
+
+ s->init_num=0;
+ s->new_session=0;
+
+ ssl_update_cache(s,SSL_SESS_CACHE_CLIENT);
+
+ ret=1;
+ /* s->server=0; */
+ s->handshake_func=ssl3_connect;
+ s->ctx->sess_connect_good++;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL3_CONNECT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ /* did we do anything */
+ if (!s->s3->tmp.reuse_message && !skip)
+ {
+ if (s->debug) BIO_flush(s->wbio);
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_CONNECT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+ skip=0;
+ }
+end:
+ if (cb != NULL)
+ cb(s,SSL_CB_CONNECT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+
+static int ssl3_client_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i;
+ unsigned long Time,l;
+
+ buf=(unsigned char *)s->init_buf->data;
+ if (s->state == SSL3_ST_CW_CLNT_HELLO_A)
+ {
+ if ((s->session == NULL) ||
+ (s->session->ssl_version != s->version))
+ {
+ if (!ssl_get_new_session(s,0))
+ goto err;
+ }
+ /* else use the pre-loaded session */
+
+ p=s->s3->client_random;
+ Time=time(NULL); /* Time */
+ l2n(Time,p);
+ RAND_bytes(&(p[4]),SSL3_RANDOM_SIZE-sizeof(Time));
+
+ /* Do the message type and length last */
+ d=p= &(buf[4]);
+
+ *(p++)=SSL3_VERSION_MAJOR;
+ *(p++)=SSL3_VERSION_MINOR;
+
+ /* Random stuff */
+ memcpy(p,s->s3->client_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* Session ID */
+ if (s->new_session)
+ i=0;
+ else
+ i=s->session->session_id_length;
+ *(p++)=i;
+ if (i != 0)
+ {
+ memcpy(p,s->session->session_id,i);
+ p+=i;
+ }
+
+ /* Ciphers supported */
+ i=ssl_cipher_list_to_bytes(s,SSL_get_ciphers(s),&(p[2]));
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL3_CLIENT_HELLO,SSL_R_NO_CIPHERS_AVAILABLE);
+ goto err;
+ }
+ s2n(i,p);
+ p+=i;
+
+ /* hardwire in the NULL compression algorithm. */
+ *(p++)=1;
+ *(p++)=0;
+
+ l=(p-d);
+ d=buf;
+ *(d++)=SSL3_MT_CLIENT_HELLO;
+ l2n3(l,d);
+
+ s->state=SSL3_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num=p-buf;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_get_server_hello(s)
+SSL *s;
+ {
+ STACK *sk;
+ SSL_CIPHER *c;
+ unsigned char *p,*d;
+ int i,al,ok;
+ unsigned int j;
+ long n;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_SRVR_HELLO_A,
+ SSL3_ST_CR_SRVR_HELLO_B,
+ SSL3_MT_SERVER_HELLO,
+ 300, /* ?? */
+ &ok);
+
+ if (!ok) return((int)n);
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((p[0] != SSL3_VERSION_MAJOR) && (p[1] != SSL3_VERSION_MINOR))
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_SSL_VERSION);
+ goto err;
+ }
+ p+=2;
+
+ /* load the server hello data */
+ /* load the server random */
+ memcpy(s->s3->server_random,p,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* get the session-id */
+ j= *(p++);
+
+ if ((j != 0) && (j != SSL3_SESSION_ID_SIZE))
+ {
+ /* SSLref returns 16 :-( */
+ if (j < SSL2_SSL_SESSION_ID_LENGTH)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_SSL3_SESSION_ID_TOO_SHORT);
+ goto f_err;
+ }
+ }
+ if (j == 0)
+ {
+ s->hit=0;
+ memset(s->session->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
+ s->session->session_id_length=0;
+ }
+ else if ((j == s->session->session_id_length) &&
+ (memcmp(p,s->session->session_id,j) == 0))
+ s->hit=1;
+ else
+ {
+ memcpy(s->session->session_id,p,j);
+ s->session->session_id_length=j;
+ s->hit=0;
+ }
+ p+=j;
+ c=ssl_get_cipher_by_char(s,p);
+ if (c == NULL)
+ {
+ /* unknown cipher */
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNKNOWN_CIPHER_RETURNED);
+ goto f_err;
+ }
+ p+=ssl_put_cipher_by_char(s,NULL,NULL);
+
+ sk=ssl_get_ciphers_by_id(s);
+ i=sk_find(sk,(char *)c);
+ if (i < 0)
+ {
+ /* we did not say we would use this cipher */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_WRONG_CIPHER_RETURNED);
+ goto f_err;
+ }
+
+ if (s->hit && (s->session->cipher != c))
+ {
+ if (!(s->ctx->options &
+ SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED);
+ goto f_err;
+ }
+ }
+ s->s3->tmp.new_cipher=c;
+
+ /* lets get the compression algorithm */
+ j= *(p++);
+ if (j != 0)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM);
+ goto f_err;
+ }
+
+ if (p != (d+n))
+ {
+ /* wrong packet length */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_HELLO,SSL_R_BAD_PACKET_LENGTH);
+ goto err;
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_get_server_certificate(s)
+SSL *s;
+ {
+ int al,i,ok,ret= -1;
+ unsigned long n,nc,llen,l;
+ X509 *x=NULL;
+ unsigned char *p,*d,*q;
+ STACK *sk=NULL;
+ CERT *c;
+ EVP_PKEY *pkey=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_CERT_A,
+ SSL3_ST_CR_CERT_B,
+ -1,
+#if defined(MSDOS) && !defined(WIN32)
+ 1024*30, /* 30k max cert list :-) */
+#else
+ 1024*100, /* 100k max cert list :-) */
+#endif
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->s3->tmp.message_type == SSL3_MT_SERVER_KEY_EXCHANGE)
+ {
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_BAD_MESSAGE_TYPE);
+ goto f_err;
+ }
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((sk=sk_new_null()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ n2l3(p,llen);
+ if (llen+3 != n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ for (nc=0; nc<llen; )
+ {
+ n2l3(p,l);
+ if ((l+nc+3) > llen)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ q=p;
+ x=d2i_X509(NULL,&q,l);
+ if (x == NULL)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_ASN1_LIB);
+ goto f_err;
+ }
+ if (q != (p+l))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (!sk_push(sk,(char *)x))
+ {
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ x=NULL;
+ nc+=l+3;
+ p=q;
+ }
+
+ i=ssl_verify_cert_chain(s,sk);
+ if ((s->verify_mode != SSL_VERIFY_NONE) && (!i))
+ {
+ al=ssl_verify_alarm_type(s->verify_result);
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_CERTIFICATE_VERIFY_FAILED);
+ goto f_err;
+ }
+
+ c=ssl_cert_new();
+ if (c == NULL) goto err;
+
+ if (s->session->cert) ssl_cert_free(s->session->cert);
+ s->session->cert=c;
+
+ c->cert_chain=sk;
+ x=(X509 *)sk_value(sk,0);
+ sk=NULL;
+
+ pkey=X509_get_pubkey(x);
+
+ if (EVP_PKEY_missing_parameters(pkey))
+ {
+ x=NULL;
+ al=SSL3_AL_FATAL;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS);
+ goto f_err;
+ }
+
+ i=ssl_cert_type(x,pkey);
+ if (i < 0)
+ {
+ x=NULL;
+ al=SSL3_AL_FATAL;
+ SSLerr(SSL_F_SSL3_GET_SERVER_CERTIFICATE,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ goto f_err;
+ }
+
+ c->cert_type=i;
+ x->references++;
+ if (c->pkeys[i].x509 != NULL)
+ X509_free(c->pkeys[i].x509);
+ c->pkeys[i].x509=x;
+ c->key= &(c->pkeys[i]);
+
+ if ((s->session != NULL) && (s->session->peer != NULL))
+ X509_free(s->session->peer);
+ x->references++;
+ s->session->peer=x;
+
+ x=NULL;
+ ret=1;
+
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+err:
+ if (x != NULL) X509_free(x);
+ if (sk != NULL) sk_pop_free(sk,X509_free);
+ return(ret);
+ }
+
+static int ssl3_get_key_exchange(s)
+SSL *s;
+ {
+#ifndef NO_RSA
+ unsigned char *q,md_buf[EVP_MAX_MD_SIZE*2];
+#endif
+ EVP_MD_CTX md_ctx;
+ unsigned char *param,*p;
+ int al,i,j,param_len,ok;
+ long n,alg;
+ EVP_PKEY *pkey=NULL;
+ RSA *rsa=NULL;
+ DH *dh=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_KEY_EXCH_A,
+ SSL3_ST_CR_KEY_EXCH_B,
+ -1,
+ 1024*8, /* ?? */
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->s3->tmp.message_type != SSL3_MT_SERVER_KEY_EXCHANGE)
+ {
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ param=p=(unsigned char *)s->init_buf->data;
+
+ if (s->session->cert != NULL)
+ {
+#ifndef NO_RSA
+ if (s->session->cert->rsa_tmp != NULL)
+ {
+ RSA_free(s->session->cert->rsa_tmp);
+ s->session->cert->rsa_tmp=NULL;
+ }
+#endif
+#ifndef NO_DH
+ if (s->session->cert->dh_tmp)
+ {
+ DH_free(s->session->cert->dh_tmp);
+ s->session->cert->dh_tmp=NULL;
+ }
+#endif
+ }
+ else
+ {
+ s->session->cert=ssl_cert_new();
+ }
+
+ param_len=0;
+ alg=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_RSA
+ if (alg & SSL_kRSA)
+ {
+ if ((rsa=RSA_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_MODULUS_LENGTH);
+ goto f_err;
+ }
+ if (!(rsa->n=BN_bin2bn(p,i,rsa->n)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_E_LENGTH);
+ goto f_err;
+ }
+ if (!(rsa->e=BN_bin2bn(p,i,rsa->e)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+ n-=param_len;
+
+/* s->session->cert->rsa_tmp=rsa;*/
+ /* this should be because we are using an export cipher */
+ if (alg & SSL_aRSA)
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509);
+ else
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ s->session->cert->rsa_tmp=rsa;
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (alg & SSL_kEDH)
+ {
+ if ((dh=DH_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ n2s(p,i);
+ param_len=i+2;
+ if (param_len > n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_P_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->p=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_G_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->g=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+
+ n2s(p,i);
+ param_len+=i+2;
+ if (param_len > n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_DH_PUB_KEY_LENGTH);
+ goto f_err;
+ }
+ if (!(dh->pub_key=BN_bin2bn(p,i,NULL)))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,ERR_R_BN_LIB);
+ goto err;
+ }
+ p+=i;
+ n-=param_len;
+
+#ifndef NO_RSA
+ if (alg & SSL_aRSA)
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509);
+ else
+#endif
+#ifndef NO_DSA
+ if (alg & SSL_aDSS)
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_DSA_SIGN].x509);
+#endif
+ /* else anonymous DH, so no certificate or pkey. */
+
+ s->session->cert->dh_tmp=dh;
+ }
+ else if ((alg & SSL_kDHr) || (alg & SSL_kDHd))
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER);
+ goto f_err;
+ }
+#endif
+
+ /* p points to the next byte, there are 'n' bytes left */
+
+
+ /* if it was signed, check the signature */
+ if (pkey != NULL)
+ {
+ n2s(p,i);
+ n-=2;
+ j=EVP_PKEY_size(pkey);
+
+ if ((i != n) || (n > j) || (n <= 0))
+ {
+ /* wrong packet length */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_WRONG_SIGNATURE_LENGTH);
+ goto err;
+ }
+
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ int num;
+
+ j=0;
+ q=md_buf;
+ for (num=2; num > 0; num--)
+ {
+ EVP_DigestInit(&md_ctx,(num == 2)?EVP_md5():EVP_sha1());
+ EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,param,param_len);
+ EVP_DigestFinal(&md_ctx,q,(unsigned int *)&i);
+ q+=i;
+ j+=i;
+ }
+ i=RSA_public_decrypt((int)n,p,p,pkey->pkey.rsa,
+ RSA_PKCS1_PADDING);
+ if (i <= 0)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+ if ((j != i) || (memcmp(p,md_buf,i) != 0))
+ {
+ /* bad signature */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ /* lets do DSS */
+ EVP_VerifyInit(&md_ctx,EVP_dss1());
+ EVP_VerifyUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_VerifyUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_VerifyUpdate(&md_ctx,param,param_len);
+ if (!EVP_VerifyFinal(&md_ctx,p,(int)n,pkey))
+ {
+ /* bad signature */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_BAD_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ }
+ else
+ {
+ /* still data left over */
+ if (!(alg & SSL_aNULL))
+ {
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ if (n != 0)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_KEY_EXCHANGE,SSL_R_EXTRA_DATA_IN_MESSAGE);
+ goto f_err;
+ }
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_get_certificate_request(s)
+SSL *s;
+ {
+ int ok,ret=0;
+ unsigned long n,nc;
+ unsigned int llen,l,ctype_num,i;
+ X509_NAME *xn=NULL;
+ unsigned char *p,*d,*q;
+ STACK *ca_sk=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_CERT_REQ_A,
+ SSL3_ST_CR_CERT_REQ_B,
+ -1,
+#if defined(MSDOS) && !defined(WIN32)
+ 1024*30, /* 30k max cert list :-) */
+#else
+ 1024*100, /* 100k max cert list :-) */
+#endif
+ &ok);
+
+ if (!ok) return((int)n);
+
+ s->s3->tmp.cert_req=0;
+
+ if (s->s3->tmp.message_type == SSL3_MT_SERVER_DONE)
+ {
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_REQUEST)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_UNEXPECTED_MESSAGE);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_WRONG_MESSAGE_TYPE);
+ goto err;
+ }
+
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((ca_sk=sk_new(ca_dn_cmp)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ /* get the certificate types */
+ ctype_num= *(p++);
+ if (ctype_num > SSL3_CT_NUMBER)
+ ctype_num=SSL3_CT_NUMBER;
+ for (i=0; i<ctype_num; i++)
+ s->s3->tmp.ctype[i]= p[i];
+ p+=ctype_num;
+
+ /* get the CA RDNs */
+ n2s(p,llen);
+ if ((llen+ctype_num+2+1) != n)
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ for (nc=0; nc<llen; )
+ {
+ n2s(p,l);
+ if ((l+nc+2) > llen)
+ {
+ if ((s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+ goto cont; /* netscape bugs */
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_TOO_LONG);
+ goto err;
+ }
+
+ q=p;
+
+ if ((xn=d2i_X509_NAME(NULL,&q,l)) == NULL)
+ {
+ /* If netscape tollerance is on, ignore errors */
+ if (s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG)
+ goto cont;
+ else
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ }
+
+ if (q != (p+l))
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,SSL_R_CA_DN_LENGTH_MISMATCH);
+ goto err;
+ }
+ if (!sk_push(ca_sk,(char *)xn))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERTIFICATE_REQUEST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ p+=l;
+ nc+=l+2;
+ }
+
+ if (0)
+ {
+cont:
+ ERR_clear_error();
+ }
+
+ /* we should setup a certficate to return.... */
+ s->s3->tmp.cert_req=1;
+ s->s3->tmp.ctype_num=ctype_num;
+ if (s->s3->tmp.ca_names != NULL)
+ sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ s->s3->tmp.ca_names=ca_sk;
+ ca_sk=NULL;
+
+ ret=1;
+err:
+ if (ca_sk != NULL) sk_pop_free(ca_sk,X509_NAME_free);
+ return(ret);
+ }
+
+static int ca_dn_cmp(a,b)
+X509_NAME **a,**b;
+ {
+ return(X509_NAME_cmp(*a,*b));
+ }
+
+static int ssl3_get_server_done(s)
+SSL *s;
+ {
+ int ok,ret=0;
+ long n;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_CR_SRVR_DONE_A,
+ SSL3_ST_CR_SRVR_DONE_B,
+ SSL3_MT_SERVER_DONE,
+ 30, /* should be very small, like 0 :-) */
+ &ok);
+
+ if (!ok) return((int)n);
+ if (n > 0)
+ {
+ /* should contain no data */
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_ILLEGAL_PARAMETER);
+ SSLerr(SSL_F_SSL3_GET_SERVER_DONE,SSL_R_LENGTH_MISMATCH);
+ }
+ ret=1;
+ return(ret);
+ }
+
+static int ssl3_send_client_key_exchange(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ int n;
+ unsigned long l;
+ EVP_PKEY *pkey=NULL;
+
+ if (s->state == SSL3_ST_CW_KEY_EXCH_A)
+ {
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+
+ l=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_RSA
+ if (l & SSL_kRSA)
+ {
+ RSA *rsa;
+ unsigned char tmp_buf[48];
+
+ if (s->session->cert->rsa_tmp != NULL)
+ rsa=s->session->cert->rsa_tmp;
+ else
+ {
+ pkey=X509_get_pubkey(s->session->cert->pkeys[SSL_PKEY_RSA_ENC].x509);
+ if ((pkey == NULL) ||
+ (pkey->type != EVP_PKEY_RSA) ||
+ (pkey->pkey.rsa == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ rsa=pkey->pkey.rsa;
+ }
+
+ tmp_buf[0]=SSL3_VERSION_MAJOR;
+ tmp_buf[1]=SSL3_VERSION_MINOR;
+ RAND_bytes(&(tmp_buf[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
+
+ s->session->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+
+ n=RSA_public_encrypt(48,tmp_buf,p,rsa,
+ RSA_PKCS1_PADDING);
+ if (n <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_ENCRYPT);
+ goto err;
+ }
+
+ s->session->master_key_length=
+ ssl3_generate_master_secret(s,
+ s->session->master_key,
+ tmp_buf,48);
+ memset(tmp_buf,0,48);
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ {
+ DH *dh_srvr,*dh_clnt;
+
+ if (s->session->cert->dh_tmp != NULL)
+ dh_srvr=s->session->cert->dh_tmp;
+ else
+ {
+ /* we get them from the cert */
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_FIND_DH_PARAMETERS);
+ goto err;
+ }
+
+ /* generate a new random key */
+ if ((dh_clnt=DHparams_dup(dh_srvr)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ if (!DH_generate_key(dh_clnt))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ /* use the 'p' output buffer for the DH key, but
+ * make sure to clear it out afterwards */
+ n=DH_compute_key(p,dh_srvr->pub_key,dh_clnt);
+ if (n <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ /* generate master key from the result */
+ s->session->master_key_length=
+ ssl3_generate_master_secret(s,
+ s->session->master_key,p,n);
+ /* clean up */
+ memset(p,0,n);
+
+ /* send off the data */
+ n=BN_num_bytes(dh_clnt->pub_key);
+ s2n(n,p);
+ BN_bn2bin(dh_clnt->pub_key,p);
+ n+=2;
+
+ DH_free(dh_clnt);
+
+ /* perhaps clean things up a bit EAY EAY EAY EAY*/
+ }
+ else
+#endif
+ {
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE);
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ *(d++)=SSL3_MT_CLIENT_KEY_EXCHANGE;
+ l2n3(n,d);
+
+ s->state=SSL3_ST_CW_KEY_EXCH_B;
+ /* number of bytes to write */
+ s->init_num=n+4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_KEY_EXCH_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_send_client_verify(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ unsigned char data[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+ EVP_PKEY *pkey;
+ int i=0,j;
+ unsigned long n;
+
+ if (s->state == SSL3_ST_CW_CERT_VRFY_A)
+ {
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+ pkey=s->cert->key->privatekey;
+
+ ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),
+ NULL,&(data[MD5_DIGEST_LENGTH]));
+
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),
+ NULL,&(data[0]));
+ i=RSA_private_encrypt(
+ MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH,
+ data,&(p[2]),pkey->pkey.rsa,
+ RSA_PKCS1_PADDING);
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_RSA_LIB);
+ goto err;
+ }
+ s2n(i,p);
+ n=i+2;
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ if (!DSA_sign(pkey->save_type,
+ &(data[MD5_DIGEST_LENGTH]),
+ SHA_DIGEST_LENGTH,&(p[2]),
+ (unsigned int *)&j,pkey->pkey.dsa))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,ERR_R_DSA_LIB);
+ goto err;
+ }
+ s2n(j,p);
+ n=j+2;
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_VERIFY,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+ *(d++)=SSL3_MT_CERTIFICATE_VERIFY;
+ l2n3(n,d);
+
+ s->init_num=(int)n+4;
+ s->init_off=0;
+ }
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_send_client_certificate(s)
+SSL *s;
+ {
+ X509 *x509=NULL;
+ EVP_PKEY *pkey=NULL;
+ int i;
+ unsigned long l;
+
+ if (s->state == SSL3_ST_CW_CERT_A)
+ {
+ if ((s->cert == NULL) ||
+ (s->cert->key->x509 == NULL) ||
+ (s->cert->key->privatekey == NULL))
+ s->state=SSL3_ST_CW_CERT_B;
+ else
+ s->state=SSL3_ST_CW_CERT_C;
+ }
+
+ /* We need to get a client cert */
+ if (s->state == SSL3_ST_CW_CERT_B)
+ {
+ /* If we get an error, we need to
+ * ssl->rwstate=SSL_X509_LOOKUP; return(-1);
+ * We then get retied later */
+ i=0;
+ if (s->ctx->client_cert_cb != NULL)
+ i=s->ctx->client_cert_cb(s,&(x509),&(pkey));
+ if (i < 0)
+ {
+ s->rwstate=SSL_X509_LOOKUP;
+ return(-1);
+ }
+ s->rwstate=SSL_NOTHING;
+ if ((i == 1) && (pkey != NULL) && (x509 != NULL))
+ {
+ s->state=SSL3_ST_CW_CERT_B;
+ if ( !SSL_use_certificate(s,x509) ||
+ !SSL_use_PrivateKey(s,pkey))
+ i=0;
+ }
+ else if (i == 1)
+ {
+ i=0;
+ SSLerr(SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,SSL_R_BAD_DATA_RETURNED_BY_CALLBACK);
+ }
+
+ if (x509 != NULL) X509_free(x509);
+ if (pkey != NULL) EVP_PKEY_free(pkey);
+ if (i == 0)
+ {
+ s->s3->tmp.cert_req=0;
+ ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_NO_CERTIFICATE);
+ return(1);
+ }
+
+ /* Ok, we have a cert */
+ s->state=SSL3_ST_CW_CERT_C;
+ }
+
+ if (s->state == SSL3_ST_CW_CERT_C)
+ {
+ s->state=SSL3_ST_CW_CERT_D;
+ l=ssl3_output_cert_chain(s,s->cert->key->x509);
+ s->init_num=(int)l;
+ s->init_off=0;
+ }
+ /* SSL3_ST_CW_CERT_D */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+#define has_bits(i,m) (((i)&(m)) == (m))
+
+static int ssl3_check_cert_and_algorithm(s)
+SSL *s;
+ {
+ int i,idx;
+ long algs;
+ EVP_PKEY *pkey=NULL;
+ CERT *c;
+ RSA *rsa;
+ DH *dh;
+
+ c=s->session->cert;
+
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ algs=s->s3->tmp.new_cipher->algorithms;
+
+ /* we don't have a certificate */
+ if (algs & (SSL_aDH|SSL_aNULL))
+ return(1);
+
+ rsa=s->session->cert->rsa_tmp;
+ dh=s->session->cert->dh_tmp;
+
+ /* This is the passed certificate */
+
+ idx=c->cert_type;
+ pkey=X509_get_pubkey(c->pkeys[idx].x509);
+ i=X509_certificate_type(c->pkeys[idx].x509,pkey);
+
+
+ /* Check that we have a certificate if we require one */
+ if ((algs & SSL_aRSA) && !has_bits(i,EVP_PK_RSA|EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_SIGNING_CERT);
+ goto f_err;
+ }
+#ifndef NO_DSA
+ else if ((algs & SSL_aDSS) && !has_bits(i,EVP_PK_DSA|EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DSA_SIGNING_CERT);
+ goto f_err;
+ }
+#endif
+
+ if ((algs & SSL_kRSA) &&
+ !(has_bits(i,EVP_PK_RSA|EVP_PKT_ENC) || (rsa != NULL)))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_RSA_ENCRYPTING_CERT);
+ goto f_err;
+ }
+#ifndef NO_DH
+ else if ((algs & SSL_kEDH) &&
+ !(has_bits(i,EVP_PK_DH|EVP_PKT_EXCH) || (dh != NULL)))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_KEY);
+ goto f_err;
+ }
+ else if ((algs & SSL_kDHr) && !has_bits(i,EVP_PK_DH|EVP_PKS_RSA))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_RSA_CERT);
+ goto f_err;
+ }
+#ifndef NO_DSA
+ else if ((algs & SSL_kDHd) && !has_bits(i,EVP_PK_DH|EVP_PKS_DSA))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_DH_DSA_CERT);
+ goto f_err;
+ }
+#endif
+#endif
+
+ if ((algs & SSL_EXP) && !has_bits(i,EVP_PKT_EXP))
+ {
+#ifndef NO_RSA
+ if (algs & SSL_kRSA)
+ {
+ if ((rsa == NULL) || (RSA_size(rsa) > 512))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_RSA_KEY);
+ goto f_err;
+ }
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (algs & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ {
+ if ((dh == NULL) || (DH_size(dh) > 512))
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_MISSING_EXPORT_TMP_DH_KEY);
+ goto f_err;
+ }
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ }
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_HANDSHAKE_FAILURE);
+err:
+ return(0);
+ }
+
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
new file mode 100644
index 0000000..f1cd25e
--- /dev/null
+++ b/ssl/s3_enc.c
@@ -0,0 +1,481 @@
+/* ssl/s3_enc.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "evp.h"
+#include "ssl_locl.h"
+
+static unsigned char ssl3_pad_1[48]={
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36,
+ 0x36,0x36,0x36,0x36,0x36,0x36,0x36,0x36 };
+
+static unsigned char ssl3_pad_2[48]={
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,
+ 0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c,0x5c };
+
+int ssl3_change_cipher_state(s,which)
+SSL *s;
+int which;
+ {
+ unsigned char *p,*key_block,*mac_secret;
+ unsigned char exp_key[EVP_MAX_KEY_LENGTH];
+ unsigned char exp_iv[EVP_MAX_KEY_LENGTH];
+ unsigned char *ms,*key,*iv,*er1,*er2;
+ EVP_CIPHER_CTX *dd;
+ EVP_CIPHER *c;
+ SSL_COMPRESSION *comp;
+ EVP_MD *m;
+ MD5_CTX md;
+ int exp,n,i,j,k;
+
+ exp=(s->s3->tmp.new_cipher->algorithms & SSL_EXPORT)?1:0;
+ c=s->s3->tmp.new_sym_enc;
+ m=s->s3->tmp.new_hash;
+ comp=s->s3->tmp.new_compression;
+ key_block=s->s3->tmp.key_block;
+
+ if (which & SSL3_CC_READ)
+ {
+ if ((s->enc_read_ctx == NULL) &&
+ ((s->enc_read_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ dd= s->enc_read_ctx;
+ s->read_hash=m;
+ s->read_compression=comp;
+ memset(&(s->s3->read_sequence[0]),0,8);
+ mac_secret= &(s->s3->read_mac_secret[0]);
+ }
+ else
+ {
+ if ((s->enc_write_ctx == NULL) &&
+ ((s->enc_write_ctx=(EVP_CIPHER_CTX *)
+ Malloc(sizeof(EVP_CIPHER_CTX))) == NULL))
+ goto err;
+ dd= s->enc_write_ctx;
+ s->write_hash=m;
+ s->write_compression=comp;
+ memset(&(s->s3->write_sequence[0]),0,8);
+ mac_secret= &(s->s3->write_mac_secret[0]);
+ }
+
+ p=s->s3->tmp.key_block;
+ i=EVP_MD_size(m);
+ j=(exp)?5:EVP_CIPHER_key_length(c);
+ k=EVP_CIPHER_iv_length(c);
+ if ( (which == SSL3_CHANGE_CIPHER_CLIENT_WRITE) ||
+ (which == SSL3_CHANGE_CIPHER_SERVER_READ))
+ {
+ ms= &(p[ 0]); n=i+i;
+ key= &(p[ n]); n+=j+j;
+ iv= &(p[ n]); n+=k+k;
+ er1= &(s->s3->client_random[0]);
+ er2= &(s->s3->server_random[0]);
+ }
+ else
+ {
+ n=i;
+ ms= &(p[ n]); n+=i+j;
+ key= &(p[ n]); n+=j+k;
+ iv= &(p[ n]); n+=k;
+ er1= &(s->s3->server_random[0]);
+ er2= &(s->s3->client_random[0]);
+ }
+
+ if (n > s->s3->tmp.key_block_length)
+ {
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,SSL_R_INTERNAL_ERROR);
+ goto err2;
+ }
+
+ memcpy(mac_secret,ms,i);
+ if (exp)
+ {
+ /* In here I set both the read and write key/iv to the
+ * same value since only the correct one will be used :-).
+ */
+ MD5_Init(&md);
+ MD5_Update(&md,key,j);
+ MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
+ MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
+ MD5_Final(&(exp_key[0]),&md);
+ key= &(exp_key[0]);
+
+ MD5_Init(&md);
+ MD5_Update(&md,er1,SSL3_RANDOM_SIZE);
+ MD5_Update(&md,er2,SSL3_RANDOM_SIZE);
+ MD5_Final(&(exp_iv[0]),&md);
+ iv= &(exp_iv[0]);
+ }
+
+ s->session->key_arg_length=k;
+ if (k > 0)
+ memcpy(&(s->session->key_arg[0]),iv,k);
+
+ EVP_CipherInit(dd,c,key,iv,(which & SSL3_CC_WRITE));
+ memset(&(exp_key[0]),0,sizeof(exp_key));
+ memset(&(exp_iv[0]),0,sizeof(exp_iv));
+ return(1);
+err:
+ SSLerr(SSL_F_SSL3_CHANGE_CIPHER_STATE,ERR_R_MALLOC_FAILURE);
+err2:
+ return(0);
+ }
+
+int ssl3_setup_key_block(s)
+SSL *s;
+ {
+ unsigned char *p;
+ EVP_CIPHER *c;
+ EVP_MD *hash;
+ int num,exp;
+
+ if (s->s3->tmp.key_block_length != 0)
+ return(1);
+
+ if (!ssl_cipher_get_evp(s->session->cipher,&c,&hash))
+ {
+ SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,SSL_R_CIPHER_OR_HASH_UNAVAILABLE);
+ return(0);
+ }
+
+ s->s3->tmp.new_sym_enc=c;
+ s->s3->tmp.new_hash=hash;
+
+ exp=(s->session->cipher->algorithms & SSL_EXPORT)?1:0;
+
+ num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
+ num*=2;
+
+ ssl3_cleanup_key_block(s);
+
+ if ((p=(unsigned char *)Malloc(num)) == NULL)
+ goto err;
+
+ s->s3->tmp.key_block_length=num;
+ s->s3->tmp.key_block=p;
+
+ ssl3_generate_key_block(s,p,num);
+
+ return(1);
+err:
+ SSLerr(SSL_F_SSL3_SETUP_KEY_BLOCK,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+
+void ssl3_cleanup_key_block(s)
+SSL *s;
+ {
+ if (s->s3->tmp.key_block != NULL)
+ {
+ memset(s->s3->tmp.key_block,0,
+ s->s3->tmp.key_block_length);
+ Free(s->s3->tmp.key_block);
+ s->s3->tmp.key_block=NULL;
+ }
+ s->s3->tmp.key_block_length=0;
+ }
+
+int ssl3_enc(s,send)
+SSL *s;
+int send;
+ {
+ SSL3_RECORD *rec;
+ EVP_CIPHER_CTX *ds;
+ unsigned long l;
+ int bs,i;
+ EVP_CIPHER *enc;
+ SSL_COMPRESSION *comp;
+
+ if (send)
+ {
+ ds=s->enc_write_ctx;
+ rec= &(s->s3->wrec);
+ if (s->enc_write_ctx == NULL)
+ { enc=NULL; comp=NULL; }
+ else
+ {
+ enc=EVP_CIPHER_CTX_cipher(s->enc_write_ctx);
+ comp=s->write_compression;
+ }
+ }
+ else
+ {
+ ds=s->enc_read_ctx;
+ rec= &(s->s3->rrec);
+ if (s->enc_read_ctx == NULL)
+ { enc=NULL; comp=NULL; }
+ else
+ {
+ enc=EVP_CIPHER_CTX_cipher(s->enc_read_ctx);
+ comp=s->read_compression;
+ }
+ }
+
+ if ((s->session == NULL) || (ds == NULL) ||
+ ((enc == NULL) && (comp == NULL)))
+ {
+ memcpy(rec->data,rec->input,rec->length);
+ rec->input=rec->data;
+ }
+ else
+ {
+ l=rec->length;
+ bs=EVP_CIPHER_block_size(ds->cipher);
+
+ /* This should be using (bs-1) and bs instead of 7 and 8 */
+ if ((bs != 1) && send)
+ {
+ i=bs-((int)l%bs);
+
+ /* we need to add 'i-1' padding bytes */
+ l+=i;
+ rec->length+=i;
+ rec->input[l-1]=(i-1);
+ }
+
+ EVP_Cipher(ds,rec->data,rec->input,l);
+
+ if ((bs != 1) && !send)
+ {
+ i=rec->data[l-1]+1;
+ if (i > bs)
+ {
+ SSLerr(SSL_F_SSL3_ENC,SSL_R_BLOCK_CIPHER_PAD_IS_WRONG);
+ ssl3_send_alert(s,SSL3_AL_FATAL,SSL3_AD_BAD_RECORD_MAC);
+ return(0);
+ }
+ rec->length-=i;
+ }
+ }
+ return(1);
+ }
+
+void ssl3_init_finished_mac(s)
+SSL *s;
+ {
+ EVP_DigestInit(&(s->s3->finish_dgst1),EVP_md5());
+ EVP_DigestInit(&(s->s3->finish_dgst2),EVP_sha1());
+ }
+
+void ssl3_finish_mac(s,buf,len)
+SSL *s;
+unsigned char *buf;
+int len;
+ {
+ EVP_DigestUpdate(&(s->s3->finish_dgst1),buf,len);
+ EVP_DigestUpdate(&(s->s3->finish_dgst2),buf,len);
+ }
+
+int ssl3_final_finish_mac(s,in_ctx,sender,p)
+SSL *s;
+EVP_MD_CTX *in_ctx;
+unsigned char *sender;
+unsigned char *p;
+ {
+ unsigned int ret;
+ int npad,n;
+ unsigned int i;
+ unsigned char md_buf[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX ctx;
+
+ memcpy(&ctx,in_ctx,sizeof(EVP_MD_CTX));
+
+ n=EVP_MD_CTX_size(&ctx);
+ npad=(48/n)*n;
+
+ if (sender != NULL)
+ EVP_DigestUpdate(&ctx,sender,4);
+ EVP_DigestUpdate(&ctx,s->session->master_key,
+ s->session->master_key_length);
+ EVP_DigestUpdate(&ctx,ssl3_pad_1,npad);
+ EVP_DigestFinal(&ctx,md_buf,&i);
+
+ EVP_DigestInit(&ctx,EVP_MD_CTX_type(&ctx));
+ EVP_DigestUpdate(&ctx,s->session->master_key,
+ s->session->master_key_length);
+ EVP_DigestUpdate(&ctx,ssl3_pad_2,npad);
+ EVP_DigestUpdate(&ctx,md_buf,i);
+ EVP_DigestFinal(&ctx,p,&ret);
+
+ memset(&ctx,0,sizeof(EVP_MD_CTX));
+
+ return((int)ret);
+ }
+
+int ssl3_mac(ssl,md,send)
+SSL *ssl;
+unsigned char *md;
+int send;
+ {
+ SSL3_RECORD *rec;
+ unsigned char *mac_sec,*seq;
+ EVP_MD_CTX md_ctx;
+ EVP_MD *hash;
+ unsigned char *p,rec_char;
+ unsigned int md_size;
+ int npad,i;
+
+ if (send)
+ {
+ rec= &(ssl->s3->wrec);
+ mac_sec= &(ssl->s3->write_mac_secret[0]);
+ seq= &(ssl->s3->write_sequence[0]);
+ hash=ssl->write_hash;
+ }
+ else
+ {
+ rec= &(ssl->s3->rrec);
+ mac_sec= &(ssl->s3->read_mac_secret[0]);
+ seq= &(ssl->s3->read_sequence[0]);
+ hash=ssl->read_hash;
+ }
+
+ md_size=EVP_MD_size(hash);
+ npad=(48/md_size)*md_size;
+
+#ifdef MAC_DEBUG
+printf("npad=%d md_size=%d",npad,md_size);
+printf("\nmsec=");
+for (i=0; i<md_size; i++) printf("%02X ",mac_sec[i]);
+printf("\npad1=");
+for (i=0; i<npad; i++) printf("%02X ",ssl3_pad_1[i]);
+printf("\nseq =");
+for (i=0; i<8; i++) printf("%02X ",seq[i]);
+printf("\nreqt=%02X len=%04X\n",rec->type,rec->length);
+for (i=0; i<rec->length; i++) printf("%02X",rec->input[i]);
+printf("\n");
+#endif
+
+ /* Chop the digest off the end :-) */
+
+ EVP_DigestInit( &md_ctx,hash);
+ EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
+ EVP_DigestUpdate(&md_ctx,ssl3_pad_1,npad);
+ EVP_DigestUpdate(&md_ctx,seq,8);
+ rec_char=rec->type;
+ EVP_DigestUpdate(&md_ctx,&rec_char,1);
+ p=md;
+ s2n(rec->length,p);
+ EVP_DigestUpdate(&md_ctx,md,2);
+ EVP_DigestUpdate(&md_ctx,rec->input,rec->length);
+ EVP_DigestFinal( &md_ctx,md,NULL);
+
+ EVP_DigestInit( &md_ctx,hash);
+ EVP_DigestUpdate(&md_ctx,mac_sec,md_size);
+ EVP_DigestUpdate(&md_ctx,ssl3_pad_2,npad);
+ EVP_DigestUpdate(&md_ctx,md,md_size);
+ EVP_DigestFinal( &md_ctx,md,&md_size);
+
+ for (i=7; i>=0; i--)
+ if (++seq[i]) break;
+
+#ifdef MAC_DEBUG
+printf("md=");
+for (i=0; i<md_size; i++) printf("%02X ",md[i]);
+printf("\n");
+#endif
+
+ return(md_size);
+ }
+
+int ssl3_generate_master_secret(s,out,p,len)
+SSL *s;
+unsigned char *out;
+unsigned char *p;
+int len;
+ {
+ static unsigned char *salt[3]={
+ (unsigned char *)"A",
+ (unsigned char *)"BB",
+ (unsigned char *)"CCC",
+ };
+ unsigned char buf[EVP_MAX_MD_SIZE];
+ EVP_MD_CTX ctx;
+ int i,ret=0;
+ unsigned int n;
+
+ for (i=0; i<3; i++)
+ {
+ EVP_DigestInit(&ctx,EVP_sha1());
+ EVP_DigestUpdate(&ctx,salt[i],strlen((char *)salt[i]));
+ EVP_DigestUpdate(&ctx,p,len);
+ EVP_DigestUpdate(&ctx,&(s->s3->client_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&ctx,&(s->s3->server_random[0]),
+ SSL3_RANDOM_SIZE);
+ EVP_DigestFinal(&ctx,buf,&n);
+
+ EVP_DigestInit(&ctx,EVP_md5());
+ EVP_DigestUpdate(&ctx,p,len);
+ EVP_DigestUpdate(&ctx,buf,n);
+ EVP_DigestFinal(&ctx,out,&n);
+ out+=n;
+ ret+=n;
+ }
+ return(ret);
+ }
+
diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
new file mode 100644
index 0000000..b7bac8e
--- /dev/null
+++ b/ssl/s3_lib.c
@@ -0,0 +1,915 @@
+/* ssl/s3_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+char *ssl3_version_str="SSLv3 part of SSLeay 0.8.1b 29-Jun-1998";
+
+#define SSL3_NUM_CIPHERS (sizeof(ssl3_ciphers)/sizeof(SSL_CIPHER))
+
+#ifndef NOPROTO
+static long ssl3_default_timeout(void );
+#else
+static long ssl3_default_timeout();
+#endif
+
+SSL_CIPHER ssl3_ciphers[]={
+/* The RSA ciphers */
+/* Cipher 01 */
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_MD5,
+ SSL3_CK_RSA_NULL_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 02 */
+ {
+ 1,
+ SSL3_TXT_RSA_NULL_SHA,
+ SSL3_CK_RSA_NULL_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* anon DH */
+/* Cipher 17 */
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_40_MD5,
+ SSL3_CK_ADH_RC4_40_MD5,
+ SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 18 */
+ {
+ 1,
+ SSL3_TXT_ADH_RC4_128_MD5,
+ SSL3_CK_ADH_RC4_128_MD5,
+ SSL_kEDH |SSL_aNULL|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 19 */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_40_CBC_SHA,
+ SSL3_CK_ADH_DES_40_CBC_SHA,
+ SSL_kEDH |SSL_aNULL|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 1A */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_64_CBC_SHA,
+ SSL3_CK_ADH_DES_64_CBC_SHA,
+ SSL_kEDH |SSL_aNULL|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 1B */
+ {
+ 1,
+ SSL3_TXT_ADH_DES_196_CBC_SHA,
+ SSL3_CK_ADH_DES_196_CBC_SHA,
+ SSL_kEDH |SSL_aNULL|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* RSA again */
+/* Cipher 03 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_40_MD5,
+ SSL3_CK_RSA_RC4_40_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5 |SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 04 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_MD5,
+ SSL3_CK_RSA_RC4_128_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_MD5|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 05 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC4_128_SHA,
+ SSL3_CK_RSA_RC4_128_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 06 */
+ {
+ 1,
+ SSL3_TXT_RSA_RC2_40_MD5,
+ SSL3_CK_RSA_RC2_40_MD5,
+ SSL_kRSA|SSL_aRSA|SSL_RC2 |SSL_MD5 |SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 07 */
+ {
+ 1,
+ SSL3_TXT_RSA_IDEA_128_SHA,
+ SSL3_CK_RSA_IDEA_128_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_IDEA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_MEDIUM,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 08 */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_40_CBC_SHA,
+ SSL3_CK_RSA_DES_40_CBC_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 09 */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_64_CBC_SHA,
+ SSL3_CK_RSA_DES_64_CBC_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0A */
+ {
+ 1,
+ SSL3_TXT_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_RSA_DES_192_CBC3_SHA,
+ SSL_kRSA|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* The DH ciphers */
+/* Cipher 0B */
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_40_CBC_SHA,
+ SSL3_CK_DH_DSS_DES_40_CBC_SHA,
+ SSL_kDHd |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0C */
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_64_CBC_SHA,
+ SSL3_CK_DH_DSS_DES_64_CBC_SHA,
+ SSL_kDHd |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0D */
+ {
+ 0,
+ SSL3_TXT_DH_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_DH_DSS_DES_192_CBC3_SHA,
+ SSL_kDHd |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0E */
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_40_CBC_SHA,
+ SSL3_CK_DH_RSA_DES_40_CBC_SHA,
+ SSL_kDHr |SSL_aDH|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 0F */
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_64_CBC_SHA,
+ SSL3_CK_DH_RSA_DES_64_CBC_SHA,
+ SSL_kDHr |SSL_aDH|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 10 */
+ {
+ 0,
+ SSL3_TXT_DH_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_DH_RSA_DES_192_CBC3_SHA,
+ SSL_kDHr |SSL_aDH|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* The Ephemeral DH ciphers */
+/* Cipher 11 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_40_CBC_SHA,
+ SSL3_CK_EDH_DSS_DES_40_CBC_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 12 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_64_CBC_SHA,
+ SSL3_CK_EDH_DSS_DES_64_CBC_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 13 */
+ {
+ 1,
+ SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA,
+ SSL3_CK_EDH_DSS_DES_192_CBC3_SHA,
+ SSL_kEDH|SSL_aDSS|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 14 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_40_CBC_SHA,
+ SSL3_CK_EDH_RSA_DES_40_CBC_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_DES|SSL_SHA1|SSL_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 15 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_64_CBC_SHA,
+ SSL3_CK_EDH_RSA_DES_64_CBC_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_LOW,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+/* Cipher 16 */
+ {
+ 1,
+ SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA,
+ SSL3_CK_EDH_RSA_DES_192_CBC3_SHA,
+ SSL_kEDH|SSL_aRSA|SSL_3DES |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3|SSL_HIGH,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* Fortezza */
+/* Cipher 1C */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_NULL_SHA,
+ SSL3_CK_FZA_DMS_NULL_SHA,
+ SSL_kFZA|SSL_aFZA |SSL_eNULL |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* Cipher 1D */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_FZA_SHA,
+ SSL3_CK_FZA_DMS_FZA_SHA,
+ SSL_kFZA|SSL_aFZA |SSL_eFZA |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* Cipher 1E */
+ {
+ 0,
+ SSL3_TXT_FZA_DMS_RC4_SHA,
+ SSL3_CK_FZA_DMS_RC4_SHA,
+ SSL_kFZA|SSL_aFZA |SSL_RC4 |SSL_SHA1|SSL_NOT_EXP|SSL_SSLV3,
+ 0,
+ SSL_ALL_CIPHERS,
+ },
+
+/* end of list */
+ };
+
+static SSL_METHOD SSLv3_data= {
+ 3,
+ ssl3_new,
+ ssl3_clear,
+ ssl3_free,
+ ssl_undefined_function,
+ ssl_undefined_function,
+ ssl3_read,
+ ssl3_peek,
+ ssl3_write,
+ ssl3_shutdown,
+ ssl3_renegotiate,
+ ssl3_ctrl,
+ ssl3_ctx_ctrl,
+ ssl3_get_cipher_by_char,
+ ssl3_put_cipher_by_char,
+ ssl3_pending,
+ ssl3_num_ciphers,
+ ssl3_get_cipher,
+ ssl_bad_method,
+ ssl3_default_timeout,
+ };
+
+static long ssl3_default_timeout()
+ {
+ /* 2 hours, the 24 hours mentioned in the SSLv3 spec
+ * is way too long for http, the cache would over fill */
+ return(60*60*2);
+ }
+
+SSL_METHOD *sslv3_base_method()
+ {
+ return(&SSLv3_data);
+ }
+
+int ssl3_num_ciphers()
+ {
+ return(SSL3_NUM_CIPHERS);
+ }
+
+SSL_CIPHER *ssl3_get_cipher(u)
+unsigned int u;
+ {
+ if (u < SSL3_NUM_CIPHERS)
+ return(&(ssl3_ciphers[SSL3_NUM_CIPHERS-1-u]));
+ else
+ return(NULL);
+ }
+
+/* The problem is that it may not be the correct record type */
+int ssl3_pending(s)
+SSL *s;
+ {
+ return(s->s3->rrec.length);
+ }
+
+int ssl3_new(s)
+SSL *s;
+ {
+ SSL3_CTX *s3;
+
+ if ((s3=(SSL3_CTX *)Malloc(sizeof(SSL3_CTX))) == NULL) goto err;
+
+ s->s3=s3;
+ s->s3->tmp.ca_names=NULL;
+ s->s3->tmp.key_block=NULL;
+ s->s3->rbuf.buf=NULL;
+ s->s3->wbuf.buf=NULL;
+
+ ssl3_clear(s);
+ return(1);
+err:
+ return(0);
+ }
+
+void ssl3_free(s)
+SSL *s;
+ {
+ ssl3_cleanup_key_block(s);
+ if (s->s3->rbuf.buf != NULL)
+ Free(s->s3->rbuf.buf);
+ if (s->s3->wbuf.buf != NULL)
+ Free(s->s3->wbuf.buf);
+#ifndef NO_DH
+ if (s->s3->tmp.dh != NULL)
+ DH_free(s->s3->tmp.dh);
+#endif
+ if (s->s3->tmp.ca_names != NULL)
+ sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+ memset(s->s3,0,sizeof(SSL3_CTX));
+ Free(s->s3);
+ s->s3=NULL;
+ }
+
+void ssl3_clear(s)
+SSL *s;
+ {
+ unsigned char *rp,*wp;
+
+ ssl3_cleanup_key_block(s);
+ if (s->s3->tmp.ca_names != NULL)
+ sk_pop_free(s->s3->tmp.ca_names,X509_NAME_free);
+
+ rp=s->s3->rbuf.buf;
+ wp=s->s3->wbuf.buf;
+
+ memset(s->s3,0,sizeof(SSL3_CTX));
+ if (rp != NULL)
+ {
+ s->packet= &(s->s3->rbuf.buf[0]);
+ s->s3->rbuf.buf=rp;
+ s->s3->wbuf.buf=wp;
+ }
+ else
+ s->packet=NULL;
+ s->packet_length=0;
+ s->version=3;
+ }
+
+long ssl3_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(0);
+ }
+
+long ssl3_ctx_ctrl(ctx,cmd,larg,parg)
+SSL_CTX *ctx;
+int cmd;
+long larg;
+char *parg;
+ {
+ CERT *cert;
+
+ cert=ctx->default_cert;
+
+ switch (cmd)
+ {
+#ifndef NO_RSA
+ case SSL_CTRL_NEED_TMP_RSA:
+ if ( (cert->rsa_tmp == NULL) &&
+ ((cert->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL) ||
+ (EVP_PKEY_size(cert->pkeys[SSL_PKEY_RSA_ENC].privatekey) > (512/8)))
+ )
+ return(1);
+ else
+ return(0);
+ break;
+ case SSL_CTRL_SET_TMP_RSA:
+ {
+ RSA *rsa;
+ int i;
+
+ rsa=(RSA *)parg;
+ i=1;
+ if (rsa == NULL)
+ i=0;
+ else
+ {
+ if ((rsa=RSAPrivateKey_dup(rsa)) == NULL)
+ i=0;
+ }
+ if (!i)
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_RSA_LIB);
+ return(0);
+ }
+ else
+ {
+ if (cert->rsa_tmp != NULL)
+ RSA_free(cert->rsa_tmp);
+ cert->rsa_tmp=rsa;
+ return(1);
+ }
+ }
+ break;
+ case SSL_CTRL_SET_TMP_RSA_CB:
+ cert->rsa_tmp_cb=(RSA *(*)())parg;
+ break;
+#endif
+#ifndef NO_DH
+ case SSL_CTRL_SET_TMP_DH:
+ {
+ DH *new=NULL,*dh;
+
+ dh=(DH *)parg;
+ if ( ((new=DHparams_dup(dh)) == NULL) ||
+ (!DH_generate_key(new)))
+ {
+ SSLerr(SSL_F_SSL3_CTX_CTRL,ERR_R_DH_LIB);
+ if (new != NULL) DH_free(new);
+ return(0);
+ }
+ else
+ {
+ if (cert->dh_tmp != NULL)
+ DH_free(cert->dh_tmp);
+ cert->dh_tmp=new;
+ return(1);
+ }
+ }
+ break;
+ case SSL_CTRL_SET_TMP_DH_CB:
+ cert->dh_tmp_cb=(DH *(*)())parg;
+ break;
+#endif
+ default:
+ return(0);
+ }
+ return(1);
+ }
+
+/* This function needs to check if the ciphers required are actually
+ * available */
+SSL_CIPHER *ssl3_get_cipher_by_char(p)
+unsigned char *p;
+ {
+ static int init=1;
+ static SSL_CIPHER *sorted[SSL3_NUM_CIPHERS];
+ SSL_CIPHER c,*cp= &c,**cpp;
+ unsigned long id;
+ int i;
+
+ if (init)
+ {
+ init=0;
+
+ for (i=0; i<SSL3_NUM_CIPHERS; i++)
+ sorted[i]= &(ssl3_ciphers[i]);
+
+ qsort( (char *)sorted,
+ SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ FP_ICC ssl_cipher_ptr_id_cmp);
+ }
+
+ id=0x03000000L|((unsigned long)p[0]<<8L)|(unsigned long)p[1];
+ c.id=id;
+ cpp=(SSL_CIPHER **)OBJ_bsearch((char *)&cp,
+ (char *)sorted,
+ SSL3_NUM_CIPHERS,sizeof(SSL_CIPHER *),
+ (int (*)())ssl_cipher_ptr_id_cmp);
+ if ((cpp == NULL) || !(*cpp)->valid)
+ return(NULL);
+ else
+ return(*cpp);
+ }
+
+int ssl3_put_cipher_by_char(c,p)
+SSL_CIPHER *c;
+unsigned char *p;
+ {
+ long l;
+
+ if (p != NULL)
+ {
+ l=c->id;
+ if ((l & 0xff000000) != 0x03000000) return(0);
+ p[0]=((unsigned char)(l>> 8L))&0xFF;
+ p[1]=((unsigned char)(l ))&0xFF;
+ }
+ return(2);
+ }
+
+void ssl3_generate_key_block(s,km,num)
+SSL *s;
+unsigned char *km;
+int num;
+ {
+ MD5_CTX m5;
+ SHA_CTX s1;
+ unsigned char buf[8],smd[SHA_DIGEST_LENGTH];
+ unsigned char c='A';
+ int i,j,k;
+
+ k=0;
+ for (i=0; i<num; i+=MD5_DIGEST_LENGTH)
+ {
+ k++;
+ for (j=0; j<k; j++)
+ buf[j]=c;
+ c++;
+ SHA1_Init( &s1);
+ SHA1_Update(&s1,buf,k);
+ SHA1_Update(&s1,s->session->master_key,
+ s->session->master_key_length);
+ SHA1_Update(&s1,s->s3->server_random,SSL3_RANDOM_SIZE);
+ SHA1_Update(&s1,s->s3->client_random,SSL3_RANDOM_SIZE);
+ SHA1_Final( smd,&s1);
+
+ MD5_Init( &m5);
+ MD5_Update(&m5,s->session->master_key,
+ s->session->master_key_length);
+ MD5_Update(&m5,smd,SHA_DIGEST_LENGTH);
+ if ((i+MD5_DIGEST_LENGTH) > num)
+ {
+ MD5_Final(smd,&m5);
+ memcpy(km,smd,(num-i));
+ }
+ else
+ MD5_Final(km,&m5);
+
+ km+=MD5_DIGEST_LENGTH;
+ }
+ memset(smd,0,SHA_DIGEST_LENGTH);
+ }
+
+int ssl3_part_read(s,i)
+SSL *s;
+int i;
+ {
+ s->rwstate=SSL_READING;
+
+ if (i < 0)
+ {
+ return(i);
+ }
+ else
+ {
+ s->init_num+=i;
+ return(0);
+ }
+ }
+
+SSL_CIPHER *ssl3_choose_cipher(s,have,pref)
+SSL *s;
+STACK *have,*pref;
+ {
+ SSL_CIPHER *c,*ret=NULL;
+ int i,j,ok;
+ CERT *cert;
+ unsigned long alg,mask,emask;
+
+ /* Lets see which ciphers we can supported */
+ if (s->cert != NULL)
+ cert=s->cert;
+ else
+ cert=s->ctx->default_cert;
+
+ ssl_set_cert_masks(cert);
+ mask=cert->mask;
+ emask=cert->export_mask;
+
+ sk_set_cmp_func(pref,ssl_cipher_ptr_id_cmp);
+
+ for (i=0; i<sk_num(have); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(have,i);
+ alg=c->algorithms&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+ if (alg & SSL_EXPORT)
+ {
+ ok=((alg & emask) == alg)?1:0;
+#ifdef CIPHER_DEBUG
+ printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name);
+#endif
+ }
+ else
+ {
+ ok=((alg & mask) == alg)?1:0;
+#ifdef CIPHER_DEBUG
+ printf("%d:[%08lX:%08lX]%s\n",ok,alg,mask,c->name);
+#endif
+ }
+
+ if (!ok) continue;
+
+ j=sk_find(pref,(char *)c);
+ if (j >= 0)
+ {
+ ret=(SSL_CIPHER *)sk_value(pref,j);
+ break;
+ }
+ }
+ return(ret);
+ }
+
+int ssl3_get_req_cert_type(s,p)
+SSL *s;
+unsigned char *p;
+ {
+ int ret=0;
+ unsigned long alg;
+
+ alg=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_DH
+ if (alg & (SSL_kDHr|SSL_kEDH))
+ {
+#ifndef NO_RSA
+ p[ret++]=SSL3_CT_RSA_FIXED_DH;
+#endif
+#ifndef NO_DSA
+ p[ret++]=SSL3_CT_DSS_FIXED_DH;
+#endif
+ }
+ if (alg & (SSL_kEDH|SSL_kDHd|SSL_kDHr))
+ {
+#ifndef NO_RSA
+ p[ret++]=SSL3_CT_RSA_EPHEMERAL_DH;
+#endif
+#ifndef NO_DSA
+ p[ret++]=SSL3_CT_DSS_EPHEMERAL_DH;
+#endif
+ }
+#endif /* !NO_DH */
+#ifndef NO_RSA
+ p[ret++]=SSL3_CT_RSA_SIGN;
+#endif
+/* p[ret++]=SSL3_CT_DSS_SIGN; */
+ return(ret);
+ }
+
+int ssl3_shutdown(s)
+SSL *s;
+ {
+
+ /* Don't do anything much if we have not done the handshake or
+ * we don't want to send messages :-) */
+ if ((s->quiet_shutdown) || (s->state == SSL_ST_BEFORE))
+ {
+ s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ return(1);
+ }
+
+ if (!(s->shutdown & SSL_SENT_SHUTDOWN))
+ {
+ s->shutdown|=SSL_SENT_SHUTDOWN;
+#if 1
+ ssl3_send_alert(s,SSL3_AL_WARNING,SSL3_AD_CLOSE_NOTIFY);
+#endif
+ /* our shutdown alert has been sent now, and if it still needs
+ * to be written, s->s3->alert_dispatch will be true */
+ }
+ else if (s->s3->alert_dispatch)
+ {
+ /* resend it if not sent */
+#if 1
+ ssl3_dispatch_alert(s);
+#endif
+ }
+ else if (!(s->shutdown & SSL_RECEIVED_SHUTDOWN))
+ {
+ /* If we are waiting for a close from our peer, we are closed */
+ ssl3_read_bytes(s,0,NULL,0);
+ }
+
+ if ((s->shutdown == (SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN)) &&
+ !s->s3->alert_dispatch)
+ return(1);
+ else
+ return(0);
+ }
+
+int ssl3_write(s,buf,len)
+SSL *s;
+const char *buf;
+int len;
+ {
+ int ret,n;
+ BIO *under;
+
+#if 0
+ if (s->shutdown & SSL_SEND_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+#endif
+ errno=0;
+
+ /* This is an experimental flag that sends the
+ * last handshake message in the same packet as the first
+ * use data - used to see if it helps the TCP protocol during
+ * session-id reuse */
+ /* The second test is because the buffer may have been removed */
+ if ((s->s3->flags & SSL3_FLAGS_POP_BUFFER) && (s->wbio == s->bbio))
+ {
+ /* First time through, we write into the buffer */
+ if (s->s3->delay_buf_pop_ret == 0)
+ {
+ ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+ (char *)buf,len);
+ if (ret <= 0) return(ret);
+
+ s->s3->delay_buf_pop_ret=ret;
+ }
+
+ s->rwstate=SSL_WRITING;
+ n=BIO_flush(s->wbio);
+ if (n <= 0) return(n);
+ s->rwstate=SSL_NOTHING;
+
+ /* We have flushed the buffer */
+ under=BIO_pop(s->wbio);
+ s->wbio=under;
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+ ret=s->s3->delay_buf_pop_ret;
+ s->s3->delay_buf_pop_ret=0;
+
+ s->s3->flags&= ~SSL3_FLAGS_POP_BUFFER;
+ }
+ else
+ {
+ ret=ssl3_write_bytes(s,SSL3_RT_APPLICATION_DATA,
+ (char *)buf,len);
+ if (ret <= 0) return(ret);
+ }
+ return(ret);
+ }
+
+int ssl3_read(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ errno=0;
+ return(ssl3_read_bytes(s,SSL3_RT_APPLICATION_DATA,buf,len));
+ }
+
+int ssl3_peek(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ SSL3_RECORD *rr;
+ int n;
+
+ rr= &(s->s3->rrec);
+ if ((rr->length == 0) || (rr->type != SSL3_RT_APPLICATION_DATA))
+ return(0);
+
+ if ((unsigned int)len > rr->length)
+ n=rr->length;
+ else
+ n=len;
+ memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
+ return(n);
+ }
+
+int ssl3_renegotiate(s)
+SSL *s;
+ {
+ if (s->handshake_func == NULL)
+ return(1);
+
+ if (s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS)
+ return(0);
+
+ if (!SSL_in_init(s))
+ s->state=SSL_ST_RENEGOTIATE;
+ return(1);
+ }
+
diff --git a/ssl/s3_meth.c b/ssl/s3_meth.c
new file mode 100644
index 0000000..4762b21
--- /dev/null
+++ b/ssl/s3_meth.c
@@ -0,0 +1,88 @@
+/* ssl/s3_meth.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+static SSL_METHOD *ssl3_get_method(ver)
+int ver;
+ {
+ if (ver == 3)
+ return(SSLv3_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv3_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv3_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv3_data,(char *)sslv3_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv3_data.ssl_connect=ssl3_connect;
+ SSLv3_data.ssl_accept=ssl3_accept;
+ SSLv3_data.get_ssl_method=ssl3_get_method;
+ }
+ return(&SSLv3_data);
+ }
+
diff --git a/ssl/s3_pkt.c b/ssl/s3_pkt.c
new file mode 100644
index 0000000..3be69ef
--- /dev/null
+++ b/ssl/s3_pkt.c
@@ -0,0 +1,963 @@
+/* ssl/s3_pkt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <errno.h>
+#define USE_SOCKETS
+#include "evp.h"
+#include "buffer.h"
+#include "ssl_locl.h"
+
+/* SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_RECORD_MAC);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_NO_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_BAD_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN);
+ * SSLerr(SSL_F_GET_SERVER_HELLO,SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER);
+ */
+
+#ifndef NOPROTO
+static int do_ssl3_write(SSL *s, int type, char *buf, unsigned int len);
+static int ssl3_write_pending(SSL *s, int type, char *buf, unsigned int len);
+static int ssl3_get_record(SSL *s);
+static int do_compress(SSL *ssl);
+static int do_uncompress(SSL *ssl);
+#else
+static int do_ssl3_write();
+static int ssl3_write_pending();
+static int ssl3_get_record();
+static int do_compress();
+static int do_uncompress();
+#endif
+
+static int ssl3_read_n(s,n,max,extend)
+SSL *s;
+int n;
+int max;
+int extend;
+ {
+ int i,off,newb;
+
+ /* if there is stuff still in the buffer from a previous read,
+ * and there is more than we want, take some. */
+ if (s->s3->rbuf.left >= (int)n)
+ {
+ if (extend)
+ s->packet_length+=n;
+ else
+ {
+ s->packet= &(s->s3->rbuf.buf[s->s3->rbuf.offset]);
+ s->packet_length=n;
+ }
+ s->s3->rbuf.left-=n;
+ s->s3->rbuf.offset+=n;
+ return(n);
+ }
+
+ /* else we need to read more data */
+ if (!s->read_ahead) max=n;
+ if (max > SSL3_RT_MAX_PACKET_SIZE)
+ max=SSL3_RT_MAX_PACKET_SIZE;
+
+ /* First check if there is some left or we want to extend */
+ off=0;
+ if ( (s->s3->rbuf.left != 0) ||
+ ((s->packet_length != 0) && extend))
+ {
+ newb=s->s3->rbuf.left;
+ if (extend)
+ {
+ /* Copy bytes back to the front of the buffer
+ * Take the bytes already pointed to by 'packet'
+ * and take the extra ones on the end. */
+ off=s->packet_length;
+ if (s->packet != s->s3->rbuf.buf)
+ memcpy(s->s3->rbuf.buf,s->packet,newb+off);
+ }
+ else if (s->s3->rbuf.offset != 0)
+ { /* so the data is not at the start of the buffer */
+ memcpy(s->s3->rbuf.buf,
+ &(s->s3->rbuf.buf[s->s3->rbuf.offset]),newb);
+ s->s3->rbuf.offset=0;
+ }
+
+ s->s3->rbuf.left=0;
+ }
+ else
+ newb=0;
+
+ /* So we now have 'newb' bytes at the front of
+ * s->s3->rbuf.buf and need to read some more in on the end
+ * We start reading into the buffer at 's->s3->rbuf.offset'
+ */
+ s->packet=s->s3->rbuf.buf;
+
+ while (newb < n)
+ {
+ errno=0;
+ if (s->rbio != NULL)
+ {
+ s->rwstate=SSL_READING;
+ i=BIO_read(s->rbio,
+ (char *)&(s->s3->rbuf.buf[off+newb]),
+ max-newb);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL3_READ_N,SSL_R_READ_BIO_NOT_SET);
+ i= -1;
+ }
+
+ if (i <= 0)
+ {
+ s->s3->rbuf.left+=newb;
+ return(i);
+ }
+ newb+=i;
+ }
+
+ /* record used data read */
+ if (newb > n)
+ {
+ s->s3->rbuf.offset=n+off;
+ s->s3->rbuf.left=newb-n;
+ }
+ else
+ {
+ s->s3->rbuf.offset=0;
+ s->s3->rbuf.left=0;
+ }
+
+ if (extend)
+ s->packet_length+=n;
+ else
+ s->packet_length+=n;
+ return(n);
+ }
+
+/* Call this to get a new input record.
+ * It will return <= 0 if more data is needed, normally due to an error
+ * or non-blocking IO.
+ * When it finishes, one packet has been decoded and can be found in
+ * ssl->s3->rrec.type - is the type of record
+ * ssl->s3->rrec.data, - data
+ * ssl->s3->rrec.length, - number of bytes
+ */
+static int ssl3_get_record(s)
+SSL *s;
+ {
+ int ssl_major,ssl_minor,al;
+ int n,i,ret= -1;
+ SSL3_BUFFER *rb;
+ SSL3_RECORD *rr;
+ SSL_SESSION *sess;
+ unsigned char *p;
+ unsigned char md[EVP_MAX_MD_SIZE];
+ short version;
+ unsigned int mac_size;
+ int clear=0,extra;
+
+ rr= &(s->s3->rrec);
+ rb= &(s->s3->rbuf);
+ sess=s->session;
+
+ if (s->ctx->options & SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER)
+ extra=SSL3_RT_MAX_EXTRA;
+ else
+ extra=0;
+
+again:
+ /* check if we have the header */
+ if ( (s->rstate != SSL_ST_READ_BODY) ||
+ (s->packet_length < SSL3_RT_HEADER_LENGTH))
+ {
+ n=ssl3_read_n(s,SSL3_RT_HEADER_LENGTH,
+ SSL3_RT_MAX_PACKET_SIZE,0);
+ if (n <= 0) return(n); /* error or non-blocking */
+ s->rstate=SSL_ST_READ_BODY;
+
+ p=s->packet;
+
+ /* Pull apart the header into the SSL3_RECORD */
+ rr->type= *(p++);
+ ssl_major= *(p++);
+ ssl_minor= *(p++);
+ version=(ssl_major<<8)|ssl_minor;
+ n2s(p,rr->length);
+
+ /* Lets check version */
+ if (s->first_packet)
+ {
+ s->first_packet=0;
+ }
+ else
+ {
+ if ( (ssl_major != SSL3_VERSION_MAJOR) ||
+ (ssl_minor != SSL3_VERSION_MINOR))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_WRONG_VERSION_NUMBER);
+ goto f_err;
+ }
+ }
+
+ if (s->version != SSL3_VERSION_MAJOR)
+ {
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_INTERNAL_ERROR);
+ goto err;
+ }
+
+ if (rr->length >
+ (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PACKET_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ s->rstate=SSL_ST_READ_BODY;
+ }
+
+ /* get and decode the data */
+ if (s->rstate == SSL_ST_READ_BODY)
+ {
+ if (rr->length > (s->packet_length-SSL3_RT_HEADER_LENGTH))
+ {
+ i=rr->length;
+ /*-(s->packet_length-SSL3_RT_HEADER_LENGTH); */
+ n=ssl3_read_n(s,i,i,1);
+ if (n <= 0) return(n); /* error or non-blocking io */
+ }
+ s->rstate=SSL_ST_READ_HEADER;
+ }
+
+ /* At this point, we have the data in s->packet and there should be
+ * s->packet_length bytes, we must not 'overrun' this buffer :-)
+ * One of the following functions will copy the data from the
+ * s->packet buffer */
+
+ rr->input= &(s->packet[SSL3_RT_HEADER_LENGTH]);
+
+ /* ok, we can now read from 's->packet' data into 'rr'
+ * rr->input points at rr->length bytes, which
+ * need to be copied into rr->data by either
+ * the decryption or by the decompression
+ * When the data is 'copied' into the rr->data buffer,
+ * rr->input will be pointed at the new buffer */
+
+ /* Set the state for the following operations */
+ s->rstate=SSL_ST_READ_HEADER;
+
+ /* We now have - encrypted [ MAC [ compressed [ plain ] ] ]
+ * rr->length bytes of encrypted compressed stuff. */
+
+ /* check is not needed I belive */
+ if (rr->length > (unsigned int)SSL3_RT_MAX_ENCRYPTED_LENGTH+extra)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_ENCRYPTED_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ /* decrypt in place in 'rr->input' */
+ rr->data=rr->input;
+
+ if (!ssl3_enc(s,0))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+ /* r->length is now the compressed data plus mac */
+ if ( (sess == NULL) ||
+ (s->enc_read_ctx == NULL) ||
+ (s->read_hash == NULL))
+ clear=1;
+
+ if (!clear)
+ {
+ mac_size=EVP_MD_size(s->read_hash);
+
+ if (rr->length > SSL3_RT_MAX_COMPRESSED_LENGTH+extra+mac_size)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_PRE_MAC_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ /* check MAC for rr->input' */
+ if (rr->length < mac_size)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_LENGTH_TOO_SHORT);
+ goto f_err;
+ }
+ rr->length-=mac_size;
+ i=ssl3_mac(s,md,0);
+ if (memcmp(md,&(rr->data[rr->length]),mac_size) != 0)
+ {
+ al=SSL3_AD_BAD_RECORD_MAC;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_MAC_DECODE);
+ ret=SSL_RWERR_BAD_MAC_DECODE;
+ goto f_err;
+ }
+ }
+
+ /* r->length is now just compressed */
+ if ((sess != NULL) && (sess->read_compression != NULL))
+ {
+ if (rr->length >
+ (unsigned int)SSL3_RT_MAX_COMPRESSED_LENGTH+extra)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_COMPRESSED_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+ if (!do_uncompress(s))
+ {
+ al=SSL3_AD_DECOMPRESSION_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_BAD_DECOMPRESSION);
+ goto f_err;
+ }
+ }
+
+ if (rr->length > (unsigned int)SSL3_RT_MAX_PLAIN_LENGTH+extra)
+ {
+ al=SSL3_AD_DECOMPRESSION_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_RECORD,SSL_R_DATA_LENGTH_TOO_LONG);
+ goto f_err;
+ }
+
+ rr->off=0;
+ /* So at this point the following is true
+ * ssl->s3->rrec.type is the type of record
+ * ssl->s3->rrec.length == number of bytes in record
+ * ssl->s3->rrec.off == offset to first valid byte
+ * ssl->s3->rrec.data == where to take bytes from, increment
+ * after use :-).
+ */
+
+ /* we have pulled in a full packet so zero things */
+ s->packet_length=0;
+
+ /* just read a 0 length packet */
+ if (rr->length == 0) goto again;
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(ret);
+ }
+
+static int do_uncompress(ssl)
+SSL *ssl;
+ {
+ return(1);
+ }
+
+static int do_compress(ssl)
+SSL *ssl;
+ {
+ return(1);
+ }
+
+/* Call this write a data
+ * It will return <= 0 if not all data has been sent or non-blocking IO.
+ */
+int ssl3_write_bytes(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+int len;
+ {
+ unsigned int tot,n,nw;
+ int i;
+
+ s->rwstate=SSL_NOTHING;
+ tot=s->s3->wnum;
+ s->s3->wnum=0;
+
+ if (SSL_in_init(s) && !s->in_handshake)
+ {
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL3_WRITE_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+
+ n=(len-tot);
+ for (;;)
+ {
+ if (n > SSL3_RT_MAX_PLAIN_LENGTH)
+ nw=SSL3_RT_MAX_PLAIN_LENGTH;
+ else
+ nw=n;
+
+ i=do_ssl3_write(s,type,&(buf[tot]),nw);
+ if (i <= 0)
+ {
+ s->s3->wnum=tot;
+ return(i);
+ }
+
+ if (type == SSL3_RT_HANDSHAKE)
+ ssl3_finish_mac(s,(unsigned char *)&(buf[tot]),i);
+
+ if (i == (int)n) return(tot+i);
+
+ n-=i;
+ tot+=i;
+ }
+ }
+
+static int do_ssl3_write(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+unsigned int len;
+ {
+ unsigned char *p,*plen;
+ int i,mac_size,clear=0;
+ SSL3_RECORD *wr;
+ SSL3_BUFFER *wb;
+ SSL_SESSION *sess;
+
+ /* first check is there is a SSL3_RECORD still being written
+ * out. This will happen with non blocking IO */
+ if (s->s3->wbuf.left != 0)
+ return(ssl3_write_pending(s,type,buf,len));
+
+ /* If we have an alert to send, lets send it */
+ if (s->s3->alert_dispatch)
+ {
+ i=ssl3_dispatch_alert(s);
+ if (i <= 0)
+ return(i);
+ /* if it went, fall through and send more stuff */
+ }
+
+ if (len <= 0) return(len);
+
+ wr= &(s->s3->wrec);
+ wb= &(s->s3->wbuf);
+ sess=s->session;
+
+ if ( (sess == NULL) ||
+ (s->enc_write_ctx == NULL) ||
+ (s->write_hash == NULL))
+ clear=1;
+
+ if (clear)
+ mac_size=0;
+ else
+ mac_size=EVP_MD_size(s->write_hash);
+
+ p=wb->buf;
+
+ /* write the header */
+ *(p++)=type&0xff;
+ wr->type=type;
+
+ *(p++)=SSL3_VERSION_MAJOR;
+ *(p++)=SSL3_VERSION_MINOR;
+
+ /* record where we are to write out packet length */
+ plen=p;
+ p+=2;
+
+ /* lets setup the record stuff. */
+ wr->data=p;
+ wr->length=(int)len;
+ wr->input=(unsigned char *)buf;
+
+ /* we now 'read' from wr->input, wr->length bytes into
+ * wr->data */
+
+ /* first we compress */
+ if ((sess != NULL) && (sess->write_compression != NULL))
+ {
+ if (!do_compress(s))
+ {
+ SSLerr(SSL_F_DO_SSL3_WRITE,SSL_R_COMPRESSION_FAILURE);
+ goto err;
+ }
+ }
+ else
+ {
+ memcpy(wr->data,wr->input,wr->length);
+ wr->input=wr->data;
+ }
+
+ /* we should still have the output to wr->data and the input
+ * from wr->input. Length should be wr->length.
+ * wr->data still points in the wb->buf */
+
+ if (mac_size != 0)
+ {
+ ssl3_mac(s,&(p[wr->length]),1);
+ wr->length+=mac_size;
+ wr->input=p;
+ wr->data=p;
+ }
+
+ /* ssl3_enc can only have an error on read */
+ ssl3_enc(s,1);
+
+ /* record length after mac and block padding */
+ s2n(wr->length,plen);
+
+ /* we should now have
+ * wr->data pointing to the encrypted data, which is
+ * wr->length long */
+ wr->type=type; /* not needed but helps for debugging */
+ wr->length+=SSL3_RT_HEADER_LENGTH;
+
+ /* Now lets setup wb */
+ wb->left=wr->length;
+ wb->offset=0;
+
+ s->s3->wpend_tot=len;
+ s->s3->wpend_buf=buf;
+ s->s3->wpend_type=type;
+ s->s3->wpend_ret=len;
+
+ /* we now just need to write the buffer */
+ return(ssl3_write_pending(s,type,buf,len));
+err:
+ return(-1);
+ }
+
+/* if s->s3->wbuf.left != 0, we need to call this */
+static int ssl3_write_pending(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+unsigned int len;
+ {
+ int i;
+
+ if ((s->s3->wpend_tot != (int)len) || (s->s3->wpend_buf != buf)
+ || (s->s3->wpend_type != type))
+ {
+ SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BAD_WRITE_RETRY);
+ return(SSL_RWERR_BAD_WRITE_RETRY);
+ }
+
+ for (;;)
+ {
+ errno=0;
+ if (s->wbio != NULL)
+ {
+ s->rwstate=SSL_WRITING;
+ i=BIO_write(s->wbio,
+ (char *)&(s->s3->wbuf.buf[s->s3->wbuf.offset]),
+ (unsigned int)s->s3->wbuf.left);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL3_WRITE_PENDING,SSL_R_BIO_NOT_SET);
+ i= -1;
+ }
+ if (i == s->s3->wbuf.left)
+ {
+ s->s3->wbuf.left=0;
+ s->rwstate=SSL_NOTHING;
+ return(s->s3->wpend_ret);
+ }
+ else if (i <= 0)
+ return(i);
+ s->s3->wbuf.offset+=i;
+ s->s3->wbuf.left-=i;
+ }
+ }
+
+int ssl3_read_bytes(s,type,buf,len)
+SSL *s;
+int type;
+char *buf;
+int len;
+ {
+ int al,i,j,n,ret;
+ SSL3_RECORD *rr;
+ unsigned char *sender;
+ void (*cb)()=NULL;
+
+ if (s->s3->rbuf.buf == NULL) /* Not initalised yet */
+ if (!ssl3_setup_buffers(s))
+ return(-1);
+
+ if (!s->in_handshake && SSL_in_before(s))
+ {
+ i=s->handshake_func(s);
+ if (i < 0) return(i);
+ if (i == 0)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+start:
+ s->rwstate=SSL_NOTHING;
+
+ /* s->s3->rrec.type - is the type of record
+ * s->s3->rrec.data, - data
+ * s->s3->rrec.off, - ofset into 'data' for next read
+ * s->s3->rrec.length, - number of bytes. */
+ rr= &(s->s3->rrec);
+
+ /* get new packet */
+ if ((rr->length == 0) || (s->rstate == SSL_ST_READ_BODY))
+ {
+ ret=ssl3_get_record(s);
+ if (ret <= 0) return(ret);
+ }
+
+ /* we now have a packet which can be read and processed */
+
+ if (s->s3->change_cipher_spec && (rr->type != SSL3_RT_HANDSHAKE))
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_DATA_BETWEEN_CCS_AND_FINISHED);
+ goto err;
+ }
+
+ /* If the other end has shutdown, throw anything we read away */
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ rr->length=0;
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+
+ /* Check for an incoming 'Client Request' message */
+ if ((rr->type == SSL3_RT_HANDSHAKE) && (rr->length == 4) &&
+ (rr->data[0] == SSL3_MT_CLIENT_REQUEST) &&
+ (s->session != NULL) && (s->session->cipher != NULL))
+ {
+ if ((rr->data[1] != 0) || (rr->data[2] != 0) ||
+ (rr->data[3] != 0))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CLIENT_REQUEST);
+ goto err;
+ }
+
+ if (SSL_is_init_finished(s) &&
+ !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+ {
+ ssl3_renegotiate(s);
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ }
+ rr->length=0;
+/* ZZZ */ goto start;
+ }
+
+ /* if it is not the type we want, or we have shutdown and want
+ * the peer shutdown */
+ if ((rr->type != type) || (s->shutdown & SSL_SENT_SHUTDOWN))
+ {
+ if (rr->type == SSL3_RT_ALERT)
+ {
+ if ((rr->length != 2) || (rr->off != 0))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_ALERT_RECORD);
+ goto f_err;
+ }
+
+ i=rr->data[0];
+ n=rr->data[1];
+
+ /* clear from buffer */
+ rr->length=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (cb != NULL)
+ {
+ j=(i<<8)|n;
+ cb(s,SSL_CB_READ_ALERT,j);
+ }
+
+ if (i == 1)
+ {
+ s->s3->warn_alert=n;
+ if (n == SSL3_AD_CLOSE_NOTIFY)
+ {
+ s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+ return(0);
+ }
+ }
+ else if (i == 2)
+ {
+ s->rwstate=SSL_NOTHING;
+ s->s3->fatal_alert=n;
+ SSLerr(SSL_F_SSL3_READ_BYTES,1000+n);
+ s->shutdown|=SSL_RECEIVED_SHUTDOWN;
+ SSL_CTX_remove_session(s->ctx,s->session);
+ return(0);
+ }
+ else
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNKNOWN_ALERT_TYPE);
+ goto f_err;
+ }
+
+ rr->length=0;
+ goto start;
+ }
+
+ if (s->shutdown & SSL_SENT_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ rr->length=0;
+ return(0);
+ }
+
+ if (rr->type == SSL3_RT_CHANGE_CIPHER_SPEC)
+ {
+ if ( (rr->length != 1) || (rr->off != 0) ||
+ (rr->data[0] != SSL3_MT_CCS))
+ {
+ i=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_BAD_CHANGE_CIPHER_SPEC);
+ goto err;
+ }
+
+ rr->length=0;
+
+ s->s3->change_cipher_spec=1;
+
+ if (s->state & SSL_ST_ACCEPT)
+ i=SSL3_CHANGE_CIPHER_SERVER_READ;
+ else
+ i=SSL3_CHANGE_CIPHER_CLIENT_READ;
+
+ if (s->s3->tmp.key_block == NULL)
+ {
+ s->session->cipher=s->s3->tmp.new_cipher;
+ if (!ssl3_setup_key_block(s))
+ goto err;
+ }
+
+ if (!ssl3_change_cipher_state(s,i))
+ goto err;
+
+ /* we have to record the message digest at
+ * this point so we can get it before we read
+ * the finished message */
+ sender=(s->state & SSL_ST_CONNECT)
+ ?&(ssl3_server_finished_const[0])
+ :&(ssl3_client_finished_const[0]);
+
+ ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),
+ sender,&(s->s3->tmp.finish_md1[0]));
+ ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),
+ sender,&(s->s3->tmp.finish_md2[0]));
+
+ goto start;
+ }
+
+ /* else we have a handshake */
+ if ((rr->type == SSL3_RT_HANDSHAKE) &&
+ !s->in_handshake)
+ {
+ if (((s->state&SSL_ST_MASK) == SSL_ST_OK) &&
+ !(s->s3->flags & SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS))
+ {
+ s->state=SSL_ST_BEFORE;
+ s->new_session=1;
+ }
+ n=s->handshake_func(s);
+ if (n < 0) return(n);
+ if (n == 0)
+ {
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_SSL_HANDSHAKE_FAILURE);
+ return(-1);
+ }
+ goto start;
+ }
+
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_UNEXPECTED_RECORD);
+ goto f_err;
+ }
+
+ /* make sure that we are not getting application data when we
+ * are doing a handshake for the first time */
+ if (SSL_in_init(s) && (type == SSL3_RT_APPLICATION_DATA) &&
+ (s->enc_read_ctx == NULL))
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_READ_BYTES,SSL_R_APP_DATA_IN_HANDSHAKE);
+ goto f_err;
+ }
+
+ if (len <= 0) return(len);
+
+ if ((unsigned int)len > rr->length)
+ n=rr->length;
+ else
+ n=len;
+
+ memcpy(buf,&(rr->data[rr->off]),(unsigned int)n);
+ rr->length-=n;
+ rr->off+=n;
+ if (rr->length <= 0)
+ s->rstate=SSL_ST_READ_HEADER;
+
+ if (type == SSL3_RT_HANDSHAKE)
+ ssl3_finish_mac(s,(unsigned char *)buf,n);
+ return(n);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+int ssl3_do_write(s,type)
+SSL *s;
+int type;
+ {
+ int ret;
+
+ ret=ssl3_write_bytes(s,type,(char *)
+ &(s->init_buf->data[s->init_off]),s->init_num);
+ if (ret == s->init_num)
+ return(1);
+ if (ret < 0) return(-1);
+ s->init_off+=ret;
+ s->init_num-=ret;
+ return(0);
+ }
+
+void ssl3_send_alert(s,level,desc)
+SSL *s;
+int level;
+int desc;
+ {
+ /* If a fatal one, remove from cache */
+ if ((level == 2) && (s->session != NULL))
+ SSL_CTX_remove_session(s->ctx,s->session);
+
+ s->s3->alert_dispatch=1;
+ s->s3->send_alert[0]=level;
+ s->s3->send_alert[1]=desc;
+ if (s->s3->wbuf.left == 0) /* data still being written out */
+ ssl3_dispatch_alert(s);
+ /* else data is still being written out, we will get written
+ * some time in the future */
+ }
+
+int ssl3_dispatch_alert(s)
+SSL *s;
+ {
+ int i,j;
+ void (*cb)()=NULL;
+
+ s->s3->alert_dispatch=0;
+ i=do_ssl3_write(s,SSL3_RT_ALERT,&(s->s3->send_alert[0]),2);
+ if (i <= 0)
+ {
+ s->s3->alert_dispatch=1;
+ }
+ else
+ {
+ /* If it is important, send it now. If the message
+ * does not get sent due to non-blocking IO, we will
+ * not worry too much. */
+ if (s->s3->send_alert[0] == SSL3_AL_FATAL)
+ BIO_flush(s->wbio);
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (cb != NULL)
+ {
+ j=(s->s3->send_alert[0]<<8)|s->s3->send_alert[1];
+ cb(s,SSL_CB_WRITE_ALERT,j);
+ }
+ }
+ return(i);
+ }
+
diff --git a/ssl/s3_srvr.c b/ssl/s3_srvr.c
new file mode 100644
index 0000000..ebff575
--- /dev/null
+++ b/ssl/s3_srvr.c
@@ -0,0 +1,1629 @@
+/* ssl/s3_srvr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#define REUSE_CIPHER_BUG
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+/* SSLerr(SSL_F_SSL3_ACCEPT,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,ERR_R_MALLOC_FAILURE);
+ * SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ */
+
+#ifndef NOPROTO
+static int ssl3_get_client_hello(SSL *s);
+static int ssl3_send_server_hello(SSL *s);
+static int ssl3_send_server_key_exchange(SSL *s);
+static int ssl3_send_certificate_request(SSL *s);
+static int ssl3_send_server_done(SSL *s);
+static int ssl3_get_cert_verify(SSL *s);
+static int ssl3_get_client_key_exchange(SSL *s);
+static int ssl3_get_client_certificate(SSL *s);
+static int ssl3_send_hello_request(SSL *s);
+
+#else
+
+static int ssl3_get_client_hello();
+static int ssl3_send_server_hello();
+static int ssl3_send_server_key_exchange();
+static int ssl3_send_certificate_request();
+static int ssl3_send_server_done();
+static int ssl3_get_cert_verify();
+static int ssl3_get_client_key_exchange();
+static int ssl3_get_client_certificate();
+static int ssl3_send_hello_request();
+static SSL_METHOD *ssl3_get_server_method();
+
+#endif
+
+static SSL_METHOD *ssl3_get_server_method(ver)
+int ver;
+ {
+ if (ver == 3)
+ return(SSLv3_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv3_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv3_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv3_server_data,(char *)sslv3_base_method(),
+ sizeof(SSL_METHOD));
+ SSLv3_server_data.ssl_accept=ssl3_accept;
+ SSLv3_server_data.get_ssl_method=ssl3_get_server_method;
+ }
+ return(&SSLv3_server_data);
+ }
+
+int ssl3_accept(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long l,Time=time(NULL);
+ void (*cb)()=NULL;
+ long num1;
+ int ret= -1;
+ CERT *ct;
+ BIO *bbio,*under;
+ int new_state,state,skip=0;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ /* init things to blank */
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+#ifdef undef
+ /* FIX THIS EAY EAY EAY */
+ /* we don't actually need a cert, we just need a cert or a DH_tmp */
+ if (((s->session == NULL) || (s->session->cert == NULL)) &&
+ (s->cert == NULL))
+ {
+ SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_NO_CERTIFICATE_SET);
+ ret= -1;
+ goto end;
+ }
+#endif
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch (s->state)
+ {
+ case SSL_ST_RENEGOTIATE:
+ s->new_session=1;
+ /* s->state=SSL_ST_ACCEPT; */
+
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=3;
+ s->type=SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ if (!ssl3_setup_buffers(s))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ /* Ok, we now need to push on a buffering BIO so that
+ * the output is sent in a way that TCP likes :-)
+ */
+ if (s->bbio == NULL)
+ {
+ bbio=BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+ {
+ SSLerr(SSL_F_SSL3_ACCEPT,ERR_LIB_BUF);
+ ret= -1;
+ goto end;
+ }
+ s->bbio=bbio;
+ }
+ else
+ bbio=s->bbio;
+ BIO_reset(bbio);
+ if (!BIO_set_write_buffer_size(bbio,16*1024))
+ {
+ SSLerr(SSL_F_SSL3_ACCEPT,ERR_LIB_BUF);
+ ret= -1;
+ goto end;
+ }
+
+ s->wbio=BIO_push(bbio,s->wbio);
+
+ s->ctx->sess_accept++;
+ s->init_num=0;
+
+ if (s->state != SSL_ST_RENEGOTIATE)
+ {
+ s->state=SSL3_ST_SR_CLNT_HELLO_A;
+ ssl3_init_finished_mac(s);
+ }
+ else
+ {
+ s->state=SSL3_ST_SW_HELLO_REQ_A;
+ }
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_A:
+ case SSL3_ST_SW_HELLO_REQ_B:
+
+ s->shutdown=0;
+ ret=ssl3_send_hello_request(s);
+ if (ret <= 0) goto end;
+ s->s3->tmp.next_state=SSL3_ST_SW_HELLO_REQ_C;
+ s->state=SSL3_ST_SW_FLUSH;
+ s->init_num=0;
+
+ ssl3_init_finished_mac(s);
+ break;
+
+ case SSL3_ST_SW_HELLO_REQ_C:
+ /* remove buffering on output */
+ under=BIO_pop(s->wbio);
+ if (under != NULL)
+ s->wbio=under;
+ else
+ abort(); /* ok */
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+
+ s->state=SSL_ST_OK;
+ ret=1;
+ goto end;
+ break;
+
+ case SSL3_ST_SR_CLNT_HELLO_A:
+ case SSL3_ST_SR_CLNT_HELLO_B:
+ case SSL3_ST_SR_CLNT_HELLO_C:
+
+ s->shutdown=0;
+ ret=ssl3_get_client_hello(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_SRVR_HELLO_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_SRVR_HELLO_A:
+ case SSL3_ST_SW_SRVR_HELLO_B:
+ ret=ssl3_send_server_hello(s);
+ if (ret <= 0) goto end;
+
+ if (s->hit)
+ s->state=SSL3_ST_SW_CHANGE_A;
+ else
+ s->state=SSL3_ST_SW_CERT_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_CERT_A:
+ case SSL3_ST_SW_CERT_B:
+ /* Check if it is anon DH */
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ {
+ ret=ssl3_send_server_certificate(s);
+ if (ret <= 0) goto end;
+ }
+ else
+ skip=1;
+ s->state=SSL3_ST_SW_KEY_EXCH_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_KEY_EXCH_A:
+ case SSL3_ST_SW_KEY_EXCH_B:
+ l=s->s3->tmp.new_cipher->algorithms;
+ if (s->session->cert == NULL)
+ {
+ if (s->cert != NULL)
+ {
+ CRYPTO_add(&s->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ s->session->cert=s->cert;
+ }
+ else
+ {
+ CRYPTO_add(&s->ctx->default_cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ s->session->cert=s->ctx->default_cert;
+ }
+ }
+ ct=s->session->cert;
+
+ /* clear this, it may get reset by
+ * send_server_key_exchange */
+ if (s->ctx->options & SSL_OP_EPHEMERAL_RSA)
+ s->s3->tmp.use_rsa_tmp=1;
+ else
+ s->s3->tmp.use_rsa_tmp=0;
+
+ /* only send if a DH key exchange, fortezza or
+ * RSA but we have a sign only certificate */
+ if ( s->s3->tmp.use_rsa_tmp ||
+ (l & (SSL_DH|SSL_kFZA)) ||
+ ((l & SSL_kRSA) &&
+ ((ct->pkeys[SSL_PKEY_RSA_ENC].privatekey == NULL)||
+ ((l & SSL_EXPORT) &&
+ (EVP_PKEY_size(ct->pkeys[SSL_PKEY_RSA_ENC].privatekey)*8 > 512)
+ )
+ )
+ )
+ )
+ {
+ ret=ssl3_send_server_key_exchange(s);
+ if (ret <= 0) goto end;
+ }
+ else
+ skip=1;
+
+ s->state=SSL3_ST_SW_CERT_REQ_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_CERT_REQ_A:
+ case SSL3_ST_SW_CERT_REQ_B:
+ if (!(s->verify_mode & SSL_VERIFY_PEER) ||
+ ((s->session->peer != NULL) &&
+ (s->verify_mode & SSL_VERIFY_CLIENT_ONCE)))
+ {
+ /* no cert request */
+ skip=1;
+ s->state=SSL3_ST_SW_SRVR_DONE_A;
+ }
+ else
+ {
+ ret=ssl3_send_certificate_request(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_SRVR_DONE_A;
+ s->init_num=0;
+ }
+ break;
+
+ case SSL3_ST_SW_SRVR_DONE_A:
+ case SSL3_ST_SW_SRVR_DONE_B:
+ ret=ssl3_send_server_done(s);
+ if (ret <= 0) goto end;
+ s->s3->tmp.next_state=SSL3_ST_SR_CERT_A;
+ s->state=SSL3_ST_SW_FLUSH;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_FLUSH:
+ /* number of bytes to be flushed */
+ num1=BIO_ctrl(s->wbio,BIO_CTRL_INFO,0,NULL);
+ if (num1 > 0)
+ {
+ s->rwstate=SSL_WRITING;
+ num1=BIO_flush(s->wbio);
+ if (num1 <= 0) { ret= -1; goto end; }
+ s->rwstate=SSL_NOTHING;
+ }
+
+ s->state=s->s3->tmp.next_state;
+ break;
+
+ case SSL3_ST_SR_CERT_A:
+ case SSL3_ST_SR_CERT_B:
+ /* could be sent for a DH cert, even if we
+ * have not asked for it :-) */
+ ret=ssl3_get_client_certificate(s);
+ if (ret <= 0) goto end;
+ s->init_num=0;
+ s->state=SSL3_ST_SR_KEY_EXCH_A;
+ break;
+
+ case SSL3_ST_SR_KEY_EXCH_A:
+ case SSL3_ST_SR_KEY_EXCH_B:
+ ret=ssl3_get_client_key_exchange(s);
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SR_CERT_VRFY_A;
+ s->init_num=0;
+
+ /* We need to get hashes here so if there is
+ * a client cert, it can be verified */
+ ssl3_final_finish_mac(s,&(s->s3->finish_dgst1),
+ NULL,&(s->s3->tmp.finish_md1[0]));
+ ssl3_final_finish_mac(s,&(s->s3->finish_dgst2),
+ NULL,&(s->s3->tmp.finish_md2[0]));
+
+ break;
+
+ case SSL3_ST_SR_CERT_VRFY_A:
+ case SSL3_ST_SR_CERT_VRFY_B:
+
+ /* we should decide if we expected this one */
+ ret=ssl3_get_cert_verify(s);
+ if (ret <= 0) goto end;
+
+ s->state=SSL3_ST_SR_FINISHED_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SR_FINISHED_A:
+ case SSL3_ST_SR_FINISHED_B:
+ ret=ssl3_get_finished(s,SSL3_ST_SR_FINISHED_A,
+ SSL3_ST_SR_FINISHED_B,
+ &(ssl3_client_finished_const[0]));
+ if (ret <= 0) goto end;
+ if (s->hit)
+ s->state=SSL_ST_OK;
+ else
+ s->state=SSL3_ST_SW_CHANGE_A;
+ s->init_num=0;
+ break;
+
+ case SSL3_ST_SW_CHANGE_A:
+ case SSL3_ST_SW_CHANGE_B:
+
+ s->session->cipher=s->s3->tmp.new_cipher;
+ if (!ssl3_setup_key_block(s)) { ret= -1; goto end; }
+
+ ret=ssl3_send_change_cipher_spec(s,
+ SSL3_ST_SW_CHANGE_A,SSL3_ST_SW_CHANGE_B);
+
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_FINISHED_A;
+ s->init_num=0;
+
+ if (!ssl3_change_cipher_state(s,
+ SSL3_CHANGE_CIPHER_SERVER_WRITE))
+ {
+ ret= -1;
+ goto end;
+ }
+
+ break;
+
+ case SSL3_ST_SW_FINISHED_A:
+ case SSL3_ST_SW_FINISHED_B:
+ ret=ssl3_send_finished(s,
+ SSL3_ST_SW_FINISHED_A,SSL3_ST_SW_FINISHED_B,
+ &(ssl3_server_finished_const[0]));
+ if (ret <= 0) goto end;
+ s->state=SSL3_ST_SW_FLUSH;
+ if (s->hit)
+ s->s3->tmp.next_state=SSL3_ST_SR_FINISHED_A;
+ else
+ s->s3->tmp.next_state=SSL_ST_OK;
+ s->init_num=0;
+ break;
+
+ case SSL_ST_OK:
+ /* clean a few things up */
+ ssl3_cleanup_key_block(s);
+
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+
+ /* remove buffering on output */
+ under=BIO_pop(s->wbio);
+ if (under != NULL)
+ s->wbio=under;
+ else
+ abort(); /* ok */
+ BIO_free(s->bbio);
+ s->bbio=NULL;
+
+ s->new_session=0;
+ s->init_num=0;
+
+ ssl_update_cache(s,SSL_SESS_CACHE_SERVER);
+
+ s->ctx->sess_accept_good++;
+ /* s->server=1; */
+ s->handshake_func=ssl3_accept;
+ ret=1;
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_DONE,1);
+
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL3_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ break;
+ }
+
+ if (!s->s3->tmp.reuse_message && !skip)
+ {
+ if (s->debug) BIO_flush(s->wbio);
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+ skip=0;
+ }
+end:
+ /* BIO_flush(s->wbio); */
+
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+static int ssl3_send_hello_request(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_HELLO_REQ_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+ *(p++)=SSL3_MT_CLIENT_REQUEST;
+ *(p++)=0;
+ *(p++)=0;
+ *(p++)=0;
+
+ s->state=SSL3_ST_SW_HELLO_REQ_B;
+ /* number of bytes to write */
+ s->init_num=4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_HELLO_REQ_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+static int ssl3_get_client_hello(s)
+SSL *s;
+ {
+ int i,j,ok,al,ret= -1;
+ long n;
+ unsigned long id;
+ unsigned char *p,*d;
+ SSL_CIPHER *c;
+ STACK *ciphers=NULL;
+
+ if (s->state == SSL3_ST_SR_CLNT_HELLO_A)
+ {
+ s->first_packet=1;
+ s->state=SSL3_ST_SR_CLNT_HELLO_B;
+ }
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_CLNT_HELLO_B,
+ SSL3_ST_SR_CLNT_HELLO_C,
+ SSL3_MT_CLIENT_HELLO,
+ SSL3_RT_MAX_PLAIN_LENGTH,
+ &ok);
+
+ if (!ok) return((int)n);
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if (p[0] != SSL3_VERSION_MAJOR)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_WRONG_SSL_VERSION);
+ goto err;
+ }
+ p+=2;
+
+ /* load the client random */
+ memcpy(s->s3->client_random,p,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* get the session-id */
+ j= *(p++);
+
+ s->hit=0;
+ if (j == 0)
+ {
+ if (!ssl_get_new_session(s,1))
+ goto err;
+ }
+ else
+ {
+ i=ssl_get_prev_session(s,j,p);
+ if (i == 1)
+ { /* previous session */
+ s->hit=1;
+ }
+ else
+ {
+ if (!ssl_get_new_session(s,1))
+ goto err;
+ }
+ }
+
+ p+=j;
+ n2s(p,i);
+ if ((i == 0) && (j != 0))
+ {
+ /* we need a cipher if we are not resuming a session */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_SPECIFIED);
+ goto f_err;
+ }
+ if ((i+p) > (d+n))
+ {
+ /* not enough data */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if ((i > 0) && (ssl_bytes_to_cipher_list(s,p,i,&(ciphers))
+ == NULL))
+ {
+ goto err;
+ }
+ p+=i;
+
+ /* If it is a hit, check that the cipher is in the list */
+ if ((s->hit) && (i > 0))
+ {
+ j=0;
+ id=s->session->cipher->id;
+
+ for (i=0; i<sk_num(ciphers); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(ciphers,i);
+ if (c->id == id)
+ {
+ j=1;
+ break;
+ }
+ }
+ if (j == 0)
+ {
+ if ((s->ctx->options & SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG) && (sk_num(ciphers) == 1))
+ {
+ /* Very bad for multi-threading.... */
+ s->session->cipher=
+ (SSL_CIPHER *)sk_value(ciphers,0);
+ }
+ else
+ {
+ /* we need to have the cipher in the cipher
+ * list if we are asked to reuse it */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_REQUIRED_CIPHER_MISSING);
+ goto f_err;
+ }
+ }
+ }
+
+ /* compression */
+ i= *(p++);
+ for (j=0; j<i; j++)
+ if (p[j] == 0) break;
+
+ p+=i;
+ if (j >= i)
+ {
+ /* no compress */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_COMPRESSION_SPECIFIED);
+ goto f_err;
+ }
+
+ if (p > (d+n))
+ {
+ /* wrong number of bytes,
+ * there could be more to follow */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ /* do nothing with compression */
+
+ /* Given s->session->ciphers and ssl_get_ciphers_by_id(s), we must
+ * pick a cipher */
+
+ if (!s->hit)
+ {
+ if (s->session->ciphers != NULL)
+ sk_free(s->session->ciphers);
+ s->session->ciphers=ciphers;
+ if (ciphers == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_CIPHERS_PASSED);
+ goto f_err;
+ }
+ ciphers=NULL;
+ c=ssl3_choose_cipher(s,s->session->ciphers,
+ ssl_get_ciphers_by_id(s));
+
+ if (c == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,SSL_R_NO_SHARED_CIPHER);
+ goto f_err;
+ }
+ s->s3->tmp.new_cipher=c;
+ }
+ else
+ {
+ /* Session-id reuse */
+#ifdef REUSE_CIPHER_BUG
+ STACK *sk;
+ SSL_CIPHER *nc=NULL;
+ SSL_CIPHER *ec=NULL;
+
+ if (s->ctx->options & SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG)
+ {
+ sk=s->session->ciphers;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ if (c->algorithms & SSL_eNULL)
+ nc=c;
+ if (c->algorithms & SSL_EXP)
+ ec=c;
+ }
+ if (nc != NULL)
+ s->s3->tmp.new_cipher=nc;
+ else if (ec != NULL)
+ s->s3->tmp.new_cipher=ec;
+ else
+ s->s3->tmp.new_cipher=s->session->cipher;
+ }
+ else
+#endif
+ s->s3->tmp.new_cipher=s->session->cipher;
+ }
+
+ /* we now have the following setup.
+ * client_random
+ * cipher_list - our prefered list of ciphers
+ * ciphers - the clients prefered list of ciphers
+ * compression - basically ignored right now
+ * ssl version is set - sslv3
+ * s->session - The ssl session has been setup.
+ * s->hit - sesson reuse flag
+ * s->tmp.new_cipher - the new cipher to use.
+ */
+
+ ret=1;
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+err:
+ if (ciphers != NULL) sk_free(ciphers);
+ return(ret);
+ }
+
+static int ssl3_send_server_hello(s)
+SSL *s;
+ {
+ unsigned char *buf;
+ unsigned char *p,*d;
+ int i,sl;
+ unsigned long l,Time;
+
+ if (s->state == SSL3_ST_SW_SRVR_HELLO_A)
+ {
+ buf=(unsigned char *)s->init_buf->data;
+ p=s->s3->server_random;
+ Time=time(NULL); /* Time */
+ l2n(Time,p);
+ RAND_bytes(p,SSL3_RANDOM_SIZE-sizeof(Time));
+ /* Do the message type and length last */
+ d=p= &(buf[4]);
+
+ *(p++)=SSL3_VERSION_MAJOR;
+ *(p++)=SSL3_VERSION_MINOR;
+
+ /* Random stuff */
+ memcpy(p,s->s3->server_random,SSL3_RANDOM_SIZE);
+ p+=SSL3_RANDOM_SIZE;
+
+ /* now in theory we have 3 options to sending back the
+ * session id. If it is a re-use, we send back the
+ * old session-id, if it is a new session, we send
+ * back the new session-id or we send back a 0 length
+ * session-id if we want it to be single use.
+ * Currently I will not implement the '0' length session-id
+ */
+
+ sl=s->session->session_id_length;
+ *(p++)=sl;
+ memcpy(p,s->session->session_id,sl);
+ p+=sl;
+
+ /* put the cipher */
+ i=ssl3_put_cipher_by_char(s->s3->tmp.new_cipher,p);
+ p+=i;
+
+ /* put the compression method */
+ *(p++)=0;
+
+ /* do the header */
+ l=(p-d);
+ d=buf;
+ *(d++)=SSL3_MT_SERVER_HELLO;
+ l2n3(l,d);
+
+ s->state=SSL3_ST_CW_CLNT_HELLO_B;
+ /* number of bytes to write */
+ s->init_num=p-buf;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+static int ssl3_send_server_done(s)
+SSL *s;
+ {
+ unsigned char *p;
+
+ if (s->state == SSL3_ST_SW_SRVR_DONE_A)
+ {
+ p=(unsigned char *)s->init_buf->data;
+
+ /* do the header */
+ *(p++)=SSL3_MT_SERVER_DONE;
+ *(p++)=0;
+ *(p++)=0;
+ *(p++)=0;
+
+ s->state=SSL3_ST_SW_SRVR_DONE_B;
+ /* number of bytes to write */
+ s->init_num=4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_CW_CLNT_HELLO_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
+
+static int ssl3_send_server_key_exchange(s)
+SSL *s;
+ {
+#ifndef NO_RSA
+ unsigned char *q;
+ int j,num;
+ RSA *rsa;
+ unsigned char md_buf[MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH];
+#endif
+#ifndef NO_DH
+ DH *dh,*dhp;
+#endif
+ EVP_PKEY *pkey;
+ unsigned char *p,*d;
+ int al,i;
+ unsigned long type;
+ int n;
+ CERT *cert;
+ BIGNUM *r[4];
+ int nr[4],kn;
+ BUF_MEM *buf;
+ EVP_MD_CTX md_ctx;
+
+ if (s->state == SSL3_ST_SW_KEY_EXCH_A)
+ {
+ type=s->s3->tmp.new_cipher->algorithms & SSL_MKEY_MASK;
+ cert=s->session->cert;
+
+ buf=s->init_buf;
+
+ r[0]=r[1]=r[2]=r[3]=NULL;
+ n=0;
+#ifndef NO_RSA
+ if (type & SSL_kRSA)
+ {
+ rsa=cert->rsa_tmp;
+ if ((rsa == NULL) && (s->ctx->default_cert->rsa_tmp_cb != NULL))
+ {
+ rsa=s->ctx->default_cert->rsa_tmp_cb(s,
+ (s->s3->tmp.new_cipher->algorithms|
+ SSL_NOT_EXP)?0:1);
+ CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
+ cert->rsa_tmp=rsa;
+ }
+ if (rsa == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_KEY);
+ goto f_err;
+ }
+ r[0]=rsa->n;
+ r[1]=rsa->e;
+ s->s3->tmp.use_rsa_tmp=1;
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (type & SSL_kEDH)
+ {
+ dhp=cert->dh_tmp;
+ if ((dhp == NULL) && (cert->dh_tmp_cb != NULL))
+ dhp=cert->dh_tmp_cb(s,
+ (s->s3->tmp.new_cipher->algorithms|
+ SSL_NOT_EXP)?0:1);
+ if (dhp == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ }
+ if ((dh=DHparams_dup(dhp)) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ s->s3->tmp.dh=dh;
+ if (((dhp->pub_key == NULL) ||
+ (dhp->priv_key == NULL) ||
+ (s->ctx->options & SSL_OP_SINGLE_DH_USE)) &&
+ (!DH_generate_key(dh)))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ else
+ {
+ dh->pub_key=BN_dup(dhp->pub_key);
+ dh->priv_key=BN_dup(dhp->priv_key);
+ if ((dh->pub_key == NULL) ||
+ (dh->priv_key == NULL))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+ }
+ r[0]=dh->p;
+ r[1]=dh->g;
+ r[2]=dh->pub_key;
+ }
+ else
+#endif
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE);
+ goto f_err;
+ }
+ for (i=0; r[i] != NULL; i++)
+ {
+ nr[i]=BN_num_bytes(r[i]);
+ n+=2+nr[i];
+ }
+
+ if (!(s->s3->tmp.new_cipher->algorithms & SSL_aNULL))
+ {
+ if ((pkey=ssl_get_sign_pkey(s,s->s3->tmp.new_cipher))
+ == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ goto f_err;
+ }
+ kn=EVP_PKEY_size(pkey);
+ }
+ else
+ {
+ pkey=NULL;
+ kn=0;
+ }
+
+ if (!BUF_MEM_grow(buf,n+4+kn))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_BUF);
+ goto err;
+ }
+ d=(unsigned char *)s->init_buf->data;
+ p= &(d[4]);
+
+ for (i=0; r[i] != NULL; i++)
+ {
+ s2n(nr[i],p);
+ BN_bn2bin(r[i],p);
+ p+=nr[i];
+ }
+
+ /* not anonymous */
+ if (pkey != NULL)
+ {
+ /* n is the length of the params, they start at &(d[4])
+ * and p points to the space at the end. */
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ q=md_buf;
+ j=0;
+ for (num=2; num > 0; num--)
+ {
+ EVP_DigestInit(&md_ctx,(num == 2)?EVP_md5():EVP_sha1());
+ EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_DigestUpdate(&md_ctx,&(d[4]),n);
+ EVP_DigestFinal(&md_ctx,q,
+ (unsigned int *)&i);
+ q+=i;
+ j+=i;
+ }
+ i=RSA_private_encrypt(j,md_buf,&(p[2]),
+ pkey->pkey.rsa,RSA_PKCS1_PADDING);
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_RSA);
+ goto err;
+ }
+ s2n(i,p);
+ n+=i+2;
+ }
+ else
+#endif
+#if !defined(NO_DSA)
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ /* lets do DSS */
+ EVP_SignInit(&md_ctx,EVP_dss1());
+ EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
+ EVP_SignUpdate(&md_ctx,&(d[4]),n);
+ if (!EVP_SignFinal(&md_ctx,&(p[2]),
+ (unsigned int *)&i,pkey))
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
+ goto err;
+ }
+ s2n(i,p);
+ n+=i+2;
+ }
+ else
+#endif
+ {
+ /* Is this error check actually needed? */
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,SSL_R_UNKNOWN_PKEY_TYPE);
+ goto f_err;
+ }
+ }
+
+ *(d++)=SSL3_MT_SERVER_KEY_EXCHANGE;
+ l2n3(n,d);
+
+ /* we should now have things packed up, so lets send
+ * it off */
+ s->init_num=n+4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_KEY_EXCH_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_send_certificate_request(s)
+SSL *s;
+ {
+ unsigned char *p,*d;
+ int i,j,nl,off,n;
+ STACK *sk=NULL;
+ X509_NAME *name;
+ BUF_MEM *buf;
+
+ if (s->state == SSL3_ST_SW_CERT_REQ_A)
+ {
+ buf=s->init_buf;
+
+ d=p=(unsigned char *)&(buf->data[4]);
+
+ /* get the list of acceptable cert types */
+ p++;
+ n=ssl3_get_req_cert_type(s,p);
+ d[0]=n;
+ p+=n;
+ n++;
+
+ off=n;
+ p+=2;
+ n+=2;
+
+ sk=SSL_get_client_CA_list(s);
+ nl=0;
+ if (sk != NULL)
+ {
+ for (i=0; i<sk_num(sk); i++)
+ {
+ name=(X509_NAME *)sk_value(sk,i);
+ j=i2d_X509_NAME(name,NULL);
+ if (!BUF_MEM_grow(buf,4+n+j+2))
+ {
+ SSLerr(SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,ERR_R_BUF_LIB);
+ goto err;
+ }
+ p=(unsigned char *)&(buf->data[4+n]);
+ if (!(s->ctx->options & SSL_OP_NETSCAPE_CA_DN_BUG))
+ {
+ s2n(j,p);
+ i2d_X509_NAME(name,&p);
+ n+=2+j;
+ nl+=2+j;
+ }
+ else
+ {
+ d=p;
+ i2d_X509_NAME(name,&p);
+ j-=2; s2n(j,d); j+=2;
+ n+=j;
+ nl+=j;
+ }
+ }
+ }
+ /* else no CA names */
+ p=(unsigned char *)&(buf->data[4+off]);
+ s2n(nl,p);
+
+ d=(unsigned char *)buf->data;
+ *(d++)=SSL3_MT_CERTIFICATE_REQUEST;
+ l2n3(n,d);
+
+ /* we should now have things packed up, so lets send
+ * it off */
+
+ s->init_num=n+4;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_CERT_REQ_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+err:
+ return(-1);
+ }
+
+static int ssl3_get_client_key_exchange(s)
+SSL *s;
+ {
+ int i,al,ok;
+ long n;
+ unsigned long l;
+ unsigned char *p;
+ RSA *rsa=NULL;
+ BIGNUM *pub=NULL;
+ EVP_PKEY *pkey=NULL;
+ DH *dh_srvr;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_KEY_EXCH_A,
+ SSL3_ST_SR_KEY_EXCH_B,
+ SSL3_MT_CLIENT_KEY_EXCHANGE,
+ 400, /* ???? */
+ &ok);
+
+ if (!ok) return((int)n);
+ p=(unsigned char *)s->init_buf->data;
+
+ l=s->s3->tmp.new_cipher->algorithms;
+
+#ifndef NO_RSA
+ if (l & SSL_kRSA)
+ {
+ /* FIX THIS UP EAY EAY EAY EAY */
+ if (s->s3->tmp.use_rsa_tmp)
+ {
+ if ((s->session->cert != NULL) &&
+ (s->session->cert->rsa_tmp != NULL))
+ rsa=s->session->cert->rsa_tmp;
+ else if ((s->ctx->default_cert != NULL) &&
+ (s->ctx->default_cert->rsa_tmp != NULL))
+ rsa=s->ctx->default_cert->rsa_tmp;
+ /* Don't do a callback because rsa_tmp should
+ * be sent already */
+ if (rsa == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_RSA_PKEY);
+ goto f_err;
+
+ }
+ }
+ else
+ {
+ pkey=s->cert->pkeys[SSL_PKEY_RSA_ENC].privatekey;
+ if ( (pkey == NULL) ||
+ (pkey->type != EVP_PKEY_RSA) ||
+ (pkey->pkey.rsa == NULL))
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_RSA_CERTIFICATE);
+ goto f_err;
+ }
+ rsa=pkey->pkey.rsa;
+ }
+
+ i=RSA_private_decrypt((int)n,p,p,rsa,RSA_PKCS1_PADDING);
+#if 1
+ /* If a bad decrypt, use a dud master key */
+ if ((i != SSL_MAX_MASTER_KEY_LENGTH) ||
+ (p[0] != 3) ||
+ (p[1] != 0))
+ {
+ p[0]=3;
+ p[1]=0;
+ RAND_bytes(&(p[2]),SSL_MAX_MASTER_KEY_LENGTH-2);
+ i=SSL_MAX_MASTER_KEY_LENGTH;
+ }
+#else
+ if (i != SSL_MAX_MASTER_KEY_LENGTH)
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+
+ if ((p[0] != (s->version>>8)) || (p[1] != (s->version & 0xff)))
+ {
+ al=SSL_AD_DECODE_ERROR;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BAD_PROTOCOL_VERSION_NUMBER);
+ goto f_err;
+ }
+#endif
+
+ s->session->master_key_length=
+ ssl3_generate_master_secret(s,
+ s->session->master_key,
+ p,i);
+ memset(p,0,i);
+ }
+ else
+#endif
+#ifndef NO_DH
+ if (l & (SSL_kEDH|SSL_kDHr|SSL_kDHd))
+ {
+
+ n2s(p,i);
+ if (n != i+2)
+ {
+ if (!(s->ctx->options & SSL_OP_SSLEAY_080_CLIENT_DH_BUG))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG);
+ goto err;
+ }
+ else
+ {
+ p-=2;
+ i=(int)n;
+ }
+ }
+
+ if (n == 0L) /* the parameters are in the cert */
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNABLE_TO_DECODE_DH_CERTS);
+ goto f_err;
+ }
+ else
+ {
+ if (s->s3->tmp.dh == NULL)
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_MISSING_TMP_DH_KEY);
+ goto f_err;
+ }
+ else
+ dh_srvr=s->s3->tmp.dh;
+ }
+
+ pub=BN_bin2bn(p,i,NULL);
+ if (pub == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_BN_LIB);
+ goto err;
+ }
+ i=DH_compute_key(p,pub,dh_srvr);
+
+ if (i <= 0)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,ERR_R_DH_LIB);
+ goto err;
+ }
+
+ DH_free(s->s3->tmp.dh);
+ s->s3->tmp.dh=NULL;
+
+ BN_clear_free(pub);
+ pub=NULL;
+ s->session->master_key_length=
+ ssl3_generate_master_secret(s,
+ s->session->master_key,p,i);
+ }
+ else
+#endif
+ {
+ al=SSL3_AD_HANDSHAKE_FAILURE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,SSL_R_UNKNOWN_CIPHER_TYPE);
+ goto f_err;
+ }
+
+ return(1);
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+err:
+ return(-1);
+ }
+
+static int ssl3_get_cert_verify(s)
+SSL *s;
+ {
+ EVP_PKEY *pkey=NULL;
+ unsigned char *p;
+ int al,ok,ret=0;
+ long n;
+ int type=0,i,j;
+ X509 *peer;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_CERT_VRFY_A,
+ SSL3_ST_SR_CERT_VRFY_B,
+ -1,
+ 512, /* 512? */
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->session->peer != NULL)
+ {
+ peer=s->session->peer;
+ pkey=X509_get_pubkey(peer);
+ type=X509_certificate_type(peer,pkey);
+ }
+ else
+ {
+ peer=NULL;
+ pkey=NULL;
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE_VERIFY)
+ {
+ s->s3->tmp.reuse_message=1;
+ if ((peer != NULL) && (type | EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_MISSING_VERIFY_MESSAGE);
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+ ret=1;
+ goto end;
+ }
+
+ if (peer == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_NO_CLIENT_CERT_RECEIVED);
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+
+ if (!(type & EVP_PKT_SIGN))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE);
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+ if (s->s3->change_cipher_spec)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_CCS_RECEIVED_EARLY);
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ goto f_err;
+ }
+
+ /* we now have a signature that we need to verify */
+ p=(unsigned char *)s->init_buf->data;
+ n2s(p,i);
+ n-=2;
+ if (i > n)
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_LENGTH_MISMATCH);
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+ j=EVP_PKEY_size(pkey);
+ if ((i > j) || (n > j) || (n <= 0))
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_WRONG_SIGNATURE_SIZE);
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ goto f_err;
+ }
+
+#ifndef NO_RSA
+ if (pkey->type == EVP_PKEY_RSA)
+ {
+ i=RSA_public_decrypt(i,p,p,pkey->pkey.rsa,RSA_PKCS1_PADDING);
+ if (i < 0)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_DECRYPT);
+ goto f_err;
+ }
+ if ((i != (MD5_DIGEST_LENGTH+SHA_DIGEST_LENGTH)) ||
+ memcmp(&(s->s3->tmp.finish_md1[0]),
+ p,MD5_DIGEST_LENGTH) ||
+ memcmp(&(s->s3->tmp.finish_md2[0]),
+ &(p[MD5_DIGEST_LENGTH]),SHA_DIGEST_LENGTH))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_RSA_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+#ifndef NO_DSA
+ if (pkey->type == EVP_PKEY_DSA)
+ {
+ j=DSA_verify(pkey->save_type,s->s3->tmp.finish_md2,
+ SHA_DIGEST_LENGTH,p,i,pkey->pkey.dsa);
+ if (j <= 0)
+ {
+ /* bad signature */
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_BAD_DSA_SIGNATURE);
+ goto f_err;
+ }
+ }
+ else
+#endif
+ {
+ SSLerr(SSL_F_SSL3_GET_CERT_VERIFY,SSL_R_INTERNAL_ERROR);
+ al=SSL3_AD_UNSUPPORTED_CERTIFICATE;
+ goto f_err;
+ }
+
+
+ ret=1;
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+end:
+ return(ret);
+ }
+
+static int ssl3_get_client_certificate(s)
+SSL *s;
+ {
+ int i,ok,al,ret= -1;
+ X509 *x=NULL;
+ unsigned long l,nc,llen,n;
+ unsigned char *p,*d,*q;
+ STACK *sk=NULL;
+
+ n=ssl3_get_message(s,
+ SSL3_ST_SR_CERT_A,
+ SSL3_ST_SR_CERT_B,
+ -1,
+#if defined(MSDOS) && !defined(WIN32)
+ 1024*30, /* 30k max cert list :-) */
+#else
+ 1024*100, /* 100k max cert list :-) */
+#endif
+ &ok);
+
+ if (!ok) return((int)n);
+
+ if (s->s3->tmp.message_type == SSL3_MT_CLIENT_KEY_EXCHANGE)
+ {
+ if ( (s->verify_mode & SSL_VERIFY_PEER) &&
+ (s->verify_mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE);
+ al=SSL3_AD_NO_CERTIFICATE;
+ goto f_err;
+ }
+ s->s3->tmp.reuse_message=1;
+ return(1);
+ }
+
+ if (s->s3->tmp.message_type != SSL3_MT_CERTIFICATE)
+ {
+ al=SSL3_AD_UNEXPECTED_MESSAGE;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_WRONG_MESSAGE_TYPE);
+ goto f_err;
+ }
+ d=p=(unsigned char *)s->init_buf->data;
+
+ if ((sk=sk_new_null()) == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ n2l3(p,llen);
+ if (llen+3 != n)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ for (nc=0; nc<llen; )
+ {
+ n2l3(p,l);
+ if ((l+nc+3) > llen)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+
+ q=p;
+ x=d2i_X509(NULL,&p,l);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_ASN1_LIB);
+ goto err;
+ }
+ if (p != (q+l))
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_CERT_LENGTH_MISMATCH);
+ goto f_err;
+ }
+ if (!sk_push(sk,(char *)x))
+ {
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ x=NULL;
+ nc+=l+3;
+ }
+
+ if (sk_num(sk) <= 0)
+ {
+ al=SSL3_AD_ILLEGAL_PARAMETER;
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATES_PASSED);
+ goto f_err;
+ }
+ i=ssl_verify_cert_chain(s,sk);
+ if (!i)
+ {
+ al=ssl_verify_alarm_type(s->verify_result);
+ SSLerr(SSL_F_SSL3_GET_CLIENT_CERTIFICATE,SSL_R_NO_CERTIFICATE_RETURNED);
+ goto f_err;
+ }
+
+ /* This should not be needed */
+ if (s->session->peer != NULL)
+ X509_free(s->session->peer);
+
+ s->session->peer=(X509 *)sk_shift(sk);
+
+ ret=1;
+ if (0)
+ {
+f_err:
+ ssl3_send_alert(s,SSL3_AL_FATAL,al);
+ }
+err:
+ if (x != NULL) X509_free(x);
+ if (sk != NULL) sk_pop_free(sk,X509_free);
+ return(ret);
+ }
+
+int ssl3_send_server_certificate(s)
+SSL *s;
+ {
+ unsigned long l;
+ X509 *x;
+
+ if (s->state == SSL3_ST_SW_CERT_A)
+ {
+ x=ssl_get_server_send_cert(s);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL3_SEND_SERVER_CERTIFICATE,SSL_R_INTERNAL_ERROR);
+ return(0);
+ }
+
+ l=ssl3_output_cert_chain(s,x);
+ s->state=SSL3_ST_SW_CERT_B;
+ s->init_num=(int)l;
+ s->init_off=0;
+ }
+
+ /* SSL3_ST_SW_CERT_B */
+ return(ssl3_do_write(s,SSL3_RT_HANDSHAKE));
+ }
diff --git a/ssl/ssl.c b/ssl/ssl.c
new file mode 100644
index 0000000..fcc29b0
--- /dev/null
+++ b/ssl/ssl.c
@@ -0,0 +1,162 @@
+/* ssl/ssl.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#define USE_SOCKETS
+#include "../e_os.h"
+
+#include "buffer.h"
+#include "stack.h"
+#include "lhash.h"
+
+#include "bio.h"
+#include "err.h"
+
+#include "bn.h"
+
+#include "rand.h"
+#include "conf.h"
+#include "txt_db.h"
+
+#include "err.h"
+#include "evp.h"
+
+#include "x509.h"
+#include "pkcs7.h"
+#include "pem.h"
+#include "asn1.h"
+#include "objects.h"
+
+#include "ssl_locl.h"
+
+#if !(BUILD_SSLV23) && !defined(BUILD_SSLV2) && !defined(BUILD_SSLV3) && !defined(BUILD_SSL_COMMON) && !defined(BUILD_SSL_BIO) && !defined(BUILD_SSL_OPTIONAL)
+#define BUILD_SSLV23
+#define BUILD_SSLV2
+#define BUILD_SSLV3
+#define BUILD_SSL_COMMON
+#define BUILD_SSL_BIO
+#define BUILD_SSL_OPTIONAL
+#endif
+
+#ifdef NO_RSA
+#undef BUILD_SSLV2
+#undef BUILD_SSLV23
+#endif
+
+#ifdef NO_SSL2
+#undef BUILD_SSLV2
+#undef BUILD_SSLV23
+#endif
+
+#ifdef NO_SSL3
+#undef BUILD_SSL3
+#undef BUILD_SSLV23
+#endif
+
+#ifdef BUILD_SSLV23
+#include "s23_clnt.c"
+#include "s23_srvr.c"
+#include "s23_pkt.c"
+#include "s23_lib.c"
+#include "s23_meth.c"
+#endif
+
+#ifdef BUILD_SSLV2
+#include "s2_clnt.c"
+#include "s2_srvr.c"
+#include "s2_pkt.c"
+#include "s2_enc.c"
+#include "s2_lib.c"
+#include "s2_meth.c"
+#endif
+
+#ifdef BUILD_SSLV3
+#include "s3_clnt.c"
+#include "s3_both.c"
+#include "s3_srvr.c"
+#include "s3_pkt.c"
+#include "s3_enc.c"
+#include "s3_lib.c"
+#include "s3_meth.c"
+#endif
+
+#ifdef BUILD_SSL_COMMON
+#include "ssl_lib.c"
+#include "ssl_algs.c"
+#include "ssl_cert.c"
+#include "ssl_ciph.c"
+#include "ssl_sess.c"
+#include "ssl_rsa.c"
+#endif
+
+/* Extra things */
+#ifdef BUILD_SSL_BIO
+#include "bio_ssl.c"
+#endif
+
+#ifdef BUILD_SSL_OPTIONAL
+#include "ssl_asn1.c"
+#include "ssl_txt.c"
+#include "ssl_stat.c"
+#include "ssl_err.c"
+#include "ssl_err2.c"
+#endif
+
diff --git a/ssl/ssl.err b/ssl/ssl.err
new file mode 100644
index 0000000..f3bc5d3
--- /dev/null
+++ b/ssl/ssl.err
@@ -0,0 +1,272 @@
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+#define SSL_F_CLIENT_CERTIFICATE 100
+#define SSL_F_CLIENT_HELLO 101
+#define SSL_F_CLIENT_MASTER_KEY 102
+#define SSL_F_D2I_SSL_SESSION 103
+#define SSL_F_DO_SSL3_WRITE 104
+#define SSL_F_GET_CLIENT_FINISHED 105
+#define SSL_F_GET_CLIENT_HELLO 106
+#define SSL_F_GET_CLIENT_MASTER_KEY 107
+#define SSL_F_GET_SERVER_FINISHED 108
+#define SSL_F_GET_SERVER_HELLO 109
+#define SSL_F_GET_SERVER_VERIFY 110
+#define SSL_F_I2D_SSL_SESSION 111
+#define SSL_F_READ_N 112
+#define SSL_F_REQUEST_CERTIFICATE 113
+#define SSL_F_SERVER_HELLO 114
+#define SSL_F_SSL23_ACCEPT 115
+#define SSL_F_SSL23_CLIENT_HELLO 116
+#define SSL_F_SSL23_CONNECT 117
+#define SSL_F_SSL23_GET_CLIENT_HELLO 118
+#define SSL_F_SSL23_GET_SERVER_HELLO 119
+#define SSL_F_SSL23_READ 120
+#define SSL_F_SSL23_WRITE 121
+#define SSL_F_SSL2_ACCEPT 122
+#define SSL_F_SSL2_CONNECT 123
+#define SSL_F_SSL2_ENC_INIT 124
+#define SSL_F_SSL2_READ 125
+#define SSL_F_SSL2_SET_CERTIFICATE 126
+#define SSL_F_SSL2_WRITE 127
+#define SSL_F_SSL3_ACCEPT 128
+#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+#define SSL_F_SSL3_CLIENT_HELLO 131
+#define SSL_F_SSL3_CONNECT 132
+#define SSL_F_SSL3_CTX_CTRL 133
+#define SSL_F_SSL3_ENC 134
+#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
+#define SSL_F_SSL3_GET_CERT_VERIFY 136
+#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
+#define SSL_F_SSL3_GET_CLIENT_HELLO 138
+#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
+#define SSL_F_SSL3_GET_FINISHED 140
+#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
+#define SSL_F_SSL3_GET_MESSAGE 142
+#define SSL_F_SSL3_GET_RECORD 143
+#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
+#define SSL_F_SSL3_GET_SERVER_DONE 145
+#define SSL_F_SSL3_GET_SERVER_HELLO 146
+#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+#define SSL_F_SSL3_READ_BYTES 148
+#define SSL_F_SSL3_READ_N 149
+#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
+#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
+#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
+#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
+#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
+#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
+#define SSL_F_SSL3_SETUP_BUFFERS 156
+#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+#define SSL_F_SSL3_WRITE_BYTES 158
+#define SSL_F_SSL3_WRITE_PENDING 159
+#define SSL_F_SSL_BAD_METHOD 160
+#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+#define SSL_F_SSL_CERT_NEW 162
+#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
+#define SSL_F_SSL_CREATE_CIPHER_LIST 164
+#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 165
+#define SSL_F_SSL_CTX_NEW 166
+#define SSL_F_SSL_CTX_SET_SSL_VERSION 167
+#define SSL_F_SSL_CTX_USE_CERTIFICATE 168
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 169
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 170
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY 171
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 172
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 173
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 174
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 175
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 176
+#define SSL_F_SSL_DO_HANDSHAKE 177
+#define SSL_F_SSL_GET_NEW_SESSION 178
+#define SSL_F_SSL_GET_SERVER_SEND_CERT 179
+#define SSL_F_SSL_GET_SIGN_PKEY 180
+#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 181
+#define SSL_F_SSL_NEW 182
+#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 183
+#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 184
+#define SSL_F_SSL_SESSION_NEW 185
+#define SSL_F_SSL_SESSION_PRINT_FP 186
+#define SSL_F_SSL_SET_FD 187
+#define SSL_F_SSL_SET_PKEY 188
+#define SSL_F_SSL_SET_RFD 189
+#define SSL_F_SSL_SET_SESSION 190
+#define SSL_F_SSL_SET_WFD 191
+#define SSL_F_SSL_UNDEFINED_FUNCTION 192
+#define SSL_F_SSL_USE_CERTIFICATE 193
+#define SSL_F_SSL_USE_CERTIFICATE_ASN1 194
+#define SSL_F_SSL_USE_CERTIFICATE_FILE 195
+#define SSL_F_SSL_USE_PRIVATEKEY 196
+#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 197
+#define SSL_F_SSL_USE_PRIVATEKEY_FILE 198
+#define SSL_F_SSL_USE_RSAPRIVATEKEY 199
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 200
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 201
+#define SSL_F_SSL_WRITE 202
+#define SSL_F_WRITE_PENDING 203
+
+/* Reason codes. */
+#define SSL_R_APP_DATA_IN_HANDSHAKE 100
+#define SSL_R_BAD_ALERT_RECORD 101
+#define SSL_R_BAD_AUTHENTICATION_TYPE 102
+#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+#define SSL_R_BAD_CHECKSUM 104
+#define SSL_R_BAD_CLIENT_REQUEST 105
+#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+#define SSL_R_BAD_DECOMPRESSION 107
+#define SSL_R_BAD_DH_G_LENGTH 108
+#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
+#define SSL_R_BAD_DH_P_LENGTH 110
+#define SSL_R_BAD_DIGEST_LENGTH 111
+#define SSL_R_BAD_DSA_SIGNATURE 112
+#define SSL_R_BAD_MAC_DECODE 113
+#define SSL_R_BAD_MESSAGE_TYPE 114
+#define SSL_R_BAD_PACKET_LENGTH 115
+#define SSL_R_BAD_RESPONSE_ARGUMENT 116
+#define SSL_R_BAD_RSA_DECRYPT 117
+#define SSL_R_BAD_RSA_ENCRYPT 118
+#define SSL_R_BAD_RSA_E_LENGTH 119
+#define SSL_R_BAD_RSA_MODULUS_LENGTH 120
+#define SSL_R_BAD_RSA_SIGNATURE 121
+#define SSL_R_BAD_SIGNATURE 122
+#define SSL_R_BAD_SSL_FILETYPE 123
+#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 124
+#define SSL_R_BAD_STATE 125
+#define SSL_R_BAD_WRITE_RETRY 126
+#define SSL_R_BIO_NOT_SET 127
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 128
+#define SSL_R_BN_LIB 129
+#define SSL_R_CA_DN_LENGTH_MISMATCH 130
+#define SSL_R_CA_DN_TOO_LONG 131
+#define SSL_R_CCS_RECEIVED_EARLY 132
+#define SSL_R_CERTIFICATE_VERIFY_FAILED 133
+#define SSL_R_CERT_LENGTH_MISMATCH 134
+#define SSL_R_CHALLENGE_IS_DIFFERENT 135
+#define SSL_R_CIPHER_CODE_WRONG_LENGTH 136
+#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 137
+#define SSL_R_CIPHER_TABLE_SRC_ERROR 138
+#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 139
+#define SSL_R_COMPRESSION_FAILURE 140
+#define SSL_R_CONNECTION_ID_IS_DIFFERENT 141
+#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 142
+#define SSL_R_DATA_LENGTH_TOO_LONG 143
+#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 144
+#define SSL_R_DIGEST_CHECK_FAILED 145
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 146
+#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 147
+#define SSL_R_EXCESSIVE_MESSAGE_SIZE 148
+#define SSL_R_EXTRA_DATA_IN_MESSAGE 149
+#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 150
+#define SSL_R_INTERNAL_ERROR 151
+#define SSL_R_INVALID_CHALLENGE_LENGTH 152
+#define SSL_R_LENGTH_MISMATCH 153
+#define SSL_R_LENGTH_TOO_SHORT 154
+#define SSL_R_LIBRARY_HAS_NO_CIPHERS 155
+#define SSL_R_MISSING_DH_DSA_CERT 156
+#define SSL_R_MISSING_DH_KEY 157
+#define SSL_R_MISSING_DH_RSA_CERT 158
+#define SSL_R_MISSING_DSA_SIGNING_CERT 159
+#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 160
+#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 161
+#define SSL_R_MISSING_RSA_CERTIFICATE 162
+#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 163
+#define SSL_R_MISSING_RSA_SIGNING_CERT 164
+#define SSL_R_MISSING_TMP_DH_KEY 165
+#define SSL_R_MISSING_TMP_RSA_KEY 166
+#define SSL_R_MISSING_TMP_RSA_PKEY 167
+#define SSL_R_MISSING_VERIFY_MESSAGE 168
+#define SSL_R_NON_SSLV2_INITIAL_PACKET 169
+#define SSL_R_NO_CERTIFICATES_PASSED 170
+#define SSL_R_NO_CERTIFICATE_ASSIGNED 171
+#define SSL_R_NO_CERTIFICATE_RETURNED 172
+#define SSL_R_NO_CERTIFICATE_SET 173
+#define SSL_R_NO_CERTIFICATE_SPECIFIED 174
+#define SSL_R_NO_CIPHERS_AVAILABLE 175
+#define SSL_R_NO_CIPHERS_PASSED 176
+#define SSL_R_NO_CIPHERS_SPECIFIED 177
+#define SSL_R_NO_CIPHER_LIST 178
+#define SSL_R_NO_CIPHER_MATCH 179
+#define SSL_R_NO_CLIENT_CERT_RECEIVED 180
+#define SSL_R_NO_COMPRESSION_SPECIFIED 181
+#define SSL_R_NO_PRIVATEKEY 182
+#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 183
+#define SSL_R_NO_PUBLICKEY 184
+#define SSL_R_NO_SHARED_CIPHER 185
+#define SSL_R_NULL_SSL_CTX 186
+#define SSL_R_NULL_SSL_METHOD_PASSED 187
+#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 188
+#define SSL_R_PACKET_LENGTH_TOO_LONG 189
+#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 190
+#define SSL_R_PEER_ERROR 191
+#define SSL_R_PEER_ERROR_CERTIFICATE 192
+#define SSL_R_PEER_ERROR_NO_CERTIFICATE 193
+#define SSL_R_PEER_ERROR_NO_CIPHER 194
+#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 195
+#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 196
+#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 197
+#define SSL_R_PROTOCOL_IS_SHUTDOWN 198
+#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 199
+#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 200
+#define SSL_R_PUBLIC_KEY_NOT_RSA 201
+#define SSL_R_READ_BIO_NOT_SET 202
+#define SSL_R_READ_WRONG_PACKET_TYPE 203
+#define SSL_R_RECORD_LENGTH_MISMATCH 204
+#define SSL_R_RECORD_TOO_LARGE 205
+#define SSL_R_REQUIRED_CIPHER_MISSING 206
+#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 207
+#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 208
+#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 209
+#define SSL_R_SHORT_READ 210
+#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 211
+#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 212
+#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
+#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
+#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
+#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
+#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
+#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 213
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 214
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 215
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 216
+#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 217
+#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
+#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 218
+#define SSL_R_SSL_HANDSHAKE_FAILURE 219
+#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 220
+#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 221
+#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 222
+#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 223
+#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 224
+#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 225
+#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 226
+#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 227
+#define SSL_R_UNEXPECTED_MESSAGE 228
+#define SSL_R_UNEXPECTED_RECORD 229
+#define SSL_R_UNKNOWN_ALERT_TYPE 230
+#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 231
+#define SSL_R_UNKNOWN_CIPHER_RETURNED 232
+#define SSL_R_UNKNOWN_CIPHER_TYPE 233
+#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 234
+#define SSL_R_UNKNOWN_PKEY_TYPE 235
+#define SSL_R_UNKNOWN_PROTOCOL 236
+#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 237
+#define SSL_R_UNKNOWN_SSL_VERSION 238
+#define SSL_R_UNKNOWN_STATE 239
+#define SSL_R_UNSUPPORTED_CIPHER 240
+#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 241
+#define SSL_R_UNSUPPORTED_SSL_VERSION 242
+#define SSL_R_WRITE_BIO_NOT_SET 243
+#define SSL_R_WRONG_CIPHER_RETURNED 244
+#define SSL_R_WRONG_MESSAGE_TYPE 245
+#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 246
+#define SSL_R_WRONG_SIGNATURE_LENGTH 247
+#define SSL_R_WRONG_SIGNATURE_SIZE 248
+#define SSL_R_WRONG_SSL_VERSION 249
+#define SSL_R_WRONG_VERSION_NUMBER 250
+#define SSL_R_X509_LIB 251
diff --git a/ssl/ssl.h b/ssl/ssl.h
new file mode 100644
index 0000000..594295d
--- /dev/null
+++ b/ssl/ssl.h
@@ -0,0 +1,1290 @@
+/* ssl/ssl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL_H
+#define HEADER_SSL_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* SSLeay version number for ASN.1 encoding of the session information */
+/* Version 0 - initial version
+ * Version 1 - added the optional peer certificate
+ */
+#define SSL_SESSION_ASN1_VERSION 0x0001
+
+/* text strings for the ciphers */
+#define SSL_TXT_NULL_WITH_MD5 SSL2_TXT_NULL_WITH_MD5
+#define SSL_TXT_RC4_128_WITH_MD5 SSL2_TXT_RC4_128_WITH_MD5
+#define SSL_TXT_RC4_128_EXPORT40_WITH_MD5 SSL2_TXT_RC4_128_EXPORT40_WITH_MD5
+#define SSL_TXT_RC2_128_CBC_WITH_MD5 SSL2_TXT_RC2_128_CBC_WITH_MD5
+#define SSL_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5
+#define SSL_TXT_IDEA_128_CBC_WITH_MD5 SSL2_TXT_IDEA_128_CBC_WITH_MD5
+#define SSL_TXT_DES_64_CBC_WITH_MD5 SSL2_TXT_DES_64_CBC_WITH_MD5
+#define SSL_TXT_DES_64_CBC_WITH_SHA SSL2_TXT_DES_64_CBC_WITH_SHA
+#define SSL_TXT_DES_192_EDE3_CBC_WITH_MD5 SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5
+#define SSL_TXT_DES_192_EDE3_CBC_WITH_SHA SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA
+
+#define SSL_MAX_SSL_SESSION_ID_LENGTH 32
+
+#define SSL_MIN_RSA_MODULUS_LENGTH_IN_BYTES (512/8)
+#define SSL_MAX_KEY_ARG_LENGTH 8
+#define SSL_MAX_MASTER_KEY_LENGTH 48
+
+/* These are used to specify which ciphers to use and not to use */
+#define SSL_TXT_LOW "LOW"
+#define SSL_TXT_MEDIUM "MEDIUM"
+#define SSL_TXT_HIGH "HIGH"
+#define SSL_TXT_kFZA "kFZA"
+#define SSL_TXT_aFZA "aFZA"
+#define SSL_TXT_eFZA "eFZA"
+#define SSL_TXT_FZA "FZA"
+
+#define SSL_TXT_aNULL "aNULL"
+#define SSL_TXT_eNULL "eNULL"
+#define SSL_TXT_NULL "NULL"
+
+#define SSL_TXT_kRSA "kRSA"
+#define SSL_TXT_kDHr "kDHr"
+#define SSL_TXT_kDHd "kDHd"
+#define SSL_TXT_kEDH "kEDH"
+#define SSL_TXT_aRSA "aRSA"
+#define SSL_TXT_aDSS "aDSS"
+#define SSL_TXT_aDH "aDH"
+#define SSL_TXT_DSS "DSS"
+#define SSL_TXT_DH "DH"
+#define SSL_TXT_EDH "EDH"
+#define SSL_TXT_ADH "ADH"
+#define SSL_TXT_RSA "RSA"
+#define SSL_TXT_DES "DES"
+#define SSL_TXT_3DES "3DES"
+#define SSL_TXT_RC4 "RC4"
+#define SSL_TXT_RC2 "RC2"
+#define SSL_TXT_IDEA "IDEA"
+#define SSL_TXT_MD5 "MD5"
+#define SSL_TXT_SHA0 "SHA0"
+#define SSL_TXT_SHA1 "SHA1"
+#define SSL_TXT_SHA "SHA"
+#define SSL_TXT_EXP "EXP"
+#define SSL_TXT_EXPORT "EXPORT"
+#define SSL_TXT_SSLV2 "SSLv2"
+#define SSL_TXT_SSLV3 "SSLv3"
+#define SSL_TXT_ALL "ALL"
+
+/* 'DEFAULT' at the start of the cipher list insert the following string
+ * in addition to this being the default cipher string */
+#ifndef NO_RSA
+#define SSL_DEFAULT_CIPHER_LIST "!ADH:RC4+RSA:HIGH:MEDIUM:LOW:EXP:+SSLv2:+EXP"
+#else
+#define SSL_ALLOW_ADH
+#define SSL_DEFAULT_CIPHER_LIST "HIGH:MEDIUM:LOW:ADH+3DES:ADH+RC4:ADH+DES:+EXP"
+#endif
+
+#define SSL_SENT_SHUTDOWN 1
+#define SSL_RECEIVED_SHUTDOWN 2
+#define SSL_CTX_set_quiet_shutdown(ctx,y) ((ctx)->quiet_shutdown=(y));
+#define SSL_CTX_get_quiet_shutdown(ctx) ((ctx)->quiet_shutdown);
+#define SSL_set_quiet_shutdown(s,y) ((s)->quiet_shutdown=(y));
+#define SSL_get_quiet_shutdown(s) ((s)->quiet_shutdown);
+#define SSL_set_shutdown(s,mode) ((s)->shutdown=(mode))
+#define SSL_get_shutdown(s) ((s)->shutdown)
+#define SSL_version(s) ((s)->version)
+
+#include "buffer.h"
+#include "bio.h"
+#include "x509.h"
+
+#define SSL_FILETYPE_ASN1 X509_FILETYPE_ASN1
+#define SSL_FILETYPE_PEM X509_FILETYPE_PEM
+
+typedef struct ssl_st *ssl_crock_st;
+
+/* used to hold info on the particular ciphers used */
+typedef struct ssl_cipher_st
+ {
+ int valid;
+ char *name; /* text name */
+ unsigned long id; /* id, 4 bytes, first is version */
+ unsigned long algorithms; /* what ciphers are used */
+ unsigned long algorithm2; /* Extra flags */
+ unsigned long mask; /* used for matching */
+ } SSL_CIPHER;
+
+/* Used to hold functions for SSLv2 or SSLv3 functions */
+typedef struct ssl_method_st
+ {
+ int version;
+ int (*ssl_new)();
+ void (*ssl_clear)();
+ void (*ssl_free)();
+ int (*ssl_accept)();
+ int (*ssl_connect)();
+ int (*ssl_read)();
+ int (*ssl_peek)();
+ int (*ssl_write)();
+ int (*ssl_shutdown)();
+ int (*ssl_renegotiate)();
+ long (*ssl_ctrl)();
+ long (*ssl_ctx_ctrl)();
+ SSL_CIPHER *(*get_cipher_by_char)();
+ int (*put_cipher_by_char)();
+ int (*ssl_pending)();
+ int (*num_ciphers)();
+ SSL_CIPHER *(*get_cipher)();
+ struct ssl_method_st *(*get_ssl_method)();
+ long (*get_timeout)();
+ } SSL_METHOD;
+
+typedef struct ssl_compression_st
+ {
+ char *stuff;
+ } SSL_COMPRESSION;
+
+/* Lets make this into an ASN.1 type structure as follows
+ * SSL_SESSION_ID ::= SEQUENCE {
+ * version INTEGER, -- structure version number
+ * SSLversion INTEGER, -- SSL version number
+ * Cipher OCTET_STRING, -- the 3 byte cipher ID
+ * Session_ID OCTET_STRING, -- the Session ID
+ * Master_key OCTET_STRING, -- the master key
+ * Key_Arg [ 0 ] IMPLICIT OCTET_STRING, -- the optional Key argument
+ * Time [ 1 ] EXPLICIT INTEGER, -- optional Start Time
+ * Timeout [ 2 ] EXPLICIT INTEGER, -- optional Timeout ins seconds
+ * Peer [ 3 ] EXPLICIT X509, -- optional Peer Certificate
+ * }
+ * Look in ssl/ssl_asn1.c for more details
+ * I'm using EXPLICIT tags so I can read the damn things using asn1parse :-).
+ */
+typedef struct ssl_session_st
+ {
+ int ssl_version; /* what ssl version session info is
+ * being kept in here? */
+
+ /* only really used in SSLv2 */
+ unsigned int key_arg_length;
+ unsigned char key_arg[SSL_MAX_KEY_ARG_LENGTH];
+ int master_key_length;
+ unsigned char master_key[SSL_MAX_MASTER_KEY_LENGTH];
+ /* session_id - valid? */
+ unsigned int session_id_length;
+ unsigned char session_id[SSL_MAX_SSL_SESSION_ID_LENGTH];
+
+ int not_resumable;
+
+ /* The cert is the certificate used to establish this connection */
+ struct cert_st /* CERT */ *cert;
+
+ /* This is the cert for the other end. On servers, it will be
+ * the same as cert->x509 */
+ X509 *peer;
+
+ int references;
+ long timeout;
+ long time;
+
+ SSL_COMPRESSION *read_compression;
+ SSL_COMPRESSION *write_compression;
+
+ SSL_CIPHER *cipher;
+ unsigned long cipher_id; /* when ASN.1 loaded, this
+ * needs to be used to load
+ * the 'cipher' structure */
+
+ STACK /* SSL_CIPHER */ *ciphers; /* shared ciphers? */
+
+ char *app_data; /* application specific data */
+ } SSL_SESSION;
+
+#define SSL_OP_MICROSOFT_SESS_ID_BUG 0x00000001L
+#define SSL_OP_NETSCAPE_CHALLENGE_BUG 0x00000002L
+#define SSL_OP_NETSCAPE_CA_DN_BUG 0x00000004L
+#define SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG 0x00000008L
+#define SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG 0x00000010L
+#define SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER 0x00000020L
+#define SSL_OP_MSIE_SSLV2_RSA_PADDING 0x00000040L
+#define SSL_OP_SSLEAY_080_CLIENT_DH_BUG 0x00000080L
+
+/* If set, only use tmp_dh parameters once */
+#define SSL_OP_SINGLE_DH_USE 0x00100000L
+/* Set to also use the tmp_rsa key when doing RSA operations. */
+#define SSL_OP_EPHEMERAL_RSA 0x00200000L
+
+#define SSL_OP_NON_EXPORT_FIRST 0x40000000L
+#define SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG 0x80000000L
+#define SSL_OP_ALL 0x000FFFFFL
+
+#define SSL_CTX_set_options(ctx,op) ((ctx)->options|=(op))
+
+/* Normally you will only use these if your application wants to use
+ * the certificate store in other places, perhaps PKCS7 */
+#define SSL_CTX_get_cert_store(ctx) ((ctx)->cert_store)
+#define SSL_CTX_set_cert_store(ctx,cs) \
+ (X509_STORE_free((ctx)->cert_store),(ctx)->cert_store=(cs))
+
+
+typedef struct ssl_ctx_st
+ {
+ SSL_METHOD *method;
+ unsigned long options;
+
+ STACK /* SSL_CIPHER */ *cipher_list;
+ /* same as above but sorted for lookup */
+ STACK /* SSL_CIPHER */ *cipher_list_by_id;
+
+ struct x509_store_st /* X509_STORE */ *cert_store;
+ struct lhash_st /* LHASH */ *sessions; /* a set of SSL_SESSION's */
+
+ /* This can have one of 2 values, ored together,
+ * SSL_SESS_CACHE_CLIENT,
+ * SSL_SESS_CACHE_SERVER,
+ * Default is SSL_SESSION_CACHE_SERVER, which means only
+ * SSL_accept which cache SSL_SESSIONS. */
+ int session_cache_mode;
+
+ /* If timeout is not 0, it is the default timeout value set
+ * when SSL_new() is called. This has been put in to make
+ * life easier to set things up */
+ long session_timeout;
+
+ /* If this callback is not null, it will be called each
+ * time a session id is added to the cache. If this function
+ * returns 1, it means that the callback will do a
+ * SSL_SESSION_free() when it has finished using it. Otherwise,
+ * on 0, it means the callback has finished with it.
+ * If remove_session_cb is not null, it will be called when
+ * a session-id is removed from the cache. Again, a return
+ * of 0 mens that SSLeay should not SSL_SESSION_free() since
+ * the application is doing something with it. */
+#ifndef NOPROTO
+ int (*new_session_cb)(struct ssl_st *ssl,SSL_SESSION *sess);
+ void (*remove_session_cb)(struct ssl_ctx_st *ctx,SSL_SESSION *sess);
+ SSL_SESSION *(*get_session_cb)(struct ssl_st *ssl,
+ unsigned char *data,int len,int *copy);
+#else
+ int (*new_session_cb)();
+ void (*remove_session_cb)();
+ SSL_SESSION *(*get_session_cb)();
+#endif
+
+ int sess_connect; /* SSL new (expensive) connection - started */
+ int sess_connect_good; /* SSL new (expensive) connection - finished */
+ int sess_accept; /* SSL new (expensive) accept - started */
+ int sess_accept_good; /* SSL new (expensive) accept - finished */
+ int sess_miss; /* session lookup misses */
+ int sess_timeout; /* session reuse attempt on timeouted session */
+ int sess_hit; /* session reuse actually done */
+ int sess_cb_hit; /* session-id that was not in the cache was
+ * passed back via the callback. This
+ * indicates that the application is supplying
+ * session-id's from other processes -
+ * spooky :-) */
+
+ int references;
+
+ void (*info_callback)();
+
+ /* if defined, these override the X509_verify_cert() calls */
+ int (*app_verify_callback)();
+ char *app_verify_arg;
+
+ /* default values to use in SSL structures */
+ struct cert_st /* CERT */ *default_cert;
+ int default_read_ahead;
+ int default_verify_mode;
+ int (*default_verify_callback)();
+
+ /* Default password callback. */
+ int (*default_passwd_callback)();
+
+ /* get client cert callback */
+ int (*client_cert_cb)(/* SSL *ssl, X509 **x509, EVP_PKEY **pkey */);
+
+ /* what we put in client requests */
+ STACK *client_CA;
+
+ int quiet_shutdown;
+
+ char *app_data;
+ } SSL_CTX;
+
+#define SSL_SESS_CACHE_OFF 0x00
+#define SSL_SESS_CACHE_CLIENT 0x01
+#define SSL_SESS_CACHE_SERVER 0x02
+#define SSL_SESS_CACHE_BOTH (SSL_SESS_CACHE_CLIENT|SSL_SESS_CACHE_SERVER)
+#define SSL_SESS_CACHE_NO_AUTO_CLEAR 0x80
+
+#define SSL_session_reused(s) ((s)->hit)
+
+#define SSL_CTX_sessions(ctx) ((ctx)->sessions)
+/* You will need to include lhash.h to access the following #define */
+#define SSL_CTX_sess_number(ctx) ((ctx)->sessions->num_items)
+#define SSL_CTX_sess_connect(ctx) ((ctx)->sess_connect)
+#define SSL_CTX_sess_connect_good(ctx) ((ctx)->sess_connect_good)
+#define SSL_CTX_sess_accept(ctx) ((ctx)->sess_accept)
+#define SSL_CTX_sess_accept_good(ctx) ((ctx)->sess_accept_good)
+#define SSL_CTX_sess_hits(ctx) ((ctx)->sess_hit)
+#define SSL_CTX_sess_cb_hits(ctx) ((ctx)->sess_cb_hit)
+#define SSL_CTX_sess_misses(ctx) ((ctx)->sess_miss)
+#define SSL_CTX_sess_timeouts(ctx) ((ctx)->sess_timeout)
+
+#define SSL_CTX_sess_set_new_cb(ctx,cb) ((ctx)->new_session_cb=(cb))
+#define SSL_CTX_sess_get_new_cb(ctx) ((ctx)->new_session_cb)
+#define SSL_CTX_sess_set_remove_cb(ctx,cb) ((ctx)->remove_session_cb=(cb))
+#define SSL_CTX_sess_get_remove_cb(ctx) ((ctx)->remove_session_cb)
+#define SSL_CTX_sess_set_get_cb(ctx,cb) ((ctx)->get_session_cb=(cb))
+#define SSL_CTX_sess_get_get_cb(ctx) ((ctx)->get_session_cb)
+#define SSL_CTX_set_session_cache_mode(ctx,m) ((ctx)->session_cache_mode=(m))
+#define SSL_CTX_get_session_cache_mode(ctx) ((ctx)->session_cache_mode)
+#define SSL_CTX_set_timeout(ctx,t) ((ctx)->session_timeout=(t))
+#define SSL_CTX_get_timeout(ctx) ((ctx)->session_timeout)
+
+#define SSL_CTX_set_info_callback(ctx,cb) ((ctx)->info_callback=(cb))
+#define SSL_CTX_get_info_callback(ctx) ((ctx)->info_callback)
+#define SSL_CTX_set_default_read_ahead(ctx,m) (((ctx)->default_read_ahead)=(m))
+
+#define SSL_CTX_set_client_cert_cb(ctx,cb) ((ctx)->client_cert_cb=(cb))
+#define SSL_CTX_get_client_cert_cb(ctx) ((ctx)->client_cert_cb)
+
+#define SSL_NOTHING 1
+#define SSL_WRITING 2
+#define SSL_READING 3
+#define SSL_X509_LOOKUP 4
+
+/* These will only be used when doing non-blocking IO */
+#define SSL_want(s) ((s)->rwstate)
+#define SSL_want_nothing(s) ((s)->rwstate == SSL_NOTHING)
+#define SSL_want_read(s) ((s)->rwstate == SSL_READING)
+#define SSL_want_write(s) ((s)->rwstate == SSL_WRITING)
+#define SSL_want_x509_lookup(s) ((s)->rwstate == SSL_X509_LOOKUP)
+
+typedef struct ssl_st
+ {
+ /* procol version
+ * 2 for SSLv2
+ * 3 for SSLv3
+ * -3 for SSLv3 but accept SSLv2 */
+ int version;
+ int type; /* SSL_ST_CONNECT or SSL_ST_ACCEPT */
+
+ SSL_METHOD *method; /* SSLv3 */
+
+ /* There are 2 BIO's even though they are normally both the
+ * same. This is so data can be read and written to different
+ * handlers */
+
+#ifdef HEADER_BIO_H
+ BIO *rbio; /* used by SSL_read */
+ BIO *wbio; /* used by SSL_write */
+ BIO *bbio; /* used during session-id reuse to concatinate
+ * messages */
+#else
+ char *rbio; /* used by SSL_read */
+ char *wbio; /* used by SSL_write */
+ char *bbio;
+#endif
+ /* This holds a variable that indicates what we were doing
+ * when a 0 or -1 is returned. This is needed for
+ * non-blocking IO so we know what request needs re-doing when
+ * in SSL_accept or SSL_connect */
+ int rwstate;
+
+ /* true when we are actually in SSL_accept() or SSL_connect() */
+ int in_handshake;
+ int (*handshake_func)();
+
+/* int server;*/ /* are we the server side? */
+
+ int new_session;/* 1 if we are to use a new session */
+ int quiet_shutdown;/* don't send shutdown packets */
+ int shutdown; /* we have shut things down, 0x01 sent, 0x02
+ * for received */
+ int state; /* where we are */
+ int rstate; /* where we are when reading */
+
+ BUF_MEM *init_buf; /* buffer used during init */
+ int init_num; /* amount read/written */
+ int init_off; /* amount read/written */
+
+ /* used internally to point at a raw packet */
+ unsigned char *packet;
+ unsigned int packet_length;
+
+ struct ssl2_ctx_st *s2; /* SSLv2 variables */
+ struct ssl3_ctx_st *s3; /* SSLv3 variables */
+
+ int read_ahead; /* Read as many input bytes as possible */
+ int hit; /* reusing a previous session */
+
+ /* crypto */
+ STACK /* SSL_CIPHER */ *cipher_list;
+ STACK /* SSL_CIPHER */ *cipher_list_by_id;
+
+ /* These are the ones being used, the ones is SSL_SESSION are
+ * the ones to be 'copied' into these ones */
+
+ EVP_CIPHER_CTX *enc_read_ctx; /* cryptographic state */
+ EVP_MD *read_hash; /* used for mac generation */
+ SSL_COMPRESSION *read_compression; /* compression */
+
+ EVP_CIPHER_CTX *enc_write_ctx; /* cryptographic state */
+ EVP_MD *write_hash; /* used for mac generation */
+ SSL_COMPRESSION *write_compression; /* compression */
+
+ /* session info */
+
+ /* client cert? */
+ /* This is used to hold the server certificate used */
+ struct cert_st /* CERT */ *cert;
+
+ /* This can also be in the session once a session is established */
+ SSL_SESSION *session;
+
+ /* Used in SSL2 and SSL3 */
+ int verify_mode; /* 0 don't care about verify failure.
+ * 1 fail if verify fails */
+ int (*verify_callback)(); /* fail if callback returns 0 */
+ void (*info_callback)(); /* optional informational callback */
+
+ int error; /* error bytes to be written */
+ int error_code; /* actual code */
+
+ SSL_CTX *ctx;
+ /* set this flag to 1 and a sleep(1) is put into all SSL_read()
+ * and SSL_write() calls, good for nbio debuging :-) */
+ int debug;
+
+ /* extra application data */
+ int verify_result;
+ char *app_data;
+
+ /* for server side, keep the list of CA_dn we can use */
+ STACK /* X509_NAME */ *client_CA;
+
+ int first_packet;
+ } SSL;
+
+#include "ssl2.h"
+#include "ssl3.h"
+#include "ssl23.h"
+
+/* application stuff */
+#define SSL_set_verify_result(s,arg) ((s)->verify_result=(long)arg)
+#define SSL_get_verify_result(s) ((s)->verify_result)
+#define SSL_set_app_data(s,arg) ((s)->app_data=(char *)arg)
+#define SSL_get_app_data(s) ((s)->app_data)
+
+#define SSL_SESSION_set_app_data(s,arg) ((s)->app_data=(char *)arg)
+#define SSL_SESSION_get_app_data(s) ((s)->app_data)
+
+#define SSL_CTX_set_app_data(ctx,arg) ((ctx)->app_data=(char *)arg)
+#define SSL_CTX_get_app_data(ctx) ((ctx)->app_data)
+
+/* The following are the possible values for ssl->state are are
+ * used to indicate where we are upto in the SSL connection establishment.
+ * The macros that follow are about the only things you should need to use
+ * and even then, only when using non-blocking IO.
+ * It can also be useful to work out where you were when the connection
+ * failed */
+
+#define SSL_state(a) ((a)->state)
+#define SSL_ST_CONNECT 0x1000
+#define SSL_ST_ACCEPT 0x2000
+#define SSL_ST_MASK 0x0FFF
+#define SSL_ST_INIT (SSL_ST_CONNECT|SSL_ST_ACCEPT)
+#define SSL_ST_BEFORE 0x4000
+#define SSL_ST_OK 0x03
+#define SSL_ST_RENEGOTIATE (0x04|SSL_ST_INIT)
+
+/* SSL info callback functions */
+#define SSL_set_info_callback(ssl,cb) ((ssl)->info_callback=(cb))
+#define SSL_get_info_callback(ssl) ((ssl)->info_callback)
+
+#define SSL_CB_LOOP 0x01
+#define SSL_CB_EXIT 0x02
+#define SSL_CB_READ 0x04
+#define SSL_CB_WRITE 0x08
+#define SSL_CB_ALERT 0x4000 /* used in callback */
+#define SSL_CB_READ_ALERT (SSL_CB_ALERT|SSL_CB_READ)
+#define SSL_CB_WRITE_ALERT (SSL_CB_ALERT|SSL_CB_WRITE)
+#define SSL_CB_ACCEPT_LOOP (SSL_ST_ACCEPT|SSL_CB_LOOP)
+#define SSL_CB_ACCEPT_EXIT (SSL_ST_ACCEPT|SSL_CB_EXIT)
+#define SSL_CB_CONNECT_LOOP (SSL_ST_CONNECT|SSL_CB_LOOP)
+#define SSL_CB_CONNECT_EXIT (SSL_ST_CONNECT|SSL_CB_EXIT)
+#define SSL_CB_HANDSHAKE_START 0x10
+#define SSL_CB_HANDSHAKE_DONE 0x20
+
+/* Is the SSL_connection established? */
+#define SSL_is_init_finished(a) ((a)->state == SSL_ST_OK)
+#define SSL_in_init(a) ((a)->state&SSL_ST_INIT)
+#define SSL_in_before(a) ((a)->state&SSL_ST_BEFORE)
+#define SSL_in_connect_init(a) ((a)->state&SSL_ST_CONNECT)
+#define SSL_in_accept_init(a) ((a)->state&SSL_ST_ACCEPT)
+
+/* The following 2 states are kept in ssl->rstate when reads fail,
+ * you should not need these */
+#define SSL_ST_READ_HEADER 0xF0
+#define SSL_ST_READ_BODY 0xF1
+#define SSL_ST_READ_DONE 0xF2
+
+/* use either SSL_VERIFY_NONE or SSL_VERIFY_PEER, the last 2 options
+ * are 'ored' with SSL_VERIFY_PEER if they are desired */
+#define SSL_VERIFY_NONE 0x00
+#define SSL_VERIFY_PEER 0x01
+#define SSL_VERIFY_FAIL_IF_NO_PEER_CERT 0x02
+#define SSL_VERIFY_CLIENT_ONCE 0x04
+
+#define SSL_RWERR_BAD_WRITE_RETRY (-2)
+#define SSL_RWERR_BAD_MAC_DECODE (-3)
+#define SSL_RWERR_INTERNAL_ERROR (-4) /* should not get this one */
+#define SSL_RWERR_WRONG_RECORD_TYPE (-5) /* used internally */
+
+#define SSL_CTX_set_default_verify_paths(ctx) \
+ X509_STORE_set_default_paths((ctx)->cert_store)
+#define SSL_CTX_load_verify_locations(ctx,CAfile,CApath) \
+ X509_STORE_load_locations((ctx)->cert_store,\
+ (CAfile),(CApath))
+
+#define SSL_get_session(s) ((s)->session)
+#define SSL_get_SSL_CTX(s) ((s)->ctx)
+
+/* this is for backward compatablility */
+#if 0 /* NEW_SSLEAY */
+#define SSL_CTX_set_default_verify(a,b,c) SSL_CTX_set_verify(a,b,c)
+#define SSL_set_pref_cipher(c,n) SSL_set_cipher_list(c,n)
+#define SSL_add_session(a,b) SSL_CTX_add_session((a),(b))
+#define SSL_remove_session(a,b) SSL_CTX_remove_session((a),(b))
+#define SSL_flush_sessions(a,b) SSL_CTX_flush_sessions((a),(b))
+#endif
+/* More backward compatablity */
+#define SSL_get_cipher(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+#define SSL_get_cipher_bits(s,np) \
+ SSL_CIPHER_get_bits(SSL_get_current_cipher(s),np)
+#define SSL_get_cipher_version(s) \
+ SSL_CIPHER_get_version(SSL_get_current_cipher(s))
+#define SSL_get_cipher_name(s) \
+ SSL_CIPHER_get_name(SSL_get_current_cipher(s))
+
+/* VMS linker has a 31 char name limit */
+#define SSL_CTX_set_cert_verify_callback(a,b,c) \
+ SSL_CTX_set_cert_verify_cb((a),(b),(c))
+
+#if 1 /*SSLEAY_MACROS*/
+#define d2i_SSL_SESSION_bio(bp,s_id) (SSL_SESSION *)ASN1_d2i_bio( \
+ (char *(*)())SSL_SESSION_new,(char *(*)())d2i_SSL_SESSION, \
+ (bp),(unsigned char **)(s_id))
+#define i2d_SSL_SESSION_bio(bp,s_id) ASN1_i2d_bio(i2d_SSL_SESSION, \
+ bp,(unsigned char *)s_id)
+#define PEM_read_SSL_SESSION(fp,x,cb) (SSL_SESSION *)PEM_ASN1_read( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,fp,(char **)x,cb)
+#define PEM_read_bio_SSL_SESSION(bp,x,cb) (SSL_SESSION *)PEM_ASN1_read_bio( \
+ (char *(*)())d2i_SSL_SESSION,PEM_STRING_SSL_SESSION,bp,(char **)x,cb)
+#define PEM_write_SSL_SESSION(fp,x) \
+ PEM_ASN1_write((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,fp, (char *)x, NULL,NULL,0,NULL)
+#define PEM_write_bio_SSL_SESSION(bp,x) \
+ PEM_ASN1_write_bio((int (*)())i2d_SSL_SESSION, \
+ PEM_STRING_SSL_SESSION,bp, (char *)x, NULL,NULL,0,NULL)
+#endif
+
+#define SSL_ERROR_NONE 0
+#define SSL_ERROR_SSL 1
+#define SSL_ERROR_WANT_READ 2
+#define SSL_ERROR_WANT_WRITE 3
+#define SSL_ERROR_WANT_X509_LOOKUP 4
+#define SSL_ERROR_SYSCALL 5 /* look at errno */
+#define SSL_ERROR_ZERO_RETURN 6
+#define SSL_ERROR_WANT_CONNECT 7
+
+#define SSL_CTRL_NEED_TMP_RSA 1
+#define SSL_CTRL_SET_TMP_RSA 2
+#define SSL_CTRL_SET_TMP_DH 3
+#define SSL_CTRL_SET_TMP_RSA_CB 4
+#define SSL_CTRL_SET_TMP_DH_CB 5
+
+#define SSL_CTX_need_tmp_RSA(ctx) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_NEED_TMP_RSA,0,NULL)
+#define SSL_CTX_set_tmp_rsa(ctx,rsa) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA,0,(char *)rsa)
+#define SSL_CTX_set_tmp_dh(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH,0,(char *)dh)
+
+/* For the next 2, the callbacks are
+ * RSA *tmp_rsa_cb(int export)
+ * DH *tmp_dh_cb(int export)
+ */
+#define SSL_CTX_set_tmp_rsa_callback(ctx,cb) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_RSA_CB,0,(char *)cb)
+#define SSL_CTX_set_tmp_dh_callback(ctx,dh) \
+ SSL_CTX_ctrl(ctx,SSL_CTRL_SET_TMP_DH_CB,0,(char *)cb)
+
+#ifndef NOPROTO
+
+#ifdef HEADER_BIO_H
+BIO_METHOD *BIO_f_ssl(void);
+BIO *BIO_new_ssl(SSL_CTX *ctx,int client);
+int BIO_ssl_copy_session_id(BIO *to,BIO *from);
+void BIO_ssl_shutdown(BIO *ssl_bio);
+
+#endif
+
+int SSL_CTX_set_cipher_list(SSL_CTX *,char *str);
+SSL_CTX *SSL_CTX_new(SSL_METHOD *meth);
+void SSL_CTX_free(SSL_CTX *);
+void SSL_clear(SSL *s);
+void SSL_CTX_flush_sessions(SSL_CTX *ctx,long tm);
+
+SSL_CIPHER *SSL_get_current_cipher(SSL *s);
+int SSL_CIPHER_get_bits(SSL_CIPHER *c,int *alg_bits);
+char * SSL_CIPHER_get_version(SSL_CIPHER *c);
+char * SSL_CIPHER_get_name(SSL_CIPHER *c);
+
+int SSL_get_fd(SSL *s);
+char * SSL_get_cipher_list(SSL *s,int n);
+char * SSL_get_shared_ciphers(SSL *s, char *buf, int len);
+int SSL_get_read_ahead(SSL * s);
+int SSL_pending(SSL *s);
+#ifndef NO_SOCK
+int SSL_set_fd(SSL *s, int fd);
+int SSL_set_rfd(SSL *s, int fd);
+int SSL_set_wfd(SSL *s, int fd);
+#endif
+#ifdef HEADER_BIO_H
+void SSL_set_bio(SSL *s, BIO *rbio,BIO *wbio);
+BIO * SSL_get_rbio(SSL *s);
+BIO * SSL_get_wbio(SSL *s);
+#endif
+int SSL_set_cipher_list(SSL *s, char *str);
+void SSL_set_read_ahead(SSL *s, int yes);
+int SSL_get_verify_mode(SSL *s);
+int (*SSL_get_verify_callback(SSL *s))();
+void SSL_set_verify(SSL *s, int mode, int (*callback) ());
+int SSL_use_RSAPrivateKey(SSL *ssl, RSA *rsa);
+int SSL_use_RSAPrivateKey_ASN1(SSL *ssl, unsigned char *d, long len);
+int SSL_use_RSAPrivateKey_file(SSL *ssl, char *file, int type);
+int SSL_use_PrivateKey(SSL *ssl, EVP_PKEY *pkey);
+int SSL_use_PrivateKey_ASN1(int pk,SSL *ssl, unsigned char *d, long len);
+int SSL_use_PrivateKey_file(SSL *ssl, char *file, int type);
+int SSL_use_certificate(SSL *ssl, X509 *x);
+int SSL_use_certificate_ASN1(SSL *ssl, int len, unsigned char *d);
+int SSL_use_certificate_file(SSL *ssl, char *file, int type);
+void ERR_load_SSL_strings(void );
+void SSL_load_error_strings(void );
+char * SSL_state_string(SSL *s);
+char * SSL_rstate_string(SSL *s);
+char * SSL_state_string_long(SSL *s);
+char * SSL_rstate_string_long(SSL *s);
+long SSL_get_time(SSL_SESSION *s);
+long SSL_set_time(SSL_SESSION *s, long t);
+long SSL_get_timeout(SSL_SESSION *s);
+long SSL_set_timeout(SSL_SESSION *s, long t);
+void SSL_copy_session_id(SSL *to,SSL *from);
+
+SSL_SESSION *SSL_SESSION_new(void);
+#ifndef WIN16
+int SSL_SESSION_print_fp(FILE *fp,SSL_SESSION *ses);
+#endif
+#ifdef HEADER_BIO_H
+int SSL_SESSION_print(BIO *fp,SSL_SESSION *ses);
+#endif
+void SSL_SESSION_free(SSL_SESSION *ses);
+int i2d_SSL_SESSION(SSL_SESSION *in,unsigned char **pp);
+int SSL_set_session(SSL *to, SSL_SESSION *session);
+int SSL_CTX_add_session(SSL_CTX *s, SSL_SESSION *c);
+int SSL_CTX_remove_session(SSL_CTX *,SSL_SESSION *c);
+SSL_SESSION *d2i_SSL_SESSION(SSL_SESSION **a,unsigned char **pp,long length);
+
+#ifdef HEADER_X509_H
+X509 * SSL_get_peer_certificate(SSL *s);
+#endif
+
+STACK * SSL_get_peer_cert_chain(SSL *s);
+
+int SSL_CTX_get_verify_mode(SSL_CTX *ctx);
+int (*SSL_CTX_get_verify_callback(SSL_CTX *ctx))();
+void SSL_CTX_set_verify(SSL_CTX *ctx,int mode,int (*callback)());
+void SSL_CTX_set_cert_verify_cb(SSL_CTX *ctx, int (*cb)(),char *arg);
+int SSL_CTX_use_RSAPrivateKey(SSL_CTX *ctx, RSA *rsa);
+int SSL_CTX_use_RSAPrivateKey_ASN1(SSL_CTX *ctx, unsigned char *d, long len);
+int SSL_CTX_use_RSAPrivateKey_file(SSL_CTX *ctx, char *file, int type);
+int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey);
+int SSL_CTX_use_PrivateKey_ASN1(int pk,SSL_CTX *ctx,
+ unsigned char *d, long len);
+int SSL_CTX_use_PrivateKey_file(SSL_CTX *ctx, char *file, int type);
+int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x);
+int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len, unsigned char *d);
+int SSL_CTX_use_certificate_file(SSL_CTX *ctx, char *file, int type);
+
+void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx,int (*cb)());
+
+int SSL_CTX_check_private_key(SSL_CTX *ctx);
+int SSL_check_private_key(SSL *ctx);
+
+SSL * SSL_new(SSL_CTX *ctx);
+void SSL_clear(SSL *s);
+void SSL_free(SSL *ssl);
+int SSL_accept(SSL *ssl);
+int SSL_connect(SSL *ssl);
+int SSL_read(SSL *ssl,char *buf,int num);
+int SSL_peek(SSL *ssl,char *buf,int num);
+int SSL_write(SSL *ssl,char *buf,int num);
+long SSL_ctrl(SSL *ssl,int cmd, long larg, char *parg);
+long SSL_CTX_ctrl(SSL_CTX *ctx,int cmd, long larg, char *parg);
+
+int SSL_get_error(SSL *s,int ret_code);
+char * SSL_get_version(SSL *s);
+
+/* This sets the 'default' SSL version that SSL_new() will create */
+int SSL_CTX_set_ssl_version(SSL_CTX *ctx,SSL_METHOD *meth);
+
+SSL_METHOD *SSLv2_method(void); /* sslv2 */
+SSL_METHOD *SSLv2_server_method(void); /* sslv2 */
+SSL_METHOD *SSLv2_client_method(void); /* sslv2 */
+
+SSL_METHOD *SSLv3_method(void); /* sslv3 */
+SSL_METHOD *SSLv3_server_method(void); /* sslv3 */
+SSL_METHOD *SSLv3_client_method(void); /* sslv3 */
+
+SSL_METHOD *SSLv23_method(void); /* sslv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_server_method(void); /* sslv3 but can rollback to v2 */
+SSL_METHOD *SSLv23_client_method(void); /* sslv3 but can rollback to v2 */
+
+STACK *SSL_get_ciphers(SSL *s);
+
+int SSL_do_handshake(SSL *s);
+int SSL_renegotiate(SSL *s);
+int SSL_shutdown(SSL *s);
+
+SSL_METHOD *SSL_get_ssl_method(SSL *s);
+int SSL_set_ssl_method(SSL *s,SSL_METHOD *method);
+char *SSL_alert_type_string_long(int value);
+char *SSL_alert_type_string(int value);
+char *SSL_alert_desc_string_long(int value);
+char *SSL_alert_desc_string(int value);
+
+STACK *SSL_load_client_CA_file(char *file);
+void SSL_set_client_CA_list(SSL *s, STACK *list);
+void SSL_CTX_set_client_CA_list(SSL_CTX *ctx, STACK *list);
+STACK *SSL_get_client_CA_list(SSL *s);
+STACK *SSL_CTX_get_client_CA_list(SSL_CTX *s);
+int SSL_add_client_CA(SSL *ssl,X509 *x);
+int SSL_CTX_add_client_CA(SSL_CTX *ctx,X509 *x);
+
+void SSL_set_connect_state(SSL *s);
+void SSL_set_accept_state(SSL *s);
+
+long SSL_get_default_timeout(SSL *s);
+
+void SSLeay_add_ssl_algorithms(void );
+
+char *SSL_CIPHER_description(SSL_CIPHER *,char *buf,int size);
+STACK *SSL_dup_CA_list(STACK *sk);
+
+SSL *SSL_dup(SSL *ssl);
+
+X509 *SSL_get_certificate(SSL *ssl);
+/* EVP_PKEY */ struct evp_pkey_st *SSL_get_privatekey(SSL *ssl);
+
+#else
+
+BIO_METHOD *BIO_f_ssl();
+BIO *BIO_new_ssl();
+int BIO_ssl_copy_session_id();
+void BIO_ssl_shutdown();
+
+int SSL_CTX_set_cipher_list();
+SSL_CTX *SSL_CTX_new();
+void SSL_CTX_free();
+void SSL_clear();
+void SSL_CTX_flush_sessions();
+
+SSL_CIPHER *SSL_get_current_cipher();
+int SSL_CIPHER_get_bits();
+char * SSL_CIPHER_get_version();
+char * SSL_CIPHER_get_name();
+
+int SSL_get_fd();
+char * SSL_get_cipher_list();
+char * SSL_get_shared_ciphers();
+int SSL_get_read_ahead();
+int SSL_pending();
+#ifndef NO_SOCK
+int SSL_set_fd();
+int SSL_set_rfd();
+int SSL_set_wfd();
+#endif
+#ifdef HEADER_BIO_H
+void SSL_set_bio();
+BIO * SSL_get_rbio();
+BIO * SSL_get_wbio();
+#endif
+int SSL_set_cipher_list();
+void SSL_set_read_ahead();
+int SSL_get_verify_mode();
+
+void SSL_set_verify();
+int SSL_use_RSAPrivateKey();
+int SSL_use_RSAPrivateKey_ASN1();
+int SSL_use_RSAPrivateKey_file();
+int SSL_use_PrivateKey();
+int SSL_use_PrivateKey_ASN1();
+int SSL_use_PrivateKey_file();
+int SSL_use_certificate();
+int SSL_use_certificate_ASN1();
+int SSL_use_certificate_file();
+void ERR_load_SSL_strings();
+void SSL_load_error_strings();
+char * SSL_state_string();
+char * SSL_rstate_string();
+char * SSL_state_string_long();
+char * SSL_rstate_string_long();
+long SSL_get_time();
+long SSL_set_time();
+long SSL_get_timeout();
+long SSL_set_timeout();
+void SSL_copy_session_id();
+
+SSL_SESSION *SSL_SESSION_new();
+#ifndef WIN16
+int SSL_SESSION_print_fp();
+#endif
+#ifdef HEADER_BIO_H
+int SSL_SESSION_print();
+#endif
+void SSL_SESSION_free();
+int i2d_SSL_SESSION();
+int SSL_set_session();
+int SSL_CTX_add_session();
+int SSL_CTX_remove_session();
+SSL_SESSION *d2i_SSL_SESSION();
+
+#ifdef HEADER_X509_H
+X509 * SSL_get_peer_certificate();
+#endif
+
+STACK * SSL_get_peer_cert_chain();
+
+int SSL_CTX_get_verify_mode();
+int (*SSL_CTX_get_verify_callback())();
+void SSL_CTX_set_verify();
+void SSL_CTX_set_cert_verify_cb();
+int SSL_CTX_use_RSAPrivateKey();
+int SSL_CTX_use_RSAPrivateKey_ASN1();
+int SSL_CTX_use_RSAPrivateKey_file();
+int SSL_CTX_use_PrivateKey();
+int SSL_CTX_use_PrivateKey_ASN1();
+int SSL_CTX_use_PrivateKey_file();
+int SSL_CTX_use_certificate();
+int SSL_CTX_use_certificate_ASN1();
+int SSL_CTX_use_certificate_file();
+
+void SSL_CTX_set_default_passwd_cb();
+
+int SSL_CTX_check_private_key();
+int SSL_check_private_key();
+
+SSL * SSL_new();
+void SSL_clear();
+void SSL_free();
+int SSL_accept();
+int SSL_connect();
+int SSL_read();
+int SSL_peek();
+int SSL_write();
+long SSL_ctrl();
+long SSL_CTX_ctrl();
+
+int SSL_get_error();
+char * SSL_get_version();
+
+int SSL_CTX_set_ssl_version();
+
+SSL_METHOD *SSLv2_method();
+SSL_METHOD *SSLv2_server_method();
+SSL_METHOD *SSLv2_client_method();
+
+SSL_METHOD *SSLv3_method();
+SSL_METHOD *SSLv3_server_method();
+SSL_METHOD *SSLv3_client_method();
+
+SSL_METHOD *SSLv23_method();
+SSL_METHOD *SSLv23_server_method();
+SSL_METHOD *SSLv23_client_method();
+
+STACK *SSL_get_ciphers();
+
+int SSL_do_handshake();
+int SSL_renegotiate();
+int SSL_shutdown();
+
+SSL_METHOD *SSL_get_ssl_method();
+int SSL_set_ssl_method();
+char *SSL_alert_type_string_long();
+char *SSL_alert_type_string();
+char *SSL_alert_desc_string_long();
+char *SSL_alert_desc_string();
+
+STACK *SSL_load_client_CA_file();
+void SSL_set_client_CA_list();
+void SSL_CTX_set_client_CA_list();
+STACK *SSL_get_client_CA_list();
+STACK *SSL_CTX_get_client_CA_list();
+int SSL_add_client_CA();
+int SSL_CTX_add_client_CA();
+
+void SSL_set_connect_state();
+void SSL_set_accept_state();
+
+long SSL_get_default_timeout();
+
+void SSLeay_add_ssl_algorithms();
+
+char *SSL_CIPHER_description();
+STACK *SSL_dup_CA_list();
+
+SSL *SSL_dup();
+
+X509 *SSL_get_certificate();
+/* EVP * */ struct evp_pkey_st *SSL_get_privatekey();
+
+#ifdef this_is_for_mk1mf_pl
+EVP *SSL_get_privatekey();
+#endif
+
+#endif
+
+/* BEGIN ERROR CODES */
+/* Error codes for the SSL functions. */
+
+/* Function codes. */
+#define SSL_F_CLIENT_CERTIFICATE 100
+#define SSL_F_CLIENT_HELLO 101
+#define SSL_F_CLIENT_MASTER_KEY 102
+#define SSL_F_D2I_SSL_SESSION 103
+#define SSL_F_DO_SSL3_WRITE 104
+#define SSL_F_GET_CLIENT_FINISHED 105
+#define SSL_F_GET_CLIENT_HELLO 106
+#define SSL_F_GET_CLIENT_MASTER_KEY 107
+#define SSL_F_GET_SERVER_FINISHED 108
+#define SSL_F_GET_SERVER_HELLO 109
+#define SSL_F_GET_SERVER_VERIFY 110
+#define SSL_F_I2D_SSL_SESSION 111
+#define SSL_F_READ_N 112
+#define SSL_F_REQUEST_CERTIFICATE 113
+#define SSL_F_SERVER_HELLO 114
+#define SSL_F_SSL23_ACCEPT 115
+#define SSL_F_SSL23_CLIENT_HELLO 116
+#define SSL_F_SSL23_CONNECT 117
+#define SSL_F_SSL23_GET_CLIENT_HELLO 118
+#define SSL_F_SSL23_GET_SERVER_HELLO 119
+#define SSL_F_SSL23_READ 120
+#define SSL_F_SSL23_WRITE 121
+#define SSL_F_SSL2_ACCEPT 122
+#define SSL_F_SSL2_CONNECT 123
+#define SSL_F_SSL2_ENC_INIT 124
+#define SSL_F_SSL2_READ 125
+#define SSL_F_SSL2_SET_CERTIFICATE 126
+#define SSL_F_SSL2_WRITE 127
+#define SSL_F_SSL3_ACCEPT 128
+#define SSL_F_SSL3_CHANGE_CIPHER_STATE 129
+#define SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM 130
+#define SSL_F_SSL3_CLIENT_HELLO 131
+#define SSL_F_SSL3_CONNECT 132
+#define SSL_F_SSL3_CTX_CTRL 133
+#define SSL_F_SSL3_ENC 134
+#define SSL_F_SSL3_GET_CERTIFICATE_REQUEST 135
+#define SSL_F_SSL3_GET_CERT_VERIFY 136
+#define SSL_F_SSL3_GET_CLIENT_CERTIFICATE 137
+#define SSL_F_SSL3_GET_CLIENT_HELLO 138
+#define SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE 139
+#define SSL_F_SSL3_GET_FINISHED 140
+#define SSL_F_SSL3_GET_KEY_EXCHANGE 141
+#define SSL_F_SSL3_GET_MESSAGE 142
+#define SSL_F_SSL3_GET_RECORD 143
+#define SSL_F_SSL3_GET_SERVER_CERTIFICATE 144
+#define SSL_F_SSL3_GET_SERVER_DONE 145
+#define SSL_F_SSL3_GET_SERVER_HELLO 146
+#define SSL_F_SSL3_OUTPUT_CERT_CHAIN 147
+#define SSL_F_SSL3_READ_BYTES 148
+#define SSL_F_SSL3_READ_N 149
+#define SSL_F_SSL3_SEND_CERTIFICATE_REQUEST 150
+#define SSL_F_SSL3_SEND_CLIENT_CERTIFICATE 151
+#define SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE 152
+#define SSL_F_SSL3_SEND_CLIENT_VERIFY 153
+#define SSL_F_SSL3_SEND_SERVER_CERTIFICATE 154
+#define SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE 155
+#define SSL_F_SSL3_SETUP_BUFFERS 156
+#define SSL_F_SSL3_SETUP_KEY_BLOCK 157
+#define SSL_F_SSL3_WRITE_BYTES 158
+#define SSL_F_SSL3_WRITE_PENDING 159
+#define SSL_F_SSL_BAD_METHOD 160
+#define SSL_F_SSL_BYTES_TO_CIPHER_LIST 161
+#define SSL_F_SSL_CERT_NEW 162
+#define SSL_F_SSL_CHECK_PRIVATE_KEY 163
+#define SSL_F_SSL_CREATE_CIPHER_LIST 164
+#define SSL_F_SSL_CTX_CHECK_PRIVATE_KEY 165
+#define SSL_F_SSL_CTX_NEW 166
+#define SSL_F_SSL_CTX_SET_SSL_VERSION 167
+#define SSL_F_SSL_CTX_USE_CERTIFICATE 168
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1 169
+#define SSL_F_SSL_CTX_USE_CERTIFICATE_FILE 170
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY 171
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1 172
+#define SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE 173
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY 174
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1 175
+#define SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE 176
+#define SSL_F_SSL_DO_HANDSHAKE 177
+#define SSL_F_SSL_GET_NEW_SESSION 178
+#define SSL_F_SSL_GET_SERVER_SEND_CERT 179
+#define SSL_F_SSL_GET_SIGN_PKEY 180
+#define SSL_F_SSL_LOAD_CLIENT_CA_FILE 181
+#define SSL_F_SSL_NEW 182
+#define SSL_F_SSL_RSA_PRIVATE_DECRYPT 183
+#define SSL_F_SSL_RSA_PUBLIC_ENCRYPT 184
+#define SSL_F_SSL_SESSION_NEW 185
+#define SSL_F_SSL_SESSION_PRINT_FP 186
+#define SSL_F_SSL_SET_FD 187
+#define SSL_F_SSL_SET_PKEY 188
+#define SSL_F_SSL_SET_RFD 189
+#define SSL_F_SSL_SET_SESSION 190
+#define SSL_F_SSL_SET_WFD 191
+#define SSL_F_SSL_UNDEFINED_FUNCTION 192
+#define SSL_F_SSL_USE_CERTIFICATE 193
+#define SSL_F_SSL_USE_CERTIFICATE_ASN1 194
+#define SSL_F_SSL_USE_CERTIFICATE_FILE 195
+#define SSL_F_SSL_USE_PRIVATEKEY 196
+#define SSL_F_SSL_USE_PRIVATEKEY_ASN1 197
+#define SSL_F_SSL_USE_PRIVATEKEY_FILE 198
+#define SSL_F_SSL_USE_RSAPRIVATEKEY 199
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1 200
+#define SSL_F_SSL_USE_RSAPRIVATEKEY_FILE 201
+#define SSL_F_SSL_WRITE 202
+#define SSL_F_WRITE_PENDING 203
+
+/* Reason codes. */
+#define SSL_R_APP_DATA_IN_HANDSHAKE 100
+#define SSL_R_BAD_ALERT_RECORD 101
+#define SSL_R_BAD_AUTHENTICATION_TYPE 102
+#define SSL_R_BAD_CHANGE_CIPHER_SPEC 103
+#define SSL_R_BAD_CHECKSUM 104
+#define SSL_R_BAD_CLIENT_REQUEST 105
+#define SSL_R_BAD_DATA_RETURNED_BY_CALLBACK 106
+#define SSL_R_BAD_DECOMPRESSION 107
+#define SSL_R_BAD_DH_G_LENGTH 108
+#define SSL_R_BAD_DH_PUB_KEY_LENGTH 109
+#define SSL_R_BAD_DH_P_LENGTH 110
+#define SSL_R_BAD_DIGEST_LENGTH 111
+#define SSL_R_BAD_DSA_SIGNATURE 112
+#define SSL_R_BAD_MAC_DECODE 113
+#define SSL_R_BAD_MESSAGE_TYPE 114
+#define SSL_R_BAD_PACKET_LENGTH 115
+#define SSL_R_BAD_RESPONSE_ARGUMENT 116
+#define SSL_R_BAD_RSA_DECRYPT 117
+#define SSL_R_BAD_RSA_ENCRYPT 118
+#define SSL_R_BAD_RSA_E_LENGTH 119
+#define SSL_R_BAD_RSA_MODULUS_LENGTH 120
+#define SSL_R_BAD_RSA_SIGNATURE 121
+#define SSL_R_BAD_SIGNATURE 122
+#define SSL_R_BAD_SSL_FILETYPE 123
+#define SSL_R_BAD_SSL_SESSION_ID_LENGTH 124
+#define SSL_R_BAD_STATE 125
+#define SSL_R_BAD_WRITE_RETRY 126
+#define SSL_R_BIO_NOT_SET 127
+#define SSL_R_BLOCK_CIPHER_PAD_IS_WRONG 128
+#define SSL_R_BN_LIB 129
+#define SSL_R_CA_DN_LENGTH_MISMATCH 130
+#define SSL_R_CA_DN_TOO_LONG 131
+#define SSL_R_CCS_RECEIVED_EARLY 132
+#define SSL_R_CERTIFICATE_VERIFY_FAILED 133
+#define SSL_R_CERT_LENGTH_MISMATCH 134
+#define SSL_R_CHALLENGE_IS_DIFFERENT 135
+#define SSL_R_CIPHER_CODE_WRONG_LENGTH 136
+#define SSL_R_CIPHER_OR_HASH_UNAVAILABLE 137
+#define SSL_R_CIPHER_TABLE_SRC_ERROR 138
+#define SSL_R_COMPRESSED_LENGTH_TOO_LONG 139
+#define SSL_R_COMPRESSION_FAILURE 140
+#define SSL_R_CONNECTION_ID_IS_DIFFERENT 141
+#define SSL_R_DATA_BETWEEN_CCS_AND_FINISHED 142
+#define SSL_R_DATA_LENGTH_TOO_LONG 143
+#define SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG 144
+#define SSL_R_DIGEST_CHECK_FAILED 145
+#define SSL_R_ENCRYPTED_LENGTH_TOO_LONG 146
+#define SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST 147
+#define SSL_R_EXCESSIVE_MESSAGE_SIZE 148
+#define SSL_R_EXTRA_DATA_IN_MESSAGE 149
+#define SSL_R_GOT_A_FIN_BEFORE_A_CCS 150
+#define SSL_R_INTERNAL_ERROR 151
+#define SSL_R_INVALID_CHALLENGE_LENGTH 152
+#define SSL_R_LENGTH_MISMATCH 153
+#define SSL_R_LENGTH_TOO_SHORT 154
+#define SSL_R_LIBRARY_HAS_NO_CIPHERS 155
+#define SSL_R_MISSING_DH_DSA_CERT 156
+#define SSL_R_MISSING_DH_KEY 157
+#define SSL_R_MISSING_DH_RSA_CERT 158
+#define SSL_R_MISSING_DSA_SIGNING_CERT 159
+#define SSL_R_MISSING_EXPORT_TMP_DH_KEY 160
+#define SSL_R_MISSING_EXPORT_TMP_RSA_KEY 161
+#define SSL_R_MISSING_RSA_CERTIFICATE 162
+#define SSL_R_MISSING_RSA_ENCRYPTING_CERT 163
+#define SSL_R_MISSING_RSA_SIGNING_CERT 164
+#define SSL_R_MISSING_TMP_DH_KEY 165
+#define SSL_R_MISSING_TMP_RSA_KEY 166
+#define SSL_R_MISSING_TMP_RSA_PKEY 167
+#define SSL_R_MISSING_VERIFY_MESSAGE 168
+#define SSL_R_NON_SSLV2_INITIAL_PACKET 169
+#define SSL_R_NO_CERTIFICATES_PASSED 170
+#define SSL_R_NO_CERTIFICATE_ASSIGNED 171
+#define SSL_R_NO_CERTIFICATE_RETURNED 172
+#define SSL_R_NO_CERTIFICATE_SET 173
+#define SSL_R_NO_CERTIFICATE_SPECIFIED 174
+#define SSL_R_NO_CIPHERS_AVAILABLE 175
+#define SSL_R_NO_CIPHERS_PASSED 176
+#define SSL_R_NO_CIPHERS_SPECIFIED 177
+#define SSL_R_NO_CIPHER_LIST 178
+#define SSL_R_NO_CIPHER_MATCH 179
+#define SSL_R_NO_CLIENT_CERT_RECEIVED 180
+#define SSL_R_NO_COMPRESSION_SPECIFIED 181
+#define SSL_R_NO_PRIVATEKEY 182
+#define SSL_R_NO_PRIVATE_KEY_ASSIGNED 183
+#define SSL_R_NO_PUBLICKEY 184
+#define SSL_R_NO_SHARED_CIPHER 185
+#define SSL_R_NULL_SSL_CTX 186
+#define SSL_R_NULL_SSL_METHOD_PASSED 187
+#define SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED 188
+#define SSL_R_PACKET_LENGTH_TOO_LONG 189
+#define SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE 190
+#define SSL_R_PEER_ERROR 191
+#define SSL_R_PEER_ERROR_CERTIFICATE 192
+#define SSL_R_PEER_ERROR_NO_CERTIFICATE 193
+#define SSL_R_PEER_ERROR_NO_CIPHER 194
+#define SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 195
+#define SSL_R_PRE_MAC_LENGTH_TOO_LONG 196
+#define SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS 197
+#define SSL_R_PROTOCOL_IS_SHUTDOWN 198
+#define SSL_R_PUBLIC_KEY_ENCRYPT_ERROR 199
+#define SSL_R_PUBLIC_KEY_IS_NOT_RSA 200
+#define SSL_R_PUBLIC_KEY_NOT_RSA 201
+#define SSL_R_READ_BIO_NOT_SET 202
+#define SSL_R_READ_WRONG_PACKET_TYPE 203
+#define SSL_R_RECORD_LENGTH_MISMATCH 204
+#define SSL_R_RECORD_TOO_LARGE 205
+#define SSL_R_REQUIRED_CIPHER_MISSING 206
+#define SSL_R_REUSE_CERT_LENGTH_NOT_ZERO 207
+#define SSL_R_REUSE_CERT_TYPE_NOT_ZERO 208
+#define SSL_R_REUSE_CIPHER_LIST_NOT_ZERO 209
+#define SSL_R_SHORT_READ 210
+#define SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE 211
+#define SSL_R_SSL3_SESSION_ID_TOO_SHORT 212
+#define SSL_R_SSLV3_ALERT_BAD_CERTIFICATE 1042
+#define SSL_R_SSLV3_ALERT_BAD_RECORD_MAC 1020
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED 1045
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED 1044
+#define SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN 1046
+#define SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE 1030
+#define SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE 1040
+#define SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER 1047
+#define SSL_R_SSLV3_ALERT_NO_CERTIFICATE 1041
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE 213
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE 214
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER 215
+#define SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE 216
+#define SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE 1010
+#define SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE 217
+#define SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE 1043
+#define SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION 218
+#define SSL_R_SSL_HANDSHAKE_FAILURE 219
+#define SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS 220
+#define SSL_R_SSL_SESSION_ID_IS_DIFFERENT 221
+#define SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER 222
+#define SSL_R_UNABLE_TO_DECODE_DH_CERTS 223
+#define SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY 224
+#define SSL_R_UNABLE_TO_FIND_DH_PARAMETERS 225
+#define SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS 226
+#define SSL_R_UNABLE_TO_FIND_SSL_METHOD 227
+#define SSL_R_UNEXPECTED_MESSAGE 228
+#define SSL_R_UNEXPECTED_RECORD 229
+#define SSL_R_UNKNOWN_ALERT_TYPE 230
+#define SSL_R_UNKNOWN_CERTIFICATE_TYPE 231
+#define SSL_R_UNKNOWN_CIPHER_RETURNED 232
+#define SSL_R_UNKNOWN_CIPHER_TYPE 233
+#define SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE 234
+#define SSL_R_UNKNOWN_PKEY_TYPE 235
+#define SSL_R_UNKNOWN_PROTOCOL 236
+#define SSL_R_UNKNOWN_REMOTE_ERROR_TYPE 237
+#define SSL_R_UNKNOWN_SSL_VERSION 238
+#define SSL_R_UNKNOWN_STATE 239
+#define SSL_R_UNSUPPORTED_CIPHER 240
+#define SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM 241
+#define SSL_R_UNSUPPORTED_SSL_VERSION 242
+#define SSL_R_WRITE_BIO_NOT_SET 243
+#define SSL_R_WRONG_CIPHER_RETURNED 244
+#define SSL_R_WRONG_MESSAGE_TYPE 245
+#define SSL_R_WRONG_NUMBER_OF_KEY_BITS 246
+#define SSL_R_WRONG_SIGNATURE_LENGTH 247
+#define SSL_R_WRONG_SIGNATURE_SIZE 248
+#define SSL_R_WRONG_SSL_VERSION 249
+#define SSL_R_WRONG_VERSION_NUMBER 250
+#define SSL_R_X509_LIB 251
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/ssl/ssl2.h b/ssl/ssl2.h
new file mode 100644
index 0000000..db353f5
--- /dev/null
+++ b/ssl/ssl2.h
@@ -0,0 +1,263 @@
+/* ssl/ssl2.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL2_H
+#define HEADER_SSL2_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Protocol Version Codes */
+#define SSL2_CLIENT_VERSION 0x0002
+#define SSL2_SERVER_VERSION 0x0002
+
+/* Protocol Message Codes */
+#define SSL2_MT_ERROR 0
+#define SSL2_MT_CLIENT_HELLO 1
+#define SSL2_MT_CLIENT_MASTER_KEY 2
+#define SSL2_MT_CLIENT_FINISHED 3
+#define SSL2_MT_SERVER_HELLO 4
+#define SSL2_MT_SERVER_VERIFY 5
+#define SSL2_MT_SERVER_FINISHED 6
+#define SSL2_MT_REQUEST_CERTIFICATE 7
+#define SSL2_MT_CLIENT_CERTIFICATE 8
+
+/* Error Message Codes */
+#define SSL2_PE_UNDEFINED_ERROR 0x0000
+#define SSL2_PE_NO_CIPHER 0x0001
+#define SSL2_PE_NO_CERTIFICATE 0x0002
+#define SSL2_PE_BAD_CERTIFICATE 0x0004
+#define SSL2_PE_UNSUPPORTED_CERTIFICATE_TYPE 0x0006
+
+/* Cipher Kind Values */
+#define SSL2_CK_NULL_WITH_MD5 0x02000000 /* v3 */
+#define SSL2_CK_RC4_128_WITH_MD5 0x02010080
+#define SSL2_CK_RC4_128_EXPORT40_WITH_MD5 0x02020080
+#define SSL2_CK_RC2_128_CBC_WITH_MD5 0x02030080
+#define SSL2_CK_RC2_128_CBC_EXPORT40_WITH_MD5 0x02040080
+#define SSL2_CK_IDEA_128_CBC_WITH_MD5 0x02050080
+#define SSL2_CK_DES_64_CBC_WITH_MD5 0x02060040
+#define SSL2_CK_DES_64_CBC_WITH_SHA 0x02060140 /* v3 */
+#define SSL2_CK_DES_192_EDE3_CBC_WITH_MD5 0x020700c0
+#define SSL2_CK_DES_192_EDE3_CBC_WITH_SHA 0x020701c0 /* v3 */
+#define SSL2_CK_RC4_64_WITH_MD5 0x02080080 /* MS hack */
+
+#define SSL2_CK_DES_64_CFB64_WITH_MD5_1 0x02ff0800 /* SSLeay */
+#define SSL2_CK_NULL 0x02ff0810 /* SSLeay */
+
+#define SSL2_TXT_DES_64_CFB64_WITH_MD5_1 "DES-CFB-M1"
+#define SSL2_TXT_NULL_WITH_MD5 "NULL-MD5"
+#define SSL2_TXT_RC4_128_WITH_MD5 "RC4-MD5"
+#define SSL2_TXT_RC4_128_EXPORT40_WITH_MD5 "EXP-RC4-MD5"
+#define SSL2_TXT_RC2_128_CBC_WITH_MD5 "RC2-CBC-MD5"
+#define SSL2_TXT_RC2_128_CBC_EXPORT40_WITH_MD5 "EXP-RC2-CBC-MD5"
+#define SSL2_TXT_IDEA_128_CBC_WITH_MD5 "IDEA-CBC-MD5"
+#define SSL2_TXT_DES_64_CBC_WITH_MD5 "DES-CBC-MD5"
+#define SSL2_TXT_DES_64_CBC_WITH_SHA "DES-CBC-SHA"
+#define SSL2_TXT_DES_192_EDE3_CBC_WITH_MD5 "DES-CBC3-MD5"
+#define SSL2_TXT_DES_192_EDE3_CBC_WITH_SHA "DES-CBC3-SHA"
+#define SSL2_TXT_RC4_64_WITH_MD5 "RC4-64-MD5"
+
+#define SSL2_TXT_NULL "NULL"
+
+/* Flags for the SSL_CIPHER.algorithm2 field */
+#define SSL2_CF_5_BYTE_ENC 0x01
+#define SSL2_CF_8_BYTE_ENC 0x02
+
+/* Certificate Type Codes */
+#define SSL2_CT_X509_CERTIFICATE 0x01
+
+/* Authentication Type Code */
+#define SSL2_AT_MD5_WITH_RSA_ENCRYPTION 0x01
+
+#define SSL2_MAX_SSL_SESSION_ID_LENGTH 32
+
+/* Upper/Lower Bounds */
+#define SSL2_MAX_MASTER_KEY_LENGTH_IN_BITS 256
+#define SSL2_MAX_RECORD_LENGTH_2_BYTE_HEADER (unsigned int)32767
+#define SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER 16383 /**/
+
+#define SSL2_CHALLENGE_LENGTH 16
+/*#define SSL2_CHALLENGE_LENGTH 32 */
+#define SSL2_MIN_CHALLENGE_LENGTH 16
+#define SSL2_MAX_CHALLENGE_LENGTH 32
+#define SSL2_CONNECTION_ID_LENGTH 16
+#define SSL2_MAX_CONNECTION_ID_LENGTH 16
+#define SSL2_SSL_SESSION_ID_LENGTH 16
+#define SSL2_MAX_CERT_CHALLENGE_LENGTH 32
+#define SSL2_MIN_CERT_CHALLENGE_LENGTH 16
+#define SSL2_MAX_KEY_MATERIAL_LENGTH 24
+
+#ifndef HEADER_SSL_LOCL_H
+#define CERT char
+#endif
+
+typedef struct ssl2_ctx_st
+ {
+ int first_packet; /* enable first packet checking in server */
+ int three_byte_header;
+ int clear_text; /* clear text */
+ int escape; /* not used in SSLv2 */
+ int ssl2_rollback; /* used if SSLv23 rolled back to SSLv2 */
+
+ /* non-blocking io info, used to make sure the same
+ * args were passwd */
+ unsigned int wnum; /* number of bytes sent so far */
+ int wpend_tot;
+ char *wpend_buf;
+
+ int wpend_off; /* offset to data to write */
+ int wpend_len; /* number of bytes passwd to write */
+ int wpend_ret; /* number of bytes to return to caller */
+
+ /* buffer raw data */
+ int rbuf_left;
+ int rbuf_offs;
+ unsigned char *rbuf;
+ unsigned char *wbuf;
+
+ unsigned char *write_ptr;/* used to point to the start due to
+ * 2/3 byte header. */
+
+ unsigned int padding;
+ unsigned int rlength; /* passed to ssl2_enc */
+ int ract_data_length; /* Set when things are encrypted. */
+ unsigned int wlength; /* passed to ssl2_enc */
+ int wact_data_length; /* Set when things are decrypted. */
+ unsigned char *ract_data;
+ unsigned char *wact_data;
+ unsigned char *mac_data;
+ unsigned char *pad_data;
+
+ unsigned char *read_key;
+ unsigned char *write_key;
+
+ /* Stuff specifically to do with this SSL session */
+ unsigned int challenge_length;
+ unsigned char challenge[SSL2_MAX_CHALLENGE_LENGTH];
+ unsigned int conn_id_length;
+ unsigned char conn_id[SSL2_MAX_CONNECTION_ID_LENGTH];
+ unsigned int key_material_length;
+ unsigned char key_material[SSL2_MAX_KEY_MATERIAL_LENGTH*2];
+
+ unsigned long read_sequence;
+ unsigned long write_sequence;
+
+ struct {
+ unsigned int conn_id_length;
+ unsigned int cert_type;
+ unsigned int cert_length;
+ int csl;
+ int clear;
+ unsigned int enc;
+ unsigned char ccl[SSL2_MAX_CERT_CHALLENGE_LENGTH];
+ int cipher_spec_length;
+ unsigned int session_id_length;
+ unsigned int clen;
+ unsigned int rlen;
+ } tmp;
+ } SSL2_CTX;
+
+/* SSLv2 */
+/* client */
+#define SSL2_ST_SEND_CLIENT_HELLO_A (0x10|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_HELLO_B (0x11|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_HELLO_A (0x20|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_HELLO_B (0x21|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_MASTER_KEY_A (0x30|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_MASTER_KEY_B (0x31|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_FINISHED_A (0x40|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_FINISHED_B (0x41|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_A (0x50|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_B (0x51|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_C (0x52|SSL_ST_CONNECT)
+#define SSL2_ST_SEND_CLIENT_CERTIFICATE_D (0x53|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_VERIFY_A (0x60|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_VERIFY_B (0x61|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_FINISHED_A (0x70|SSL_ST_CONNECT)
+#define SSL2_ST_GET_SERVER_FINISHED_B (0x71|SSL_ST_CONNECT)
+#define SSL2_ST_CLIENT_START_ENCRYPTION (0x80|SSL_ST_CONNECT)
+#define SSL2_ST_X509_GET_CLIENT_CERTIFICATE (0x90|SSL_ST_CONNECT)
+/* server */
+#define SSL2_ST_GET_CLIENT_HELLO_A (0x10|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_HELLO_B (0x11|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_HELLO_C (0x12|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_HELLO_A (0x20|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_HELLO_B (0x21|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_MASTER_KEY_A (0x30|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_MASTER_KEY_B (0x31|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_A (0x40|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_B (0x41|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_VERIFY_C (0x42|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_FINISHED_A (0x50|SSL_ST_ACCEPT)
+#define SSL2_ST_GET_CLIENT_FINISHED_B (0x51|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_FINISHED_A (0x60|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_SERVER_FINISHED_B (0x61|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_A (0x70|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_B (0x71|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_C (0x72|SSL_ST_ACCEPT)
+#define SSL2_ST_SEND_REQUEST_CERTIFICATE_D (0x73|SSL_ST_ACCEPT)
+#define SSL2_ST_SERVER_START_ENCRYPTION (0x80|SSL_ST_ACCEPT)
+#define SSL2_ST_X509_GET_SERVER_CERTIFICATE (0x90|SSL_ST_ACCEPT)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/ssl/ssl23.h b/ssl/ssl23.h
new file mode 100644
index 0000000..6e6f26b
--- /dev/null
+++ b/ssl/ssl23.h
@@ -0,0 +1,83 @@
+/* ssl/ssl23.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL23_H
+#define HEADER_SSL23_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*client */
+/* write to server */
+#define SSL23_ST_CW_CLNT_HELLO_A (0x210|SSL_ST_CONNECT)
+#define SSL23_ST_CW_CLNT_HELLO_B (0x211|SSL_ST_CONNECT)
+/* read from server */
+#define SSL23_ST_CR_SRVR_HELLO_A (0x220|SSL_ST_CONNECT)
+#define SSL23_ST_CR_SRVR_HELLO_B (0x221|SSL_ST_CONNECT)
+
+/* server */
+/* read from client */
+#define SSL23_ST_SR_CLNT_HELLO_A (0x210|SSL_ST_ACCEPT)
+#define SSL23_ST_SR_CLNT_HELLO_B (0x211|SSL_ST_ACCEPT)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
new file mode 100644
index 0000000..9675ec2
--- /dev/null
+++ b/ssl/ssl3.h
@@ -0,0 +1,417 @@
+/* ssl/ssl3.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL3_H
+#define HEADER_SSL3_H
+
+#include "buffer.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#define SSL3_CK_RSA_NULL_MD5 0x03000001
+#define SSL3_CK_RSA_NULL_SHA 0x03000002
+#define SSL3_CK_RSA_RC4_40_MD5 0x03000003
+#define SSL3_CK_RSA_RC4_128_MD5 0x03000004
+#define SSL3_CK_RSA_RC4_128_SHA 0x03000005
+#define SSL3_CK_RSA_RC2_40_MD5 0x03000006
+#define SSL3_CK_RSA_IDEA_128_SHA 0x03000007
+#define SSL3_CK_RSA_DES_40_CBC_SHA 0x03000008
+#define SSL3_CK_RSA_DES_64_CBC_SHA 0x03000009
+#define SSL3_CK_RSA_DES_192_CBC3_SHA 0x0300000A
+
+#define SSL3_CK_DH_DSS_DES_40_CBC_SHA 0x0300000B
+#define SSL3_CK_DH_DSS_DES_64_CBC_SHA 0x0300000C
+#define SSL3_CK_DH_DSS_DES_192_CBC3_SHA 0x0300000D
+#define SSL3_CK_DH_RSA_DES_40_CBC_SHA 0x0300000E
+#define SSL3_CK_DH_RSA_DES_64_CBC_SHA 0x0300000F
+#define SSL3_CK_DH_RSA_DES_192_CBC3_SHA 0x03000010
+
+#define SSL3_CK_EDH_DSS_DES_40_CBC_SHA 0x03000011
+#define SSL3_CK_EDH_DSS_DES_64_CBC_SHA 0x03000012
+#define SSL3_CK_EDH_DSS_DES_192_CBC3_SHA 0x03000013
+#define SSL3_CK_EDH_RSA_DES_40_CBC_SHA 0x03000014
+#define SSL3_CK_EDH_RSA_DES_64_CBC_SHA 0x03000015
+#define SSL3_CK_EDH_RSA_DES_192_CBC3_SHA 0x03000016
+
+#define SSL3_CK_ADH_RC4_40_MD5 0x03000017
+#define SSL3_CK_ADH_RC4_128_MD5 0x03000018
+#define SSL3_CK_ADH_DES_40_CBC_SHA 0x03000019
+#define SSL3_CK_ADH_DES_64_CBC_SHA 0x0300001A
+#define SSL3_CK_ADH_DES_196_CBC_SHA 0x0300001B
+
+#define SSL3_CK_FZA_DMS_NULL_SHA 0x0300001C
+#define SSL3_CK_FZA_DMS_FZA_SHA 0x0300001D
+#define SSL3_CK_FZA_DMS_RC4_SHA 0x0300001E
+
+#define SSL3_TXT_RSA_NULL_MD5 "NULL-MD5"
+#define SSL3_TXT_RSA_NULL_SHA "NULL-SHA"
+#define SSL3_TXT_RSA_RC4_40_MD5 "EXP-RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_MD5 "RC4-MD5"
+#define SSL3_TXT_RSA_RC4_128_SHA "RC4-SHA"
+#define SSL3_TXT_RSA_RC2_40_MD5 "EXP-RC2-CBC-MD5"
+#define SSL3_TXT_RSA_IDEA_128_SHA "IDEA-CBC-MD5"
+#define SSL3_TXT_RSA_DES_40_CBC_SHA "EXP-DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_64_CBC_SHA "DES-CBC-SHA"
+#define SSL3_TXT_RSA_DES_192_CBC3_SHA "DES-CBC3-SHA"
+
+#define SSL3_TXT_DH_DSS_DES_40_CBC_SHA "EXP-DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_64_CBC_SHA "DH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_DH_DSS_DES_192_CBC3_SHA "DH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_DH_RSA_DES_40_CBC_SHA "EXP-DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA "DH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA "DH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_EDH_DSS_DES_40_CBC_SHA "EXP-EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_64_CBC_SHA "EDH-DSS-DES-CBC-SHA"
+#define SSL3_TXT_EDH_DSS_DES_192_CBC3_SHA "EDH-DSS-DES-CBC3-SHA"
+#define SSL3_TXT_EDH_RSA_DES_40_CBC_SHA "EXP-EDH-RSA-DES-CBC"
+#define SSL3_TXT_EDH_RSA_DES_64_CBC_SHA "EDH-RSA-DES-CBC-SHA"
+#define SSL3_TXT_EDH_RSA_DES_192_CBC3_SHA "EDH-RSA-DES-CBC3-SHA"
+
+#define SSL3_TXT_ADH_RC4_40_MD5 "EXP-ADH-RC4-MD5"
+#define SSL3_TXT_ADH_RC4_128_MD5 "ADH-RC4-MD5"
+#define SSL3_TXT_ADH_DES_40_CBC_SHA "EXP-ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_64_CBC_SHA "ADH-DES-CBC-SHA"
+#define SSL3_TXT_ADH_DES_196_CBC_SHA "ADH-DES-CBC3-SHA"
+
+#define SSL3_TXT_FZA_DMS_NULL_SHA "FZA-NULL-SHA"
+#define SSL3_TXT_FZA_DMS_FZA_SHA "FZA-FZA-CBC-SHA"
+#define SSL3_TXT_FZA_DMS_RC4_SHA "FZA-RC4-SHA"
+
+#define SSL3_SSL_SESSION_ID_LENGTH 32
+#define SSL3_MAX_SSL_SESSION_ID_LENGTH 32
+
+#define SSL3_MASTER_SECRET_SIZE 48
+#define SSL3_RANDOM_SIZE 32
+#define SSL3_SESSION_ID_SIZE 32
+#define SSL3_RT_HEADER_LENGTH 5
+
+/* Due to MS stuffing up, this can change.... */
+#if defined(WIN16) || (defined(MSDOS) && !defined(WIN32))
+#define SSL3_RT_MAX_EXTRA (14000)
+#else
+#define SSL3_RT_MAX_EXTRA (16384)
+#endif
+
+#define SSL3_RT_MAX_PLAIN_LENGTH 16384
+#define SSL3_RT_MAX_COMPRESSED_LENGTH (1024+SSL3_RT_MAX_PLAIN_LENGTH)
+#define SSL3_RT_MAX_ENCRYPTED_LENGTH (1024+SSL3_RT_MAX_COMPRESSED_LENGTH)
+#define SSL3_RT_MAX_PACKET_SIZE (SSL3_RT_MAX_ENCRYPTED_LENGTH+SSL3_RT_HEADER_LENGTH)
+#define SSL3_RT_MAX_DATA_SIZE (1024*1024)
+
+/* the states that a SSL3_RECORD can be in
+ * For SSL_read it goes
+ * rbuf->ENCODED -> read
+ * ENCODED -> we need to decode everything - call decode_record
+ */
+
+#define SSL3_RS_BLANK 1
+#define SSL3_RS_DATA
+
+#define SSL3_RS_ENCODED 2
+#define SSL3_RS_READ_MORE 3
+#define SSL3_RS_WRITE_MORE
+#define SSL3_RS_PLAIN 3
+#define SSL3_RS_PART_READ 4
+#define SSL3_RS_PART_WRITE 5
+
+#define SSL3_MD_CLIENT_FINISHED_CONST 0x43,0x4C,0x4E,0x54
+#define SSL3_MD_SERVER_FINISHED_CONST 0x53,0x52,0x56,0x52
+
+#define SSL3_VERSION 0x0300
+#define SSL3_VERSION_MAJOR 0x03
+#define SSL3_VERSION_MINOR 0x00
+
+#define SSL3_RT_CHANGE_CIPHER_SPEC 20
+#define SSL3_RT_ALERT 21
+#define SSL3_RT_HANDSHAKE 22
+#define SSL3_RT_APPLICATION_DATA 23
+
+#define SSL3_AL_WARNING 1
+#define SSL3_AL_FATAL 2
+
+#define SSL3_AD_CLOSE_NOTIFY 0
+#define SSL3_AD_UNEXPECTED_MESSAGE 10 /* fatal */
+#define SSL3_AD_BAD_RECORD_MAC 20 /* fatal */
+#define SSL3_AD_DECOMPRESSION_FAILURE 30 /* fatal */
+#define SSL3_AD_HANDSHAKE_FAILURE 40 /* fatal */
+#define SSL3_AD_NO_CERTIFICATE 41
+#define SSL3_AD_BAD_CERTIFICATE 42
+#define SSL3_AD_UNSUPPORTED_CERTIFICATE 43
+#define SSL3_AD_CERTIFICATE_REVOKED 44
+#define SSL3_AD_CERTIFICATE_EXPIRED 45
+#define SSL3_AD_CERTIFICATE_UNKNOWN 46
+#define SSL3_AD_ILLEGAL_PARAMETER 47 /* fatal */
+
+typedef struct ssl3_record_st
+ {
+/*r */ int type; /* type of record */
+/* */ /*int state;*/ /* any data in it? */
+/*rw*/ unsigned int length; /* How many bytes available */
+/*r */ unsigned int off; /* read/write offset into 'buf' */
+/*rw*/ unsigned char *data; /* pointer to the record data */
+/*rw*/ unsigned char *input; /* where the decode bytes are */
+/*rw*/ unsigned char *comp; /* only used with decompression */
+ } SSL3_RECORD;
+
+typedef struct ssl3_buffer_st
+ {
+/*r */ int total; /* used in non-blocking writes */
+/*r */ int wanted; /* how many more bytes we need */
+/*rw*/ int left; /* how many bytes left */
+/*rw*/ int offset; /* where to 'copy from' */
+/*rw*/ unsigned char *buf; /* SSL3_RT_MAX_PACKET_SIZE bytes */
+ } SSL3_BUFFER;
+
+typedef struct ssl3_compression_st {
+ int nothing;
+ } SSL3_COMPRESSION;
+
+#define SSL3_CT_RSA_SIGN 1
+#define SSL3_CT_DSS_SIGN 2
+#define SSL3_CT_RSA_FIXED_DH 3
+#define SSL3_CT_DSS_FIXED_DH 4
+#define SSL3_CT_RSA_EPHEMERAL_DH 5
+#define SSL3_CT_DSS_EPHEMERAL_DH 6
+#define SSL3_CT_FORTEZZA_DMS 20
+#define SSL3_CT_NUMBER 7
+
+#define SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS 0x0001
+#define SSL3_FLAGS_DELAY_CLIENT_FINISHED 0x0002
+#define SSL3_FLAGS_POP_BUFFER 0x0004
+
+typedef struct ssl3_ctx_st
+ {
+ long flags;
+ int delay_buf_pop_ret;
+
+ unsigned char read_sequence[8];
+ unsigned char read_mac_secret[EVP_MAX_MD_SIZE];
+ unsigned char write_sequence[8];
+ unsigned char write_mac_secret[EVP_MAX_MD_SIZE];
+
+ unsigned char server_random[SSL3_RANDOM_SIZE];
+ unsigned char client_random[SSL3_RANDOM_SIZE];
+
+ SSL3_BUFFER rbuf; /* read IO goes into here */
+ SSL3_BUFFER wbuf; /* write IO goes into here */
+ SSL3_RECORD rrec; /* each decoded record goes in here */
+ SSL3_RECORD wrec; /* goes out from here */
+ /* Used by ssl3_read_n to point
+ * to input data packet */
+
+ /* partial write - check the numbers match */
+ unsigned int wnum; /* number of bytes sent so far */
+ int wpend_tot; /* number bytes written */
+ int wpend_type;
+ int wpend_ret; /* number of bytes submitted */
+ char *wpend_buf;
+
+ /* used during startup, digest all incoming/outgoing packets */
+ EVP_MD_CTX finish_dgst1;
+ EVP_MD_CTX finish_dgst2;
+
+ /* this is set whenerver we see a change_cipher_spec message
+ * come in when we are not looking for one */
+ int change_cipher_spec;
+
+ int warn_alert;
+ int fatal_alert;
+ /* we alow one fatal and one warning alert to be outstanding,
+ * send close alert via the warning alert */
+ int alert_dispatch;
+ char send_alert[2];
+
+ struct {
+ unsigned char finish_md1[EVP_MAX_MD_SIZE];
+ unsigned char finish_md2[EVP_MAX_MD_SIZE];
+
+ unsigned long message_size;
+ int message_type;
+
+ /* used to hold the new cipher we are going to use */
+ SSL_CIPHER *new_cipher;
+ DH *dh;
+
+ /* used when SSL_ST_FLUSH_DATA is entered */
+ int next_state;
+
+ int reuse_message;
+
+ /* used for certificate requests */
+ int cert_req;
+ int ctype_num;
+ char ctype[SSL3_CT_NUMBER];
+ STACK *ca_names;
+
+ int use_rsa_tmp;
+
+ int key_block_length;
+ unsigned char *key_block;
+
+ EVP_CIPHER *new_sym_enc;
+ EVP_MD *new_hash;
+ SSL_COMPRESSION *new_compression;
+ } tmp;
+ } SSL3_CTX;
+
+/* SSLv3 */
+/*client */
+/* extra state */
+#define SSL3_ST_CW_FLUSH (0x100|SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CLNT_HELLO_A (0x110|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CLNT_HELLO_B (0x111|SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_SRVR_HELLO_A (0x120|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_HELLO_B (0x121|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_A (0x130|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_B (0x131|SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_A (0x140|SSL_ST_CONNECT)
+#define SSL3_ST_CR_KEY_EXCH_B (0x141|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_A (0x150|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CERT_REQ_B (0x151|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_A (0x160|SSL_ST_CONNECT)
+#define SSL3_ST_CR_SRVR_DONE_B (0x161|SSL_ST_CONNECT)
+/* write to server */
+#define SSL3_ST_CW_CERT_A (0x170|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_B (0x171|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_C (0x172|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_D (0x173|SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_A (0x180|SSL_ST_CONNECT)
+#define SSL3_ST_CW_KEY_EXCH_B (0x181|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_A (0x190|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CERT_VRFY_B (0x191|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_A (0x1A0|SSL_ST_CONNECT)
+#define SSL3_ST_CW_CHANGE_B (0x1A1|SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_A (0x1B0|SSL_ST_CONNECT)
+#define SSL3_ST_CW_FINISHED_B (0x1B1|SSL_ST_CONNECT)
+/* read from server */
+#define SSL3_ST_CR_CHANGE_A (0x1C0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_CHANGE_B (0x1C1|SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_A (0x1D0|SSL_ST_CONNECT)
+#define SSL3_ST_CR_FINISHED_B (0x1D1|SSL_ST_CONNECT)
+
+/* server */
+/* extra state */
+#define SSL3_ST_SW_FLUSH (0x100|SSL_ST_ACCEPT)
+/* read from client */
+#define SSL3_ST_SR_CLNT_HELLO_A (0x110|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_B (0x111|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CLNT_HELLO_C (0x112|SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_HELLO_REQ_A (0x120|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_B (0x121|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_HELLO_REQ_C (0x122|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_A (0x130|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_HELLO_B (0x131|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_A (0x140|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_B (0x141|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_A (0x150|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_KEY_EXCH_B (0x151|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_A (0x160|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CERT_REQ_B (0x161|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_A (0x170|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_SRVR_DONE_B (0x171|SSL_ST_ACCEPT)
+/* read from client */
+#define SSL3_ST_SR_CERT_A (0x180|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_B (0x181|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_A (0x190|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_KEY_EXCH_B (0x191|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_A (0x1A0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CERT_VRFY_B (0x1A1|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE_A (0x1B0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_CHANGE_B (0x1B1|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_A (0x1C0|SSL_ST_ACCEPT)
+#define SSL3_ST_SR_FINISHED_B (0x1C1|SSL_ST_ACCEPT)
+/* write to client */
+#define SSL3_ST_SW_CHANGE_A (0x1D0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_CHANGE_B (0x1D1|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_A (0x1E0|SSL_ST_ACCEPT)
+#define SSL3_ST_SW_FINISHED_B (0x1E1|SSL_ST_ACCEPT)
+
+#define SSL3_MT_CLIENT_REQUEST 0
+#define SSL3_MT_CLIENT_HELLO 1
+#define SSL3_MT_SERVER_HELLO 2
+#define SSL3_MT_CERTIFICATE 11
+#define SSL3_MT_SERVER_KEY_EXCHANGE 12
+#define SSL3_MT_CERTIFICATE_REQUEST 13
+#define SSL3_MT_SERVER_DONE 14
+#define SSL3_MT_CERTIFICATE_VERIFY 15
+#define SSL3_MT_CLIENT_KEY_EXCHANGE 16
+#define SSL3_MT_FINISHED 20
+
+#define SSL3_MT_CCS 1
+
+/* These are used when changing over to a new cipher */
+#define SSL3_CC_READ 0x01
+#define SSL3_CC_WRITE 0x02
+#define SSL3_CC_CLIENT 0x10
+#define SSL3_CC_SERVER 0x20
+#define SSL3_CHANGE_CIPHER_CLIENT_WRITE (SSL3_CC_CLIENT|SSL3_CC_WRITE)
+#define SSL3_CHANGE_CIPHER_SERVER_READ (SSL3_CC_SERVER|SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_CLIENT_READ (SSL3_CC_CLIENT|SSL3_CC_READ)
+#define SSL3_CHANGE_CIPHER_SERVER_WRITE (SSL3_CC_SERVER|SSL3_CC_WRITE)
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
diff --git a/ssl/ssl_algs.c b/ssl/ssl_algs.c
new file mode 100644
index 0000000..36b0333
--- /dev/null
+++ b/ssl/ssl_algs.c
@@ -0,0 +1,99 @@
+/* ssl/ssl_algs.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "lhash.h"
+#include "ssl_locl.h"
+
+void SSLeay_add_ssl_algorithms()
+ {
+#ifndef NO_DES
+ EVP_add_cipher(EVP_des_cbc());
+ EVP_add_cipher(EVP_des_ede3_cbc());
+#endif
+#ifndef NO_IDEA
+ EVP_add_cipher(EVP_idea_cbc());
+#endif
+#ifndef NO_RC4
+ EVP_add_cipher(EVP_rc4());
+#endif
+#ifndef NO_RC2
+ EVP_add_cipher(EVP_rc2_cbc());
+#endif
+
+#ifndef NO_MD2
+ EVP_add_digest(EVP_md2());
+#endif
+#ifndef NO_MD5
+ EVP_add_digest(EVP_md5());
+#endif
+#ifndef NO_SHA1
+ EVP_add_digest(EVP_sha1()); /* RSA with sha1 */
+#endif
+#if !defined(NO_SHA1) && !defined(NO_DSA)
+ EVP_add_digest(EVP_dss1()); /* DSA with sha1 */
+#endif
+
+ /* If you want support for phased out ciphers, add the following */
+#if 0
+ EVP_add_digest(EVP_sha());
+ EVP_add_digest(EVP_dss());
+#endif
+ }
+
diff --git a/ssl/ssl_asn1.c b/ssl/ssl_asn1.c
new file mode 100644
index 0000000..873497a
--- /dev/null
+++ b/ssl/ssl_asn1.c
@@ -0,0 +1,313 @@
+/* ssl/ssl_asn1.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "asn1_mac.h"
+#include "objects.h"
+#include "ssl_locl.h"
+
+typedef struct ssl_session_asn1_st
+ {
+ ASN1_INTEGER version;
+ ASN1_INTEGER ssl_version;
+ ASN1_OCTET_STRING cipher;
+ ASN1_OCTET_STRING master_key;
+ ASN1_OCTET_STRING session_id;
+ ASN1_OCTET_STRING key_arg;
+ ASN1_INTEGER time;
+ ASN1_INTEGER timeout;
+ } SSL_SESSION_ASN1;
+
+/*
+ * SSLerr(SSL_F_I2D_SSL_SESSION,SSL_R_CIPHER_CODE_WRONG_LENGTH);
+ * SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNSUPPORTED_CIPHER);
+ */
+
+int i2d_SSL_SESSION(in,pp)
+SSL_SESSION *in;
+unsigned char **pp;
+ {
+#define LSIZE2 (sizeof(long)*2)
+ int v1=0,v2=0,v3=0;
+ unsigned char buf[4],ibuf1[LSIZE2],ibuf2[LSIZE2];
+ unsigned char ibuf3[LSIZE2],ibuf4[LSIZE2];
+ long l;
+ SSL_SESSION_ASN1 a;
+ M_ASN1_I2D_vars(in);
+
+ if ((in == NULL) || ((in->cipher == NULL) && (in->cipher_id == 0)))
+ return(0);
+
+ /* Note that I cheat in the following 2 assignments. I know
+ * that if the ASN1_INTERGER passed to ASN1_INTEGER_set
+ * is > sizeof(long)+1, the buffer will not be re-Malloc()ed.
+ * This is a bit evil but makes things simple, no dynamic allocation
+ * to clean up :-) */
+ a.version.length=LSIZE2;
+ a.version.type=V_ASN1_INTEGER;
+ a.version.data=ibuf1;
+ ASN1_INTEGER_set(&(a.version),SSL_SESSION_ASN1_VERSION);
+
+ a.ssl_version.length=LSIZE2;
+ a.ssl_version.type=V_ASN1_INTEGER;
+ a.ssl_version.data=ibuf2;
+ ASN1_INTEGER_set(&(a.ssl_version),in->ssl_version);
+
+ a.cipher.type=V_ASN1_OCTET_STRING;
+ a.cipher.data=buf;
+
+ if (in->cipher == NULL)
+ l=in->cipher_id;
+ else
+ l=in->cipher->id;
+ if (in->ssl_version == 2)
+ {
+ a.cipher.length=3;
+ buf[0]=((unsigned char)(l>>16L))&0xff;
+ buf[1]=((unsigned char)(l>> 8L))&0xff;
+ buf[2]=((unsigned char)(l ))&0xff;
+ }
+ else
+ {
+ a.cipher.length=2;
+ buf[0]=((unsigned char)(l>>8L))&0xff;
+ buf[1]=((unsigned char)(l ))&0xff;
+ }
+
+ a.master_key.length=in->master_key_length;
+ a.master_key.type=V_ASN1_OCTET_STRING;
+ a.master_key.data=in->master_key;
+
+ a.session_id.length=in->session_id_length;
+ a.session_id.type=V_ASN1_OCTET_STRING;
+ a.session_id.data=in->session_id;
+
+ a.key_arg.length=in->key_arg_length;
+ a.key_arg.type=V_ASN1_OCTET_STRING;
+ a.key_arg.data=in->key_arg;
+
+ if (in->time != 0L)
+ {
+ a.time.length=LSIZE2;
+ a.time.type=V_ASN1_INTEGER;
+ a.time.data=ibuf3;
+ ASN1_INTEGER_set(&(a.time),in->time);
+ }
+
+ if (in->timeout != 0L)
+ {
+ a.timeout.length=LSIZE2;
+ a.timeout.type=V_ASN1_INTEGER;
+ a.timeout.data=ibuf4;
+ ASN1_INTEGER_set(&(a.timeout),in->timeout);
+ }
+
+ M_ASN1_I2D_len(&(a.version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(&(a.ssl_version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_len(&(a.cipher), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(&(a.session_id), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_len(&(a.master_key), i2d_ASN1_OCTET_STRING);
+ if (in->key_arg_length > 0)
+ M_ASN1_I2D_len_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING);
+ if (in->time != 0L)
+ M_ASN1_I2D_len_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+ if (in->timeout != 0L)
+ M_ASN1_I2D_len_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+ if (in->peer != NULL)
+ M_ASN1_I2D_len_EXP_opt(in->peer,i2d_X509,3,v3);
+
+ M_ASN1_I2D_seq_total();
+
+ M_ASN1_I2D_put(&(a.version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(&(a.ssl_version), i2d_ASN1_INTEGER);
+ M_ASN1_I2D_put(&(a.cipher), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(&(a.session_id), i2d_ASN1_OCTET_STRING);
+ M_ASN1_I2D_put(&(a.master_key), i2d_ASN1_OCTET_STRING);
+ if (in->key_arg_length > 0)
+ M_ASN1_I2D_put_IMP_opt(&(a.key_arg),i2d_ASN1_OCTET_STRING,0);
+ if (in->time != 0L)
+ M_ASN1_I2D_put_EXP_opt(&(a.time),i2d_ASN1_INTEGER,1,v1);
+ if (in->timeout != 0L)
+ M_ASN1_I2D_put_EXP_opt(&(a.timeout),i2d_ASN1_INTEGER,2,v2);
+ if (in->peer != NULL)
+ M_ASN1_I2D_put_EXP_opt(in->peer,i2d_X509,3,v3);
+
+ M_ASN1_I2D_finish();
+ }
+
+SSL_SESSION *d2i_SSL_SESSION(a,pp,length)
+SSL_SESSION **a;
+unsigned char **pp;
+long length;
+ {
+ int version,ssl_version=0,i;
+ long id;
+ ASN1_INTEGER ai,*aip;
+ ASN1_OCTET_STRING os,*osp;
+ M_ASN1_D2I_vars(a,SSL_SESSION *,SSL_SESSION_new);
+
+ aip= &ai;
+ osp= &os;
+
+ M_ASN1_D2I_Init();
+ M_ASN1_D2I_start_sequence();
+
+ ai.data=NULL; ai.length=0;
+ M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+ version=(int)ASN1_INTEGER_get(aip);
+ if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
+
+ /* we don't care about the version right now :-) */
+ M_ASN1_D2I_get(aip,d2i_ASN1_INTEGER);
+ ssl_version=(int)ASN1_INTEGER_get(aip);
+ ret->ssl_version=ssl_version;
+ if (ai.data != NULL) { Free(ai.data); ai.data=NULL; ai.length=0; }
+
+ os.data=NULL; os.length=0;
+ M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+ if (ssl_version == 2)
+ {
+ if (os.length != 3)
+ {
+ c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+ goto err;
+ }
+ id=0x02000000L|
+ ((unsigned long)os.data[0]<<16L)|
+ ((unsigned long)os.data[1]<< 8L)|
+ (unsigned long)os.data[2];
+ }
+ else if (ssl_version == 3)
+ {
+ if (os.length != 2)
+ {
+ c.error=SSL_R_CIPHER_CODE_WRONG_LENGTH;
+ goto err;
+ }
+ id=0x03000000L|
+ ((unsigned long)os.data[0]<<8L)|
+ (unsigned long)os.data[1];
+ }
+ else
+ {
+ SSLerr(SSL_F_D2I_SSL_SESSION,SSL_R_UNKNOWN_SSL_VERSION);
+ return(NULL);
+ }
+
+ ret->cipher=NULL;
+ ret->cipher_id=id;
+
+ M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+ if (ssl_version == 3)
+ i=SSL3_MAX_SSL_SESSION_ID_LENGTH;
+ else /* if (ssl_version == 2) */
+ i=SSL2_MAX_SSL_SESSION_ID_LENGTH;
+
+ if (os.length > i)
+ os.length=i;
+
+ ret->session_id_length=os.length;
+ memcpy(ret->session_id,os.data,os.length);
+
+ M_ASN1_D2I_get(osp,d2i_ASN1_OCTET_STRING);
+ if (ret->master_key_length > SSL_MAX_MASTER_KEY_LENGTH)
+ ret->master_key_length=SSL_MAX_MASTER_KEY_LENGTH;
+ else
+ ret->master_key_length=os.length;
+ memcpy(ret->master_key,os.data,ret->master_key_length);
+
+ os.length=0;
+ M_ASN1_D2I_get_IMP_opt(osp,d2i_ASN1_OCTET_STRING,0,V_ASN1_OCTET_STRING);
+ if (os.length > SSL_MAX_KEY_ARG_LENGTH)
+ ret->key_arg_length=SSL_MAX_KEY_ARG_LENGTH;
+ else
+ ret->key_arg_length=os.length;
+ memcpy(ret->key_arg,os.data,ret->key_arg_length);
+ if (os.data != NULL) Free(os.data);
+
+ ai.length=0;
+ M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,1);
+ if (ai.data != NULL)
+ {
+ ret->time=ASN1_INTEGER_get(aip);
+ Free(ai.data); ai.data=NULL; ai.length=0;
+ }
+ else
+ ret->time=time(NULL);
+
+ ai.length=0;
+ M_ASN1_D2I_get_EXP_opt(aip,d2i_ASN1_INTEGER,2);
+ if (ai.data != NULL)
+ {
+ ret->timeout=ASN1_INTEGER_get(aip);
+ Free(ai.data); ai.data=NULL; ai.length=0;
+ }
+ else
+ ret->timeout=3;
+
+ if (ret->peer != NULL)
+ {
+ X509_free(ret->peer);
+ ret->peer=NULL;
+ }
+ M_ASN1_D2I_get_EXP_opt(ret->peer,d2i_X509,3);
+
+ M_ASN1_D2I_Finish(a,SSL_SESSION_free,SSL_F_D2I_SSL_SESSION);
+ }
+
diff --git a/ssl/ssl_cert.c b/ssl/ssl_cert.c
new file mode 100644
index 0000000..0c040d9
--- /dev/null
+++ b/ssl/ssl_cert.c
@@ -0,0 +1,326 @@
+/* ssl/ssl_cert.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "bio.h"
+#include "pem.h"
+#include "ssl_locl.h"
+
+CERT *ssl_cert_new()
+ {
+ CERT *ret;
+
+ ret=(CERT *)Malloc(sizeof(CERT));
+ if (ret == NULL)
+ {
+ SSLerr(SSL_F_SSL_CERT_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+ memset(ret,0,sizeof(CERT));
+/*
+ ret->valid=0;
+ ret->mask=0;
+ ret->export_mask=0;
+ ret->cert_type=0;
+ ret->key->x509=NULL;
+ ret->key->publickey=NULL;
+ ret->key->privatekey=NULL; */
+
+ ret->key= &(ret->pkeys[SSL_PKEY_RSA_ENC]);
+ ret->references=1;
+
+ return(ret);
+ }
+
+void ssl_cert_free(c)
+CERT *c;
+ {
+ int i;
+
+ i=CRYPTO_add(&c->references,-1,CRYPTO_LOCK_SSL_CERT);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"ssl_cert_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+#ifndef NO_RSA
+ if (c->rsa_tmp) RSA_free(c->rsa_tmp);
+#endif
+#ifndef NO_DH
+ if (c->dh_tmp) DH_free(c->dh_tmp);
+#endif
+
+ for (i=0; i<SSL_PKEY_NUM; i++)
+ {
+ if (c->pkeys[i].x509 != NULL)
+ X509_free(c->pkeys[i].x509);
+ if (c->pkeys[i].privatekey != NULL)
+ EVP_PKEY_free(c->pkeys[i].privatekey);
+#if 0
+ if (c->pkeys[i].publickey != NULL)
+ EVP_PKEY_free(c->pkeys[i].publickey);
+#endif
+ }
+ if (c->cert_chain != NULL)
+ sk_pop_free(c->cert_chain,X509_free);
+ Free(c);
+ }
+
+int ssl_set_cert_type(c, type)
+CERT *c;
+int type;
+ {
+ c->cert_type=type;
+ return(1);
+ }
+
+int ssl_verify_cert_chain(s,sk)
+SSL *s;
+STACK *sk;
+ {
+ X509 *x;
+ int i;
+ X509_STORE_CTX ctx;
+
+ if ((sk == NULL) || (sk_num(sk) == 0))
+ return(0);
+
+ x=(X509 *)sk_value(sk,0);
+ X509_STORE_CTX_init(&ctx,s->ctx->cert_store,x,sk);
+ X509_STORE_CTX_set_app_data(&ctx,(char *)s);
+
+ if (s->ctx->app_verify_callback != NULL)
+ i=s->ctx->app_verify_callback(&ctx);
+ else
+ i=X509_verify_cert(&ctx);
+
+ X509_STORE_CTX_cleanup(&ctx);
+ s->verify_result=ctx.error;
+
+ return(i);
+ }
+
+static void set_client_CA_list(ca_list,list)
+STACK **ca_list;
+STACK *list;
+ {
+ if (*ca_list != NULL)
+ sk_pop_free(*ca_list,X509_NAME_free);
+
+ *ca_list=list;
+ }
+
+STACK *SSL_dup_CA_list(sk)
+STACK *sk;
+ {
+ int i;
+ STACK *ret;
+ X509_NAME *name;
+
+ ret=sk_new_null();
+ for (i=0; i<sk_num(sk); i++)
+ {
+ name=X509_NAME_dup((X509_NAME *)sk_value(sk,i));
+ if ((name == NULL) || !sk_push(ret,(char *)name))
+ {
+ sk_pop_free(ret,X509_NAME_free);
+ return(NULL);
+ }
+ }
+ return(ret);
+ }
+
+void SSL_set_client_CA_list(s,list)
+SSL *s;
+STACK *list;
+ {
+ set_client_CA_list(&(s->client_CA),list);
+ }
+
+void SSL_CTX_set_client_CA_list(ctx,list)
+SSL_CTX *ctx;
+STACK *list;
+ {
+ set_client_CA_list(&(ctx->client_CA),list);
+ }
+
+STACK *SSL_CTX_get_client_CA_list(ctx)
+SSL_CTX *ctx;
+ {
+ return(ctx->client_CA);
+ }
+
+STACK *SSL_get_client_CA_list(s)
+SSL *s;
+ {
+ if (s->type == SSL_ST_CONNECT)
+ { /* we are in the client */
+ if ((s->version == 3) && (s->s3 != NULL))
+ return(s->s3->tmp.ca_names);
+ else
+ return(NULL);
+ }
+ else
+ {
+ if (s->client_CA != NULL)
+ return(s->client_CA);
+ else
+ return(s->ctx->client_CA);
+ }
+ }
+
+static int add_client_CA(sk,x)
+STACK **sk;
+X509 *x;
+ {
+ X509_NAME *name;
+
+ if (x == NULL) return(0);
+ if ((*sk == NULL) && ((*sk=sk_new_null()) == NULL))
+ return(0);
+
+ if ((name=X509_NAME_dup(X509_get_subject_name(x))) == NULL)
+ return(0);
+
+ if (!sk_push(*sk,(char *)name))
+ {
+ X509_NAME_free(name);
+ return(0);
+ }
+ return(1);
+ }
+
+int SSL_add_client_CA(ssl,x)
+SSL *ssl;
+X509 *x;
+ {
+ return(add_client_CA(&(ssl->client_CA),x));
+ }
+
+int SSL_CTX_add_client_CA(ctx,x)
+SSL_CTX *ctx;
+X509 *x;
+ {
+ return(add_client_CA(&(ctx->client_CA),x));
+ }
+
+static int name_cmp(a,b)
+X509_NAME **a,**b;
+ {
+ return(X509_NAME_cmp(*a,*b));
+ }
+
+STACK *SSL_load_client_CA_file(file)
+char *file;
+ {
+ BIO *in;
+ X509 *x=NULL;
+ X509_NAME *xn=NULL;
+ STACK *ret,*sk;
+
+ ret=sk_new(NULL);
+ sk=sk_new(name_cmp);
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if ((ret == NULL) || (sk == NULL) || (in == NULL))
+ {
+ SSLerr(SSL_F_SSL_LOAD_CLIENT_CA_FILE,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+
+ if (!BIO_read_filename(in,file))
+ goto err;
+
+ for (;;)
+ {
+ if (PEM_read_bio_X509(in,&x,NULL) == NULL)
+ break;
+ if ((xn=X509_get_subject_name(x)) == NULL) goto err;
+ /* check for duplicates */
+ xn=X509_NAME_dup(xn);
+ if (xn == NULL) goto err;
+ if (sk_find(sk,(char *)xn) >= 0)
+ X509_NAME_free(xn);
+ else
+ {
+ sk_push(sk,(char *)xn);
+ sk_push(ret,(char *)xn);
+ }
+ }
+
+ if (0)
+ {
+err:
+ if (ret != NULL) sk_pop_free(ret,X509_NAME_free);
+ ret=NULL;
+ }
+ if (sk != NULL) sk_free(sk);
+ if (in != NULL) BIO_free(in);
+ if (x != NULL) X509_free(x);
+ return(ret);
+ }
+
+
diff --git a/ssl/ssl_ciph.c b/ssl/ssl_ciph.c
new file mode 100644
index 0000000..9fed3ad
--- /dev/null
+++ b/ssl/ssl_ciph.c
@@ -0,0 +1,721 @@
+/* ssl/ssl_ciph.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "ssl_locl.h"
+
+#define SSL_ENC_DES_IDX 0
+#define SSL_ENC_3DES_IDX 1
+#define SSL_ENC_RC4_IDX 2
+#define SSL_ENC_RC2_IDX 3
+#define SSL_ENC_IDEA_IDX 4
+#define SSL_ENC_eFZA_IDX 5
+#define SSL_ENC_NULL_IDX 6
+#define SSL_ENC_NUM_IDX 7
+
+static EVP_CIPHER *ssl_cipher_methods[SSL_ENC_NUM_IDX]={
+ NULL,NULL,NULL,NULL,NULL,NULL,
+ };
+
+#define SSL_MD_MD5_IDX 0
+#define SSL_MD_SHA0_IDX 1
+#define SSL_MD_SHA1_IDX 2
+#define SSL_MD_NUM_IDX 3
+static EVP_MD *ssl_digest_methods[SSL_MD_NUM_IDX]={
+ NULL,NULL,NULL,
+ };
+
+typedef struct cipher_sort_st
+ {
+ SSL_CIPHER *cipher;
+ int pref;
+ } CIPHER_SORT;
+
+#define CIPHER_ADD 1
+#define CIPHER_KILL 2
+#define CIPHER_DEL 3
+#define CIPHER_ORDER 4
+
+typedef struct cipher_choice_st
+ {
+ int type;
+ unsigned long algorithms;
+ unsigned long mask;
+ STACK *order;
+ } CIPHER_CHOICE;
+
+static SSL_CIPHER cipher_aliases[]={
+ {0,SSL_TXT_ALL, 0,SSL_ALL, 0,SSL_ALL}, /* must be first */
+ {0,SSL_TXT_kRSA,0,SSL_kRSA, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kDHr,0,SSL_kDHr, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kDHd,0,SSL_kDHd, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kEDH,0,SSL_kEDH, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_kFZA,0,SSL_kFZA, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_DH, 0,SSL_DH, 0,SSL_MKEY_MASK},
+ {0,SSL_TXT_EDH, 0,SSL_EDH, 0,SSL_MKEY_MASK|SSL_AUTH_MASK},
+
+ {0,SSL_TXT_aRSA,0,SSL_aRSA, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aDSS,0,SSL_aDSS, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aFZA,0,SSL_aFZA, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aNULL,0,SSL_aNULL,0,SSL_AUTH_MASK},
+ {0,SSL_TXT_aDH, 0,SSL_aDH, 0,SSL_AUTH_MASK},
+ {0,SSL_TXT_DSS, 0,SSL_DSS, 0,SSL_AUTH_MASK},
+
+ {0,SSL_TXT_DES, 0,SSL_DES, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_3DES,0,SSL_3DES, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_RC4, 0,SSL_RC4, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_RC2, 0,SSL_RC2, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_IDEA,0,SSL_IDEA, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_eNULL,0,SSL_eNULL,0,SSL_ENC_MASK},
+ {0,SSL_TXT_eFZA,0,SSL_eFZA, 0,SSL_ENC_MASK},
+
+ {0,SSL_TXT_MD5, 0,SSL_MD5, 0,SSL_MAC_MASK},
+ {0,SSL_TXT_SHA0,0,SSL_SHA0, 0,SSL_MAC_MASK},
+ {0,SSL_TXT_SHA1,0,SSL_SHA1, 0,SSL_MAC_MASK},
+ {0,SSL_TXT_SHA, 0,SSL_SHA, 0,SSL_MAC_MASK},
+
+ {0,SSL_TXT_NULL,0,SSL_NULL, 0,SSL_ENC_MASK},
+ {0,SSL_TXT_RSA, 0,SSL_RSA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK},
+ {0,SSL_TXT_ADH, 0,SSL_ADH, 0,SSL_AUTH_MASK|SSL_MKEY_MASK},
+ {0,SSL_TXT_FZA, 0,SSL_FZA, 0,SSL_AUTH_MASK|SSL_MKEY_MASK|SSL_ENC_MASK},
+
+ {0,SSL_TXT_EXP, 0,SSL_EXP, 0,SSL_EXP_MASK},
+ {0,SSL_TXT_EXPORT,0,SSL_EXPORT,0,SSL_EXP_MASK},
+ {0,SSL_TXT_SSLV2,0,SSL_SSLV2,0,SSL_SSL_MASK},
+ {0,SSL_TXT_SSLV3,0,SSL_SSLV3,0,SSL_SSL_MASK},
+ {0,SSL_TXT_LOW, 0,SSL_LOW,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_MEDIUM,0,SSL_MEDIUM,0,SSL_STRONG_MASK},
+ {0,SSL_TXT_HIGH, 0,SSL_HIGH,0,SSL_STRONG_MASK},
+ };
+
+static int init_ciphers=1;
+static void load_ciphers();
+
+static int cmp_by_name(a,b)
+SSL_CIPHER **a,**b;
+ {
+ return(strcmp((*a)->name,(*b)->name));
+ }
+
+static void load_ciphers()
+ {
+ init_ciphers=0;
+ ssl_cipher_methods[SSL_ENC_DES_IDX]=
+ EVP_get_cipherbyname(SN_des_cbc);
+ ssl_cipher_methods[SSL_ENC_3DES_IDX]=
+ EVP_get_cipherbyname(SN_des_ede3_cbc);
+ ssl_cipher_methods[SSL_ENC_RC4_IDX]=
+ EVP_get_cipherbyname(SN_rc4);
+ ssl_cipher_methods[SSL_ENC_RC2_IDX]=
+ EVP_get_cipherbyname(SN_rc2_cbc);
+ ssl_cipher_methods[SSL_ENC_IDEA_IDX]=
+ EVP_get_cipherbyname(SN_idea_cbc);
+
+ ssl_digest_methods[SSL_MD_MD5_IDX]=
+ EVP_get_digestbyname(SN_md5);
+ ssl_digest_methods[SSL_MD_SHA0_IDX]=
+ EVP_get_digestbyname(SN_sha);
+ ssl_digest_methods[SSL_MD_SHA1_IDX]=
+ EVP_get_digestbyname(SN_sha1);
+ }
+
+int ssl_cipher_get_evp(c,enc,md)
+SSL_CIPHER *c;
+EVP_CIPHER **enc;
+EVP_MD **md;
+ {
+ int i;
+
+ if (c == NULL) return(0);
+
+ switch (c->algorithms & SSL_ENC_MASK)
+ {
+ case SSL_DES:
+ i=SSL_ENC_DES_IDX;
+ break;
+ case SSL_3DES:
+ i=SSL_ENC_3DES_IDX;
+ break;
+ case SSL_RC4:
+ i=SSL_ENC_RC4_IDX;
+ break;
+ case SSL_RC2:
+ i=SSL_ENC_RC2_IDX;
+ break;
+ case SSL_IDEA:
+ i=SSL_ENC_IDEA_IDX;
+ break;
+ case SSL_eNULL:
+ i=SSL_ENC_NULL_IDX;
+ break;
+ break;
+ default:
+ i= -1;
+ break;
+ }
+
+ if ((i < 0) || (i > SSL_ENC_NUM_IDX))
+ *enc=NULL;
+ else
+ {
+ if (i == SSL_ENC_NULL_IDX)
+ *enc=EVP_enc_null();
+ else
+ *enc=ssl_cipher_methods[i];
+ }
+
+ switch (c->algorithms & SSL_MAC_MASK)
+ {
+ case SSL_MD5:
+ i=SSL_MD_MD5_IDX;
+ break;
+ case SSL_SHA0:
+ i=SSL_MD_SHA0_IDX;
+ break;
+ case SSL_SHA1:
+ i=SSL_MD_SHA1_IDX;
+ break;
+ default:
+ i= -1;
+ break;
+ }
+ if ((i < 0) || (i > SSL_MD_NUM_IDX))
+ *md=NULL;
+ else
+ *md=ssl_digest_methods[i];
+
+ if ((*enc != NULL) && (*md != NULL))
+ return(1);
+ else
+ return(0);
+ }
+
+STACK *ssl_create_cipher_list(ssl_method,cipher_list,cipher_list_by_id,str)
+SSL_METHOD *ssl_method;
+STACK **cipher_list,**cipher_list_by_id;
+char *str;
+ {
+ SSL_CIPHER *c;
+ char *l;
+ STACK *ret=NULL,*ok=NULL;
+#define CL_BUF 40
+ char buf[CL_BUF];
+ char *tmp_str=NULL;
+ unsigned long mask,algorithms,ma;
+ char *start;
+ int i,j,k,num=0,ch,multi;
+ unsigned long al;
+ STACK *ca_list=NULL;
+ STACK *c_list=NULL;
+ int old_x,old_y,current_x,num_x;
+ CIPHER_CHOICE *ops=NULL;
+ SSL_CIPHER c_tmp,*cp;
+
+ if (str == NULL) return(NULL);
+
+ if (strncmp(str,"DEFAULT",7) == 0)
+ {
+ i=strlen(str)+2+strlen(SSL_DEFAULT_CIPHER_LIST);
+ if ((tmp_str=Malloc(i)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CREATE_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ strcpy(tmp_str,SSL_DEFAULT_CIPHER_LIST);
+ strcat(tmp_str,&(str[7]));
+ str=tmp_str;
+ }
+ if (init_ciphers) load_ciphers();
+
+ num=ssl_method->num_ciphers();
+
+ if ((ret=(STACK *)sk_new(NULL)) == NULL) goto err;
+ if ((c_list=(STACK *)sk_new(NULL)) == NULL) goto err;
+ if ((ca_list=(STACK *)sk_new(cmp_by_name)) == NULL) goto err;
+
+ mask =SSL_kFZA;
+#ifdef NO_RSA
+ mask|=SSL_aRSA|SSL_kRSA;
+#endif
+#ifdef NO_DSA
+ mask|=SSL_aDSS;
+#endif
+#ifdef NO_DH
+ mask|=SSL_kDHr|SSL_kDHd|SSL_kEDH|SSL_aDH;
+#endif
+
+#ifndef SSL_ALLOW_ENULL
+ mask|=SSL_eNULL;
+#endif
+
+ mask|=(ssl_cipher_methods[SSL_ENC_DES_IDX ] == NULL)?SSL_DES :0;
+ mask|=(ssl_cipher_methods[SSL_ENC_3DES_IDX] == NULL)?SSL_3DES:0;
+ mask|=(ssl_cipher_methods[SSL_ENC_RC4_IDX ] == NULL)?SSL_RC4 :0;
+ mask|=(ssl_cipher_methods[SSL_ENC_RC2_IDX ] == NULL)?SSL_RC2 :0;
+ mask|=(ssl_cipher_methods[SSL_ENC_IDEA_IDX] == NULL)?SSL_IDEA:0;
+ mask|=(ssl_cipher_methods[SSL_ENC_eFZA_IDX] == NULL)?SSL_eFZA:0;
+
+ mask|=(ssl_digest_methods[SSL_MD_MD5_IDX ] == NULL)?SSL_MD5 :0;
+ mask|=(ssl_digest_methods[SSL_MD_SHA0_IDX] == NULL)?SSL_SHA0:0;
+ mask|=(ssl_digest_methods[SSL_MD_SHA1_IDX] == NULL)?SSL_SHA1:0;
+
+ /* Get the initial list of ciphers */
+ for (i=0; i<num; i++)
+ {
+ c=ssl_method->get_cipher((unsigned int)i);
+ /* drop those that use any of that is not available */
+ if ((c != NULL) && c->valid && !(c->algorithms & mask))
+ {
+ if (!sk_push(c_list,(char *)c)) goto err;
+ if (!sk_push(ca_list,(char *)c)) goto err;
+ }
+ }
+
+ /* special case */
+ cipher_aliases[0].algorithms= ~mask;
+
+ /* get the aliases */
+ k=sizeof(cipher_aliases)/sizeof(SSL_CIPHER);
+ for (j=0; j<k; j++)
+ {
+ al=cipher_aliases[j].algorithms;
+ /* Drop those that are not relevent */
+ if ((al & mask) == al) continue;
+ if (!sk_push(ca_list,(char *)&(cipher_aliases[j]))) goto err;
+ }
+
+ /* ca_list now holds a 'stack' of SSL_CIPHERS, some real, some
+ * 'aliases' */
+
+ /* how many parameters are there? */
+ num=1;
+ for (l=str; *l; l++)
+ if (*l == ':') num++;
+ ops=(CIPHER_CHOICE *)Malloc(sizeof(CIPHER_CHOICE)*num);
+ if (ops == NULL) goto err;
+ memset(ops,0,sizeof(CIPHER_CHOICE)*num);
+ for (i=0; i<num; i++)
+ if ((ops[i].order=sk_new_null()) == NULL) goto err;
+
+ /* we now parse the input string and create our operations */
+ l=str;
+ i=0;
+ current_x=0;
+
+ for (;;)
+ {
+ ch= *l;
+ if (ch == '-')
+ { j=CIPHER_DEL; l++; }
+ else if (ch == '+')
+ { j=CIPHER_ORDER; l++; }
+ else if (ch == '!')
+ { j=CIPHER_KILL; l++; }
+ else
+ { j=CIPHER_ADD; }
+
+ if (*l == ':')
+ {
+ l++;
+ continue;
+ }
+ ops[current_x].type=j;
+ ops[current_x].algorithms=0;
+ ops[current_x].mask=0;
+
+ start=l;
+ for (;;)
+ {
+ ch= *l;
+ i=0;
+ while ( ((ch >= 'A') && (ch <= 'Z')) ||
+ ((ch >= '0') && (ch <= '9')) ||
+ ((ch >= 'a') && (ch <= 'z')) ||
+ (ch == '-'))
+ {
+ buf[i]=ch;
+ ch= *(++l);
+ i++;
+ if (i >= (CL_BUF-2)) break;
+ }
+ buf[i]='\0';
+ if (ch != '\0') l++;
+
+ /* check for multi-part specification */
+ multi=(ch == '+')?1:0;
+
+ c_tmp.name=buf;
+ j=sk_find(ca_list,(char *)&c_tmp);
+ if (j < 0)
+ {
+ if (ch == '\0')
+ break;
+ else
+ continue;
+ }
+
+ cp=(SSL_CIPHER *)sk_value(ca_list,j);
+ ops[current_x].algorithms|=cp->algorithms;
+ /* We add the SSL_SSL_MASK so we can match the
+ * SSLv2 and SSLv3 versions of RC4-MD5 */
+ ops[current_x].mask|=cp->mask;
+ if (!multi) break;
+ }
+ current_x++;
+ if (ch == '\0') break;
+ }
+
+ num_x=current_x;
+ current_x=0;
+
+#ifdef CIPHER_DEBUG
+ printf("<--->\n");
+#endif
+
+ for (i=0; i<sk_num(c_list); i++)
+ {
+ old_x= -1;
+ old_y= -1;
+ cp=(SSL_CIPHER *)sk_value(c_list,i);
+#ifdef CIPHER_DEBUG
+ printf("[%s]\n",cp->name);
+#endif
+ for (j=0; j<num_x; j++)
+ {
+ algorithms=ops[j].algorithms;
+ ma=ops[j].mask & cp->algorithms;
+#ifdef CIPHER_DEBUG
+ printf(" %s %08lX&%08lX==0 || %08lX != %08lX \n",
+ cp->name,ops[j].mask,cp->algorithms,ma,algorithms);
+#endif
+ if ((ma == 0) || ((ma & algorithms) != ma))
+ {
+ continue;
+ }
+ k=ops[j].type;
+#ifdef CIPHER_DEBUG
+ printf(">>%s\n",cp->name);
+#endif
+
+ /* add the cipher if it has not been added yet. */
+ if (k == CIPHER_ADD)
+ {
+ if (old_x < 0)
+ {
+ old_x=j;
+ old_y=sk_num(ops[j].order);
+ sk_push(ops[j].order,(char *)cp);
+ }
+ }
+ /* Move the added cipher to this location */
+ else if (k == CIPHER_ORDER)
+ {
+ if (old_x >= 0)
+ {
+ sk_value(ops[old_x].order,old_y)=NULL;
+ old_y=sk_num(ops[j].order);
+ sk_push(ops[j].order,(char *)cp);
+ old_x=j;
+ }
+ }
+ /* Remove added cipher */
+ else if ((k == CIPHER_DEL) || (k == CIPHER_KILL))
+ {
+ if (old_x >= 0)
+ {
+ sk_value(ops[old_x].order,old_y)=NULL;
+ old_x= -1;
+ }
+ if (k == CIPHER_KILL)
+ break;
+ }
+ }
+ }
+
+ for (i=0; i<num_x; i++)
+ {
+ for (j=0; j<sk_num(ops[i].order); j++)
+ {
+ cp=(SSL_CIPHER *)sk_value(ops[i].order,j);
+ if (cp != NULL)
+ {
+ sk_push(ret,(char *)cp);
+#ifdef CIPHER_DEBUG
+ printf("<%s>\n",cp->name);
+#endif
+ }
+ }
+ }
+
+ if (cipher_list != NULL)
+ {
+ if (*cipher_list != NULL)
+ sk_free(*cipher_list);
+ *cipher_list=ret;
+ }
+
+ if (cipher_list_by_id != NULL)
+ {
+ if (*cipher_list_by_id != NULL)
+ sk_free(*cipher_list_by_id);
+ *cipher_list_by_id=sk_dup(ret);
+ }
+
+ if ( (cipher_list_by_id == NULL) ||
+ (*cipher_list_by_id == NULL) ||
+ (cipher_list == NULL) ||
+ (*cipher_list == NULL))
+ goto err;
+ sk_set_cmp_func(*cipher_list_by_id,ssl_cipher_ptr_id_cmp);
+
+ ok=ret;
+ ret=NULL;
+err:
+ if (tmp_str) Free(tmp_str);
+ if (ops != NULL)
+ {
+ for (i=0; i<num; i++)
+ if (ops[i].order != NULL)
+ sk_free(ops[i].order);
+ Free(ops);
+ }
+ if (ret != NULL) sk_free(ret);
+ if (c_list != NULL) sk_free(c_list);
+ if (ca_list != NULL) sk_free(ca_list);
+ return(ok);
+ }
+
+char *SSL_CIPHER_description(cipher,buf,len)
+SSL_CIPHER *cipher;
+char *buf;
+int len;
+ {
+ int export;
+ char *ver,*exp;
+ char *kx,*au,*enc,*mac;
+ unsigned long alg,alg2;
+ static char *format="%-23s %s Kx=%-8s Au=%-4s Enc=%-9s Mac=%-4s%s\n";
+
+ alg=cipher->algorithms;
+ alg2=cipher->algorithm2;
+
+ export=(alg&SSL_EXP)?1:0;
+ exp=(export)?" export":"";
+
+ if (alg & SSL_SSLV2)
+ ver="SSLv2";
+ else if (alg & SSL_SSLV3)
+ ver="SSLv3";
+ else
+ ver="unknown";
+
+ switch (alg&SSL_MKEY_MASK)
+ {
+ case SSL_kRSA:
+ kx=(export)?"RSA(512)":"RSA";
+ break;
+ case SSL_kDHr:
+ kx="DH/RSA";
+ break;
+ case SSL_kDHd:
+ kx="DH/DSS";
+ break;
+ case SSL_kFZA:
+ kx="Fortezza";
+ break;
+ case SSL_kEDH:
+ kx=(export)?"DH(512)":"DH";
+ break;
+ default:
+ kx="unknown";
+ }
+
+ switch (alg&SSL_AUTH_MASK)
+ {
+ case SSL_aRSA:
+ au="RSA";
+ break;
+ case SSL_aDSS:
+ au="DSS";
+ break;
+ case SSL_aDH:
+ au="DH";
+ break;
+ case SSL_aFZA:
+ case SSL_aNULL:
+ au="None";
+ break;
+ default:
+ au="unknown";
+ break;
+ }
+
+ switch (alg&SSL_ENC_MASK)
+ {
+ case SSL_DES:
+ enc=export?"DES(40)":"DES(56)";
+ break;
+ case SSL_3DES:
+ enc="3DES(168)";
+ break;
+ case SSL_RC4:
+ enc=export?"RC4(40)":((alg2&SSL2_CF_8_BYTE_ENC)?"RC4(64)":"RC4(128)");
+ break;
+ case SSL_RC2:
+ enc=export?"RC2(40)":"RC2(128)";
+ break;
+ case SSL_IDEA:
+ enc="IDEA(128)";
+ break;
+ case SSL_eFZA:
+ enc="Fortezza";
+ break;
+ case SSL_eNULL:
+ enc="None";
+ break;
+ default:
+ enc="unknown";
+ break;
+ }
+
+ switch (alg&SSL_MAC_MASK)
+ {
+ case SSL_MD5:
+ mac="MD5";
+ break;
+ case SSL_SHA0:
+ mac="SHA0";
+ break;
+ case SSL_SHA1:
+ mac="SHA1";
+ break;
+ default:
+ mac="unknown";
+ break;
+ }
+
+ if (buf == NULL)
+ {
+ buf=Malloc(128);
+ if (buf == NULL) return("Malloc Error");
+ }
+ else if (len < 128)
+ return("Buffer too small");
+
+ sprintf(buf,format,cipher->name,ver,kx,au,enc,mac,exp);
+ return(buf);
+ }
+
+char *SSL_CIPHER_get_version(c)
+SSL_CIPHER *c;
+ {
+ int i;
+
+ i=(int)(c->id>>24L);
+ if (i == 3)
+ return("SSLv3");
+ else if (i == 2)
+ return("SSLv2");
+ else
+ return("unknown");
+ }
+
+/* return the actual cipher being used */
+char *SSL_CIPHER_get_name(c)
+SSL_CIPHER *c;
+ {
+ if (c != NULL)
+ return(c->name);
+ return("(NONE)");
+ }
+
+/* number of bits for symetric cipher */
+int SSL_CIPHER_get_bits(c,alg_bits)
+SSL_CIPHER *c;
+int *alg_bits;
+ {
+ int ret=0,a=0;
+ EVP_CIPHER *enc;
+ EVP_MD *md;
+
+ if (c != NULL)
+ {
+ if (!ssl_cipher_get_evp(c,&enc,&md))
+ return(0);
+
+ a=EVP_CIPHER_key_length(enc)*8;
+
+ if (c->algorithms & SSL_EXP)
+ {
+ ret=40;
+ }
+ else
+ {
+ if (c->algorithm2 & SSL2_CF_8_BYTE_ENC)
+ ret=64;
+ else
+ ret=a;
+ }
+ }
+
+ if (alg_bits != NULL) *alg_bits=a;
+
+ return(ret);
+ }
+
diff --git a/ssl/ssl_err.c b/ssl/ssl_err.c
new file mode 100644
index 0000000..18a1a22
--- /dev/null
+++ b/ssl/ssl_err.c
@@ -0,0 +1,350 @@
+/* lib/ssl/ssl_err.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+#include <stdio.h>
+#include "err.h"
+#include "ssl.h"
+
+/* BEGIN ERROR CODES */
+static ERR_STRING_DATA SSL_str_functs[]=
+ {
+{ERR_PACK(0,SSL_F_CLIENT_CERTIFICATE,0), "CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_CLIENT_HELLO,0), "CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_CLIENT_MASTER_KEY,0), "CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_D2I_SSL_SESSION,0), "d2i_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_DO_SSL3_WRITE,0), "DO_SSL3_WRITE"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_FINISHED,0), "GET_CLIENT_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_HELLO,0), "GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_GET_CLIENT_MASTER_KEY,0), "GET_CLIENT_MASTER_KEY"},
+{ERR_PACK(0,SSL_F_GET_SERVER_FINISHED,0), "GET_SERVER_FINISHED"},
+{ERR_PACK(0,SSL_F_GET_SERVER_HELLO,0), "GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_GET_SERVER_VERIFY,0), "GET_SERVER_VERIFY"},
+{ERR_PACK(0,SSL_F_I2D_SSL_SESSION,0), "i2d_SSL_SESSION"},
+{ERR_PACK(0,SSL_F_READ_N,0), "READ_N"},
+{ERR_PACK(0,SSL_F_REQUEST_CERTIFICATE,0), "REQUEST_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SERVER_HELLO,0), "SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_ACCEPT,0), "SSL23_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL23_CLIENT_HELLO,0), "SSL23_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_CONNECT,0), "SSL23_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL23_GET_CLIENT_HELLO,0), "SSL23_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_GET_SERVER_HELLO,0), "SSL23_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL23_READ,0), "SSL23_READ"},
+{ERR_PACK(0,SSL_F_SSL23_WRITE,0), "SSL23_WRITE"},
+{ERR_PACK(0,SSL_F_SSL2_ACCEPT,0), "SSL2_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL2_CONNECT,0), "SSL2_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL2_ENC_INIT,0), "SSL2_ENC_INIT"},
+{ERR_PACK(0,SSL_F_SSL2_READ,0), "SSL2_READ"},
+{ERR_PACK(0,SSL_F_SSL2_SET_CERTIFICATE,0), "SSL2_SET_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL2_WRITE,0), "SSL2_WRITE"},
+{ERR_PACK(0,SSL_F_SSL3_ACCEPT,0), "SSL3_ACCEPT"},
+{ERR_PACK(0,SSL_F_SSL3_CHANGE_CIPHER_STATE,0), "SSL3_CHANGE_CIPHER_STATE"},
+{ERR_PACK(0,SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,0), "SSL3_CHECK_CERT_AND_ALGORITHM"},
+{ERR_PACK(0,SSL_F_SSL3_CLIENT_HELLO,0), "SSL3_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_CONNECT,0), "SSL3_CONNECT"},
+{ERR_PACK(0,SSL_F_SSL3_CTX_CTRL,0), "SSL3_CTX_CTRL"},
+{ERR_PACK(0,SSL_F_SSL3_ENC,0), "SSL3_ENC"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERTIFICATE_REQUEST,0), "SSL3_GET_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CERT_VERIFY,0), "SSL3_GET_CERT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_CERTIFICATE,0), "SSL3_GET_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_HELLO,0), "SSL3_GET_CLIENT_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_GET_CLIENT_KEY_EXCHANGE,0), "SSL3_GET_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_FINISHED,0), "SSL3_GET_FINISHED"},
+{ERR_PACK(0,SSL_F_SSL3_GET_KEY_EXCHANGE,0), "SSL3_GET_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_MESSAGE,0), "SSL3_GET_MESSAGE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_RECORD,0), "SSL3_GET_RECORD"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_CERTIFICATE,0), "SSL3_GET_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_DONE,0), "SSL3_GET_SERVER_DONE"},
+{ERR_PACK(0,SSL_F_SSL3_GET_SERVER_HELLO,0), "SSL3_GET_SERVER_HELLO"},
+{ERR_PACK(0,SSL_F_SSL3_OUTPUT_CERT_CHAIN,0), "SSL3_OUTPUT_CERT_CHAIN"},
+{ERR_PACK(0,SSL_F_SSL3_READ_BYTES,0), "SSL3_READ_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_READ_N,0), "SSL3_READ_N"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CERTIFICATE_REQUEST,0), "SSL3_SEND_CERTIFICATE_REQUEST"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_CERTIFICATE,0), "SSL3_SEND_CLIENT_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_KEY_EXCHANGE,0), "SSL3_SEND_CLIENT_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_CLIENT_VERIFY,0), "SSL3_SEND_CLIENT_VERIFY"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_CERTIFICATE,0), "SSL3_SEND_SERVER_CERTIFICATE"},
+{ERR_PACK(0,SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,0), "SSL3_SEND_SERVER_KEY_EXCHANGE"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_BUFFERS,0), "SSL3_SETUP_BUFFERS"},
+{ERR_PACK(0,SSL_F_SSL3_SETUP_KEY_BLOCK,0), "SSL3_SETUP_KEY_BLOCK"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_BYTES,0), "SSL3_WRITE_BYTES"},
+{ERR_PACK(0,SSL_F_SSL3_WRITE_PENDING,0), "SSL3_WRITE_PENDING"},
+{ERR_PACK(0,SSL_F_SSL_BAD_METHOD,0), "SSL_BAD_METHOD"},
+{ERR_PACK(0,SSL_F_SSL_BYTES_TO_CIPHER_LIST,0), "SSL_BYTES_TO_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CERT_NEW,0), "SSL_CERT_NEW"},
+{ERR_PACK(0,SSL_F_SSL_CHECK_PRIVATE_KEY,0), "SSL_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CREATE_CIPHER_LIST,0), "SSL_CREATE_CIPHER_LIST"},
+{ERR_PACK(0,SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,0), "SSL_CTX_check_private_key"},
+{ERR_PACK(0,SSL_F_SSL_CTX_NEW,0), "SSL_CTX_new"},
+{ERR_PACK(0,SSL_F_SSL_CTX_SET_SSL_VERSION,0), "SSL_CTX_set_ssl_version"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE,0), "SSL_CTX_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,0), "SSL_CTX_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,0), "SSL_CTX_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY,0), "SSL_CTX_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,0), "SSL_CTX_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,0), "SSL_CTX_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,0), "SSL_CTX_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,0), "SSL_CTX_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,0), "SSL_CTX_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_DO_HANDSHAKE,0), "SSL_do_handshake"},
+{ERR_PACK(0,SSL_F_SSL_GET_NEW_SESSION,0), "SSL_GET_NEW_SESSION"},
+{ERR_PACK(0,SSL_F_SSL_GET_SERVER_SEND_CERT,0), "SSL_GET_SERVER_SEND_CERT"},
+{ERR_PACK(0,SSL_F_SSL_GET_SIGN_PKEY,0), "SSL_GET_SIGN_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_LOAD_CLIENT_CA_FILE,0), "SSL_load_client_CA_file"},
+{ERR_PACK(0,SSL_F_SSL_NEW,0), "SSL_new"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PRIVATE_DECRYPT,0), "SSL_RSA_PRIVATE_DECRYPT"},
+{ERR_PACK(0,SSL_F_SSL_RSA_PUBLIC_ENCRYPT,0), "SSL_RSA_PUBLIC_ENCRYPT"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_NEW,0), "SSL_SESSION_new"},
+{ERR_PACK(0,SSL_F_SSL_SESSION_PRINT_FP,0), "SSL_SESSION_print_fp"},
+{ERR_PACK(0,SSL_F_SSL_SET_FD,0), "SSL_set_fd"},
+{ERR_PACK(0,SSL_F_SSL_SET_PKEY,0), "SSL_SET_PKEY"},
+{ERR_PACK(0,SSL_F_SSL_SET_RFD,0), "SSL_set_rfd"},
+{ERR_PACK(0,SSL_F_SSL_SET_SESSION,0), "SSL_set_session"},
+{ERR_PACK(0,SSL_F_SSL_SET_WFD,0), "SSL_set_wfd"},
+{ERR_PACK(0,SSL_F_SSL_UNDEFINED_FUNCTION,0), "SSL_UNDEFINED_FUNCTION"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE,0), "SSL_use_certificate"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_ASN1,0), "SSL_use_certificate_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_CERTIFICATE_FILE,0), "SSL_use_certificate_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY,0), "SSL_use_PrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_ASN1,0), "SSL_use_PrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_PRIVATEKEY_FILE,0), "SSL_use_PrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY,0), "SSL_use_RSAPrivateKey"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,0), "SSL_use_RSAPrivateKey_ASN1"},
+{ERR_PACK(0,SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,0), "SSL_use_RSAPrivateKey_file"},
+{ERR_PACK(0,SSL_F_SSL_WRITE,0), "SSL_write"},
+{ERR_PACK(0,SSL_F_WRITE_PENDING,0), "WRITE_PENDING"},
+{0,NULL},
+ };
+
+static ERR_STRING_DATA SSL_str_reasons[]=
+ {
+{SSL_R_APP_DATA_IN_HANDSHAKE ,"app data in handshake"},
+{SSL_R_BAD_ALERT_RECORD ,"bad alert record"},
+{SSL_R_BAD_AUTHENTICATION_TYPE ,"bad authentication type"},
+{SSL_R_BAD_CHANGE_CIPHER_SPEC ,"bad change cipher spec"},
+{SSL_R_BAD_CHECKSUM ,"bad checksum"},
+{SSL_R_BAD_CLIENT_REQUEST ,"bad client request"},
+{SSL_R_BAD_DATA_RETURNED_BY_CALLBACK ,"bad data returned by callback"},
+{SSL_R_BAD_DECOMPRESSION ,"bad decompression"},
+{SSL_R_BAD_DH_G_LENGTH ,"bad dh g length"},
+{SSL_R_BAD_DH_PUB_KEY_LENGTH ,"bad dh pub key length"},
+{SSL_R_BAD_DH_P_LENGTH ,"bad dh p length"},
+{SSL_R_BAD_DIGEST_LENGTH ,"bad digest length"},
+{SSL_R_BAD_DSA_SIGNATURE ,"bad dsa signature"},
+{SSL_R_BAD_MAC_DECODE ,"bad mac decode"},
+{SSL_R_BAD_MESSAGE_TYPE ,"bad message type"},
+{SSL_R_BAD_PACKET_LENGTH ,"bad packet length"},
+{SSL_R_BAD_RESPONSE_ARGUMENT ,"bad response argument"},
+{SSL_R_BAD_RSA_DECRYPT ,"bad rsa decrypt"},
+{SSL_R_BAD_RSA_ENCRYPT ,"bad rsa encrypt"},
+{SSL_R_BAD_RSA_E_LENGTH ,"bad rsa e length"},
+{SSL_R_BAD_RSA_MODULUS_LENGTH ,"bad rsa modulus length"},
+{SSL_R_BAD_RSA_SIGNATURE ,"bad rsa signature"},
+{SSL_R_BAD_SIGNATURE ,"bad signature"},
+{SSL_R_BAD_SSL_FILETYPE ,"bad ssl filetype"},
+{SSL_R_BAD_SSL_SESSION_ID_LENGTH ,"bad ssl session id length"},
+{SSL_R_BAD_STATE ,"bad state"},
+{SSL_R_BAD_WRITE_RETRY ,"bad write retry"},
+{SSL_R_BIO_NOT_SET ,"bio not set"},
+{SSL_R_BLOCK_CIPHER_PAD_IS_WRONG ,"block cipher pad is wrong"},
+{SSL_R_BN_LIB ,"bn lib"},
+{SSL_R_CA_DN_LENGTH_MISMATCH ,"ca dn length mismatch"},
+{SSL_R_CA_DN_TOO_LONG ,"ca dn too long"},
+{SSL_R_CCS_RECEIVED_EARLY ,"ccs received early"},
+{SSL_R_CERTIFICATE_VERIFY_FAILED ,"certificate verify failed"},
+{SSL_R_CERT_LENGTH_MISMATCH ,"cert length mismatch"},
+{SSL_R_CHALLENGE_IS_DIFFERENT ,"challenge is different"},
+{SSL_R_CIPHER_CODE_WRONG_LENGTH ,"cipher code wrong length"},
+{SSL_R_CIPHER_OR_HASH_UNAVAILABLE ,"cipher or hash unavailable"},
+{SSL_R_CIPHER_TABLE_SRC_ERROR ,"cipher table src error"},
+{SSL_R_COMPRESSED_LENGTH_TOO_LONG ,"compressed length too long"},
+{SSL_R_COMPRESSION_FAILURE ,"compression failure"},
+{SSL_R_CONNECTION_ID_IS_DIFFERENT ,"connection id is different"},
+{SSL_R_DATA_BETWEEN_CCS_AND_FINISHED ,"data between ccs and finished"},
+{SSL_R_DATA_LENGTH_TOO_LONG ,"data length too long"},
+{SSL_R_DH_PUBLIC_VALUE_LENGTH_IS_WRONG ,"dh public value length is wrong"},
+{SSL_R_DIGEST_CHECK_FAILED ,"digest check failed"},
+{SSL_R_ENCRYPTED_LENGTH_TOO_LONG ,"encrypted length too long"},
+{SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST ,"error in received cipher list"},
+{SSL_R_EXCESSIVE_MESSAGE_SIZE ,"excessive message size"},
+{SSL_R_EXTRA_DATA_IN_MESSAGE ,"extra data in message"},
+{SSL_R_GOT_A_FIN_BEFORE_A_CCS ,"got a fin before a ccs"},
+{SSL_R_INTERNAL_ERROR ,"internal error"},
+{SSL_R_INVALID_CHALLENGE_LENGTH ,"invalid challenge length"},
+{SSL_R_LENGTH_MISMATCH ,"length mismatch"},
+{SSL_R_LENGTH_TOO_SHORT ,"length too short"},
+{SSL_R_LIBRARY_HAS_NO_CIPHERS ,"library has no ciphers"},
+{SSL_R_MISSING_DH_DSA_CERT ,"missing dh dsa cert"},
+{SSL_R_MISSING_DH_KEY ,"missing dh key"},
+{SSL_R_MISSING_DH_RSA_CERT ,"missing dh rsa cert"},
+{SSL_R_MISSING_DSA_SIGNING_CERT ,"missing dsa signing cert"},
+{SSL_R_MISSING_EXPORT_TMP_DH_KEY ,"missing export tmp dh key"},
+{SSL_R_MISSING_EXPORT_TMP_RSA_KEY ,"missing export tmp rsa key"},
+{SSL_R_MISSING_RSA_CERTIFICATE ,"missing rsa certificate"},
+{SSL_R_MISSING_RSA_ENCRYPTING_CERT ,"missing rsa encrypting cert"},
+{SSL_R_MISSING_RSA_SIGNING_CERT ,"missing rsa signing cert"},
+{SSL_R_MISSING_TMP_DH_KEY ,"missing tmp dh key"},
+{SSL_R_MISSING_TMP_RSA_KEY ,"missing tmp rsa key"},
+{SSL_R_MISSING_TMP_RSA_PKEY ,"missing tmp rsa pkey"},
+{SSL_R_MISSING_VERIFY_MESSAGE ,"missing verify message"},
+{SSL_R_NON_SSLV2_INITIAL_PACKET ,"non sslv2 initial packet"},
+{SSL_R_NO_CERTIFICATES_PASSED ,"no certificates passed"},
+{SSL_R_NO_CERTIFICATE_ASSIGNED ,"no certificate assigned"},
+{SSL_R_NO_CERTIFICATE_RETURNED ,"no certificate returned"},
+{SSL_R_NO_CERTIFICATE_SET ,"no certificate set"},
+{SSL_R_NO_CERTIFICATE_SPECIFIED ,"no certificate specified"},
+{SSL_R_NO_CIPHERS_AVAILABLE ,"no ciphers available"},
+{SSL_R_NO_CIPHERS_PASSED ,"no ciphers passed"},
+{SSL_R_NO_CIPHERS_SPECIFIED ,"no ciphers specified"},
+{SSL_R_NO_CIPHER_LIST ,"no cipher list"},
+{SSL_R_NO_CIPHER_MATCH ,"no cipher match"},
+{SSL_R_NO_CLIENT_CERT_RECEIVED ,"no client cert received"},
+{SSL_R_NO_COMPRESSION_SPECIFIED ,"no compression specified"},
+{SSL_R_NO_PRIVATEKEY ,"no privatekey"},
+{SSL_R_NO_PRIVATE_KEY_ASSIGNED ,"no private key assigned"},
+{SSL_R_NO_PUBLICKEY ,"no publickey"},
+{SSL_R_NO_SHARED_CIPHER ,"no shared cipher"},
+{SSL_R_NULL_SSL_CTX ,"null ssl ctx"},
+{SSL_R_NULL_SSL_METHOD_PASSED ,"null ssl method passed"},
+{SSL_R_OLD_SESSION_CIPHER_NOT_RETURNED ,"old session cipher not returned"},
+{SSL_R_PACKET_LENGTH_TOO_LONG ,"packet length too long"},
+{SSL_R_PEER_DID_NOT_RETURN_A_CERTIFICATE ,"peer did not return a certificate"},
+{SSL_R_PEER_ERROR ,"peer error"},
+{SSL_R_PEER_ERROR_CERTIFICATE ,"peer error certificate"},
+{SSL_R_PEER_ERROR_NO_CERTIFICATE ,"peer error no certificate"},
+{SSL_R_PEER_ERROR_NO_CIPHER ,"peer error no cipher"},
+{SSL_R_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"peer error unsupported certificate type"},
+{SSL_R_PRE_MAC_LENGTH_TOO_LONG ,"pre mac length too long"},
+{SSL_R_PROBLEMS_MAPPING_CIPHER_FUNCTIONS ,"problems mapping cipher functions"},
+{SSL_R_PROTOCOL_IS_SHUTDOWN ,"protocol is shutdown"},
+{SSL_R_PUBLIC_KEY_ENCRYPT_ERROR ,"public key encrypt error"},
+{SSL_R_PUBLIC_KEY_IS_NOT_RSA ,"public key is not rsa"},
+{SSL_R_PUBLIC_KEY_NOT_RSA ,"public key not rsa"},
+{SSL_R_READ_BIO_NOT_SET ,"read bio not set"},
+{SSL_R_READ_WRONG_PACKET_TYPE ,"read wrong packet type"},
+{SSL_R_RECORD_LENGTH_MISMATCH ,"record length mismatch"},
+{SSL_R_RECORD_TOO_LARGE ,"record too large"},
+{SSL_R_REQUIRED_CIPHER_MISSING ,"required cipher missing"},
+{SSL_R_REUSE_CERT_LENGTH_NOT_ZERO ,"reuse cert length not zero"},
+{SSL_R_REUSE_CERT_TYPE_NOT_ZERO ,"reuse cert type not zero"},
+{SSL_R_REUSE_CIPHER_LIST_NOT_ZERO ,"reuse cipher list not zero"},
+{SSL_R_SHORT_READ ,"short read"},
+{SSL_R_SIGNATURE_FOR_NON_SIGNING_CERTIFICATE,"signature for non signing certificate"},
+{SSL_R_SSL3_SESSION_ID_TOO_SHORT ,"ssl3 session id too short"},
+{SSL_R_SSLV3_ALERT_BAD_CERTIFICATE ,"sslv3 alert bad certificate"},
+{SSL_R_SSLV3_ALERT_BAD_RECORD_MAC ,"sslv3 alert bad record mac"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_EXPIRED ,"sslv3 alert certificate expired"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_REVOKED ,"sslv3 alert certificate revoked"},
+{SSL_R_SSLV3_ALERT_CERTIFICATE_UNKNOWN ,"sslv3 alert certificate unknown"},
+{SSL_R_SSLV3_ALERT_DECOMPRESSION_FAILURE ,"sslv3 alert decompression failure"},
+{SSL_R_SSLV3_ALERT_HANDSHAKE_FAILURE ,"sslv3 alert handshake failure"},
+{SSL_R_SSLV3_ALERT_ILLEGAL_PARAMETER ,"sslv3 alert illegal parameter"},
+{SSL_R_SSLV3_ALERT_NO_CERTIFICATE ,"sslv3 alert no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_CERTIFICATE,"sslv3 alert peer error certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CERTIFICATE,"sslv3 alert peer error no certificate"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_NO_CIPHER ,"sslv3 alert peer error no cipher"},
+{SSL_R_SSLV3_ALERT_PEER_ERROR_UNSUPPORTED_CERTIFICATE_TYPE,"sslv3 alert peer error unsupported certificate type"},
+{SSL_R_SSLV3_ALERT_UNEXPECTED_MESSAGE ,"sslv3 alert unexpected message"},
+{SSL_R_SSLV3_ALERT_UNKNOWN_REMOTE_ERROR_TYPE,"sslv3 alert unknown remote error type"},
+{SSL_R_SSLV3_ALERT_UNSUPPORTED_CERTIFICATE,"sslv3 alert unsupported certificate"},
+{SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION,"ssl ctx has no default ssl version"},
+{SSL_R_SSL_HANDSHAKE_FAILURE ,"ssl handshake failure"},
+{SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS ,"ssl library has no ciphers"},
+{SSL_R_SSL_SESSION_ID_IS_DIFFERENT ,"ssl session id is different"},
+{SSL_R_TRIED_TO_USE_UNSUPPORTED_CIPHER ,"tried to use unsupported cipher"},
+{SSL_R_UNABLE_TO_DECODE_DH_CERTS ,"unable to decode dh certs"},
+{SSL_R_UNABLE_TO_EXTRACT_PUBLIC_KEY ,"unable to extract public key"},
+{SSL_R_UNABLE_TO_FIND_DH_PARAMETERS ,"unable to find dh parameters"},
+{SSL_R_UNABLE_TO_FIND_PUBLIC_KEY_PARAMETERS,"unable to find public key parameters"},
+{SSL_R_UNABLE_TO_FIND_SSL_METHOD ,"unable to find ssl method"},
+{SSL_R_UNEXPECTED_MESSAGE ,"unexpected message"},
+{SSL_R_UNEXPECTED_RECORD ,"unexpected record"},
+{SSL_R_UNKNOWN_ALERT_TYPE ,"unknown alert type"},
+{SSL_R_UNKNOWN_CERTIFICATE_TYPE ,"unknown certificate type"},
+{SSL_R_UNKNOWN_CIPHER_RETURNED ,"unknown cipher returned"},
+{SSL_R_UNKNOWN_CIPHER_TYPE ,"unknown cipher type"},
+{SSL_R_UNKNOWN_KEY_EXCHANGE_TYPE ,"unknown key exchange type"},
+{SSL_R_UNKNOWN_PKEY_TYPE ,"unknown pkey type"},
+{SSL_R_UNKNOWN_PROTOCOL ,"unknown protocol"},
+{SSL_R_UNKNOWN_REMOTE_ERROR_TYPE ,"unknown remote error type"},
+{SSL_R_UNKNOWN_SSL_VERSION ,"unknown ssl version"},
+{SSL_R_UNKNOWN_STATE ,"unknown state"},
+{SSL_R_UNSUPPORTED_CIPHER ,"unsupported cipher"},
+{SSL_R_UNSUPPORTED_COMPRESSION_ALGORITHM ,"unsupported compression algorithm"},
+{SSL_R_UNSUPPORTED_SSL_VERSION ,"unsupported ssl version"},
+{SSL_R_WRITE_BIO_NOT_SET ,"write bio not set"},
+{SSL_R_WRONG_CIPHER_RETURNED ,"wrong cipher returned"},
+{SSL_R_WRONG_MESSAGE_TYPE ,"wrong message type"},
+{SSL_R_WRONG_NUMBER_OF_KEY_BITS ,"wrong number of key bits"},
+{SSL_R_WRONG_SIGNATURE_LENGTH ,"wrong signature length"},
+{SSL_R_WRONG_SIGNATURE_SIZE ,"wrong signature size"},
+{SSL_R_WRONG_SSL_VERSION ,"wrong ssl version"},
+{SSL_R_WRONG_VERSION_NUMBER ,"wrong version number"},
+{SSL_R_X509_LIB ,"x509 lib"},
+{0,NULL},
+ };
+
+void ERR_load_SSL_strings()
+ {
+ static int init=1;
+
+ if (init)
+ {
+ init=0;
+ ERR_load_strings(ERR_LIB_SSL,SSL_str_functs);
+ ERR_load_strings(ERR_LIB_SSL,SSL_str_reasons);
+ }
+ }
diff --git a/ssl/ssl_err2.c b/ssl/ssl_err2.c
new file mode 100644
index 0000000..a159fbb
--- /dev/null
+++ b/ssl/ssl_err2.c
@@ -0,0 +1,70 @@
+/* ssl/ssl_err2.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "err.h"
+#include "ssl.h"
+
+void SSL_load_error_strings()
+ {
+#ifndef NO_ERR
+ ERR_load_crypto_strings();
+ ERR_load_SSL_strings();
+#endif
+ }
+
diff --git a/ssl/ssl_lib.c b/ssl/ssl_lib.c
new file mode 100644
index 0000000..be091b1
--- /dev/null
+++ b/ssl/ssl_lib.c
@@ -0,0 +1,1433 @@
+/* ssl/ssl_lib.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "objects.h"
+#include "lhash.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static unsigned long conn_hash(SSL_SESSION *a);
+#else
+static unsigned long conn_hash();
+#endif
+
+char *SSL_version_str="SSLeay 0.8.1b 29-Jun-1998";
+
+void SSL_clear(s)
+SSL *s;
+ {
+ int state;
+
+ if (s->method == NULL) return;
+
+ s->error=0;
+ s->hit=0;
+
+ /* This is set if we are doing dynamic renegotiation so keep
+ * the old cipher. It is sort of a SSL_clear_lite :-) */
+ if (s->new_session) return;
+
+ state=s->state; /* Keep to check if we throw away the session-id */
+ s->type=0;
+
+ s->version=s->method->version;
+ s->rwstate=SSL_NOTHING;
+ s->state=SSL_ST_BEFORE;
+ s->rstate=SSL_ST_READ_HEADER;
+ s->read_ahead=s->ctx->default_read_ahead;
+
+/* s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN); */
+
+ if (s->init_buf != NULL)
+ {
+ BUF_MEM_free(s->init_buf);
+ s->init_buf=NULL;
+ }
+
+ ssl_clear_cipher_ctx(s);
+
+ if (ssl_clear_bad_session(s))
+ {
+ SSL_SESSION_free(s->session);
+ s->session=NULL;
+ }
+
+ s->shutdown=(SSL_SENT_SHUTDOWN|SSL_RECEIVED_SHUTDOWN);
+ s->first_packet=0;
+
+ s->method->ssl_clear(s);
+ }
+
+/* Used to change an SSL_CTXs default SSL method type */
+int SSL_CTX_set_ssl_version(ctx,meth)
+SSL_CTX *ctx;
+SSL_METHOD *meth;
+ {
+ STACK *sk;
+
+ ctx->method=meth;
+
+ sk=ssl_create_cipher_list(ctx->method,&(ctx->cipher_list),
+ &(ctx->cipher_list_by_id),SSL_DEFAULT_CIPHER_LIST);
+ if ((sk == NULL) || (sk_num(sk) <= 0))
+ {
+ SSLerr(SSL_F_SSL_CTX_SET_SSL_VERSION,SSL_R_SSL_LIBRARY_HAS_NO_CIPHERS);
+ return(0);
+ }
+ return(1);
+ }
+
+SSL *SSL_new(ctx)
+SSL_CTX *ctx;
+ {
+ SSL *s;
+
+ if (ctx == NULL)
+ {
+ SSLerr(SSL_F_SSL_NEW,SSL_R_NULL_SSL_CTX);
+ return(NULL);
+ }
+ if (ctx->method == NULL)
+ {
+ SSLerr(SSL_F_SSL_NEW,SSL_R_SSL_CTX_HAS_NO_DEFAULT_SSL_VERSION);
+ return(NULL);
+ }
+
+ s=(SSL *)Malloc(sizeof(SSL));
+ if (s == NULL) goto err;
+ memset(s,0,sizeof(SSL));
+
+ if (ctx->default_cert != NULL)
+ {
+ CRYPTO_add(&ctx->default_cert->references,1,
+ CRYPTO_LOCK_SSL_CERT);
+ s->cert=ctx->default_cert;
+ }
+ else
+ s->cert=NULL;
+ s->verify_mode=ctx->default_verify_mode;
+ s->verify_callback=ctx->default_verify_callback;
+ CRYPTO_add(&ctx->references,1,CRYPTO_LOCK_SSL_CTX);
+ s->ctx=ctx;
+
+ s->verify_result=X509_V_OK;
+
+ s->method=ctx->method;
+
+ if (!s->method->ssl_new(s))
+ {
+ SSL_CTX_free(ctx);
+ Free(s);
+ goto err;
+ }
+
+ s->quiet_shutdown=ctx->quiet_shutdown;
+ SSL_clear(s);
+ return(s);
+err:
+ SSLerr(SSL_F_SSL_NEW,ERR_R_MALLOC_FAILURE);
+ return(NULL);
+ }
+
+void SSL_free(s)
+SSL *s;
+ {
+ if (s->bbio != NULL)
+ {
+ /* If the buffering BIO is in place, pop it off */
+ if (s->bbio == s->wbio)
+ {
+ s->wbio=BIO_pop(s->wbio);
+ }
+ BIO_free(s->bbio);
+ }
+ if (s->rbio != NULL)
+ BIO_free_all(s->rbio);
+ if ((s->wbio != NULL) && (s->wbio != s->rbio))
+ BIO_free_all(s->wbio);
+
+ if (s->init_buf != NULL) BUF_MEM_free(s->init_buf);
+
+ /* add extra stuff */
+ if (s->cipher_list != NULL) sk_free(s->cipher_list);
+ if (s->cipher_list_by_id != NULL) sk_free(s->cipher_list_by_id);
+
+ /* Make the next call work :-) */
+ if (s->session != NULL)
+ {
+ ssl_clear_bad_session(s);
+ SSL_SESSION_free(s->session);
+ }
+
+ ssl_clear_cipher_ctx(s);
+
+ if (s->cert != NULL) ssl_cert_free(s->cert);
+ /* Free up if allocated */
+
+ if (s->ctx) SSL_CTX_free(s->ctx);
+
+ if (s->client_CA != NULL)
+ sk_pop_free(s->client_CA,X509_NAME_free);
+
+ if (s->method != NULL) s->method->ssl_free(s);
+
+ Free((char *)s);
+ }
+
+void SSL_set_bio(s, rbio,wbio)
+SSL *s;
+BIO *rbio;
+BIO *wbio;
+ {
+ /* If the output buffering BIO is still in place, remove it
+ */
+ if (s->bbio != NULL)
+ {
+ if (s->wbio == s->bbio)
+ {
+ s->wbio=s->wbio->next_bio;
+ s->bbio->next_bio=NULL;
+ }
+ }
+ if ((s->rbio != NULL) && (s->rbio != rbio))
+ BIO_free_all(s->rbio);
+ if ((s->wbio != NULL) && (s->wbio != wbio) && (s->rbio != s->wbio))
+ BIO_free_all(s->wbio);
+ s->rbio=rbio;
+ s->wbio=wbio;
+ }
+
+BIO *SSL_get_rbio(s)
+SSL *s;
+ { return(s->rbio); }
+
+BIO *SSL_get_wbio(s)
+SSL *s;
+ { return(s->wbio); }
+
+int SSL_get_fd(s)
+SSL *s;
+ {
+ int ret= -1;
+ BIO *b,*r;
+
+ b=SSL_get_rbio(s);
+ r=BIO_find_type(b,BIO_TYPE_DESCRIPTOR);
+ if (r != NULL)
+ BIO_get_fd(r,&ret);
+ return(ret);
+ }
+
+#ifndef NO_SOCK
+int SSL_set_fd(s, fd)
+SSL *s;
+int fd;
+ {
+ int ret=0;
+ BIO *bio=NULL;
+
+ bio=BIO_new(BIO_s_socket());
+
+ if (bio == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_FD,ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio,fd,BIO_NOCLOSE);
+ SSL_set_bio(s,bio,bio);
+ ret=1;
+err:
+ return(ret);
+ }
+
+int SSL_set_wfd(s, fd)
+SSL *s;
+int fd;
+ {
+ int ret=0;
+ BIO *bio=NULL;
+
+ bio=BIO_new(BIO_s_socket());
+
+ if (bio == NULL)
+ { SSLerr(SSL_F_SSL_SET_WFD,ERR_R_BUF_LIB); goto err; }
+ BIO_set_fd(bio,fd,BIO_NOCLOSE);
+ SSL_set_bio(s,SSL_get_rbio(s),bio);
+ ret=1;
+err:
+ return(ret);
+ }
+
+int SSL_set_rfd(s, fd)
+SSL *s;
+int fd;
+ {
+ int ret=0;
+ BIO *bio=NULL;
+
+ bio=BIO_new(BIO_s_socket());
+
+ if (bio == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_RFD,ERR_R_BUF_LIB);
+ goto err;
+ }
+ BIO_set_fd(bio,fd,BIO_NOCLOSE);
+ SSL_set_bio(s,bio,SSL_get_wbio(s));
+ ret=1;
+err:
+ return(ret);
+ }
+#endif
+
+int SSL_get_verify_mode(s)
+SSL *s;
+ {
+ return(s->verify_mode);
+ }
+
+int (*SSL_get_verify_callback(s))()
+SSL *s;
+ {
+ return(s->verify_callback);
+ }
+
+int SSL_CTX_get_verify_mode(ctx)
+SSL_CTX *ctx;
+ {
+ return(ctx->default_verify_mode);
+ }
+
+int (*SSL_CTX_get_verify_callback(ctx))()
+SSL_CTX *ctx;
+ {
+ return(ctx->default_verify_callback);
+ }
+
+void SSL_set_verify(s, mode, callback)
+SSL *s;
+int mode;
+int (*callback)();
+ {
+ s->verify_mode=mode;
+ if (callback != NULL)
+ s->verify_callback=callback;
+ }
+
+void SSL_set_read_ahead(s, yes)
+SSL *s;
+int yes;
+ {
+ s->read_ahead=yes;
+ }
+
+int SSL_get_read_ahead(s)
+SSL *s;
+ {
+ return(s->read_ahead);
+ }
+
+int SSL_pending(s)
+SSL *s;
+ {
+ return(s->method->ssl_pending(s));
+ }
+
+X509 *SSL_get_peer_certificate(s)
+SSL *s;
+ {
+ X509 *r;
+
+ if ((s == NULL) || (s->session == NULL))
+ r=NULL;
+ else
+ r=s->session->peer;
+
+ if (r == NULL) return(r);
+
+ CRYPTO_add(&r->references,1,CRYPTO_LOCK_X509);
+
+ return(r);
+ }
+
+STACK *SSL_get_peer_cert_chain(s)
+SSL *s;
+ {
+ STACK *r;
+
+ if ((s == NULL) || (s->session == NULL) || (s->session->cert == NULL))
+ r=NULL;
+ else
+ r=s->session->cert->cert_chain;
+
+ return(r);
+ }
+
+/* Now in theory, since the calling process own 't' it should be safe to
+ * modify. We need to be able to read f without being hassled */
+void SSL_copy_session_id(t,f)
+SSL *t,*f;
+ {
+ CERT *tmp;
+
+ /* Do we need to to SSL locking? */
+ SSL_set_session(t,SSL_get_session(f));
+
+ /* what if we are setup as SSLv2 but want to talk SSLv3 or
+ * vice-versa */
+ if (t->method != f->method)
+ {
+ t->method->ssl_free(t); /* cleanup current */
+ t->method=f->method; /* change method */
+ t->method->ssl_new(t); /* setup new */
+ }
+
+ tmp=t->cert;
+ if (f->cert != NULL)
+ {
+ CRYPTO_add(&f->cert->references,1,CRYPTO_LOCK_SSL_CERT);
+ t->cert=f->cert;
+ }
+ else
+ t->cert=NULL;
+ if (tmp != NULL) ssl_cert_free(tmp);
+ }
+
+int SSL_CTX_check_private_key(ctx)
+SSL_CTX *ctx;
+ {
+ if ( (ctx == NULL) ||
+ (ctx->default_cert == NULL) ||
+ (ctx->default_cert->key->x509 == NULL))
+ {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return(0);
+ }
+ if (ctx->default_cert->key->privatekey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ return(0);
+ }
+ return(X509_check_private_key(ctx->default_cert->key->x509, ctx->default_cert->key->privatekey));
+ }
+
+int SSL_check_private_key(ssl)
+SSL *ssl;
+ {
+ if (ssl == NULL)
+ {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ if (ssl->cert == NULL)
+ return(SSL_CTX_check_private_key(ssl->ctx));
+ if (ssl->cert->key->x509 == NULL)
+ {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_CERTIFICATE_ASSIGNED);
+ return(0);
+ }
+ if (ssl->cert->key->privatekey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CHECK_PRIVATE_KEY,SSL_R_NO_PRIVATE_KEY_ASSIGNED);
+ return(0);
+ }
+ return(X509_check_private_key(ssl->cert->key->x509,
+ ssl->cert->key->privatekey));
+ }
+
+int SSL_accept(s)
+SSL *s;
+ {
+ return(s->method->ssl_accept(s));
+ }
+
+int SSL_connect(s)
+SSL *s;
+ {
+ return(s->method->ssl_connect(s));
+ }
+
+long SSL_get_default_timeout(s)
+SSL *s;
+ {
+ return(s->method->get_timeout());
+ }
+
+int SSL_read(s,buf,num)
+SSL *s;
+char *buf;
+int num;
+ {
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ return(0);
+ }
+ return(s->method->ssl_read(s,buf,num));
+ }
+
+int SSL_peek(s,buf,num)
+SSL *s;
+char *buf;
+int num;
+ {
+ if (s->shutdown & SSL_RECEIVED_SHUTDOWN)
+ {
+ return(0);
+ }
+ return(s->method->ssl_peek(s,buf,num));
+ }
+
+int SSL_write(s,buf,num)
+SSL *s;
+char *buf;
+int num;
+ {
+ if (s->shutdown & SSL_SENT_SHUTDOWN)
+ {
+ s->rwstate=SSL_NOTHING;
+ SSLerr(SSL_F_SSL_WRITE,SSL_R_PROTOCOL_IS_SHUTDOWN);
+ return(-1);
+ }
+ return(s->method->ssl_write(s,buf,num));
+ }
+
+int SSL_shutdown(s)
+SSL *s;
+ {
+ if ((s != NULL) && !SSL_in_init(s))
+ return(s->method->ssl_shutdown(s));
+ else
+ return(1);
+ }
+
+int SSL_renegotiate(s)
+SSL *s;
+ {
+ return(s->method->ssl_renegotiate(s));
+ }
+
+long SSL_ctrl(s,cmd,larg,parg)
+SSL *s;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(s->method->ssl_ctrl(s,cmd,larg,parg));
+ }
+
+long SSL_CTX_ctrl(ctx,cmd,larg,parg)
+SSL_CTX *ctx;
+int cmd;
+long larg;
+char *parg;
+ {
+ return(ctx->method->ssl_ctx_ctrl(ctx,cmd,larg,parg));
+ }
+
+int ssl_cipher_id_cmp(a,b)
+SSL_CIPHER *a,*b;
+ {
+ long l;
+
+ l=a->id-b->id;
+ if (l == 0L)
+ return(0);
+ else
+ return((l > 0)?1:-1);
+ }
+
+int ssl_cipher_ptr_id_cmp(ap,bp)
+SSL_CIPHER **ap,**bp;
+ {
+ long l;
+
+ l=(*ap)->id-(*bp)->id;
+ if (l == 0L)
+ return(0);
+ else
+ return((l > 0)?1:-1);
+ }
+
+/* return a STACK of the ciphers available for the SSL and in order of
+ * preference */
+STACK *SSL_get_ciphers(s)
+SSL *s;
+ {
+ if ((s != NULL) && (s->cipher_list != NULL))
+ {
+ return(s->cipher_list);
+ }
+ else if ((s != NULL) && (s->ctx != NULL) &&
+ (s->ctx->cipher_list != NULL))
+ {
+ return(s->ctx->cipher_list);
+ }
+ return(NULL);
+ }
+
+/* return a STACK of the ciphers available for the SSL and in order of
+ * algorithm id */
+STACK *ssl_get_ciphers_by_id(s)
+SSL *s;
+ {
+ if ((s != NULL) && (s->cipher_list_by_id != NULL))
+ {
+ return(s->cipher_list_by_id);
+ }
+ else if ((s != NULL) && (s->ctx != NULL) &&
+ (s->ctx->cipher_list_by_id != NULL))
+ {
+ return(s->ctx->cipher_list_by_id);
+ }
+ return(NULL);
+ }
+
+/* The old interface to get the same thing as SSL_get_ciphers() */
+char *SSL_get_cipher_list(s,n)
+SSL *s;
+int n;
+ {
+ SSL_CIPHER *c;
+ STACK *sk;
+
+ if (s == NULL) return(NULL);
+ sk=SSL_get_ciphers(s);
+ if ((sk == NULL) || (sk_num(sk) <= n))
+ return(NULL);
+ c=(SSL_CIPHER *)sk_value(sk,n);
+ if (c == NULL) return(NULL);
+ return(c->name);
+ }
+
+/* specify the ciphers to be used by defaut by the SSL_CTX */
+int SSL_CTX_set_cipher_list(ctx,str)
+SSL_CTX *ctx;
+char *str;
+ {
+ STACK *sk;
+
+ sk=ssl_create_cipher_list(ctx->method,&ctx->cipher_list,
+ &ctx->cipher_list_by_id,str);
+/* XXXX */
+ return((sk == NULL)?0:1);
+ }
+
+/* specify the ciphers to be used by the SSL */
+int SSL_set_cipher_list(s, str)
+SSL *s;
+char *str;
+ {
+ STACK *sk;
+
+ sk=ssl_create_cipher_list(s->ctx->method,&s->cipher_list,
+ &s->cipher_list_by_id,str);
+/* XXXX */
+ return((sk == NULL)?0:1);
+ }
+
+/* works well for SSLv2, not so good for SSLv3 */
+char *SSL_get_shared_ciphers(s,buf,len)
+SSL *s;
+char *buf;
+int len;
+ {
+ char *p,*cp;
+ STACK *sk;
+ SSL_CIPHER *c;
+ int i;
+
+ if ((s->session == NULL) || (s->session->ciphers == NULL) ||
+ (len < 2))
+ return(NULL);
+
+ p=buf;
+ sk=s->session->ciphers;
+ len--;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ for (cp=c->name; *cp; )
+ {
+ if (--len == 0)
+ {
+ *p='\0';
+ return(buf);
+ }
+ else
+ *(p++)= *(cp++);
+ }
+ *(p++)=':';
+ }
+ p[-1]='\0';
+ return(buf);
+ }
+
+int ssl_cipher_list_to_bytes(s,sk,p)
+SSL *s;
+STACK *sk;
+unsigned char *p;
+ {
+ int i,j=0;
+ SSL_CIPHER *c;
+ unsigned char *q;
+
+ if (sk == NULL) return(0);
+ q=p;
+
+ for (i=0; i<sk_num(sk); i++)
+ {
+ c=(SSL_CIPHER *)sk_value(sk,i);
+ j=ssl_put_cipher_by_char(s,c,p);
+ p+=j;
+ }
+ return(p-q);
+ }
+
+STACK *ssl_bytes_to_cipher_list(s,p,num,skp)
+SSL *s;
+unsigned char *p;
+int num;
+STACK **skp;
+ {
+ SSL_CIPHER *c;
+ STACK *sk;
+ int i,n;
+
+ n=ssl_put_cipher_by_char(s,NULL,NULL);
+ if ((num%n) != 0)
+ {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,SSL_R_ERROR_IN_RECEIVED_CIPHER_LIST);
+ return(NULL);
+ }
+ if ((skp == NULL) || (*skp == NULL))
+ sk=sk_new(NULL); /* change perhaps later */
+ else
+ {
+ sk= *skp;
+ sk_zero(sk);
+ }
+
+ for (i=0; i<num; i+=n)
+ {
+ c=ssl_get_cipher_by_char(s,p);
+ p+=n;
+ if (c != NULL)
+ {
+ if (!sk_push(sk,(char *)c))
+ {
+ SSLerr(SSL_F_SSL_BYTES_TO_CIPHER_LIST,ERR_R_MALLOC_FAILURE);
+ goto err;
+ }
+ }
+ }
+
+ if (skp != NULL)
+ *skp=sk;
+ return(sk);
+err:
+ if ((skp == NULL) || (*skp == NULL))
+ sk_free(sk);
+ return(NULL);
+ }
+
+static unsigned long conn_hash(a)
+SSL_SESSION *a;
+ {
+ unsigned long l;
+
+ l= (a->session_id[0] )|(a->session_id[1]<< 8L)|
+ (a->session_id[1]<<16L)|(a->session_id[2]<<24L);
+ return(l);
+ }
+
+static int session_cmp(a, b)
+SSL_SESSION *a;
+SSL_SESSION *b;
+ {
+ int i;
+
+ i=a->session_id_length - b->session_id_length;
+ if (i == 0)
+ return(memcmp(a->session_id,b->session_id,
+ a->session_id_length));
+ else return(1);
+ }
+
+SSL_CTX *SSL_CTX_new(meth)
+SSL_METHOD *meth;
+ {
+ SSL_CTX *ret;
+
+ if (meth == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_NULL_SSL_METHOD_PASSED);
+ return(NULL);
+ }
+ ret=(SSL_CTX *)Malloc(sizeof(SSL_CTX));
+ if (ret == NULL)
+ goto err;
+
+ memset(ret,0,sizeof(SSL_CTX));
+
+ ret->method=meth;
+
+ ret->cert_store=NULL;
+ ret->session_cache_mode=SSL_SESS_CACHE_SERVER;
+
+ /* We take the system default */
+ ret->session_timeout=meth->get_timeout();
+
+ ret->new_session_cb=NULL;
+ ret->remove_session_cb=NULL;
+ ret->get_session_cb=NULL;
+
+ ret->sess_connect=0;
+ ret->sess_connect_good=0;
+ ret->sess_accept=0;
+ ret->sess_accept_good=0;
+ ret->sess_miss=0;
+ ret->sess_timeout=0;
+ ret->sess_hit=0;
+ ret->sess_cb_hit=0;
+
+ ret->references=1;
+ ret->quiet_shutdown=0;
+
+/* ret->cipher=NULL;*/
+/* ret->s2->challenge=NULL;
+ ret->master_key=NULL;
+ ret->key_arg=NULL;
+ ret->s2->conn_id=NULL; */
+
+ ret->info_callback=NULL;
+
+ ret->app_verify_callback=NULL;
+ ret->app_verify_arg=NULL;
+
+ ret->default_read_ahead=0;
+ ret->default_verify_mode=SSL_VERIFY_NONE;
+ ret->default_verify_callback=NULL;
+ if ((ret->default_cert=ssl_cert_new()) == NULL)
+ goto err;
+
+ ret->default_passwd_callback=NULL;
+ ret->client_cert_cb=NULL;
+
+ ret->sessions=lh_new(conn_hash,session_cmp);
+ if (ret->sessions == NULL) goto err;
+ ret->cert_store=X509_STORE_new();
+ if (ret->cert_store == NULL) goto err;
+
+ ssl_create_cipher_list(ret->method,
+ &ret->cipher_list,&ret->cipher_list_by_id,
+ SSL_DEFAULT_CIPHER_LIST);
+ if ((ret->cipher_list == NULL) || (sk_num(ret->cipher_list) <= 0))
+ {
+ SSLerr(SSL_F_SSL_CTX_NEW,SSL_R_LIBRARY_HAS_NO_CIPHERS);
+ goto err2;
+ }
+
+ if ((ret->client_CA=sk_new_null()) == NULL)
+ goto err;
+
+ return(ret);
+err:
+ SSLerr(SSL_F_SSL_CTX_NEW,ERR_R_MALLOC_FAILURE);
+err2:
+ if (ret != NULL) SSL_CTX_free(ret);
+ return(NULL);
+ }
+
+void SSL_CTX_free(a)
+SSL_CTX *a;
+ {
+ int i;
+
+ if (a == NULL) return;
+
+ i=CRYPTO_add(&a->references,-1,CRYPTO_LOCK_SSL_CTX);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"SSL_CTX_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ if (a->sessions != NULL)
+ {
+ SSL_CTX_flush_sessions(a,0);
+ lh_free(a->sessions);
+ }
+ if (a->cert_store != NULL)
+ X509_STORE_free(a->cert_store);
+ if (a->cipher_list != NULL)
+ sk_free(a->cipher_list);
+ if (a->cipher_list_by_id != NULL)
+ sk_free(a->cipher_list_by_id);
+ if (a->default_cert != NULL)
+ ssl_cert_free(a->default_cert);
+ if (a->client_CA != NULL)
+ sk_pop_free(a->client_CA,X509_NAME_free);
+ Free((char *)a);
+ }
+
+void SSL_CTX_set_default_passwd_cb(ctx,cb)
+SSL_CTX *ctx;
+int (*cb)();
+ {
+ ctx->default_passwd_callback=cb;
+ }
+
+void SSL_CTX_set_cert_verify_cb(ctx,cb,arg)
+SSL_CTX *ctx;
+int (*cb)();
+char *arg;
+ {
+ ctx->app_verify_callback=cb;
+ ctx->app_verify_arg=arg;
+ }
+
+void SSL_CTX_set_verify(ctx,mode,cb)
+SSL_CTX *ctx;
+int mode;
+int (*cb)();
+ {
+ ctx->default_verify_mode=mode;
+ ctx->default_verify_callback=cb;
+ /* This needs cleaning up EAY EAY EAY */
+ X509_STORE_set_verify_cb_func(ctx->cert_store,cb);
+ }
+
+void ssl_set_cert_masks(c)
+CERT *c;
+ {
+ CERT_PKEY *cpk;
+ int rsa_enc,rsa_tmp,rsa_sign,dh_tmp,dh_rsa,dh_dsa,dsa_sign;
+ int rsa_enc_export,dh_rsa_export,dh_dsa_export;
+ int rsa_tmp_export,dh_tmp_export;
+ unsigned long mask,emask;
+
+ if ((c == NULL) || (c->valid)) return;
+
+#ifndef NO_RSA
+ rsa_tmp=((c->rsa_tmp != NULL) || (c->rsa_tmp_cb != NULL))?1:0;
+ rsa_tmp_export=((c->rsa_tmp_cb != NULL) ||
+ (rsa_tmp && (RSA_size(c->rsa_tmp)*8 <= 512)))?1:0;
+#else
+ rsa_tmp=rsa_tmp_export=0;
+#endif
+#ifndef NO_DH
+ dh_tmp=((c->dh_tmp != NULL) || (c->dh_tmp_cb != NULL))?1:0;
+ dh_tmp_export=((c->dh_tmp_cb != NULL) ||
+ (dh_tmp && (DH_size(c->dh_tmp)*8 <= 512)))?1:0;
+#else
+ dh_tmp=dh_tmp_export=0;
+#endif
+
+ cpk= &(c->pkeys[SSL_PKEY_RSA_ENC]);
+ rsa_enc= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ rsa_enc_export=(rsa_enc && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_RSA_SIGN]);
+ rsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_DSA_SIGN]);
+ dsa_sign=((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_DH_RSA]);
+ dh_rsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ dh_rsa_export=(dh_rsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0;
+ cpk= &(c->pkeys[SSL_PKEY_DH_DSA]);
+/* FIX THIS EAY EAY EAY */
+ dh_dsa= ((cpk->x509 != NULL) && (cpk->privatekey != NULL))?1:0;
+ dh_dsa_export=(dh_dsa && (EVP_PKEY_size(cpk->privatekey)*8 <= 512))?1:0;
+
+ mask=0;
+ emask=0;
+
+#ifdef CIPHER_DEBUG
+ printf("rt=%d dht=%d re=%d rs=%d ds=%d dhr=%d dhd=%d\n",
+ rsa_tmp,dh_tmp,
+ rsa_enc,rsa_sign,dsa_sign,dh_rsa,dh_dsa);
+#endif
+
+ if (rsa_enc || (rsa_tmp && rsa_sign))
+ mask|=SSL_kRSA;
+ if (rsa_enc_export || (rsa_tmp_export && rsa_sign))
+ emask|=SSL_kRSA;
+
+#if 0
+ /* The match needs to be both kEDH and aRSA or aDSA, so don't worry */
+ if ( (dh_tmp || dh_rsa || dh_dsa) &&
+ (rsa_enc || rsa_sign || dsa_sign))
+ mask|=SSL_kEDH;
+ if ((dh_tmp_export || dh_rsa_export || dh_dsa_export) &&
+ (rsa_enc || rsa_sign || dsa_sign))
+ emask|=SSL_kEDH;
+#endif
+
+ if (dh_tmp_export)
+ emask|=SSL_kEDH;
+
+ if (dh_tmp)
+ mask|=SSL_kEDH;
+
+ if (dh_rsa) mask|=SSL_kDHr;
+ if (dh_rsa_export) emask|=SSL_kDHr;
+
+ if (dh_dsa) mask|=SSL_kDHd;
+ if (dh_dsa_export) emask|=SSL_kDHd;
+
+ if (rsa_enc || rsa_sign)
+ {
+ mask|=SSL_aRSA;
+ emask|=SSL_aRSA;
+ }
+
+ if (dsa_sign)
+ {
+ mask|=SSL_aDSS;
+ emask|=SSL_aDSS;
+ }
+
+#ifdef SSL_ALLOW_ADH
+ mask|=SSL_aNULL;
+ emask|=SSL_aNULL;
+#endif
+
+ c->mask=mask;
+ c->export_mask=emask;
+ c->valid=1;
+ }
+
+/* THIS NEEDS CLEANING UP */
+X509 *ssl_get_server_send_cert(s)
+SSL *s;
+ {
+ unsigned long alg,mask,kalg;
+ CERT *c;
+ int i,export;
+
+ c=s->cert;
+ ssl_set_cert_masks(c);
+ alg=s->s3->tmp.new_cipher->algorithms;
+ export=(alg & SSL_EXPORT)?1:0;
+ mask=(export)?c->export_mask:c->mask;
+ kalg=alg&(SSL_MKEY_MASK|SSL_AUTH_MASK);
+
+ if (kalg & SSL_kDHr)
+ i=SSL_PKEY_DH_RSA;
+ else if (kalg & SSL_kDHd)
+ i=SSL_PKEY_DH_DSA;
+ else if (kalg & SSL_aDSS)
+ i=SSL_PKEY_DSA_SIGN;
+ else if (kalg & SSL_aRSA)
+ {
+ if (c->pkeys[SSL_PKEY_RSA_ENC].x509 == NULL)
+ i=SSL_PKEY_RSA_SIGN;
+ else
+ i=SSL_PKEY_RSA_ENC;
+ }
+ else /* if (kalg & SSL_aNULL) */
+ {
+ SSLerr(SSL_F_SSL_GET_SERVER_SEND_CERT,SSL_R_INTERNAL_ERROR);
+ return(NULL);
+ }
+ if (c->pkeys[i].x509 == NULL) return(NULL);
+ return(c->pkeys[i].x509);
+ }
+
+EVP_PKEY *ssl_get_sign_pkey(s,cipher)
+SSL *s;
+SSL_CIPHER *cipher;
+ {
+ unsigned long alg;
+ CERT *c;
+
+ alg=cipher->algorithms;
+ c=s->cert;
+
+ if ((alg & SSL_aDSS) &&
+ (c->pkeys[SSL_PKEY_DSA_SIGN].privatekey != NULL))
+ return(c->pkeys[SSL_PKEY_DSA_SIGN].privatekey);
+ else if (alg & SSL_aRSA)
+ {
+ if (c->pkeys[SSL_PKEY_RSA_SIGN].privatekey != NULL)
+ return(c->pkeys[SSL_PKEY_RSA_SIGN].privatekey);
+ else if (c->pkeys[SSL_PKEY_RSA_ENC].privatekey != NULL)
+ return(c->pkeys[SSL_PKEY_RSA_ENC].privatekey);
+ else
+ return(NULL);
+ }
+ else /* if (alg & SSL_aNULL) */
+ {
+ SSLerr(SSL_F_SSL_GET_SIGN_PKEY,SSL_R_INTERNAL_ERROR);
+ return(NULL);
+ }
+ }
+
+void ssl_update_cache(s,mode)
+SSL *s;
+int mode;
+ {
+ if ((s->ctx->session_cache_mode & mode)
+ && (!s->hit)
+ && SSL_CTX_add_session(s->ctx,s->session)
+ && (s->ctx->new_session_cb != NULL))
+ {
+ CRYPTO_add(&s->session->references,1,
+ CRYPTO_LOCK_SSL_SESSION);
+ if (!s->ctx->new_session_cb(s,s->session))
+ SSL_SESSION_free(s->session);
+ }
+
+ /* auto flush every 255 connections */
+ if ((!(s->ctx->session_cache_mode &
+ SSL_SESS_CACHE_NO_AUTO_CLEAR)) &&
+ ((s->ctx->sess_connect_good & 0xff) == 0))
+ SSL_CTX_flush_sessions(s->ctx,time(NULL));
+ }
+
+SSL_METHOD *SSL_get_ssl_method(s)
+SSL *s;
+ {
+ return(s->method);
+ }
+
+int SSL_set_ssl_method(s,meth)
+SSL *s;
+SSL_METHOD *meth;
+ {
+ int conn= -1;
+ int ret=1;
+
+ if (s->method != meth)
+ {
+ if (s->handshake_func != NULL)
+ conn=(s->handshake_func == s->method->ssl_connect);
+
+ if (s->method->version == meth->version)
+ s->method=meth;
+ else
+ {
+ s->method->ssl_free(s);
+ s->method=meth;
+ ret=s->method->ssl_new(s);
+ }
+
+ if (conn == 1)
+ s->handshake_func=meth->ssl_connect;
+ else if (conn == 0)
+ s->handshake_func=meth->ssl_accept;
+ }
+ return(ret);
+ }
+
+int SSL_get_error(s,i)
+SSL *s;
+int i;
+ {
+ int reason;
+ BIO *bio;
+
+ if (i > 0) return(SSL_ERROR_NONE);
+
+ if (ERR_peek_error() != 0)
+ return(SSL_ERROR_SSL);
+
+ if ((i < 0) && SSL_want_read(s))
+ {
+ bio=SSL_get_rbio(s);
+ if (BIO_should_read(bio))
+ return(SSL_ERROR_WANT_READ);
+ else if (BIO_should_write(bio))
+ return(SSL_ERROR_WANT_WRITE);
+ else if (BIO_should_io_special(bio))
+ {
+ reason=BIO_get_retry_reason(bio);
+ if (reason == BIO_RR_CONNECT)
+ return(SSL_ERROR_WANT_CONNECT);
+ else
+ return(SSL_ERROR_SYSCALL); /* unknown */
+ }
+ }
+
+ if ((i < 0) && SSL_want_write(s))
+ {
+ bio=SSL_get_wbio(s);
+ if (BIO_should_write(bio))
+ return(SSL_ERROR_WANT_WRITE);
+ else if (BIO_should_read(bio))
+ return(SSL_ERROR_WANT_READ);
+ else if (BIO_should_io_special(bio))
+ {
+ reason=BIO_get_retry_reason(bio);
+ if (reason == BIO_RR_CONNECT)
+ return(SSL_ERROR_WANT_CONNECT);
+ else
+ return(SSL_ERROR_SYSCALL);
+ }
+ }
+ if ((i < 0) && SSL_want_x509_lookup(s))
+ {
+ return(SSL_ERROR_WANT_X509_LOOKUP);
+ }
+
+ if (i == 0)
+ {
+ if (s->version == 2)
+ {
+ /* assume it is the socket being closed */
+ return(SSL_ERROR_ZERO_RETURN);
+ }
+ else
+ {
+ if ((s->shutdown & SSL_RECEIVED_SHUTDOWN) &&
+ (s->s3->warn_alert == SSL3_AD_CLOSE_NOTIFY))
+ return(SSL_ERROR_ZERO_RETURN);
+ }
+ }
+ return(SSL_ERROR_SYSCALL);
+ }
+
+int SSL_do_handshake(s)
+SSL *s;
+ {
+ if (s->handshake_func == NULL)
+ {
+ SSLerr(SSL_F_SSL_DO_HANDSHAKE,SSL_R_INTERNAL_ERROR);
+ return(-1);
+ }
+ if (SSL_in_init(s) || SSL_in_before(s))
+ return(s->handshake_func(s));
+ else
+ return(1);
+ }
+
+/* For the next 2 functions, SSL_clear() sets shutdown and so
+ * one of these calls will reset it */
+void SSL_set_accept_state(s)
+SSL *s;
+ {
+ s->shutdown=0;
+ s->state=SSL_ST_ACCEPT|SSL_ST_BEFORE;
+ s->handshake_func=s->method->ssl_accept;
+ /* clear the current cipher */
+ ssl_clear_cipher_ctx(s);
+ }
+
+void SSL_set_connect_state(s)
+SSL *s;
+ {
+ s->shutdown=0;
+ s->state=SSL_ST_CONNECT|SSL_ST_BEFORE;
+ s->handshake_func=s->method->ssl_connect;
+ /* clear the current cipher */
+ ssl_clear_cipher_ctx(s);
+ }
+
+int ssl_undefined_function(s)
+SSL *s;
+ {
+ SSLerr(SSL_F_SSL_UNDEFINED_FUNCTION,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(0);
+ }
+
+SSL_METHOD *ssl_bad_method(ver)
+int ver;
+ {
+ SSLerr(SSL_F_SSL_BAD_METHOD,ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
+ return(NULL);
+ }
+
+char *SSL_get_version(s)
+SSL *s;
+ {
+ if (s->version == 3)
+ return("SSLv3");
+ else if (s->version == 2)
+ return("SSLv2");
+ else
+ return("unknown");
+ }
+
+SSL *SSL_dup(s)
+SSL *s;
+ {
+ STACK *sk;
+ X509_NAME *xn;
+ SSL *ret;
+ int i;
+
+ if ((ret=SSL_new(SSL_get_SSL_CTX(s))) == NULL) return(NULL);
+
+ /* This copies version, session-id, SSL_METHOD and 'cert' */
+ SSL_copy_session_id(ret,s);
+
+ SSL_set_read_ahead(ret,SSL_get_read_ahead(s));
+ SSL_set_verify(ret,SSL_get_verify_mode(s),
+ SSL_get_verify_callback(s));
+
+ SSL_set_info_callback(ret,SSL_get_info_callback(s));
+
+ ret->debug=s->debug;
+
+ /* copy app data, a little dangerous perhaps */
+ SSL_set_app_data(ret,SSL_get_app_data(s));
+
+ /* setup rbio, and wbio */
+ if (s->rbio != NULL)
+ {
+ if (!BIO_dup_state(s->rbio,(char *)&ret->rbio))
+ goto err;
+ }
+ if (s->wbio != NULL)
+ {
+ if (s->wbio != s->rbio)
+ {
+ if (!BIO_dup_state(s->wbio,(char *)&ret->rbio))
+ goto err;
+ }
+ else
+ ret->wbio=ret->rbio;
+ }
+
+ /* dup the cipher_list and cipher_list_by_id stacks */
+ if (s->cipher_list != NULL)
+ {
+ if ((ret->cipher_list=sk_dup(s->cipher_list)) == NULL)
+ goto err;
+ }
+ if (s->cipher_list_by_id != NULL)
+ if ((ret->cipher_list_by_id=sk_dup(s->cipher_list_by_id))
+ == NULL)
+ goto err;
+
+ /* Dup the client_CA list */
+ if (s->client_CA != NULL)
+ {
+ if ((sk=sk_dup(s->client_CA)) == NULL) goto err;
+ ret->client_CA=sk;
+ for (i=0; i<sk_num(sk); i++)
+ {
+ xn=(X509_NAME *)sk_value(sk,i);
+ if ((sk_value(sk,i)=(char *)X509_NAME_dup(xn)) == NULL)
+ {
+ X509_NAME_free(xn);
+ goto err;
+ }
+ }
+ }
+
+ ret->shutdown=s->shutdown;
+ ret->state=s->state;
+ ret->handshake_func=s->handshake_func;
+
+ if (0)
+ {
+err:
+ if (ret != NULL) SSL_free(ret);
+ ret=NULL;
+ }
+ return(ret);
+ }
+
+void ssl_clear_cipher_ctx(s)
+SSL *s;
+ {
+ if (s->enc_read_ctx != NULL)
+ {
+ EVP_CIPHER_CTX_cleanup(s->enc_read_ctx);
+ Free(s->enc_read_ctx);
+ s->enc_read_ctx=NULL;
+ }
+ if (s->enc_write_ctx != NULL)
+ {
+ EVP_CIPHER_CTX_cleanup(s->enc_write_ctx);
+ Free(s->enc_write_ctx);
+ s->enc_write_ctx=NULL;
+ }
+ }
+
+X509 *SSL_get_certificate(s)
+SSL *s;
+ {
+ if (s->cert != NULL)
+ return(s->cert->key->x509);
+ else
+ return(NULL);
+ }
+
+EVP_PKEY *SSL_get_privatekey(s)
+SSL *s;
+ {
+ if (s->cert != NULL)
+ return(s->cert->key->privatekey);
+ else
+ return(NULL);
+ }
+
+SSL_CIPHER *SSL_get_current_cipher(s)
+SSL *s;
+ {
+ if ((s->session != NULL) && (s->session->cipher != NULL))
+ return(s->session->cipher);
+ return(NULL);
+ }
+
diff --git a/ssl/ssl_locl.h b/ssl/ssl_locl.h
new file mode 100644
index 0000000..ef3a70e
--- /dev/null
+++ b/ssl/ssl_locl.h
@@ -0,0 +1,520 @@
+/* ssl/ssl_locl.h */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#ifndef HEADER_SSL_LOCL_H
+#define HEADER_SSL_LOCL_H
+#include <stdlib.h>
+#include <time.h>
+#include <string.h>
+#include <errno.h>
+
+#ifdef FLAT_INC
+#include "e_os.h"
+#else
+#include "../e_os.h"
+#endif
+
+#include "buffer.h"
+#include "bio.h"
+#include "crypto.h"
+#include "evp.h"
+#include "stack.h"
+#include "x509.h"
+#include "err.h"
+#include "ssl.h"
+
+
+#define c2l(c,l) (l = ((unsigned long)(*((c)++))) , \
+ l|=(((unsigned long)(*((c)++)))<< 8), \
+ l|=(((unsigned long)(*((c)++)))<<16), \
+ l|=(((unsigned long)(*((c)++)))<<24))
+
+/* NOTE - c is not incremented as per c2l */
+#define c2ln(c,l1,l2,n) { \
+ c+=n; \
+ l1=l2=0; \
+ switch (n) { \
+ case 8: l2 =((unsigned long)(*(--(c))))<<24; \
+ case 7: l2|=((unsigned long)(*(--(c))))<<16; \
+ case 6: l2|=((unsigned long)(*(--(c))))<< 8; \
+ case 5: l2|=((unsigned long)(*(--(c)))); \
+ case 4: l1 =((unsigned long)(*(--(c))))<<24; \
+ case 3: l1|=((unsigned long)(*(--(c))))<<16; \
+ case 2: l1|=((unsigned long)(*(--(c))))<< 8; \
+ case 1: l1|=((unsigned long)(*(--(c)))); \
+ } \
+ }
+
+#define l2c(l,c) (*((c)++)=(unsigned char)(((l) )&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>24)&0xff))
+
+#define n2l(c,l) (l =((unsigned long)(*((c)++)))<<24, \
+ l|=((unsigned long)(*((c)++)))<<16, \
+ l|=((unsigned long)(*((c)++)))<< 8, \
+ l|=((unsigned long)(*((c)++))))
+
+#define l2n(l,c) (*((c)++)=(unsigned char)(((l)>>24)&0xff), \
+ *((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* NOTE - c is not incremented as per l2c */
+#define l2cn(l1,l2,c,n) { \
+ c+=n; \
+ switch (n) { \
+ case 8: *(--(c))=(unsigned char)(((l2)>>24)&0xff); \
+ case 7: *(--(c))=(unsigned char)(((l2)>>16)&0xff); \
+ case 6: *(--(c))=(unsigned char)(((l2)>> 8)&0xff); \
+ case 5: *(--(c))=(unsigned char)(((l2) )&0xff); \
+ case 4: *(--(c))=(unsigned char)(((l1)>>24)&0xff); \
+ case 3: *(--(c))=(unsigned char)(((l1)>>16)&0xff); \
+ case 2: *(--(c))=(unsigned char)(((l1)>> 8)&0xff); \
+ case 1: *(--(c))=(unsigned char)(((l1) )&0xff); \
+ } \
+ }
+
+#define n2s(c,s) (s =((unsigned int)(*((c)++)))<< 8, \
+ s|=((unsigned int)(*((c)++))))
+#define s2n(s,c) (*((c)++)=(unsigned char)(((s)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((s) )&0xff))
+
+#define n2l3(c,l) (l =((unsigned long)(*((c)++)))<<16, \
+ l|=((unsigned long)(*((c)++)))<< 8, \
+ l|=((unsigned long)(*((c)++))))
+
+#define l2n3(l,c) (*((c)++)=(unsigned char)(((l)>>16)&0xff), \
+ *((c)++)=(unsigned char)(((l)>> 8)&0xff), \
+ *((c)++)=(unsigned char)(((l) )&0xff))
+
+/* LOCAL STUFF */
+
+#define SSL_DECRYPT 0
+#define SSL_ENCRYPT 1
+
+#define TWO_BYTE_BIT 0x80
+#define SEC_ESC_BIT 0x40
+#define TWO_BYTE_MASK 0x7fff
+#define THREE_BYTE_MASK 0x3fff
+
+#define INC32(a) ((a)=((a)+1)&0xffffffffL)
+#define DEC32(a) ((a)=((a)-1)&0xffffffffL)
+#define MAX_MAC_SIZE 20 /* up from 16 for SSLv3 */
+
+#define SSL_MKEY_MASK 0x0000001FL
+#define SSL_kRSA 0x00000001L /* RSA key exchange */
+#define SSL_kDHr 0x00000002L /* DH cert RSA CA cert */
+#define SSL_kDHd 0x00000004L /* DH cert DSA CA cert */
+#define SSL_kFZA 0x00000008L
+#define SSL_kEDH 0x00000010L /* tmp DH key no DH cert */
+#define SSL_EDH (SSL_kEDH|(SSL_AUTH_MASK^SSL_aNULL))
+
+#define SSL_AUTH_MASK 0x000003e0L
+#define SSL_aRSA 0x00000020L /* Authenticate with RSA */
+#define SSL_aDSS 0x00000040L /* Authenticate with DSS */
+#define SSL_DSS SSL_aDSS
+#define SSL_aFZA 0x00000080L
+#define SSL_aNULL 0x00000100L /* no Authenticate, ADH */
+#define SSL_aDH 0x00000200L /* no Authenticate, ADH */
+
+#define SSL_NULL (SSL_eNULL)
+#define SSL_ADH (SSL_kEDH|SSL_aNULL)
+#define SSL_RSA (SSL_kRSA|SSL_aRSA)
+#define SSL_DH (SSL_kDHr|SSL_kDHd|SSL_kEDH)
+#define SSL_FZA (SSL_aFZA|SSL_kFZA|SSL_eFZA)
+
+#define SSL_ENC_MASK 0x0001Fc00L
+#define SSL_DES 0x00000400L
+#define SSL_3DES 0x00000800L
+#define SSL_RC4 0x00001000L
+#define SSL_RC2 0x00002000L
+#define SSL_IDEA 0x00004000L
+#define SSL_eFZA 0x00008000L
+#define SSL_eNULL 0x00010000L
+
+#define SSL_MAC_MASK 0x000e0000L
+#define SSL_MD5 0x00020000L
+#define SSL_SHA0 0x00040000L
+#define SSL_SHA1 0x00080000L
+#define SSL_SHA (SSL_SHA0|SSL_SHA1)
+
+#define SSL_EXP_MASK 0x00300000L
+#define SSL_EXP 0x00100000L
+#define SSL_NOT_EXP 0x00200000L
+#define SSL_EXPORT SSL_EXP
+
+#define SSL_SSL_MASK 0x00c00000L
+#define SSL_SSLV2 0x00400000L
+#define SSL_SSLV3 0x00800000L
+
+#define SSL_STRONG_MASK 0x07000000L
+#define SSL_LOW 0x01000000L
+#define SSL_MEDIUM 0x02000000L
+#define SSL_HIGH 0x04000000L
+
+/* we have used 0fffffff - 4 bits left to go */
+#define SSL_ALL 0xffffffffL
+#define SSL_ALL_CIPHERS (SSL_MKEY_MASK|SSL_AUTH_MASK|SSL_ENC_MASK|\
+ SSL_MAC_MASK|SSL_EXP_MASK)
+
+/* Mostly for SSLv3 */
+#define SSL_PKEY_RSA_ENC 0
+#define SSL_PKEY_RSA_SIGN 1
+#define SSL_PKEY_DSA_SIGN 2
+#define SSL_PKEY_DH_RSA 3
+#define SSL_PKEY_DH_DSA 4
+#define SSL_PKEY_NUM 5
+
+/* SSL_kRSA <- RSA_ENC | (RSA_TMP & RSA_SIGN) |
+ * <- (EXPORT & (RSA_ENC | RSA_TMP) & RSA_SIGN)
+ * SSL_kDH <- DH_ENC & (RSA_ENC | RSA_SIGN | DSA_SIGN)
+ * SSL_kEDH <- RSA_ENC | RSA_SIGN | DSA_SIGN
+ * SSL_aRSA <- RSA_ENC | RSA_SIGN
+ * SSL_aDSS <- DSA_SIGN
+ */
+
+/*
+#define CERT_INVALID 0
+#define CERT_PUBLIC_KEY 1
+#define CERT_PRIVATE_KEY 2
+*/
+
+typedef struct cert_pkey_st
+ {
+ X509 *x509;
+/* EVP_PKEY *publickey; *//* when extracted */
+ EVP_PKEY *privatekey;
+ } CERT_PKEY;
+
+typedef struct cert_st
+ {
+ int cert_type;
+
+#ifdef undef
+ X509 *x509;
+ EVP_PKEY *publickey; /* when extracted */
+ EVP_PKEY *privatekey;
+
+ pkeys[SSL_PKEY_RSA_ENC].x509
+/* pkeys[SSL_PKEY_RSA_ENC].publickey */
+ pkeys[SSL_PKEY_RSA_ENC].privatekey
+#endif
+
+ /* Current active set */
+ CERT_PKEY *key;
+
+ /* The following masks are for the key and auth
+ * algorithms that are supported by the certs below */
+ int valid;
+ unsigned long mask;
+ unsigned long export_mask;
+
+ RSA *rsa_tmp;
+ DH *dh_tmp;
+ RSA *(*rsa_tmp_cb)();
+ DH *(*dh_tmp_cb)();
+ CERT_PKEY pkeys[SSL_PKEY_NUM];
+
+ STACK *cert_chain;
+
+ int references;
+ } CERT;
+
+/*#define MAC_DEBUG */
+
+/*#define ERR_DEBUG */
+/*#define ABORT_DEBUG */
+/*#define PKT_DEBUG 1 */
+/*#define DES_DEBUG */
+/*#define DES_OFB_DEBUG */
+/*#define SSL_DEBUG */
+/*#define RSA_DEBUG */
+/*#define IDEA_DEBUG */
+
+#ifndef NOPROTO
+#define FP_ICC (int (*)(const void *,const void *))
+#else
+#define FP_ICC
+#endif
+
+#define ssl_put_cipher_by_char(ssl,ciph,ptr) \
+ ((ssl)->method->put_cipher_by_char((ciph),(ptr)))
+#define ssl_get_cipher_by_char(ssl,ptr) \
+ ((ssl)->method->get_cipher_by_char(ptr))
+
+extern unsigned char ssl3_client_finished_const[4];
+extern unsigned char ssl3_server_finished_const[4];
+
+extern SSL_CIPHER ssl2_ciphers[];
+extern SSL_CIPHER ssl3_ciphers[];
+
+#ifndef NOPROTO
+
+SSL_METHOD *ssl_bad_method(int ver);
+SSL_METHOD *sslv2_base_method(void);
+SSL_METHOD *sslv23_base_method(void);
+SSL_METHOD *sslv3_base_method(void);
+
+void ssl_clear_cipher_ctx(SSL *s);
+int ssl_clear_bad_session(SSL *s);
+CERT *ssl_cert_new(void);
+void ssl_cert_free(CERT *c);
+int ssl_set_cert_type(CERT *c, int type);
+int ssl_get_new_session(SSL *s, int session);
+int ssl_get_prev_session(SSL *s, int len, unsigned char *session);
+int ssl_cipher_id_cmp(SSL_CIPHER *a,SSL_CIPHER *b);
+int ssl_cipher_ptr_id_cmp(SSL_CIPHER **ap,SSL_CIPHER **bp);
+STACK *ssl_bytes_to_cipher_list(SSL *s,unsigned char *p,int num,STACK **skp);
+int ssl_cipher_list_to_bytes(SSL *s,STACK *sk,unsigned char *p);
+STACK *ssl_create_cipher_list(SSL_METHOD *meth,STACK **pref,
+ STACK **sorted,char *str);
+void ssl_update_cache(SSL *s, int mode);
+int ssl_cipher_get_evp(SSL_CIPHER *c, EVP_CIPHER **enc, EVP_MD **md);
+int ssl_verify_cert_chain(SSL *s,STACK *sk);
+int ssl_undefined_function(SSL *s);
+X509 *ssl_get_server_send_cert(SSL *);
+EVP_PKEY *ssl_get_sign_pkey(SSL *,SSL_CIPHER *);
+int ssl_cert_type(X509 *x,EVP_PKEY *pkey);
+void ssl_set_cert_masks(CERT *c);
+STACK *ssl_get_ciphers_by_id(SSL *s);
+int ssl_verify_alarm_type(int type);
+
+int ssl2_enc_init(SSL *s, int client);
+void ssl2_generate_key_material(SSL *s);
+void ssl2_enc(SSL *s,int send_data);
+void ssl2_mac(SSL *s,unsigned char *mac,int send_data);
+SSL_CIPHER *ssl2_get_cipher_by_char(unsigned char *p);
+int ssl2_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p);
+int ssl2_part_read(SSL *s, unsigned long f, int i);
+int ssl2_do_write(SSL *s);
+int ssl2_set_certificate(SSL *s, int type, int len, unsigned char *data);
+void ssl2_return_error(SSL *s,int reason);
+void ssl2_write_error(SSL *s);
+int ssl2_num_ciphers(void);
+SSL_CIPHER *ssl2_get_cipher(unsigned int u);
+int ssl2_new(SSL *s);
+void ssl2_free(SSL *s);
+int ssl2_accept(SSL *s);
+int ssl2_connect(SSL *s);
+int ssl2_read(SSL *s, char *buf, int len);
+int ssl2_peek(SSL *s, char *buf, int len);
+int ssl2_write(SSL *s, const char *buf, int len);
+int ssl2_shutdown(SSL *s);
+void ssl2_clear(SSL *s);
+long ssl2_ctrl(SSL *s,int cmd, long larg, char *parg);
+long ssl2_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
+int ssl2_pending(SSL *s);
+
+SSL_CIPHER *ssl3_get_cipher_by_char(unsigned char *p);
+int ssl3_put_cipher_by_char(SSL_CIPHER *c,unsigned char *p);
+void ssl3_init_finished_mac(SSL *s);
+int ssl3_send_server_certificate(SSL *s);
+int ssl3_get_finished(SSL *s,int state_a,int state_b,unsigned char *sender);
+int ssl3_setup_key_block(SSL *s);
+int ssl3_send_change_cipher_spec(SSL *s,int state_a,int state_b);
+int ssl3_change_cipher_state(SSL *s,int which);
+void ssl3_cleanup_key_block(SSL *s);
+int ssl3_do_write(SSL *s,int type);
+void ssl3_send_alert(SSL *s,int level, int desc);
+int ssl3_generate_master_secret(SSL *s, unsigned char *out,
+ unsigned char *p, int len);
+int ssl3_get_req_cert_type(SSL *s,unsigned char *p);
+long ssl3_get_message(SSL *s, int st1, int stn, int mt, long max, int *ok);
+int ssl3_send_finished(SSL *s, int a, int b, unsigned char *sender);
+int ssl3_num_ciphers(void);
+SSL_CIPHER *ssl3_get_cipher(unsigned int u);
+int ssl3_renegotiate(SSL *ssl);
+int ssl3_dispatch_alert(SSL *s);
+int ssl3_read_bytes(SSL *s, int type, char *buf, int len);
+void ssl3_generate_key_block(SSL *s, unsigned char *km, int num);
+int ssl3_part_read(SSL *s, int i);
+int ssl3_write_bytes(SSL *s, int type, char *buf, int len);
+int ssl3_final_finish_mac(SSL *s, EVP_MD_CTX *in_ctx,
+ unsigned char *sender, unsigned char *p);
+void ssl3_finish_mac(SSL *s, unsigned char *buf, int len);
+int ssl3_enc(SSL *s, int send_data);
+int ssl3_mac(SSL *ssl, unsigned char *md, int send_data);
+unsigned long ssl3_output_cert_chain(SSL *s, X509 *x);
+SSL_CIPHER *ssl3_choose_cipher(SSL *ssl,STACK *have,STACK *pref);
+int ssl3_setup_buffers(SSL *s);
+int ssl3_new(SSL *s);
+void ssl3_free(SSL *s);
+int ssl3_accept(SSL *s);
+int ssl3_connect(SSL *s);
+int ssl3_read(SSL *s, char *buf, int len);
+int ssl3_peek(SSL *s,char *buf, int len);
+int ssl3_write(SSL *s, const char *buf, int len);
+int ssl3_shutdown(SSL *s);
+void ssl3_clear(SSL *s);
+long ssl3_ctrl(SSL *s,int cmd, long larg, char *parg);
+long ssl3_ctx_ctrl(SSL_CTX *s,int cmd, long larg, char *parg);
+int ssl3_pending(SSL *s);
+
+int ssl23_accept(SSL *s);
+int ssl23_connect(SSL *s);
+int ssl23_read_bytes(SSL *s, int n);
+int ssl23_write_bytes(SSL *s);
+
+#else
+
+SSL_METHOD *ssl_bad_method();
+SSL_METHOD *sslv2_base_method();
+SSL_METHOD *sslv23_base_method();
+SSL_METHOD *sslv3_base_method();
+
+void ssl_clear_cipher_ctx();
+int ssl_clear_bad_session();
+CERT *ssl_cert_new();
+void ssl_cert_free();
+int ssl_set_cert_type();
+int ssl_get_new_session();
+int ssl_get_prev_session();
+int ssl_cipher_id_cmp();
+int ssl_cipher_ptr_id_cmp();
+STACK *ssl_bytes_to_cipher_list();
+int ssl_cipher_list_to_bytes();
+STACK *ssl_create_cipher_list();
+void ssl_update_cache();
+int ssl_session_get_ciphers();
+int ssl_verify_cert_chain();
+int ssl_undefined_function();
+X509 *ssl_get_server_send_cert();
+EVP_PKEY *ssl_get_sign_pkey();
+int ssl_cert_type();
+void ssl_set_cert_masks();
+STACK *ssl_get_ciphers_by_id();
+int ssl_verify_alarm_type();
+
+int ssl2_enc_init();
+void ssl2_generate_key_material();
+void ssl2_enc();
+void ssl2_mac();
+SSL_CIPHER *ssl2_get_cipher_by_char();
+int ssl2_put_cipher_by_char();
+int ssl2_part_read();
+int ssl2_do_write();
+int ssl2_set_certificate();
+void ssl2_return_error();
+void ssl2_write_error();
+int ssl2_num_ciphers();
+SSL_CIPHER *ssl2_get_cipher();
+int ssl2_new();
+void ssl2_free();
+int ssl2_accept();
+int ssl2_connect();
+int ssl2_read();
+int ssl2_peek();
+int ssl2_write();
+int ssl2_shutdown();
+void ssl2_clear();
+long ssl2_ctrl();
+long ssl2_ctx_ctrl();
+int ssl2_pending();
+
+SSL_CIPHER *ssl3_get_cipher_by_char();
+int ssl3_put_cipher_by_char();
+void ssl3_init_finished_mac();
+int ssl3_send_server_certificate();
+int ssl3_get_finished();
+int ssl3_setup_key_block();
+int ssl3_send_change_cipher_spec();
+int ssl3_change_cipher_state();
+void ssl3_cleanup_key_block();
+int ssl3_do_write();
+void ssl3_send_alert();
+int ssl3_generate_master_secret();
+int ssl3_get_req_cert_type();
+long ssl3_get_message();
+int ssl3_send_finished();
+int ssl3_num_ciphers();
+SSL_CIPHER *ssl3_get_cipher();
+int ssl3_renegotiate();
+int ssl3_dispatch_alert();
+int ssl3_read_bytes();
+void ssl3_generate_key_block();
+int ssl3_part_read();
+int ssl3_write_bytes();
+int ssl3_final_finish_mac();
+void ssl3_finish_mac();
+int ssl3_enc();
+int ssl3_mac();
+unsigned long ssl3_output_cert_chain();
+SSL_CIPHER *ssl3_choose_cipher();
+int ssl3_setup_buffers();
+int ssl3_new();
+void ssl3_free();
+int ssl3_accept();
+int ssl3_connect();
+int ssl3_read();
+int ssl3_peek();
+int ssl3_write();
+int ssl3_shutdown();
+void ssl3_clear();
+long ssl3_ctrl();
+long ssl3_ctx_ctrl();
+int ssl3_pending();
+
+int ssl23_accept();
+int ssl23_connect();
+int ssl23_read_bytes();
+int ssl23_write_bytes();
+
+#endif
+
+#endif
diff --git a/ssl/ssl_rsa.c b/ssl/ssl_rsa.c
new file mode 100644
index 0000000..3a7b8d3
--- /dev/null
+++ b/ssl/ssl_rsa.c
@@ -0,0 +1,840 @@
+/* ssl/ssl_rsa.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "bio.h"
+#include "objects.h"
+#include "evp.h"
+#include "x509.h"
+#include "pem.h"
+#include "ssl_locl.h"
+
+#ifndef NOPROTO
+static int ssl_set_cert(CERT *c, X509 *x509);
+static int ssl_set_pkey(CERT *c, EVP_PKEY *pkey);
+#else
+static int ssl_set_cert();
+static int ssl_set_pkey();
+#endif
+
+int SSL_use_certificate(ssl, x)
+SSL *ssl;
+X509 *x;
+ {
+ CERT *c;
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
+ ssl->cert=c;
+ }
+ c=ssl->cert;
+
+ return(ssl_set_cert(c,x));
+ }
+
+int SSL_use_certificate_file(ssl, file, type)
+SSL *ssl;
+char *file;
+int type;
+ {
+ int j;
+ BIO *in;
+ int ret=0;
+ X509 *x=NULL;
+
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ x=d2i_X509_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ x=PEM_read_bio_X509(in,NULL,ssl->ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_FILE,j);
+ goto end;
+ }
+
+ ret=SSL_use_certificate(ssl,x);
+end:
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int SSL_use_certificate_ASN1(ssl, len, d)
+SSL *ssl;
+int len;
+unsigned char *d;
+ {
+ X509 *x;
+ int ret;
+
+ x=d2i_X509(NULL,&d,(long)len);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_use_certificate(ssl,x);
+ X509_free(x);
+ return(ret);
+ }
+
+#ifndef NO_RSA
+int SSL_use_RSAPrivateKey(ssl, rsa)
+SSL *ssl;
+RSA *rsa;
+ {
+ CERT *c;
+ EVP_PKEY *pkey;
+ int ret;
+
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
+ ssl->cert=c;
+ }
+ c=ssl->cert;
+ if ((pkey=EVP_PKEY_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
+ return(0);
+ }
+
+ CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
+ EVP_PKEY_assign_RSA(pkey,rsa);
+
+ ret=ssl_set_pkey(c,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+#endif
+
+static int ssl_set_pkey(c,pkey)
+CERT *c;
+EVP_PKEY *pkey;
+ {
+ int i,ok=0,bad=0;
+
+ i=ssl_cert_type(NULL,pkey);
+ if (i < 0)
+ {
+ SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ return(0);
+ }
+
+ if (c->pkeys[i].x509 != NULL)
+ {
+ if (!X509_check_private_key(c->pkeys[i].x509,pkey))
+ {
+ if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
+ {
+ i=(i == SSL_PKEY_DH_RSA)?
+ SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
+
+ if (c->pkeys[i].x509 == NULL)
+ ok=1;
+ else
+ {
+ if (!X509_check_private_key(
+ c->pkeys[i].x509,pkey))
+ bad=1;
+ else
+ ok=1;
+ }
+ }
+ else
+ bad=1;
+ }
+ else
+ ok=1;
+ }
+ else
+ ok=1;
+
+ if (bad)
+ {
+ X509_free(c->pkeys[i].x509);
+ c->pkeys[i].x509=NULL;
+ return(0);
+ }
+
+ if (c->pkeys[i].privatekey != NULL)
+ EVP_PKEY_free(c->pkeys[i].privatekey);
+ CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
+ c->pkeys[i].privatekey=pkey;
+ c->key= &(c->pkeys[i]);
+
+ c->valid=0;
+ return(1);
+ }
+
+#ifndef NO_RSA
+int SSL_use_RSAPrivateKey_file(ssl, file, type)
+SSL *ssl;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ RSA *rsa=NULL;
+
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
+ ssl->ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_use_RSAPrivateKey(ssl,rsa);
+ RSA_free(rsa);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int SSL_use_RSAPrivateKey_ASN1(ssl,d,len)
+SSL *ssl;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ RSA *rsa;
+
+ p=d;
+ if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_use_RSAPrivateKey(ssl,rsa);
+ RSA_free(rsa);
+ return(ret);
+ }
+#endif /* !NO_RSA */
+
+int SSL_use_PrivateKey(ssl, pkey)
+SSL *ssl;
+EVP_PKEY *pkey;
+ {
+ CERT *c;
+ int ret;
+
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if ((ssl->cert == NULL) || (ssl->cert == ssl->ctx->default_cert))
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ if (ssl->cert != NULL) ssl_cert_free(ssl->cert);
+ ssl->cert=c;
+ }
+ c=ssl->cert;
+
+ ret=ssl_set_pkey(c,pkey);
+ return(ret);
+ }
+
+int SSL_use_PrivateKey_file(ssl, file, type)
+SSL *ssl;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ EVP_PKEY *pkey=NULL;
+
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ pkey=PEM_read_bio_PrivateKey(in,NULL,
+ ssl->ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_use_PrivateKey(ssl,pkey);
+ EVP_PKEY_free(pkey);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int SSL_use_PrivateKey_ASN1(type,ssl,d,len)
+int type;
+SSL *ssl;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ EVP_PKEY *pkey;
+
+ p=d;
+ if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_use_PrivateKey(ssl,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+
+int SSL_CTX_use_certificate(ctx, x)
+SSL_CTX *ctx;
+X509 *x;
+ {
+ CERT *c;
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if (ctx->default_cert == NULL)
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ ctx->default_cert=c;
+ }
+ c=ctx->default_cert;
+
+ return(ssl_set_cert(c,x));
+ }
+
+static int ssl_set_cert(c,x)
+CERT *c;
+X509 *x;
+ {
+ EVP_PKEY *pkey;
+ int i,ok=0,bad=0;
+
+ pkey=X509_get_pubkey(x);
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_X509_LIB);
+ return(0);
+ }
+
+ i=ssl_cert_type(x,pkey);
+ if (i < 0)
+ {
+ SSLerr(SSL_F_SSL_SET_PKEY,SSL_R_UNKNOWN_CERTIFICATE_TYPE);
+ return(0);
+ }
+
+ if (c->pkeys[i].privatekey != NULL)
+ {
+ if (!X509_check_private_key(x,c->pkeys[i].privatekey))
+ {
+ if ((i == SSL_PKEY_DH_RSA) || (i == SSL_PKEY_DH_DSA))
+ {
+ i=(i == SSL_PKEY_DH_RSA)?
+ SSL_PKEY_DH_DSA:SSL_PKEY_DH_RSA;
+
+ if (c->pkeys[i].privatekey == NULL)
+ ok=1;
+ else
+ {
+ if (!X509_check_private_key(x,
+ c->pkeys[i].privatekey))
+ bad=1;
+ else
+ ok=1;
+ }
+ }
+ else
+ bad=1;
+ }
+ else
+ ok=1;
+ }
+ else
+ ok=1;
+
+ if (bad)
+ {
+ EVP_PKEY_free(c->pkeys[i].privatekey);
+ c->pkeys[i].privatekey=NULL;
+ }
+
+ if (c->pkeys[i].x509 != NULL)
+ X509_free(c->pkeys[i].x509);
+ CRYPTO_add(&x->references,1,CRYPTO_LOCK_X509);
+ c->pkeys[i].x509=x;
+ c->key= &(c->pkeys[i]);
+
+ c->valid=0;
+ return(1);
+ }
+
+int SSL_CTX_use_certificate_file(ctx, file, type)
+SSL_CTX *ctx;
+char *file;
+int type;
+ {
+ int j;
+ BIO *in;
+ int ret=0;
+ X509 *x=NULL;
+
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ x=d2i_X509_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ x=PEM_read_bio_X509(in,NULL,ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_FILE,j);
+ goto end;
+ }
+
+ ret=SSL_CTX_use_certificate(ctx,x);
+end:
+ if (x != NULL) X509_free(x);
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int SSL_CTX_use_certificate_ASN1(ctx, len, d)
+SSL_CTX *ctx;
+int len;
+unsigned char *d;
+ {
+ X509 *x;
+ int ret;
+
+ x=d2i_X509(NULL,&d,(long)len);
+ if (x == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_CERTIFICATE_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_CTX_use_certificate(ctx,x);
+ X509_free(x);
+ return(ret);
+ }
+
+#ifndef NO_RSA
+int SSL_CTX_use_RSAPrivateKey(ctx, rsa)
+SSL_CTX *ctx;
+RSA *rsa;
+ {
+ int ret;
+ CERT *c;
+ EVP_PKEY *pkey;
+
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+ if (ctx->default_cert == NULL)
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ ctx->default_cert=c;
+ }
+ c=ctx->default_cert;
+
+ if ((pkey=EVP_PKEY_new()) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY,ERR_R_EVP_LIB);
+ return(0);
+ }
+
+ CRYPTO_add(&rsa->references,1,CRYPTO_LOCK_RSA);
+ EVP_PKEY_assign_RSA(pkey,rsa);
+
+ ret=ssl_set_pkey(c,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+
+int SSL_CTX_use_RSAPrivateKey_file(ctx, file, type)
+SSL_CTX *ctx;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ RSA *rsa=NULL;
+
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_ASN1)
+ {
+ j=ERR_R_ASN1_LIB;
+ rsa=d2i_RSAPrivateKey_bio(in,NULL);
+ }
+ else if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ rsa=PEM_read_bio_RSAPrivateKey(in,NULL,
+ ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (rsa == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
+ RSA_free(rsa);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int SSL_CTX_use_RSAPrivateKey_ASN1(ctx,d,len)
+SSL_CTX *ctx;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ RSA *rsa;
+
+ p=d;
+ if ((rsa=d2i_RSAPrivateKey(NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_RSAPRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_CTX_use_RSAPrivateKey(ctx,rsa);
+ RSA_free(rsa);
+ return(ret);
+ }
+#endif /* !NO_RSA */
+
+int SSL_CTX_use_PrivateKey(ctx, pkey)
+SSL_CTX *ctx;
+EVP_PKEY *pkey;
+ {
+ CERT *c;
+
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_PASSED_NULL_PARAMETER);
+ return(0);
+ }
+
+ if (ctx->default_cert == NULL)
+ {
+ c=ssl_cert_new();
+ if (c == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ ctx->default_cert=c;
+ }
+ c=ctx->default_cert;
+
+ return(ssl_set_pkey(c,pkey));
+ }
+
+int SSL_CTX_use_PrivateKey_file(ctx, file, type)
+SSL_CTX *ctx;
+char *file;
+int type;
+ {
+ int j,ret=0;
+ BIO *in;
+ EVP_PKEY *pkey=NULL;
+
+#ifdef WIN16
+ in=BIO_new(BIO_s_file_internal_w16());
+#else
+ in=BIO_new(BIO_s_file());
+#endif
+ if (in == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_BUF_LIB);
+ goto end;
+ }
+
+ if (BIO_read_filename(in,file) <= 0)
+ {
+ SYSerr(SYS_F_FOPEN,errno);
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,ERR_R_SYS_LIB);
+ goto end;
+ }
+ if (type == SSL_FILETYPE_PEM)
+ {
+ j=ERR_R_PEM_LIB;
+ pkey=PEM_read_bio_PrivateKey(in,NULL,
+ ctx->default_passwd_callback);
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,SSL_R_BAD_SSL_FILETYPE);
+ goto end;
+ }
+ if (pkey == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_FILE,j);
+ goto end;
+ }
+ ret=SSL_CTX_use_PrivateKey(ctx,pkey);
+ EVP_PKEY_free(pkey);
+end:
+ if (in != NULL) BIO_free(in);
+ return(ret);
+ }
+
+int SSL_CTX_use_PrivateKey_ASN1(type,ctx,d,len)
+int type;
+SSL_CTX *ctx;
+unsigned char *d;
+long len;
+ {
+ int ret;
+ unsigned char *p;
+ EVP_PKEY *pkey;
+
+ p=d;
+ if ((pkey=d2i_PrivateKey(type,NULL,&p,(long)len)) == NULL)
+ {
+ SSLerr(SSL_F_SSL_CTX_USE_PRIVATEKEY_ASN1,ERR_R_ASN1_LIB);
+ return(0);
+ }
+
+ ret=SSL_CTX_use_PrivateKey(ctx,pkey);
+ EVP_PKEY_free(pkey);
+ return(ret);
+ }
+
+
diff --git a/ssl/ssl_sess.c b/ssl/ssl_sess.c
new file mode 100644
index 0000000..af65c65
--- /dev/null
+++ b/ssl/ssl_sess.c
@@ -0,0 +1,425 @@
+/* ssl/ssl_sess.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "lhash.h"
+#include "rand.h"
+#include "ssl_locl.h"
+
+SSL_SESSION *SSL_SESSION_new()
+ {
+ SSL_SESSION *ss;
+
+ ss=(SSL_SESSION *)Malloc(sizeof(SSL_SESSION));
+ if (ss == NULL)
+ {
+ SSLerr(SSL_F_SSL_SESSION_NEW,ERR_R_MALLOC_FAILURE);
+ return(0);
+ }
+ memset(ss,0,sizeof(SSL_SESSION));
+
+ ss->references=1;
+ ss->timeout=60*5+4; /* 5 minute timeout by default */
+ ss->time=time(NULL);
+ return(ss);
+ }
+
+int ssl_get_new_session(s, session)
+SSL *s;
+int session;
+ {
+ SSL_SESSION *ss=NULL;
+
+ if ((ss=SSL_SESSION_new()) == NULL) return(0);
+
+ /* If the context has a default timeout, use it */
+ if (s->ctx->session_timeout != 0)
+ ss->timeout=SSL_get_default_timeout(s);
+
+ if (s->session != NULL)
+ {
+ SSL_SESSION_free(s->session);
+ s->session=NULL;
+ }
+
+ if (session)
+ {
+ if (s->version == SSL2_CLIENT_VERSION)
+ {
+ ss->ssl_version=2;
+ ss->session_id_length=SSL2_SSL_SESSION_ID_LENGTH;
+ }
+ else if (s->version == SSL3_VERSION_MAJOR)
+ {
+ ss->ssl_version=3;
+ ss->session_id_length=SSL3_SSL_SESSION_ID_LENGTH;
+ }
+ else
+ {
+ SSLerr(SSL_F_SSL_GET_NEW_SESSION,SSL_R_UNSUPPORTED_SSL_VERSION);
+ SSL_SESSION_free(ss);
+ return(0);
+ }
+
+ for (;;)
+ {
+ SSL_SESSION *r;
+
+ RAND_bytes(ss->session_id,ss->session_id_length);
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ r=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,
+ (char *)ss);
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+ if (r == NULL) break;
+ /* else - woops a session_id match */
+ }
+ }
+ else
+ {
+ ss->session_id_length=0;
+ }
+
+ s->session=ss;
+ ss->ssl_version=s->version;
+
+ return(1);
+ }
+
+int ssl_get_prev_session(s, len, session)
+SSL *s;
+int len;
+unsigned char *session;
+ {
+ SSL_SESSION *ret,data;
+
+ /* conn_init();*/
+ data.ssl_version=s->version;
+ data.session_id_length=len;
+ if (len > SSL_MAX_SSL_SESSION_ID_LENGTH)
+ return(0);
+ memcpy(data.session_id,session,len);;
+
+ CRYPTO_r_lock(CRYPTO_LOCK_SSL_CTX);
+ ret=(SSL_SESSION *)lh_retrieve(s->ctx->sessions,(char *)&data);
+ CRYPTO_r_unlock(CRYPTO_LOCK_SSL_CTX);
+
+ if (ret == NULL)
+ {
+ int copy=1;
+
+ s->ctx->sess_miss++;
+ ret=NULL;
+ if ((s->ctx->get_session_cb != NULL) &&
+ ((ret=s->ctx->get_session_cb(s,session,len,©))
+ != NULL))
+ {
+ s->ctx->sess_cb_hit++;
+
+ /* The following should not return 1, otherwise,
+ * things are very strange */
+ SSL_CTX_add_session(s->ctx,ret);
+ /* auto free it */
+ if (!copy)
+ SSL_SESSION_free(ret);
+ }
+ if (ret == NULL) return(0);
+ }
+
+ if (ret->cipher == NULL)
+ {
+ char buf[5],*p;
+ unsigned long l;
+
+ p=buf;
+ l=ret->cipher_id;
+ l2n(l,p);
+ if (ret->ssl_version == 3)
+ ret->cipher=ssl_get_cipher_by_char(s,&(buf[2]));
+ else
+ ret->cipher=ssl_get_cipher_by_char(s,&(buf[1]));
+ if (ret->cipher == NULL)
+ return(0);
+ }
+
+ /* If a thread got the session, then 'swaped', and another got
+ * it and then due to a time-out decided to 'Free' it we could
+ * be in trouble. So I'll increment it now, then double decrement
+ * later - am I speaking rubbish?. */
+ CRYPTO_add(&ret->references,1,CRYPTO_LOCK_SSL_SESSION);
+
+ if ((long)(ret->time+ret->timeout) < (long)time(NULL)) /* timeout */
+ {
+ s->ctx->sess_timeout++;
+ /* remove it from the cache */
+ SSL_CTX_remove_session(s->ctx,ret);
+ SSL_SESSION_free(ret); /* again to actually Free it */
+ return(0);
+ }
+
+ s->ctx->sess_hit++;
+
+ /* ret->time=time(NULL); */ /* rezero timeout? */
+ /* again, just leave the session
+ * if it is the same session, we have just incremented and
+ * then decremented the reference count :-) */
+ if (s->session != NULL)
+ SSL_SESSION_free(s->session);
+ s->session=ret;
+ return(1);
+ }
+
+int SSL_CTX_add_session(ctx,c)
+SSL_CTX *ctx;
+SSL_SESSION *c;
+ {
+ SSL_SESSION *s;
+
+ /* conn_init(); */
+ CRYPTO_add(&c->references,1,CRYPTO_LOCK_SSL_SESSION);
+
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ s=(SSL_SESSION *)lh_insert(ctx->sessions,(char *)c);
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+
+ /* If the same session if is being 're-added', Free the old
+ * one when the last person stops using it.
+ * This will also work if it is alread in the cache.
+ * The references will go up and then down :-) */
+ if (s != NULL)
+ {
+ SSL_SESSION_free(s);
+ return(0);
+ }
+ else
+ return(1);
+ }
+
+int SSL_CTX_remove_session(ctx,c)
+SSL_CTX *ctx;
+SSL_SESSION *c;
+ {
+ SSL_SESSION *r;
+ int ret=0;
+
+ if ((c->session_id_length != 0) && (c != NULL))
+ {
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ r=(SSL_SESSION *)lh_delete(ctx->sessions,(char *)c);
+ if (r != NULL) ret=1;
+
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+
+ if (ret)
+ {
+ r->not_resumable=1;
+ if (ctx->remove_session_cb != NULL)
+ ctx->remove_session_cb(ctx,c);
+ SSL_SESSION_free(r);
+ }
+ }
+ else
+ ret=0;
+ return(ret);
+ }
+
+void SSL_SESSION_free(ss)
+SSL_SESSION *ss;
+ {
+ int i;
+
+ i=CRYPTO_add(&ss->references,-1,CRYPTO_LOCK_SSL_SESSION);
+ if (i > 0) return;
+#ifdef REF_CHECK
+ if (i < 0)
+ {
+ fprintf(stderr,"SSL_SESSION_free, bad reference count\n");
+ abort(); /* ok */
+ }
+#endif
+
+ memset(ss->key_arg,0,SSL_MAX_KEY_ARG_LENGTH);
+ memset(ss->master_key,0,SSL_MAX_MASTER_KEY_LENGTH);
+ memset(ss->session_id,0,SSL_MAX_SSL_SESSION_ID_LENGTH);
+ if (ss->cert != NULL) ssl_cert_free(ss->cert);
+ if (ss->peer != NULL) X509_free(ss->peer);
+ if (ss->ciphers != NULL) sk_free(ss->ciphers);
+ memset(ss,0,sizeof(*ss));
+ Free(ss);
+ }
+
+int SSL_set_session(s, session)
+SSL *s;
+SSL_SESSION *session;
+ {
+ int ret=0;
+ SSL_METHOD *meth;
+
+ if (session != NULL)
+ {
+ meth=s->ctx->method->get_ssl_method(session->ssl_version);
+ if (meth == NULL)
+ meth=s->method->get_ssl_method(session->ssl_version);
+ if (meth == NULL)
+ {
+ SSLerr(SSL_F_SSL_SET_SESSION,SSL_R_UNABLE_TO_FIND_SSL_METHOD);
+ return(0);
+ }
+
+ if (meth != s->method)
+ {
+ if (!SSL_set_ssl_method(s,meth))
+ return(0);
+ session->timeout=SSL_get_default_timeout(s);
+ }
+
+ /* CRYPTO_w_lock(CRYPTO_LOCK_SSL);*/
+ CRYPTO_add(&session->references,1,CRYPTO_LOCK_SSL_SESSION);
+ if (s->session != NULL)
+ SSL_SESSION_free(s->session);
+ s->session=session;
+ /* CRYPTO_w_unlock(CRYPTO_LOCK_SSL);*/
+ ret=1;
+ }
+ return(ret);
+ }
+
+long SSL_set_timeout(s,t)
+SSL_SESSION *s;
+long t;
+ {
+ if (s == NULL) return(0);
+ s->timeout=t;
+ return(1);
+ }
+
+long SSL_get_timeout(s)
+SSL_SESSION *s;
+ {
+ if (s == NULL) return(0);
+ return(s->timeout);
+ }
+
+long SSL_get_time(s)
+SSL_SESSION *s;
+ {
+ if (s == NULL) return(0);
+ return(s->time);
+ }
+
+long SSL_set_time(s,t)
+SSL_SESSION *s;
+long t;
+ {
+ if (s == NULL) return(0);
+ s->time=t;
+ return(t);
+ }
+
+typedef struct timeout_param_st
+ {
+ SSL_CTX *ctx;
+ long time;
+ LHASH *cache;
+ } TIMEOUT_PARAM;
+
+static void timeout(s,p)
+SSL_SESSION *s;
+TIMEOUT_PARAM *p;
+ {
+ if ((p->time == 0) || (p->time > (s->time+s->timeout))) /* timeout */
+ {
+ lh_delete(p->cache,(char *)s);
+ s->not_resumable=1;
+ if (p->ctx->remove_session_cb != NULL)
+ p->ctx->remove_session_cb(p->ctx,s);
+ SSL_SESSION_free(s);
+ }
+ }
+
+void SSL_CTX_flush_sessions(s,t)
+SSL_CTX *s;
+long t;
+ {
+ unsigned long i;
+ TIMEOUT_PARAM tp;
+
+ tp.ctx=s;
+ tp.cache=SSL_CTX_sessions(s);
+ if (tp.cache == NULL) return;
+ tp.time=t;
+ CRYPTO_w_lock(CRYPTO_LOCK_SSL_CTX);
+ i=tp.cache->down_load;
+ tp.cache->down_load=0;
+ lh_doall_arg(tp.cache,(void (*)())timeout,(char *)&tp);
+ tp.cache->down_load=i;
+ CRYPTO_w_unlock(CRYPTO_LOCK_SSL_CTX);
+ }
+
+int ssl_clear_bad_session(s)
+SSL *s;
+ {
+ if ( (s->session != NULL) &&
+ !(s->shutdown & SSL_SENT_SHUTDOWN) &&
+ !(SSL_in_init(s) || SSL_in_before(s)))
+ {
+ SSL_CTX_remove_session(s->ctx,s->session);
+ return(1);
+ }
+ else
+ return(0);
+ }
diff --git a/ssl/ssl_stat.c b/ssl/ssl_stat.c
new file mode 100644
index 0000000..328ccc9
--- /dev/null
+++ b/ssl/ssl_stat.c
@@ -0,0 +1,457 @@
+/* ssl/ssl_stat.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "ssl_locl.h"
+
+char *SSL_state_string_long(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->state)
+ {
+case SSL_ST_BEFORE: str="before SSL initalisation"; break;
+case SSL_ST_ACCEPT: str="before accept initalisation"; break;
+case SSL_ST_CONNECT: str="before connect initalisation"; break;
+case SSL_ST_OK: str="SSL negotiation finished successfully"; break;
+case SSL_ST_RENEGOTIATE: str="SSL renegotiate ciphers"; break;
+case SSL_ST_BEFORE|SSL_ST_CONNECT: str="before/connect initalisation"; break;
+case SSL_ST_OK|SSL_ST_CONNECT: str="ok/connect SSL initalisation"; break;
+case SSL_ST_BEFORE|SSL_ST_ACCEPT: str="before/accept initalisation"; break;
+case SSL_ST_OK|SSL_ST_ACCEPT: str="ok/accept SSL initalisation"; break;
+#ifndef NO_SSL2
+case SSL2_ST_CLIENT_START_ENCRYPTION: str="SSLv2 client start encryption"; break;
+case SSL2_ST_SERVER_START_ENCRYPTION: str="SSLv2 server start encryption"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_A: str="SSLv2 write client hello A"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_B: str="SSLv2 write client hello B"; break;
+case SSL2_ST_GET_SERVER_HELLO_A: str="SSLv2 read server hello A"; break;
+case SSL2_ST_GET_SERVER_HELLO_B: str="SSLv2 read server hello B"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="SSLv2 write client master key A"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="SSLv2 write client master key B"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_A: str="SSLv2 write client finished A"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_B: str="SSLv2 write client finished B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="SSLv2 write client certificate A"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="SSLv2 write client certificate B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="SSLv2 write client certificate C"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="SSLv2 write client certificate D"; break;
+case SSL2_ST_GET_SERVER_VERIFY_A: str="SSLv2 read server verify A"; break;
+case SSL2_ST_GET_SERVER_VERIFY_B: str="SSLv2 read server verify B"; break;
+case SSL2_ST_GET_SERVER_FINISHED_A: str="SSLv2 read server finished A"; break;
+case SSL2_ST_GET_SERVER_FINISHED_B: str="SSLv2 read server finished B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_A: str="SSLv2 read client hello A"; break;
+case SSL2_ST_GET_CLIENT_HELLO_B: str="SSLv2 read client hello B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_C: str="SSLv2 read client hello C"; break;
+case SSL2_ST_SEND_SERVER_HELLO_A: str="SSLv2 write server hello A"; break;
+case SSL2_ST_SEND_SERVER_HELLO_B: str="SSLv2 write server hello B"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="SSLv2 read client master key A"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="SSLv2 read client master key B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_A: str="SSLv2 write server verify A"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_B: str="SSLv2 write server verify B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_C: str="SSLv2 write server verify C"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_A: str="SSLv2 read client finished A"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_B: str="SSLv2 read client finished B"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_A: str="SSLv2 write server finished A"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_B: str="SSLv2 write server finished B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="SSLv2 write request certificate A"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="SSLv2 write request certificate B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="SSLv2 write request certificate C"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="SSLv2 write request certificate D"; break;
+case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="SSLv2 X509 read server certificate"; break;
+case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="SSLv2 X509 read client certificate"; break;
+#endif
+
+#ifndef NO_SSL3
+/* SSLv3 additions */
+case SSL3_ST_CW_CLNT_HELLO_A: str="SSLv3 write client hello A"; break;
+case SSL3_ST_CW_CLNT_HELLO_B: str="SSLv3 write client hello B"; break;
+case SSL3_ST_CR_SRVR_HELLO_A: str="SSLv3 read server hello A"; break;
+case SSL3_ST_CR_SRVR_HELLO_B: str="SSLv3 read server hello B"; break;
+case SSL3_ST_CR_CERT_A: str="SSLv3 read server certificate A"; break;
+case SSL3_ST_CR_CERT_B: str="SSLv3 read server certificate B"; break;
+case SSL3_ST_CR_KEY_EXCH_A: str="SSLv3 read server key exchange A"; break;
+case SSL3_ST_CR_KEY_EXCH_B: str="SSLv3 read server key exchange B"; break;
+case SSL3_ST_CR_CERT_REQ_A: str="SSLv3 read server certificate request A"; break;
+case SSL3_ST_CR_CERT_REQ_B: str="SSLv3 read server certificate request B"; break;
+case SSL3_ST_CR_SRVR_DONE_A: str="SSLv3 read server done A"; break;
+case SSL3_ST_CR_SRVR_DONE_B: str="SSLv3 read server done B"; break;
+case SSL3_ST_CW_CERT_A: str="SSLv3 write client certificate A"; break;
+case SSL3_ST_CW_CERT_B: str="SSLv3 write client certificate B"; break;
+case SSL3_ST_CW_KEY_EXCH_A: str="SSLv3 write client key exchange A"; break;
+case SSL3_ST_CW_KEY_EXCH_B: str="SSLv3 write client key exchange B"; break;
+case SSL3_ST_CW_CERT_VRFY_A: str="SSLv3 write certificate verify A"; break;
+case SSL3_ST_CW_CERT_VRFY_B: str="SSLv3 write certificate verify A"; break;
+
+case SSL3_ST_CW_CHANGE_A:
+case SSL3_ST_SW_CHANGE_A: str="SSLv3 write change cipher spec A"; break;
+case SSL3_ST_CW_CHANGE_B:
+case SSL3_ST_SW_CHANGE_B: str="SSLv3 write change cipher spec B"; break;
+case SSL3_ST_CW_FINISHED_A:
+case SSL3_ST_SW_FINISHED_A: str="SSLv3 write finished A"; break;
+case SSL3_ST_CW_FINISHED_B:
+case SSL3_ST_SW_FINISHED_B: str="SSLv3 write finished A"; break;
+case SSL3_ST_CR_CHANGE_A:
+case SSL3_ST_SR_CHANGE_A: str="SSLv3 read change cipher spec A"; break;
+case SSL3_ST_CR_CHANGE_B:
+case SSL3_ST_SR_CHANGE_B: str="SSLv3 read change cipher spec B"; break;
+case SSL3_ST_CR_FINISHED_A:
+case SSL3_ST_SR_FINISHED_A: str="SSLv3 read finished A"; break;
+case SSL3_ST_CR_FINISHED_B:
+case SSL3_ST_SR_FINISHED_B: str="SSLv3 read finished B"; break;
+
+case SSL3_ST_CW_FLUSH:
+case SSL3_ST_SW_FLUSH: str="SSLv3 flush data"; break;
+
+case SSL3_ST_SR_CLNT_HELLO_A: str="SSLv3 read client hello A"; break;
+case SSL3_ST_SR_CLNT_HELLO_B: str="SSLv3 read client hello B"; break;
+case SSL3_ST_SR_CLNT_HELLO_C: str="SSLv3 read client hello C"; break;
+case SSL3_ST_SW_HELLO_REQ_A: str="SSLv3 write hello request A"; break;
+case SSL3_ST_SW_HELLO_REQ_B: str="SSLv3 write hello request B"; break;
+case SSL3_ST_SW_HELLO_REQ_C: str="SSLv3 write hello request C"; break;
+case SSL3_ST_SW_SRVR_HELLO_A: str="SSLv3 write server hello A"; break;
+case SSL3_ST_SW_SRVR_HELLO_B: str="SSLv3 write server hello B"; break;
+case SSL3_ST_SW_CERT_A: str="SSLv3 write certificate A"; break;
+case SSL3_ST_SW_CERT_B: str="SSLv3 write certificate B"; break;
+case SSL3_ST_SW_KEY_EXCH_A: str="SSLv3 write key exchange A"; break;
+case SSL3_ST_SW_KEY_EXCH_B: str="SSLv3 write key exchange B"; break;
+case SSL3_ST_SW_CERT_REQ_A: str="SSLv3 write certificate request A"; break;
+case SSL3_ST_SW_CERT_REQ_B: str="SSLv3 write certificate request B"; break;
+case SSL3_ST_SW_SRVR_DONE_A: str="SSLv3 write server done A"; break;
+case SSL3_ST_SW_SRVR_DONE_B: str="SSLv3 write server done B"; break;
+case SSL3_ST_SR_CERT_A: str="SSLv3 read client certificate A"; break;
+case SSL3_ST_SR_CERT_B: str="SSLv3 read client certificate B"; break;
+case SSL3_ST_SR_KEY_EXCH_A: str="SSLv3 read client key exchange A"; break;
+case SSL3_ST_SR_KEY_EXCH_B: str="SSLv3 read client key exchange B"; break;
+case SSL3_ST_SR_CERT_VRFY_A: str="SSLv3 read certificate verify A"; break;
+case SSL3_ST_SR_CERT_VRFY_B: str="SSLv3 read certificate verify B"; break;
+#endif
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+/* SSLv2/v3 compatablitity states */
+/* client */
+case SSL23_ST_CW_CLNT_HELLO_A: str="SSLv2/v3 write client hello A"; break;
+case SSL23_ST_CW_CLNT_HELLO_B: str="SSLv2/v3 write client hello B"; break;
+case SSL23_ST_CR_SRVR_HELLO_A: str="SSLv2/v3 read server hello A"; break;
+case SSL23_ST_CR_SRVR_HELLO_B: str="SSLv2/v3 read server hello B"; break;
+/* server */
+case SSL23_ST_SR_CLNT_HELLO_A: str="SSLv2/v3 read client hello A"; break;
+case SSL23_ST_SR_CLNT_HELLO_B: str="SSLv2/v3 read client hello B"; break;
+#endif
+
+default: str="unknown state"; break;
+ }
+ return(str);
+ }
+
+char *SSL_rstate_string_long(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->rstate)
+ {
+ case SSL_ST_READ_HEADER: str="read header"; break;
+ case SSL_ST_READ_BODY: str="read body"; break;
+ default: str="unknown"; break;
+ }
+ return(str);
+ }
+
+char *SSL_state_string(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->state)
+ {
+case SSL_ST_BEFORE: str="PINIT "; break;
+case SSL_ST_ACCEPT: str="AINIT "; break;
+case SSL_ST_CONNECT: str="CINIT "; break;
+case SSL_ST_OK: str="SSLOK "; break;
+#ifndef NO_SSL2
+case SSL2_ST_CLIENT_START_ENCRYPTION: str="2CSENC"; break;
+case SSL2_ST_SERVER_START_ENCRYPTION: str="2SSENC"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_A: str="2SCH_A"; break;
+case SSL2_ST_SEND_CLIENT_HELLO_B: str="2SCH_B"; break;
+case SSL2_ST_GET_SERVER_HELLO_A: str="2GSH_A"; break;
+case SSL2_ST_GET_SERVER_HELLO_B: str="2GSH_B"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_A: str="2SCMKA"; break;
+case SSL2_ST_SEND_CLIENT_MASTER_KEY_B: str="2SCMKB"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_A: str="2SCF_A"; break;
+case SSL2_ST_SEND_CLIENT_FINISHED_B: str="2SCF_B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_A: str="2SCC_A"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_B: str="2SCC_B"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_C: str="2SCC_C"; break;
+case SSL2_ST_SEND_CLIENT_CERTIFICATE_D: str="2SCC_D"; break;
+case SSL2_ST_GET_SERVER_VERIFY_A: str="2GSV_A"; break;
+case SSL2_ST_GET_SERVER_VERIFY_B: str="2GSV_B"; break;
+case SSL2_ST_GET_SERVER_FINISHED_A: str="2GSF_A"; break;
+case SSL2_ST_GET_SERVER_FINISHED_B: str="2GSF_B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_A: str="2GCH_A"; break;
+case SSL2_ST_GET_CLIENT_HELLO_B: str="2GCH_B"; break;
+case SSL2_ST_GET_CLIENT_HELLO_C: str="2GCH_C"; break;
+case SSL2_ST_SEND_SERVER_HELLO_A: str="2SSH_A"; break;
+case SSL2_ST_SEND_SERVER_HELLO_B: str="2SSH_B"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_A: str="2GCMKA"; break;
+case SSL2_ST_GET_CLIENT_MASTER_KEY_B: str="2GCMKA"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_A: str="2SSV_A"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_B: str="2SSV_B"; break;
+case SSL2_ST_SEND_SERVER_VERIFY_C: str="2SSV_C"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_A: str="2GCF_A"; break;
+case SSL2_ST_GET_CLIENT_FINISHED_B: str="2GCF_B"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_A: str="2SSF_A"; break;
+case SSL2_ST_SEND_SERVER_FINISHED_B: str="2SSF_B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_A: str="2SRC_A"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_B: str="2SRC_B"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_C: str="2SRC_C"; break;
+case SSL2_ST_SEND_REQUEST_CERTIFICATE_D: str="2SRC_D"; break;
+case SSL2_ST_X509_GET_SERVER_CERTIFICATE: str="2X9GSC"; break;
+case SSL2_ST_X509_GET_CLIENT_CERTIFICATE: str="2X9GCC"; break;
+#endif
+
+#ifndef NO_SSL3
+/* SSLv3 additions */
+case SSL3_ST_SW_FLUSH:
+case SSL3_ST_CW_FLUSH: str="3FLUSH"; break;
+case SSL3_ST_CW_CLNT_HELLO_A: str="3WCH_A"; break;
+case SSL3_ST_CW_CLNT_HELLO_B: str="3WCH_B"; break;
+case SSL3_ST_CR_SRVR_HELLO_A: str="3RSH_A"; break;
+case SSL3_ST_CR_SRVR_HELLO_B: str="3RSH_B"; break;
+case SSL3_ST_CR_CERT_A: str="3RSC_A"; break;
+case SSL3_ST_CR_CERT_B: str="3RSC_B"; break;
+case SSL3_ST_CR_KEY_EXCH_A: str="3RSKEA"; break;
+case SSL3_ST_CR_KEY_EXCH_B: str="3RSKEB"; break;
+case SSL3_ST_CR_CERT_REQ_A: str="3RCR_A"; break;
+case SSL3_ST_CR_CERT_REQ_B: str="3RCR_B"; break;
+case SSL3_ST_CR_SRVR_DONE_A: str="3RSD_A"; break;
+case SSL3_ST_CR_SRVR_DONE_B: str="3RSD_B"; break;
+case SSL3_ST_CW_CERT_A: str="3WCC_A"; break;
+case SSL3_ST_CW_CERT_B: str="3WCC_B"; break;
+case SSL3_ST_CW_KEY_EXCH_A: str="3WCKEA"; break;
+case SSL3_ST_CW_KEY_EXCH_B: str="3WCKEB"; break;
+case SSL3_ST_CW_CERT_VRFY_A: str="3WCV_A"; break;
+case SSL3_ST_CW_CERT_VRFY_B: str="3WCV_B"; break;
+
+case SSL3_ST_SW_CHANGE_A:
+case SSL3_ST_CW_CHANGE_A: str="3WCCSA"; break;
+case SSL3_ST_SW_CHANGE_B:
+case SSL3_ST_CW_CHANGE_B: str="3WCCSB"; break;
+case SSL3_ST_SW_FINISHED_A:
+case SSL3_ST_CW_FINISHED_A: str="3WFINA"; break;
+case SSL3_ST_SW_FINISHED_B:
+case SSL3_ST_CW_FINISHED_B: str="3WFINB"; break;
+case SSL3_ST_SR_CHANGE_A:
+case SSL3_ST_CR_CHANGE_A: str="3RCCSA"; break;
+case SSL3_ST_SR_CHANGE_B:
+case SSL3_ST_CR_CHANGE_B: str="3RCCSB"; break;
+case SSL3_ST_SR_FINISHED_A:
+case SSL3_ST_CR_FINISHED_A: str="3RFINA"; break;
+case SSL3_ST_SR_FINISHED_B:
+case SSL3_ST_CR_FINISHED_B: str="3RFINB"; break;
+
+case SSL3_ST_SW_HELLO_REQ_A: str="3WHR_A"; break;
+case SSL3_ST_SW_HELLO_REQ_B: str="3WHR_B"; break;
+case SSL3_ST_SW_HELLO_REQ_C: str="3WHR_C"; break;
+case SSL3_ST_SR_CLNT_HELLO_A: str="3RCH_A"; break;
+case SSL3_ST_SR_CLNT_HELLO_B: str="3RCH_B"; break;
+case SSL3_ST_SR_CLNT_HELLO_C: str="3RCH_C"; break;
+case SSL3_ST_SW_SRVR_HELLO_A: str="3WSH_A"; break;
+case SSL3_ST_SW_SRVR_HELLO_B: str="3WSH_B"; break;
+case SSL3_ST_SW_CERT_A: str="3WSC_A"; break;
+case SSL3_ST_SW_CERT_B: str="3WSC_B"; break;
+case SSL3_ST_SW_KEY_EXCH_A: str="3WSKEA"; break;
+case SSL3_ST_SW_KEY_EXCH_B: str="3WSKEB"; break;
+case SSL3_ST_SW_CERT_REQ_A: str="3WCR_A"; break;
+case SSL3_ST_SW_CERT_REQ_B: str="3WCR_B"; break;
+case SSL3_ST_SW_SRVR_DONE_A: str="3WSD_A"; break;
+case SSL3_ST_SW_SRVR_DONE_B: str="3WSD_B"; break;
+case SSL3_ST_SR_CERT_A: str="3RCC_A"; break;
+case SSL3_ST_SR_CERT_B: str="3RCC_B"; break;
+case SSL3_ST_SR_KEY_EXCH_A: str="3RCKEA"; break;
+case SSL3_ST_SR_KEY_EXCH_B: str="3RCKEB"; break;
+case SSL3_ST_SR_CERT_VRFY_A: str="3RCV_A"; break;
+case SSL3_ST_SR_CERT_VRFY_B: str="3RCV_B"; break;
+#endif
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+/* SSLv2/v3 compatablitity states */
+/* client */
+case SSL23_ST_CW_CLNT_HELLO_A: str="23WCHA"; break;
+case SSL23_ST_CW_CLNT_HELLO_B: str="23WCHB"; break;
+case SSL23_ST_CR_SRVR_HELLO_A: str="23RSHA"; break;
+case SSL23_ST_CR_SRVR_HELLO_B: str="23RSHA"; break;
+/* server */
+case SSL23_ST_SR_CLNT_HELLO_A: str="23RCHA"; break;
+case SSL23_ST_SR_CLNT_HELLO_B: str="23RCHB"; break;
+#endif
+
+default: str="UNKWN "; break;
+ }
+ return(str);
+ }
+
+char *SSL_alert_type_string_long(value)
+int value;
+ {
+ value>>=8;
+ if (value == SSL3_AL_WARNING)
+ return("warning");
+ else if (value == SSL3_AL_FATAL)
+ return("fatal");
+ else
+ return("unknown");
+ }
+
+char *SSL_alert_type_string(value)
+int value;
+ {
+ value>>=8;
+ if (value == SSL3_AL_WARNING)
+ return("W");
+ else if (value == SSL3_AL_FATAL)
+ return("F");
+ else
+ return("U");
+ }
+
+char *SSL_alert_desc_string(value)
+int value;
+ {
+ char *str;
+
+ switch (value & 0xff)
+ {
+ case SSL3_AD_CLOSE_NOTIFY: str="CN"; break;
+ case SSL3_AD_UNEXPECTED_MESSAGE: str="UM"; break;
+ case SSL3_AD_BAD_RECORD_MAC: str="BM"; break;
+ case SSL3_AD_DECOMPRESSION_FAILURE: str="DF"; break;
+ case SSL3_AD_HANDSHAKE_FAILURE: str="HF"; break;
+ case SSL3_AD_NO_CERTIFICATE: str="NC"; break;
+ case SSL3_AD_BAD_CERTIFICATE: str="BC"; break;
+ case SSL3_AD_UNSUPPORTED_CERTIFICATE: str="UC"; break;
+ case SSL3_AD_CERTIFICATE_REVOKED: str="CR"; break;
+ case SSL3_AD_CERTIFICATE_EXPIRED: str="CE"; break;
+ case SSL3_AD_CERTIFICATE_UNKNOWN: str="CU"; break;
+ case SSL3_AD_ILLEGAL_PARAMETER: str="IP"; break;
+ default: str="UK"; break;
+ }
+ return(str);
+ }
+
+char *SSL_alert_desc_string_long(value)
+int value;
+ {
+ char *str;
+
+ switch (value & 0xff)
+ {
+ case SSL3_AD_CLOSE_NOTIFY:
+ str="close notify";
+ break;
+ case SSL3_AD_UNEXPECTED_MESSAGE:
+ str="unexected_message";
+ break;
+ case SSL3_AD_BAD_RECORD_MAC:
+ str="bad record mac";
+ break;
+ case SSL3_AD_DECOMPRESSION_FAILURE:
+ str="decompression failure";
+ break;
+ case SSL3_AD_HANDSHAKE_FAILURE:
+ str="handshake failure";
+ break;
+ case SSL3_AD_NO_CERTIFICATE:
+ str="no certificate";
+ break;
+ case SSL3_AD_BAD_CERTIFICATE:
+ str="bad certificate";
+ break;
+ case SSL3_AD_UNSUPPORTED_CERTIFICATE:
+ str="unsupported certificate";
+ break;
+ case SSL3_AD_CERTIFICATE_REVOKED:
+ str="certificate revoked";
+ break;
+ case SSL3_AD_CERTIFICATE_EXPIRED:
+ str="certificate expired";
+ break;
+ case SSL3_AD_CERTIFICATE_UNKNOWN:
+ str="certifcate unknown";
+ break;
+ case SSL3_AD_ILLEGAL_PARAMETER:
+ str="illegal parameter";
+ break;
+ default: str="unknown"; break;
+ }
+ return(str);
+ }
+
+char *SSL_rstate_string(s)
+SSL *s;
+ {
+ char *str;
+
+ switch (s->rstate)
+ {
+ case SSL_ST_READ_HEADER:str="RH"; break;
+ case SSL_ST_READ_BODY: str="RB"; break;
+ case SSL_ST_READ_DONE: str="RD"; break;
+ default: str="unknown"; break;
+ }
+ return(str);
+ }
diff --git a/ssl/ssl_task.c b/ssl/ssl_task.c
new file mode 100644
index 0000000..c27ce91
--- /dev/null
+++ b/ssl/ssl_task.c
@@ -0,0 +1,359 @@
+/* ssl/ssl_task.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+/* VMS */
+/*
+ * DECnet object for servicing SSL. We accept the inbound and speak a
+ * simple protocol for multiplexing the 2 data streams (application and
+ * ssl data) over this logical link.
+ *
+ * Logical names:
+ * SSL_CIPHER Defines a list of cipher specifications the server
+ * will support in order of preference.
+ * SSL_SERVER_CERTIFICATE
+ * Points to PEM (privacy enhanced mail) file that
+ * contains the server certificate and private password.
+ * SYS$NET Logical created by netserver.exe as hook for completing
+ * DECnet logical link.
+ *
+ * Each NSP message sent over the DECnet link has the following structure:
+ * struct rpc_msg {
+ * char channel;
+ * char function;
+ * short length;
+ * char data[MAX_DATA];
+ * } msg;
+ *
+ * The channel field designates the virtual data stream this message applies
+ * to and is one of:
+ * A - Application data (payload).
+ * R - Remote client connection that initiated the SSL connection. Encrypted
+ * data is sent over this connection.
+ * G - General data, reserved for future use.
+ *
+ * The data streams are half-duplex read/write and have following functions:
+ * G - Get, requests that up to msg.length bytes of data be returned. The
+ * data is returned in the next 'C' function response that matches the
+ * requesting channel.
+ * P - Put, requests that the first msg.length bytes of msg.data be appended
+ * to the designated stream.
+ * C - Confirms a get or put. Every get and put will get a confirm response,
+ * you cannot initiate another function on a channel until the previous
+ * operation has been confirmed.
+ *
+ * The 2 channels may interleave their operations, for example:
+ * Server msg Client msg
+ * A, Get, 4092 ---->
+ * <---- R, get, 4092
+ * R, Confirm, {hello} ---->
+ * <---- R, put, {srv hello}
+ * R, Confirm, 0 ---->
+ * . (SSL handshake completed)
+ * . (read first app data).
+ * <---- A, confirm, {http data}
+ * A, Put, {http data} ---->
+ * <---- A, confirm, 0
+ *
+ * The length field is not permitted to be larger that 4092 bytes.
+ *
+ * Author: Dave Jones
+ * Date: 22-JUL-1996
+ */
+#include <stdlib.h>
+#include <stdio.h>
+#include <iodef.h> /* VMS IO$_ definitions */
+#include <descrip.h> /* VMS string descriptors */
+extern int SYS$QIOW(), SYS$ASSIGN();
+int LIB$INIT_TIMER(), LIB$SHOW_TIMER();
+
+#include <string.h> /* from ssltest.c */
+#include <errno.h>
+#include "buffer.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+int MS_CALLBACK verify_callback(int ok, X509 *xs, X509 *xi, int depth,
+ int error);
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+BIO_METHOD *BIO_s_rtcp();
+
+static char *cipher=NULL;
+int verbose=1;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+#define TEST_SERVER_CERT "SSL_SERVER_CERTIFICATE"
+/*************************************************************************/
+struct rpc_msg { /* Should have member alignment inhibited */
+ char channel; /* 'A'-app data. 'R'-remote client 'G'-global */
+ char function; /* 'G'-get, 'P'-put, 'C'-confirm, 'X'-close */
+ unsigned short int length; /* Amount of data returned or max to return */
+ char data[4092]; /* variable data */
+};
+#define RPC_HDR_SIZE (sizeof(struct rpc_msg) - 4092)
+
+static $DESCRIPTOR(sysnet, "SYS$NET");
+typedef unsigned short io_channel;
+
+struct io_status {
+ unsigned short status;
+ unsigned short count;
+ unsigned long stsval;
+};
+int doit(io_channel chan, SSL_CTX *s_ctx );
+/*****************************************************************************/
+/* Decnet I/O routines.
+ */
+static int get ( io_channel chan, char *buffer, int maxlen, int *length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_READVBLK, &iosb, 0, 0,
+ buffer, maxlen, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ if ( (status&1) == 1 ) *length = iosb.count;
+ return status;
+}
+
+static int put ( io_channel chan, char *buffer, int length )
+{
+ int status;
+ struct io_status iosb;
+ status = SYS$QIOW ( 0, chan, IO$_WRITEVBLK, &iosb, 0, 0,
+ buffer, length, 0, 0, 0, 0 );
+ if ( (status&1) == 1 ) status = iosb.status;
+ return status;
+}
+/***************************************************************************/
+/* Handle operations on the 'G' channel.
+ */
+static int general_request ( io_channel chan, struct rpc_msg *msg, int length )
+{
+ return 48;
+}
+/***************************************************************************/
+int main ( int argc, char **argv )
+{
+ int status, length;
+ io_channel chan;
+ struct rpc_msg msg;
+
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int ret=1;
+ int client_auth=0;
+ int server_auth=0;
+ SSL_CTX *s_ctx=NULL;
+ /*
+ * Confirm logical link with initiating client.
+ */
+ LIB$INIT_TIMER();
+ status = SYS$ASSIGN ( &sysnet, &chan, 0, 0, 0 );
+ printf("status of assign to SYS$NET: %d\n", status );
+ /*
+ * Initialize standard out and error files.
+ */
+ if (bio_err == NULL)
+ if ((bio_err=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_err,stderr,BIO_NOCLOSE);
+ if (bio_stdout == NULL)
+ if ((bio_stdout=BIO_new(BIO_s_file())) != NULL)
+ BIO_set_fp(bio_stdout,stdout,BIO_NOCLOSE);
+ /*
+ * get the preferred cipher list and other initialization
+ */
+ if (cipher == NULL) cipher=getenv("SSL_CIPHER");
+ printf("cipher list: %s\n", cipher ? cipher : "{undefined}" );
+
+ SSL_load_error_strings();
+
+ s_ctx=SSL_CTX_new(SSLv2());
+
+ if (s_ctx == NULL) goto end;
+
+ SSL_CTX_use_certificate_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM);
+ SSL_CTX_use_RSAPrivateKey_file(s_ctx,TEST_SERVER_CERT,SSL_FILETYPE_PEM);
+ printf("Loaded server certificate: '%s'\n", TEST_SERVER_CERT );
+
+ /*
+ * Take commands from client until bad status.
+ */
+ LIB$SHOW_TIMER();
+ status = doit ( chan, s_ctx );
+ LIB$SHOW_TIMER();
+ /*
+ * do final cleanup and exit.
+ */
+end:
+ if (s_ctx != NULL) SSL_CTX_free(s_ctx);
+ LIB$SHOW_TIMER();
+ return 1;
+}
+
+int doit(io_channel chan, SSL_CTX *s_ctx )
+{
+ int status, length, link_state;
+ struct rpc_msg msg;
+ static char cbuf[200],sbuf[200];
+ SSL *s_ssl=NULL;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int i;
+ int done=0;
+
+ s_ssl=SSL_new(s_ctx);
+ if (s_ssl == NULL) goto err;
+
+ c_to_s=BIO_new(BIO_s_rtcp());
+ s_to_c=BIO_new(BIO_s_rtcp());
+ if ((s_to_c == NULL) || (c_to_s == NULL)) goto err;
+ BIO_set_fd ( c_to_s, "", chan );
+ BIO_set_fd ( s_to_c, "", chan );
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL)) goto err;
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE);
+
+ /* We can always do writes */
+ printf("Begin doit main loop\n");
+ /*
+ * Link states: 0-idle, 1-read pending, 2-write pending, 3-closed.
+ */
+ for (link_state = 0; link_state < 3; ) {
+ /*
+ * Wait for remote end to request data action on A channel.
+ */
+ while ( link_state == 0 ) {
+ status = get ( chan, (char *) &msg, sizeof(msg), &length );
+ if ( (status&1) == 0 ) {
+ printf("Error in main loop get: %d\n", status );
+ link_state = 3;
+ break;
+ }
+ if ( length < RPC_HDR_SIZE ) {
+ printf("Error in main loop get size: %d\n", length );
+ break;
+ link_state = 3;
+ }
+ if ( msg.channel != 'A' ) {
+ printf("Error in main loop, unexpected channel: %c\n",
+ msg.channel );
+ break;
+ link_state = 3;
+ }
+ if ( msg.function == 'G' ) {
+ link_state = 1;
+ } else if ( msg.function == 'P' ) {
+ link_state = 2; /* write pending */
+ } else if ( msg.function == 'X' ) {
+ link_state = 3;
+ } else {
+ link_state = 3;
+ }
+ }
+ if ( link_state == 1 ) {
+ i = BIO_read ( s_bio, msg.data, msg.length );
+ if ( i < 0 ) link_state = 3;
+ else {
+ msg.channel = 'A';
+ msg.function = 'C'; /* confirm */
+ msg.length = i;
+ status = put ( chan, (char *) &msg, i+RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) break;
+ link_state = 0;
+ }
+ } else if ( link_state == 2 ) {
+ i = BIO_write ( s_bio, msg.data, msg.length );
+ if ( i < 0 ) link_state = 3;
+ else {
+ msg.channel = 'A';
+ msg.function = 'C'; /* confirm */
+ msg.length = 0;
+ status = put ( chan, (char *) &msg, RPC_HDR_SIZE );
+ if ( (status&1) == 0 ) break;
+ link_state = 0;
+ }
+ }
+ }
+ fprintf(stdout,"DONE\n");
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+ if (c_bio != NULL) BIO_free(c_bio);
+ if (s_bio != NULL) BIO_free(s_bio);
+ return(0);
+}
diff --git a/ssl/ssl_txt.c b/ssl/ssl_txt.c
new file mode 100644
index 0000000..b9cb9ef
--- /dev/null
+++ b/ssl/ssl_txt.c
@@ -0,0 +1,133 @@
+/* ssl/ssl_txt.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "ssl_locl.h"
+
+#ifndef WIN16
+int SSL_SESSION_print_fp(fp, x)
+FILE *fp;
+SSL_SESSION *x;
+ {
+ BIO *b;
+ int ret;
+
+ if ((b=BIO_new(BIO_s_file())) == NULL)
+ {
+ SSLerr(SSL_F_SSL_SESSION_PRINT_FP,ERR_R_BUF_LIB);
+ return(0);
+ }
+ BIO_set_fp(b,fp,BIO_NOCLOSE);
+ ret=SSL_SESSION_print(b,x);
+ BIO_free(b);
+ return(ret);
+ }
+#endif
+
+int SSL_SESSION_print(bp,x)
+BIO *bp;
+SSL_SESSION *x;
+ {
+ int i;
+ char str[128];
+
+ if (x == NULL) goto err;
+ if (BIO_puts(bp,"SSL-Session:\n") <= 0) goto err;
+ sprintf(str," Cipher : %s\n",(x->cipher == NULL)?"unknown":x->cipher->name);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ if (BIO_puts(bp," Session-ID: ") <= 0) goto err;
+ for (i=0; i<(int)x->session_id_length; i++)
+ {
+ sprintf(str,"%02X",x->session_id[i]);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n Master-Key: ") <= 0) goto err;
+ for (i=0; i<(int)x->master_key_length; i++)
+ {
+ sprintf(str,"%02X",x->master_key[i]);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n Key-Arg : ") <= 0) goto err;
+ if (x->key_arg_length == 0)
+ {
+ if (BIO_puts(bp,"None") <= 0) goto err;
+ }
+ else
+ for (i=0; i<(int)x->key_arg_length; i++)
+ {
+ sprintf(str,"%02X",x->key_arg[i]);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (x->time != 0L)
+ {
+ sprintf(str,"\n Start Time: %ld",x->time);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (x->timeout != 0L)
+ {
+ sprintf(str,"\n Timeout : %ld (sec)",x->timeout);
+ if (BIO_puts(bp,str) <= 0) goto err;
+ }
+ if (BIO_puts(bp,"\n") <= 0) goto err;
+
+ return(1);
+err:
+ return(0);
+ }
+
diff --git a/ssl/ssltest.c b/ssl/ssltest.c
new file mode 100644
index 0000000..b8d657f
--- /dev/null
+++ b/ssl/ssltest.c
@@ -0,0 +1,635 @@
+/* ssl/ssltest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#ifdef WIN16
+#define APPS_WIN16
+#endif
+#include "bio.h"
+#include "crypto.h"
+#include "../e_os.h"
+#include "x509.h"
+#include "ssl.h"
+#include "err.h"
+
+#ifdef WIN16
+#define APPS_WIN16
+#include "../crypto/bio/bss_file.c"
+#endif
+
+#define TEST_SERVER_CERT "../apps/server.pem"
+#define TEST_CLIENT_CERT "../apps/client.pem"
+
+#ifndef NOPROTO
+int MS_CALLBACK verify_callback(int ok, X509_STORE_CTX *ctx);
+static DH *get_dh512(void);
+#else
+int MS_CALLBACK verify_callback();
+static DH *get_dh512();
+#endif
+
+BIO *bio_err=NULL;
+BIO *bio_stdout=NULL;
+
+static char *cipher=NULL;
+int verbose=0;
+#ifdef FIONBIO
+static int s_nbio=0;
+#endif
+
+
+#ifndef NOPROTO
+int doit(SSL_CTX *s_ctx,SSL_CTX *c_ctx);
+#else
+int doit();
+#endif
+
+static void sv_usage()
+ {
+ fprintf(stderr,"usage: ssltest [args ...]\n");
+ fprintf(stderr,"\n");
+ fprintf(stderr," -server_auth - check server certificate\n");
+ fprintf(stderr," -client_auth - do client authentication\n");
+ fprintf(stderr," -v - more output\n");
+#ifndef NO_SSL2
+ fprintf(stderr," -ssl2 - use SSLv2\n");
+#endif
+#ifndef NO_SSL3
+ fprintf(stderr," -ssl3 - use SSLv3\n");
+#endif
+ fprintf(stderr," -CApath arg - PEM format directory of CA's\n");
+ fprintf(stderr," -CAfile arg - PEM format file of CA's\n");
+ }
+
+int main(argc, argv)
+int argc;
+char *argv[];
+ {
+ char *CApath=NULL,*CAfile=NULL;
+ int badop=0;
+ int ssl2=0,ssl3=0,ret=1;
+ int client_auth=0;
+ int server_auth=0;
+ char *server_cert=TEST_SERVER_CERT;
+ char *client_cert=TEST_CLIENT_CERT;
+ SSL_CTX *s_ctx=NULL;
+ SSL_CTX *c_ctx=NULL;
+ SSL_METHOD *meth=NULL;
+ DH *dh;
+
+ bio_err=BIO_new_fp(stderr,BIO_NOCLOSE);
+ bio_stdout=BIO_new_fp(stdout,BIO_NOCLOSE);
+
+ CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
+
+ argc--;
+ argv++;
+
+ while (argc >= 1)
+ {
+ if (strcmp(*argv,"-server_auth") == 0)
+ server_auth=1;
+ else if (strcmp(*argv,"-client_auth") == 0)
+ client_auth=1;
+ else if (strcmp(*argv,"-v") == 0)
+ verbose=1;
+ else if (strcmp(*argv,"-ssl2") == 0)
+ ssl2=1;
+ else if (strcmp(*argv,"-ssl3") == 0)
+ ssl3=1;
+ else if (strcmp(*argv,"-cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ server_cert= *(++argv);
+ }
+ else if (strcmp(*argv,"-s_cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ server_cert= *(++argv);
+ }
+ else if (strcmp(*argv,"-c_cert") == 0)
+ {
+ if (--argc < 1) goto bad;
+ client_cert= *(++argv);
+ }
+ else if (strcmp(*argv,"-cipher") == 0)
+ {
+ if (--argc < 1) goto bad;
+ cipher= *(++argv);
+ }
+ else if (strcmp(*argv,"-CApath") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CApath= *(++argv);
+ }
+ else if (strcmp(*argv,"-CAfile") == 0)
+ {
+ if (--argc < 1) goto bad;
+ CAfile= *(++argv);
+ }
+ else
+ {
+ fprintf(stderr,"unknown option %s\n",*argv);
+ badop=1;
+ break;
+ }
+ argc--;
+ argv++;
+ }
+ if (badop)
+ {
+bad:
+ sv_usage();
+ goto end;
+ }
+
+/* if (cipher == NULL) cipher=getenv("SSL_CIPHER"); */
+
+ SSLeay_add_ssl_algorithms();
+ SSL_load_error_strings();
+
+#if !defined(NO_SSL2) && !defined(NO_SSL3)
+ if (ssl2)
+ meth=SSLv2_method();
+ else
+ if (ssl3)
+ meth=SSLv3_method();
+ else
+ meth=SSLv23_method();
+#else
+#ifdef NO_SSL2
+ meth=SSLv3_method();
+#else
+ meth=SSLv2_method();
+#endif
+#endif
+
+ c_ctx=SSL_CTX_new(meth);
+ s_ctx=SSL_CTX_new(meth);
+ if ((c_ctx == NULL) || (s_ctx == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (cipher != NULL)
+ {
+ SSL_CTX_set_cipher_list(c_ctx,cipher);
+ SSL_CTX_set_cipher_list(s_ctx,cipher);
+ }
+
+#ifndef NO_DH
+ dh=get_dh512();
+ SSL_CTX_set_tmp_dh(s_ctx,dh);
+ DH_free(dh);
+#endif
+
+ if (!SSL_CTX_use_certificate_file(s_ctx,server_cert,SSL_FILETYPE_PEM))
+ {
+ ERR_print_errors(bio_err);
+ }
+ else if (!SSL_CTX_use_PrivateKey_file(s_ctx,server_cert,
+ SSL_FILETYPE_PEM))
+ {
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth)
+ {
+ SSL_CTX_use_certificate_file(c_ctx,client_cert,
+ SSL_FILETYPE_PEM);
+ SSL_CTX_use_PrivateKey_file(c_ctx,client_cert,
+ SSL_FILETYPE_PEM);
+ }
+
+ if ( (!SSL_CTX_load_verify_locations(s_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(s_ctx)) ||
+ (!SSL_CTX_load_verify_locations(c_ctx,CAfile,CApath)) ||
+ (!SSL_CTX_set_default_verify_paths(c_ctx)))
+ {
+ fprintf(stderr,"SSL_load_verify_locations\n");
+ ERR_print_errors(bio_err);
+ goto end;
+ }
+
+ if (client_auth)
+ {
+ fprintf(stderr,"client authentication\n");
+ SSL_CTX_set_verify(s_ctx,
+ SSL_VERIFY_PEER|SSL_VERIFY_FAIL_IF_NO_PEER_CERT,
+ verify_callback);
+ }
+ if (server_auth)
+ {
+ fprintf(stderr,"server authentication\n");
+ SSL_CTX_set_verify(c_ctx,SSL_VERIFY_PEER,
+ verify_callback);
+ }
+
+ ret=doit(s_ctx,c_ctx);
+end:
+ if (s_ctx != NULL) SSL_CTX_free(s_ctx);
+ if (c_ctx != NULL) SSL_CTX_free(c_ctx);
+
+ if (bio_stdout != NULL) BIO_free(bio_stdout);
+
+ ERR_remove_state(0);
+ EVP_cleanup();
+ CRYPTO_mem_leaks(bio_err);
+ EXIT(ret);
+ }
+
+#define W_READ 1
+#define W_WRITE 2
+#define C_DONE 1
+#define S_DONE 2
+
+int doit(s_ctx,c_ctx)
+SSL_CTX *s_ctx,*c_ctx;
+ {
+ static char cbuf[200],sbuf[200];
+ int ret=1;
+ SSL *c_ssl=NULL;
+ SSL *s_ssl=NULL;
+ BIO *c_to_s=NULL;
+ BIO *s_to_c=NULL;
+ BIO *c_bio=NULL;
+ BIO *s_bio=NULL;
+ int c_r,c_w,s_r,s_w;
+ int c_want,s_want;
+ int i;
+ int done=0;
+ int c_write,s_write;
+ int do_server=0,do_client=0;
+ SSL_CIPHER *ciph;
+
+ c_ssl=SSL_new(c_ctx);
+ s_ssl=SSL_new(s_ctx);
+ if ((s_ssl == NULL) || (c_ssl == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ c_to_s=BIO_new(BIO_s_mem());
+ s_to_c=BIO_new(BIO_s_mem());
+ if ((s_to_c == NULL) || (c_to_s == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ c_bio=BIO_new(BIO_f_ssl());
+ s_bio=BIO_new(BIO_f_ssl());
+ if ((c_bio == NULL) || (s_bio == NULL))
+ {
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+
+ SSL_set_connect_state(c_ssl);
+ SSL_set_bio(c_ssl,s_to_c,c_to_s);
+ BIO_set_ssl(c_bio,c_ssl,BIO_CLOSE);
+
+ SSL_set_accept_state(s_ssl);
+ SSL_set_bio(s_ssl,c_to_s,s_to_c);
+ BIO_set_ssl(s_bio,s_ssl,BIO_CLOSE);
+
+ c_r=0; s_r=1;
+ c_w=1; s_w=0;
+ c_want=W_WRITE;
+ s_want=0;
+ c_write=1,s_write=0;
+
+ /* We can always do writes */
+ for (;;)
+ {
+ do_server=0;
+ do_client=0;
+
+ i=(int)BIO_pending(s_bio);
+ if ((i && s_r) || s_w) do_server=1;
+
+ i=(int)BIO_pending(c_bio);
+ if ((i && c_r) || c_w) do_client=1;
+
+ if (do_server && verbose)
+ {
+ if (SSL_in_init(s_ssl))
+ printf("server waiting in SSL_accept - %s\n",
+ SSL_state_string_long(s_ssl));
+ else if (s_write)
+ printf("server:SSL_write()\n");
+ else
+ printf("server:SSL_read()\n");
+ }
+
+ if (do_client && verbose)
+ {
+ if (SSL_in_init(c_ssl))
+ printf("client waiting in SSL_connect - %s\n",
+ SSL_state_string_long(c_ssl));
+ else if (c_write)
+ printf("client:SSL_write()\n");
+ else
+ printf("client:SSL_read()\n");
+ }
+
+ if (!do_client && !do_server)
+ {
+ fprintf(stdout,"ERROR IN STARTUP\n");
+ ERR_print_errors(bio_err);
+ break;
+ }
+ if (do_client && !(done & C_DONE))
+ {
+ if (c_write)
+ {
+ i=BIO_write(c_bio,"hello from client\n",18);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ }
+ else
+ {
+ /* ok */
+ c_write=0;
+ }
+ }
+ else
+ {
+ i=BIO_read(c_bio,cbuf,100);
+ if (i < 0)
+ {
+ c_r=0;
+ c_w=0;
+ if (BIO_should_retry(c_bio))
+ {
+ if (BIO_should_read(c_bio))
+ c_r=1;
+ if (BIO_should_write(c_bio))
+ c_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in CLIENT\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ fprintf(stderr,"SSL CLIENT STARTUP FAILED\n");
+ goto err;
+ }
+ else
+ {
+ done|=C_DONE;
+ fprintf(stdout,"CLIENT:from server:");
+ fwrite(cbuf,1,i,stdout);
+ fflush(stdout);
+ }
+ }
+ }
+
+ if (do_server && !(done & S_DONE))
+ {
+ if (!s_write)
+ {
+ i=BIO_read(s_bio,sbuf,100);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ ERR_print_errors(bio_err);
+ fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_read\n");
+ goto err;
+ }
+ else
+ {
+ s_write=1;
+ s_w=1;
+ fprintf(stdout,"SERVER:from client:");
+ fwrite(sbuf,1,i,stdout);
+ fflush(stdout);
+ }
+ }
+ else
+ {
+ i=BIO_write(s_bio,"hello from server\n",18);
+ if (i < 0)
+ {
+ s_r=0;
+ s_w=0;
+ if (BIO_should_retry(s_bio))
+ {
+ if (BIO_should_read(s_bio))
+ s_r=1;
+ if (BIO_should_write(s_bio))
+ s_w=1;
+ }
+ else
+ {
+ fprintf(stderr,"ERROR in SERVER\n");
+ ERR_print_errors(bio_err);
+ goto err;
+ }
+ }
+ else if (i == 0)
+ {
+ ERR_print_errors(bio_err);
+ fprintf(stderr,"SSL SERVER STARTUP FAILED in SSL_write\n");
+ goto err;
+ }
+ else
+ {
+ s_write=0;
+ s_r=1;
+ done|=S_DONE;
+ }
+ }
+ }
+
+ if ((done & S_DONE) && (done & C_DONE)) break;
+ }
+
+ ciph=SSL_get_current_cipher(c_ssl);
+ fprintf(stdout,"DONE, used %s, %s\n",SSL_CIPHER_get_version(ciph),
+ SSL_CIPHER_get_name(ciph));
+ ret=0;
+err:
+ /* We have to set the BIO's to NULL otherwise they will be
+ * Free()ed twice. Once when th s_ssl is SSL_free()ed and
+ * again when c_ssl is SSL_free()ed.
+ * This is a hack required because s_ssl and c_ssl are sharing the same
+ * BIO structure and SSL_set_bio() and SSL_free() automatically
+ * BIO_free non NULL entries.
+ * You should not normally do this or be required to do this */
+ if (s_ssl != NULL)
+ {
+ s_ssl->rbio=NULL;
+ s_ssl->wbio=NULL;
+ }
+ if (c_ssl != NULL)
+ {
+ c_ssl->rbio=NULL;
+ c_ssl->wbio=NULL;
+ }
+
+ if (c_to_s != NULL) BIO_free(c_to_s);
+ if (s_to_c != NULL) BIO_free(s_to_c);
+ if (c_bio != NULL) BIO_free(c_bio);
+ if (s_bio != NULL) BIO_free(s_bio);
+ return(ret);
+ }
+
+int MS_CALLBACK verify_callback(ok, ctx)
+int ok;
+X509_STORE_CTX *ctx;
+ {
+ char *s,buf[256];
+
+ s=X509_NAME_oneline(X509_get_subject_name(ctx->current_cert),buf,256);
+ if (s != NULL)
+ {
+ if (ok)
+ fprintf(stderr,"depth=%d %s\n",ctx->error_depth,buf);
+ else
+ fprintf(stderr,"depth=%d error=%d %s\n",
+ ctx->error_depth,ctx->error,buf);
+ }
+
+ if (ok == 0)
+ {
+ switch (ctx->error)
+ {
+ case X509_V_ERR_CERT_NOT_YET_VALID:
+ case X509_V_ERR_CERT_HAS_EXPIRED:
+ case X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT:
+ ok=1;
+ }
+ }
+
+ return(ok);
+ }
+
+static unsigned char dh512_p[]={
+ 0xDA,0x58,0x3C,0x16,0xD9,0x85,0x22,0x89,0xD0,0xE4,0xAF,0x75,
+ 0x6F,0x4C,0xCA,0x92,0xDD,0x4B,0xE5,0x33,0xB8,0x04,0xFB,0x0F,
+ 0xED,0x94,0xEF,0x9C,0x8A,0x44,0x03,0xED,0x57,0x46,0x50,0xD3,
+ 0x69,0x99,0xDB,0x29,0xD7,0x76,0x27,0x6B,0xA2,0xD3,0xD4,0x12,
+ 0xE2,0x18,0xF4,0xDD,0x1E,0x08,0x4C,0xF6,0xD8,0x00,0x3E,0x7C,
+ 0x47,0x74,0xE8,0x33,
+ };
+static unsigned char dh512_g[]={
+ 0x02,
+ };
+
+static DH *get_dh512()
+ {
+ DH *dh=NULL;
+
+#ifndef NO_DH
+ if ((dh=DH_new()) == NULL) return(NULL);
+ dh->p=BN_bin2bn(dh512_p,sizeof(dh512_p),NULL);
+ dh->g=BN_bin2bn(dh512_g,sizeof(dh512_g),NULL);
+ if ((dh->p == NULL) || (dh->g == NULL))
+ return(NULL);
+#endif
+ return(dh);
+ }
+
diff --git a/ssl/zz b/ssl/zz
new file mode 100644
index 0000000..47c570e
--- /dev/null
+++ b/ssl/zz
@@ -0,0 +1,402 @@
+/* ssl/s23_srvr.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include "buffer.h"
+#include "rand.h"
+#include "objects.h"
+#include "evp.h"
+#include "ssl_locl.h"
+
+#define BREAK break
+
+#ifndef NOPROTO
+int ssl23_get_client_hello(SSL *s);
+#else
+int ssl23_get_client_hello();
+#endif
+
+static SSL_METHOD *ssl23_get_server_method(ver)
+int ver;
+ {
+ if (ver == 2)
+ return(SSLv2_server_method());
+ else if (ver == 3)
+ return(SSLv3_server_method());
+ else
+ return(NULL);
+ }
+
+SSL_METHOD *SSLv23_server_method()
+ {
+ static int init=1;
+ static SSL_METHOD SSLv23_server_data;
+
+ if (init)
+ {
+ init=0;
+ memcpy((char *)&SSLv23_server_data,
+ (char *)sslv23_base_method(),sizeof(SSL_METHOD));
+ SSLv23_server_data.ssl_accept=ssl23_accept;
+ SSLv23_server_data.get_ssl_method=ssl23_get_server_method;
+ }
+ return(&SSLv23_server_data);
+ }
+
+int ssl23_accept(s)
+SSL *s;
+ {
+ BUF_MEM *buf;
+ unsigned long Time=time(NULL);
+ void (*cb)()=NULL;
+ int ret= -1;
+ int new_state,state;
+
+ RAND_seed((unsigned char *)&Time,sizeof(Time));
+ ERR_clear_error();
+ errno=0;
+
+ if (s->info_callback != NULL)
+ cb=s->info_callback;
+ else if (s->ctx->info_callback != NULL)
+ cb=s->ctx->info_callback;
+
+ if (!SSL_in_init(s) || SSL_in_before(s)) SSL_clear(s);
+ s->in_handshake++;
+
+ for (;;)
+ {
+ state=s->state;
+
+ switch(s->state)
+ {
+ case SSL_ST_BEFORE:
+ case SSL_ST_ACCEPT:
+ case SSL_ST_BEFORE|SSL_ST_ACCEPT:
+ case SSL_ST_OK|SSL_ST_ACCEPT:
+
+ if (cb != NULL) cb(s,SSL_CB_HANDSHAKE_START,1);
+
+ s->version=3;
+ s->type=SSL_ST_ACCEPT;
+
+ if (s->init_buf == NULL)
+ {
+ if ((buf=BUF_MEM_new()) == NULL)
+ {
+ ret= -1;
+ goto end;
+ }
+ if (!BUF_MEM_grow(buf,SSL3_RT_MAX_PLAIN_LENGTH))
+ {
+ ret= -1;
+ goto end;
+ }
+ s->init_buf=buf;
+ }
+
+ ssl3_init_finished_mac(s);
+
+ s->state=SSL23_ST_SR_CLNT_HELLO_A;
+ s->ctx->sess_accept++;
+ s->init_num=0;
+ break;
+
+ case SSL23_ST_SR_CLNT_HELLO_A:
+ case SSL23_ST_SR_CLNT_HELLO_B:
+
+ s->shutdown=0;
+ ret=ssl23_get_client_hello(s);
+ if (ret >= 0) cb=NULL;
+ goto end;
+ break;
+
+ default:
+ SSLerr(SSL_F_SSL23_ACCEPT,SSL_R_UNKNOWN_STATE);
+ ret= -1;
+ goto end;
+ /* break; */
+ }
+
+ if ((cb != NULL) && (s->state != state))
+ {
+ new_state=s->state;
+ s->state=state;
+ cb(s,SSL_CB_ACCEPT_LOOP,1);
+ s->state=new_state;
+ }
+ }
+end:
+ if (cb != NULL)
+ cb(s,SSL_CB_ACCEPT_EXIT,ret);
+ s->in_handshake--;
+ return(ret);
+ }
+
+
+int ssl23_get_client_hello(s)
+SSL *s;
+ {
+ char buf[8];
+ unsigned char *p,*d,*dd;
+ unsigned int i;
+ unsigned int csl,sil,cl;
+ int n=0,j;
+ BIO *bbio;
+ int type=0;
+
+ /* read the initial header */
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_A)
+ {
+ if (!ssl3_setup_buffers(s)) goto err;
+
+ n=ssl23_read_bytes(s,7);
+ if (n != 7) return(n);
+
+ p=s->packet;
+
+ memcpy(buf,p,n);
+
+ if ((p[0] & 0x80) && (p[2] == SSL2_MT_CLIENT_HELLO))
+ {
+ /* SSLv2 header */
+ if ((p[3] == 0x00) && (p[4] == 0x02))
+ {
+ /* SSLv2 */
+ type=1;
+ }
+ else if ((p[3] == SSL3_VERSION_MAJOR) &&
+ (p[4] == SSL3_VERSION_MINOR))
+ {
+ /* SSLv3 */
+ s->state=SSL23_ST_SR_CLNT_HELLO_B;
+ }
+ }
+ else if ((p[0] == SSL3_RT_HANDSHAKE) &&
+ (p[1] == SSL3_VERSION_MAJOR) &&
+ (p[2] == SSL3_VERSION_MINOR) &&
+ (p[5] == SSL3_MT_CLIENT_HELLO))
+ {
+ /* true SSLv3 */
+ type=3;
+ }
+ }
+
+ if (s->state == SSL23_ST_SR_CLNT_HELLO_B)
+ {
+ /* we have a SSLv3 in a SSLv2 header */
+ type=2;
+ p=s->packet;
+ n=((p[0]&0x7f)<<8)|p[1];
+ if (n > (1024*4))
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_TOO_LARGE);
+ goto err;
+ }
+
+ j=ssl23_read_bytes(s,n+2);
+ if (j <= 0) return(j);
+
+ ssl3_finish_mac(s,&(s->packet[2]),s->packet_length-2);
+
+ p=s->packet;
+ p+=5;
+ n2s(p,csl);
+ n2s(p,sil);
+ n2s(p,cl);
+ d=(unsigned char *)s->init_buf->data;
+ if ((csl+sil+cl+11) != s->packet_length)
+ {
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_RECORD_LENGTH_MISMATCH);
+ goto err;
+ }
+
+ *(d++)=SSL3_VERSION_MAJOR;
+ *(d++)=SSL3_VERSION_MINOR;
+
+ /* lets populate the random area */
+ /* get the chalenge_length */
+ i=(cl > SSL3_RANDOM_SIZE)?SSL3_RANDOM_SIZE:cl;
+ memset(d,0,SSL3_RANDOM_SIZE);
+ memcpy(&(d[SSL3_RANDOM_SIZE-i]),&(p[csl+sil]),i);
+ d+=SSL3_RANDOM_SIZE;
+
+ /* no session-id reuse */
+ *(d++)=0;
+
+ /* ciphers */
+ j=0;
+ dd=d;
+ d+=2;
+ for (i=0; i<csl; i+=3)
+ {
+ if (p[i] != 0) continue;
+ *(d++)=p[i+1];
+ *(d++)=p[i+2];
+ j+=2;
+ }
+ s2n(j,dd);
+
+ /* compression */
+ *(d++)=1;
+ *(d++)=0;
+
+ i=(d-(unsigned char *)s->init_buf->data);
+
+ /* get the data reused from the init_buf */
+ s->s3->tmp.reuse_message=1;
+ s->s3->tmp.message_type=SSL3_MT_CLIENT_HELLO;
+ s->s3->tmp.message_size=i;
+ }
+
+ if (type == 1)
+ {
+ /* we are talking sslv2 */
+ /* we need to clean up the SSLv3 setup and put in the
+ * sslv2 stuff. */
+
+ if (s->s2 == NULL)
+ {
+ if (!ssl2_new(s))
+ goto err;
+ }
+ else
+ ssl2_clear(s);
+
+ if (s->s3 != NULL) ssl3_free(s);
+
+ if (!BUF_MEM_grow(s->init_buf,
+ SSL2_MAX_RECORD_LENGTH_3_BYTE_HEADER))
+ {
+ goto err;
+ }
+
+ s->state=SSL2_ST_GET_CLIENT_HELLO_A;
+ if (s->ctx->options & SSL_OP_MSIE_SSLV2_RSA_PADDING)
+ s->s2->ssl2_rollback=0;
+ else
+ s->s2->ssl2_rollback=1;
+
+ /* setup the 5 bytes we have read so we get them from
+ * the sslv2 buffer */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s2->rbuf[0]);
+ memcpy(s->packet,buf,n);
+ s->s2->rbuf_left=n;
+ s->s2->rbuf_offs=0;
+
+ s->method=SSLv2_server_method();
+ s->handshake_func=s->method->ssl_accept;
+ }
+
+ if ((type == 2) || (type == 3))
+ {
+ /* we have sslv3 */
+
+ if (s->bbio == NULL)
+ {
+ bbio=BIO_new(BIO_f_buffer());
+ if (bbio == NULL)
+ goto err;
+ s->bbio=bbio;
+ }
+ else
+ bbio=s->bbio;
+ BIO_reset(bbio);
+ if (!BIO_set_write_buffer_size(bbio,16*1024))
+ goto err;
+ s->wbio=BIO_push(bbio,s->wbio);
+
+ /* we are in this state */
+ s->state=SSL3_ST_SR_CLNT_HELLO_A;
+
+ if (type == 3)
+ {
+ /* put the 'n' bytes we have read into the input buffer
+ * for SSLv3 */
+ s->rstate=SSL_ST_READ_HEADER;
+ s->packet_length=n;
+ s->packet= &(s->s3->rbuf.buf[0]);
+ memcpy(s->packet,buf,n);
+ s->s3->rbuf.left=n;
+ s->s3->rbuf.offset=0;
+ }
+ else
+ {
+ s->packet_length=0;
+ s->s3->rbuf.left=0;
+ s->s3->rbuf.offset=0;
+ }
+
+ s->method=SSLv3_server_method();
+ s->handshake_func=s->method->ssl_accept;
+ }
+
+ if ((type < 1) || (type > 3))
+ {
+ /* bad, very bad */
+ SSLerr(SSL_F_SSL23_GET_CLIENT_HELLO,SSL_R_UNKNOWN_PROTOCOL);
+ goto err;
+ }
+ s->init_num=0;
+ return(SSL_accept(s));
+err:
+ return(-1);
+ }
+
diff --git a/test/CAss.cnf b/test/CAss.cnf
new file mode 100644
index 0000000..b941b7a
--- /dev/null
+++ b/test/CAss.cnf
@@ -0,0 +1,25 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+default_bits = 512
+default_keyfile = keySS.pem
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+default_md = sha1
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_value = AU
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Dodgy Brothers
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Dodgy CA
diff --git a/test/Makefile.ssl b/test/Makefile.ssl
new file mode 100644
index 0000000..ee48d54
--- /dev/null
+++ b/test/Makefile.ssl
@@ -0,0 +1,263 @@
+#
+# test/Makefile.ssl
+#
+
+DIR= test
+TOP= ..
+CC= cc
+INCLUDES= -I../include
+CFLAG= -g
+INSTALLTOP= /usr/local/ssl
+MAKEFILE= Makefile.ssl
+MAKE= make -f $(MAKEFILE)
+MAKEDEPEND= makedepend -f$(MAKEFILE)
+
+PEX_LIBS=
+EX_LIBS= -lnsl -lsocket
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile.ssl
+
+DLIBCRYPTO= ../libcrypto.a
+DLIBSSL= ../libssl.a
+LIBCRYPTO= -L.. -lcrypto
+LIBSSL= -L.. -lssl
+
+BNTEST= bntest
+EXPTEST= exptest
+IDEATEST= ideatest
+SHATEST= shatest
+SHA1TEST= sha1test
+MDC2TEST= mdc2test
+MD2TEST= md2test
+MD5TEST= md5test
+RC4TEST= rc4test
+RC2TEST= rc2test
+BFTEST= bftest
+DESTEST= destest
+RANDTEST= randtest
+DHTEST= dhtest
+DSATEST= dsatest
+METHTEST= methtest
+SSLTEST= ssltest
+
+EXE= $(BNTEST) $(IDEATEST) $(MD2TEST) $(MD5TEST) $(RC4TEST) \
+ $(DESTEST) $(SHATEST) $(SHA1TEST) $(MDC2TEST) $(RANDTEST) $(DHTEST) \
+ $(RC2TEST) $(BFTEST) $(SSLTEST) $(EXPTEST) $(DSATEST)
+
+# $(METHTEST)
+
+OBJ= $(BNTEST).o $(IDEATEST).o $(MD2TEST).o $(MD5TEST).o $(RC4TEST).o \
+ $(DESTEST).o $(SHATEST).o $(SHA1TEST).o $(MDC2TEST).o \
+ $(RANDTEST).o $(DHTEST).o \
+ $(RC2TEST).o $(BFTEST).o $(SSLTEST).o $(DSATEST).o $(EXPTEST).o
+SRC= $(BNTEST).c $(IDEATEST).c $(MD2TEST).c $(MD5TEST).c $(RC4TEST).c \
+ $(DESTEST).c $(SHATEST).c $(SHA1TEST).c $(MDC2TEST).c \
+ $(RANDTEST).c $(DHTEST).c \
+ $(RC2TEST).c $(BFTEST).c $(SSLTEST).c $(DSATEST).c $(EXPTEST).c
+
+EXHEADER=
+HEADER= $(EXHEADER)
+
+ALL= $(GENERAL) $(SRC) $(HEADER)
+
+top:
+ (cd ..; $(MAKE) DIRS=$(DIR) all)
+
+all: exe
+
+exe: $(EXE)
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+
+errors:
+
+install:
+
+tags:
+ ctags $(SRC)
+
+tests: exe apps \
+ test_des test_idea test_sha test_md5 test_md2 test_mdc2 \
+ test_rc2 test_rc4 test_bf \
+ test_rand test_enc test_x509 test_rsa test_crl test_sid test_req \
+ test_pkcs7 test_bn test_verify test_dh test_dsa test_reqgen \
+ test_ss test_ssl test_ca
+
+apps:
+ @(cd ../apps; $(MAKE) CC='${CC}' CFLAG='${CFLAG}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}' EX_LIBS='${EX_LIBS}' all)
+
+test_des:
+ ./$(DESTEST)
+
+test_idea:
+ ./$(IDEATEST)
+
+test_sha:
+ ./$(SHATEST)
+ ./$(SHA1TEST)
+
+test_mdc2:
+ ./$(MDC2TEST)
+
+test_md5:
+ ./$(MD5TEST)
+
+test_md2:
+ ./$(MD2TEST)
+
+test_rc2:
+ ./$(RC2TEST)
+
+test_bf:
+ ./$(BFTEST)
+
+test_rc4:
+ ./$(RC4TEST)
+
+test_rand:
+ ./$(RANDTEST)
+
+test_enc:
+ @sh ./testenc
+
+test_x509:
+ echo test normal x509v1 certificate
+ sh ./tx509 2>/dev/null
+ echo test first x509v3 certificate
+ sh ./tx509 v3-cert1.pem 2>/dev/null
+ echo test second x509v3 certificate
+ sh ./tx509 v3-cert2.pem 2>/dev/null
+
+test_rsa:
+ @sh ./trsa 2>/dev/null
+
+test_crl:
+ @sh ./tcrl 2>/dev/null
+
+test_sid:
+ @sh ./tsid 2>/dev/null
+
+test_req:
+ @sh ./treq 2>/dev/null
+ @sh ./treq testreq2.pem 2>/dev/null
+
+test_pkcs7:
+ @sh ./tpkcs7 2>/dev/null
+ @sh ./tpkcs7d 2>/dev/null
+
+test_bn:
+ @echo 'test a^b%c implementations'
+ ./$(EXPTEST)
+ @echo starting big number library test, could take a while...
+ @(./$(BNTEST)|bc) | awk '{ \
+if ($$0 != "0") {print "error"; exit(1); } \
+if (((NR+1)%64) == 0) print NR+1," tests done"; }'
+
+test_verify:
+ @echo "The following command should have some OK's and some failures"
+ @echo "There are definitly a few expired certificates"
+ ../apps/ssleay verify -CApath ../certs ../certs/*.pem
+
+test_dh:
+ @echo "Generate as set of DH parameters"
+ ./$(DHTEST)
+
+test_dsa:
+ @echo "Generate as set of DSA parameters"
+ ./$(DSATEST)
+
+test_reqgen:
+ @echo "Generate and verify a certificate request"
+ @sh ./testgen
+
+test_ss:
+ @echo "Generate and certify a test certificate"
+ @sh ./testss
+
+test_ssl:
+ @echo "test SSL protocol"
+ @sh ./testssl
+
+test_ca:
+ @echo "Generate and certify a test certificate via the 'ca' program"
+ @sh ./testca
+
+lint:
+ lint -DLINT $(INCLUDES) $(SRC)>fluff
+
+depend:
+ $(MAKEDEPEND) $(INCLUDES) $(PROGS) $(SRC)
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff $(EXE) *.ss log
+
+$(DLIBSSL):
+ (cd ../ssl; $(MAKE))
+
+$(DLIBCRYPTO):
+ (cd ../crypto; $(MAKE))
+
+$(BNTEST): $(BNTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(BNTEST) $(CFLAGS) $(BNTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(EXPTEST): $(EXPTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(EXPTEST) $(CFLAGS) $(EXPTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(IDEATEST): $(IDEATEST).o $(DLIBCRYPTO)
+ $(CC) -o $(IDEATEST) $(CFLAGS) $(IDEATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MD2TEST): $(MD2TEST).o $(DLIBCRYPTO)
+ $(CC) -o $(MD2TEST) $(CFLAGS) $(MD2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(SHATEST): $(SHATEST).o $(DLIBCRYPTO)
+ $(CC) -o $(SHATEST) $(CFLAGS) $(SHATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(SHA1TEST): $(SHA1TEST).o $(DLIBCRYPTO)
+ $(CC) -o $(SHA1TEST) $(CFLAGS) $(SHA1TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MDC2TEST): $(MDC2TEST).o $(DLIBCRYPTO)
+ $(CC) -o $(MDC2TEST) $(CFLAGS) $(MDC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(MD5TEST): $(MD5TEST).o $(DLIBCRYPTO)
+ $(CC) -o $(MD5TEST) $(CFLAGS) $(MD5TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RC2TEST): $(RC2TEST).o $(DLIBCRYPTO)
+ $(CC) -o $(RC2TEST) $(CFLAGS) $(RC2TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(BFTEST): $(BFTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(BFTEST) $(CFLAGS) $(BFTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+
+$(RC4TEST): $(RC4TEST).o $(DLIBCRYPTO)
+ $(CC) -o $(RC4TEST) $(CFLAGS) $(RC4TEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(DESTEST): $(DESTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(DESTEST) $(CFLAGS) $(DESTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(RANDTEST): $(RANDTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(RANDTEST) $(CFLAGS) $(RANDTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(DHTEST): $(DHTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(DHTEST) $(CFLAGS) $(DHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(DSATEST): $(DSATEST).o $(DLIBCRYPTO)
+ $(CC) -o $(DSATEST) $(CFLAGS) $(DSATEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(METHTEST): $(METHTEST).o $(DLIBCRYPTO)
+ $(CC) -o $(METHTEST) $(CFLAGS) $(METHTEST).o $(PEX_LIBS) $(LIBCRYPTO) $(EX_LIBS)
+
+$(SSLTEST): $(SSLTEST).o $(DLIBSSL) $(DLIBCRYPTO)
+ $(CC) -o $(SSLTEST) $(CFLAGS) $(SSLTEST).o $(PEX_LIBS) $(LIBSSL) $(LIBCRYPTO) $(EX_LIBS)
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/test/Uss.cnf b/test/Uss.cnf
new file mode 100644
index 0000000..c89692d
--- /dev/null
+++ b/test/Uss.cnf
@@ -0,0 +1,28 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ req ]
+default_bits = 512
+default_keyfile = keySS.pem
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+default_md = md2
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_value = AU
+
+organizationName = Organization Name (eg, company)
+organizationName_value = Dodgy Brothers
+
+0.commonName = Common Name (eg, YOUR name)
+0.commonName_value = Brother 1
+
+1.commonName = Common Name (eg, YOUR name)
+1.commonName_value = Brother 2
diff --git a/test/certCA.srl b/test/certCA.srl
new file mode 100644
index 0000000..f5c8955
--- /dev/null
+++ b/test/certCA.srl
@@ -0,0 +1 @@
+32
diff --git a/test/dsa-ca.pem b/test/dsa-ca.pem
new file mode 100644
index 0000000..9eb08f3
--- /dev/null
+++ b/test/dsa-ca.pem
@@ -0,0 +1,43 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,C5B6C7CC9E1FE2C0
+
+svCXBcBRhMuU22UXOfiKZA+thmz6KYXpt1Yg5Rd+TYQcQ1MdvNy0B0tkP1SxzDq0
+Xh1eMeTML9/9/0rKakgNXXXbpi5RB8t6BmwRSyej89F7nn1mtR3qzoyPRpp15SDl
+Tn67C+2v+HDF3MFk88hiNCYkNbcmi7TWvChsl8N1r7wdZwtIox56yXdgxw6ZIpa/
+par0oUCzN7fiavPgCWz1kfPNSaBQSdxwH7TZi5tMHAr0J3C7a7QRnZfE09R59Uqr
+zslrq+ndIw1BZAxoY0SlBu+iFOVaBVlwToC4AsHkv7j7l8ITtr7f42YbBa44D9TO
+uOhONmkk/v3Fso4RaOEzdKZC+hnmmzvHs6TiTWm6yzJgSFwyOUK0eGmKEeVxpcH5
+rUOlHOwzen+FFtocZDZAfdFnb7QY7L/boQvyA5A+ZbRG4DUpmBQeQsSaICHM5Rxx
+1QaLF413VNPXTLPbW0ilSc2H8x2iZTIVKfd33oSO6NhXPtSYQgfecEF4BvNHY5c4
+HovjT4mckbK95bcBzoCHu43vuSQkmZzdYo/ydSZt6zoPavbBLueTpgSbdXiDi827
+MVqOsYxGCb+kez0FoDSTgw==
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICUjCCAhECAQAwUjELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDELMAkGA1UEAxMCQ0Ew
+ggG0MIIBKQYFKw4DAgwwggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaW
+sxXgUy6P4FmCc5A+dTGZR3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5m
+rmuINvvsKNzC16W75Sw5JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHk
+cJVbUM1JAhUA9wcx7fpsBgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVo
+bzDjaeHls12YuyiGSPzemQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqR
+CZ228U2cVA9YBu5JdAfOVX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxB
+F5WS6wG1c6Vqftgy7Q4CuAOBhAACgYAapll6iqz9XrZFlk2GCVcB+KihxWnH7IuH
+vSLw9YUrJahcBHmbpvt494lF4gC5w3WPM+vXJofbusk4GoQEEsQNMDaah4m49uUq
+AylOVFJJJXuirVJ+o+0TtOFDITEAl+YZZariXOD7tdOSOl9RLMPC6+daHKS9e68u
+3enxhqnDGaAAMAkGBSsOAwIbBQADMAAwLQIVAJGVuFsG/0DBuSZ0jF7ypdU0/G0v
+AhQfeF5BoMMDbX/kidUVpQ6gadPlZA==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIBrjCCAWwCAQswCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE1MDIxNDI5WhcNOTcwNzE1MDIxNDI5WjBSMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQswCQYDVQQDEwJDQTCBkjAJBgUrDgMCDAUAA4GE
+AAKBgBqmWXqKrP1etkWWTYYJVwH4qKHFacfsi4e9IvD1hSslqFwEeZum+3j3iUXi
+ALnDdY8z69cmh9u6yTgahAQSxA0wNpqHibj25SoDKU5UUkkle6KtUn6j7RO04UMh
+MQCX5hllquJc4Pu105I6X1Esw8Lr51ocpL17ry7d6fGGqcMZMAkGBSsOAwIbBQAD
+MQAwLgIVAJ4wtQsANPxHo7Q4IQZYsL12SKdbAhUAjJ9n38zxT+iai2164xS+LIfa
+C1Q=
+-----END CERTIFICATE-----
+
diff --git a/test/dsa-pca.pem b/test/dsa-pca.pem
new file mode 100644
index 0000000..e3641ad
--- /dev/null
+++ b/test/dsa-pca.pem
@@ -0,0 +1,49 @@
+-----BEGIN DSA PRIVATE KEY-----
+Proc-Type: 4,ENCRYPTED
+DEK-Info: DES-EDE3-CBC,F80EEEBEEA7386C4
+
+GZ9zgFcHOlnhPoiSbVi/yXc9mGoj44A6IveD4UlpSEUt6Xbse3Fr0KHIUyQ3oGnS
+mClKoAp/eOTb5Frhto85SzdsxYtac+X1v5XwdzAMy2KowHVk1N8A5jmE2OlkNPNt
+of132MNlo2cyIRYaa35PPYBGNCmUm7YcYS8O90YtkrQZZTf4+2C4kllhMcdkQwkr
+FWSWC8YOQ7w0LHb4cX1FejHHom9Nd/0PN3vn3UyySvfOqoR7nbXkrpHXmPIr0hxX
+RcF0aXcV/CzZ1/nfXWQf4o3+oD0T22SDoVcZY60IzI0oIc3pNCbDV3uKNmgekrFd
+qOUJ+QW8oWp7oefRx62iBfIeC8DZunohMXaWAQCU0sLQOR4yEdeUCnzCSywe0bG1
+diD0KYaEe+Yub1BQH4aLsBgDjardgpJRTQLq0DUvw0/QGO1irKTJzegEDNVBKrVn
+V4AHOKT1CUKqvGNRP1UnccUDTF6miOAtaj/qpzra7sSk7dkGBvIEeFoAg84kfh9h
+hVvF1YyzC9bwZepruoqoUwke/WdNIR5ymOVZ/4Liw0JdIOcq+atbdRX08niqIRkf
+dsZrUj4leo3zdefYUQ7w4N2Ns37yDFq7
+-----END DSA PRIVATE KEY-----
+-----BEGIN CERTIFICATE REQUEST-----
+MIICVTCCAhMCAQAwUzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUx
+ITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UEAxMDUENB
+MIIBtTCCASkGBSsOAwIMMIIBHgKBgQCnP26Fv0FqKX3wn0cZMJCaCR3aajMexT2G
+lrMV4FMuj+BZgnOQPnUxmUd6UvuF5NmmezibaIqEm4fGHrV+hktTW1nPcWUZiG7O
+Zq5riDb77Cjcwtelu+UsOSZL2ppwGJU3lRBWI/YV7boEXt45T/23Qx+1pGVvzYAR
+5HCVW1DNSQIVAPcHMe36bAYD1YWKHKycZedQZmVvAoGATd9MA6aRivUZb1BGJZnl
+aG8w42nh5bNdmLsohkj83pkEP1+IDJxzJA0gXbkqmj8YlifkYofBe3RiU/xhJ6h6
+kQmdtvFNnFQPWAbuSXQHzlV+I84W9srcWmEBfslxtU323DQph2j2XiCTs9v15Als
+QReVkusBtXOlan7YMu0OArgDgYUAAoGBAKbtuR5AdW+ICjCFe2ixjUiJJzM2IKwe
+6NZEMXg39+HQ1UTPTmfLZLps+rZfolHDXuRKMXbGFdSF0nXYzotPCzi7GauwEJTZ
+yr27ZZjA1C6apGSQ9GzuwNvZ4rCXystVEagAS8OQ4H3D4dWS17Zg31ICb5o4E5r0
+z09o/Uz46u0VoAAwCQYFKw4DAhsFAAMxADAuAhUArRubTxsbIXy3AhtjQ943AbNB
+nSICFQCu+g1iW3jwF+gOcbroD4S/ZcvB3w==
+-----END CERTIFICATE REQUEST-----
+-----BEGIN CERTIFICATE-----
+MIIC0zCCApECAQAwCQYFKw4DAhsFADBTMQswCQYDVQQGEwJBVTETMBEGA1UECBMK
+U29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMQww
+CgYDVQQDEwNQQ0EwHhcNOTcwNjE0MjI1NDQ1WhcNOTcwNzE0MjI1NDQ1WjBTMQsw
+CQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJu
+ZXQgV2lkZ2l0cyBQdHkgTHRkMQwwCgYDVQQDEwNQQ0EwggG1MIIBKQYFKw4DAgww
+ggEeAoGBAKc/boW/QWopffCfRxkwkJoJHdpqMx7FPYaWsxXgUy6P4FmCc5A+dTGZ
+R3pS+4Xk2aZ7OJtoioSbh8YetX6GS1NbWc9xZRmIbs5mrmuINvvsKNzC16W75Sw5
+JkvamnAYlTeVEFYj9hXtugRe3jlP/bdDH7WkZW/NgBHkcJVbUM1JAhUA9wcx7fps
+BgPVhYocrJxl51BmZW8CgYBN30wDppGK9RlvUEYlmeVobzDjaeHls12YuyiGSPze
+mQQ/X4gMnHMkDSBduSqaPxiWJ+Rih8F7dGJT/GEnqHqRCZ228U2cVA9YBu5JdAfO
+VX4jzhb2ytxaYQF+yXG1TfbcNCmHaPZeIJOz2/XkCWxBF5WS6wG1c6Vqftgy7Q4C
+uAOBhQACgYEApu25HkB1b4gKMIV7aLGNSIknMzYgrB7o1kQxeDf34dDVRM9OZ8tk
+umz6tl+iUcNe5EoxdsYV1IXSddjOi08LOLsZq7AQlNnKvbtlmMDULpqkZJD0bO7A
+29nisJfKy1URqABLw5DgfcPh1ZLXtmDfUgJvmjgTmvTPT2j9TPjq7RUwCQYFKw4D
+AhsFAAMxADAuAhUAvtv6AkMolix1Jvy3UnVEIUqdCUICFQC+jq8P49mwrY9oJ24n
+5rKUjNBhSg==
+-----END CERTIFICATE-----
+
diff --git a/test/methtest.c b/test/methtest.c
new file mode 100644
index 0000000..55d1ac7
--- /dev/null
+++ b/test/methtest.c
@@ -0,0 +1,105 @@
+/* test/methtest.c */
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include "rsa.h"
+#include "x509.h"
+#include "meth.h"
+#include "err.h"
+
+int main(argc,argv)
+int argc;
+char *argv[];
+ {
+ METHOD_CTX *top,*tmp1,*tmp2;
+
+ top=METH_new(x509_lookup()); /* get a top level context */
+ if (top == NULL) goto err;
+
+ tmp1=METH_new(x509_by_file());
+ if (top == NULL) goto err;
+ METH_arg(tmp1,METH_TYPE_FILE,"cafile1");
+ METH_arg(tmp1,METH_TYPE_FILE,"cafile2");
+ METH_push(top,METH_X509_CA_BY_SUBJECT,tmp1);
+
+ tmp2=METH_new(x509_by_dir());
+ METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/.CAcerts");
+ METH_arg(tmp2,METH_TYPE_DIR,"/home/eay/SSLeay/certs");
+ METH_arg(tmp2,METH_TYPE_DIR,"/usr/local/ssl/certs");
+ METH_push(top,METH_X509_CA_BY_SUBJECT,tmp2);
+
+/* tmp=METH_new(x509_by_issuer_dir);
+ METH_arg(tmp,METH_TYPE_DIR,"/home/eay/.mycerts");
+ METH_push(top,METH_X509_BY_ISSUER,tmp);
+
+ tmp=METH_new(x509_by_issuer_primary);
+ METH_arg(tmp,METH_TYPE_FILE,"/home/eay/.mycerts/primary.pem");
+ METH_push(top,METH_X509_BY_ISSUER,tmp);
+*/
+
+ METH_init(top);
+ METH_control(tmp1,METH_CONTROL_DUMP,stdout);
+ METH_control(tmp2,METH_CONTROL_DUMP,stdout);
+ exit(0);
+err:
+ ERR_load_crypto_strings();
+ ERR_print_errors_fp(stderr);
+ exit(1);
+ return(0);
+ }
diff --git a/test/pkcs7-1.pem b/test/pkcs7-1.pem
new file mode 100644
index 0000000..c47b27a
--- /dev/null
+++ b/test/pkcs7-1.pem
@@ -0,0 +1,15 @@
+-----BEGIN PKCS7-----
+MIICUAYJKoZIhvcNAQcCoIICQTCCAj0CAQExDjAMBggqhkiG9w0CAgUAMCgGCSqG
+SIb3DQEHAaAbBBlFdmVyeW9uZSBnZXRzIEZyaWRheSBvZmYuoIIBXjCCAVowggEE
+AgQUAAApMA0GCSqGSIb3DQEBAgUAMCwxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRF
+eGFtcGxlIE9yZ2FuaXphdGlvbjAeFw05MjA5MDkyMjE4MDZaFw05NDA5MDkyMjE4
+MDVaMEIxCzAJBgNVBAYTAlVTMR0wGwYDVQQKExRFeGFtcGxlIE9yZ2FuaXphdGlv
+bjEUMBIGA1UEAxMLVGVzdCBVc2VyIDEwWzANBgkqhkiG9w0BAQEFAANKADBHAkAK
+ZnkdxpiBaN56t3QZu3+wwAHGJxAnAHUUKULhmo2MUdBTs+N4Kh3l3Fr06+mUaBcB
+FKHf5nzcmpr1XWVWILurAgMBAAEwDQYJKoZIhvcNAQECBQADQQBFGqHhqncgSl/N
+9XYGnQL3MsJvNnsNV4puZPOakR9Hld8JlDQFEaDR30ogsmp3TMrvdfxpLlTCoZN8
+BxEmnZsWMYGbMIGYAgEBMDQwLDELMAkGA1UEBhMCVVMxHTAbBgNVBAoTFEV4YW1w
+bGUgT3JnYW5pemF0aW9uAgQUAAApMAwGCCqGSIb3DQICBQAwDQYJKoZIhvcNAQEB
+BQAEQAX6aoEvx9+L9PJUJQngPoRuEbnGIL4gCe+0QO+8xmkhaZSsBPNBtX0FIC1C
+j7Kie1x339mxW/w9VZNTUDQQweHh
+-----END PKCS7-----
diff --git a/test/pkcs7.pem b/test/pkcs7.pem
new file mode 100644
index 0000000..d55c60b
--- /dev/null
+++ b/test/pkcs7.pem
@@ -0,0 +1,54 @@
+ MIAGCSqGSIb3DQEHAqCAMIACAQExADCABgkqhkiG9w0BBwEAAKCAMIIE+DCCBGGg
+ AwIBAgIQaGSF/JpbS1C223+yrc+N1DANBgkqhkiG9w0BAQQFADBiMREwDwYDVQQH
+ EwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1Zl
+ cmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwHhcNOTYw
+ ODEyMDAwMDAwWhcNOTYwODE3MjM1OTU5WjCCASAxETAPBgNVBAcTCEludGVybmV0
+ MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24gQ2xh
+ c3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjE3MDUGA1UECxMuRGlnaXRh
+ bCBJRCBDbGFzcyAxIC0gU01JTUUgVmVyaVNpZ24sIEluYy4gVEVTVDFGMEQGA1UE
+ CxM9d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUyBJbmNvcnAuIGJ5IFJl
+ Zi4sTElBQi5MVEQoYyk5NjEZMBcGA1UEAxMQQWxleGFuZHJlIERlYWNvbjEgMB4G
+ CSqGSIb3DQEJARYRYWxleEB2ZXJpc2lnbi5jb20wWzANBgkqhkiG9w0BAQEFAANK
+ ADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDORl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0
+ l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMBAAGjggIyMIICLjAJBgNVHRMEAjAAMIIC
+ HwYDVR0DBIICFjCCAhIwggIOMIICCgYLYIZIAYb4RQEHAQEwggH5FoIBp1RoaXMg
+ Y2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVzIGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1
+ c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0bywgdGhlIFZlcmlTaWduIENlcnRpZmlj
+ YXRpb24gUHJhY3RpY2UgU3RhdGVtZW50IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0
+ dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9DUFM7IGJ5IEUtbWFpbCBhdCBDUFMtcmVx
+ dWVzdHNAdmVyaXNpZ24uY29tOyBvciBieSBtYWlsIGF0IFZlcmlTaWduLCBJbmMu
+ LCAyNTkzIENvYXN0IEF2ZS4sIE1vdW50YWluIFZpZXcsIENBIDk0MDQzIFVTQSBU
+ ZWwuICsxICg0MTUpIDk2MS04ODMwIENvcHlyaWdodCAoYykgMTk5NiBWZXJpU2ln
+ biwgSW5jLiAgQWxsIFJpZ2h0cyBSZXNlcnZlZC4gQ0VSVEFJTiBXQVJSQU5USUVT
+ IERJU0NMQUlNRUQgYW5kIExJQUJJTElUWSBMSU1JVEVELqAOBgxghkgBhvhFAQcB
+ AQGhDgYMYIZIAYb4RQEHAQECMCwwKhYoaHR0cHM6Ly93d3cudmVyaXNpZ24uY29t
+ L3JlcG9zaXRvcnkvQ1BTIDANBgkqhkiG9w0BAQQFAAOBgQAimWMGQwwwxk+b3KAL
+ HlSWXtU7LWHe29CEG8XeVNTvrqs6SBqT7OoENOkGxpfdpVgZ3Qw2SKjxDvbvpfSF
+ slsqcxWSgB/hWuaVuZCkvTw/dYGGOxkTJGxvDCfl1PZjX4dKbatslsi9Z9HpGWT7
+ ttItRwKqcBKgmCJvKi1pGWED0zCCAnkwggHioAMCAQICEDURpVKQb+fQKaRAGdQR
+ /D4wDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlT
+ aWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAxIFB1YmxpYyBQcmltYXJ5IENlcnRp
+ ZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2MDYyNzAwMDAwMFoXDTk3MDYyNzIzNTk1
+ OVowYjERMA8GA1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMu
+ MTQwMgYDVQQLEytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJz
+ Y3JpYmVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2FKbPTdAFDdjKI9Bv
+ qrQpkmOOLPhvltcunXZLEbE2jVfJw/0cxrr+Hgi6M8qV6r7jW80GqLd5HUQq7XPy
+ sVKDaBBwZJHXPmv5912dFEObbpdFmIFH0S3L3bty10w/cariQPJUObwW7s987Lrb
+ P2wqsxaxhhKdrpM01bjV0Pc+qQIDAQABozMwMTAPBgNVHRMECDAGAQH/AgEBMAsG
+ A1UdDwQEAwIBBjARBglghkgBhvhCAQEEBAMCAgQwDQYJKoZIhvcNAQECBQADgYEA
+ KeXHoBmnbxRCgk0jM9e9mDppdxpsipIna/J8DOHEUuD4nONAr4+xOg73SBl026n7
+ Bk55A2wvAMGo7+kKTZ+rHaFDDcmq4O+rzFri2RIOeGAncj1IcGptAQhvXoIhFMG4
+ Jlzg1KlHZHqy7D3jex78zcSU7kKOu8f5tAX1jC3+sToAAKGAMIIBJzCBkTANBgkq
+ hkiG9w0BAQIFADBiMREwDwYDVQQHEwhJbnRlcm5ldDEXMBUGA1UEChMOVmVyaVNp
+ Z24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWduIENsYXNzIDEgQ0EgLSBJbmRpdmlk
+ dWFsIFN1YnNjcmliZXIXDTk2MDcwMTE3MzA0MFoXDTk3MDcwMTAwMDAwMFowDQYJ
+ KoZIhvcNAQECBQADgYEAGLuQ6PX8A7AiqBEtWzYtl6lZNSDI0bR5YUo+D2Jzkw30
+ dxQnJSbKXEc6XYuzAW5HvrzATXu5c19WWPT4cRDwmjH71i9QcDysWwf/wE0qGTiW
+ I3tQT0I5VGh7jIJD07nlBw3R4Xl8dH9kr85JsWinqDH5YKpIo9o8knY5n7+qjOow
+ ggEkMIGOMA0GCSqGSIb3DQEBAgUAMF8xCzAJBgNVBAYTAlVTMRcwFQYDVQQKEw5W
+ ZXJpU2lnbiwgSW5jLjE3MDUGA1UECxMuQ2xhc3MgMSBQdWJsaWMgUHJpbWFyeSBD
+ ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eRcNOTYwNzE2MjMxMTI5WhcNOTYwODE1MDAw
+ MDAwWjANBgkqhkiG9w0BAQIFAAOBgQAXsLE4vnsY6sY67QrmWec7iaU2ehzxanEK
+ /9wKHZNuhlNzk+qGZZw2evxfUe2OaRbYpl8zuZvhK9BHD3ad14OSe9/zx5hOPgP/
+ DQXt6R4R8Q/1JheBrolrgbavjvI2wKS8/Psp2prBrkF4T48+AKRmS8Zzh1guxgvP
+ b+xSu/jH0gAAMYAAAAAAAAAAAA==
diff --git a/test/tcrl b/test/tcrl
new file mode 100644
index 0000000..859fba4
--- /dev/null
+++ b/test/tcrl
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay crl'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testcrl.pem
+fi
+
+echo testing crl conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/test.cnf b/test/test.cnf
new file mode 100644
index 0000000..faad391
--- /dev/null
+++ b/test/test.cnf
@@ -0,0 +1,88 @@
+#
+# SSLeay example configuration file.
+# This is mostly being used for generation of certificate requests.
+#
+
+RANDFILE = ./.rnd
+
+####################################################################
+[ ca ]
+default_ca = CA_default # The default ca section
+
+####################################################################
+[ CA_default ]
+
+dir = ./demoCA # Where everything is kept
+certs = $dir/certs # Where the issued certs are kept
+crl_dir = $dir/crl # Where the issued crl are kept
+database = $dir/index.txt # database index file.
+new_certs_dir = $dir/new_certs # default place for new certs.
+
+certificate = $dir/CAcert.pem # The CA certificate
+serial = $dir/serial # The current serial number
+crl = $dir/crl.pem # The current CRL
+private_key = $dir/private/CAkey.pem# The private key
+RANDFILE = $dir/private/.rand # private random number file
+
+default_days = 365 # how long to certify for
+default_crl_days= 30 # how long before next CRL
+default_md = md5 # which md to use.
+
+# A few difference way of specifying how similar the request should look
+# For type CA, the listed attributes must be the same, and the optional
+# and supplied fields are just that :-)
+policy = policy_match
+
+# For the CA policy
+[ policy_match ]
+countryName = match
+stateOrProvinceName = match
+organizationName = match
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+# For the 'anything' policy
+# At this point in time, you must list all acceptable 'object'
+# types.
+[ policy_anything ]
+countryName = optional
+stateOrProvinceName = optional
+localityName = optional
+organizationName = optional
+organizationalUnitName = optional
+commonName = supplied
+emailAddress = optional
+
+####################################################################
+[ req ]
+default_bits = 512
+default_keyfile = testkey.pem
+distinguished_name = req_distinguished_name
+encrypt_rsa_key = no
+
+[ req_distinguished_name ]
+countryName = Country Name (2 letter code)
+countryName_default = AU
+countryName_value = AU
+
+stateOrProvinceName = State or Province Name (full name)
+stateOrProvinceName_default = Queensland
+stateOrProvinceName_value =
+
+localityName = Locality Name (eg, city)
+localityName_value = Brisbane
+
+organizationName = Organization Name (eg, company)
+organizationName_default =
+organizationName_value = CryptSoft Pty Ltd
+
+organizationalUnitName = Organizational Unit Name (eg, section)
+organizationalUnitName_default =
+organizationalUnitName_value = .
+
+commonName = Common Name (eg, YOUR name)
+commonName_value = Eric Young
+
+emailAddress = Email Address
+emailAddress_value = eay@mincom.oz.au
diff --git a/test/test.txt b/test/test.txt
new file mode 100644
index 0000000..c6d8d50
--- /dev/null
+++ b/test/test.txt
@@ -0,0 +1,31 @@
+#!/bin/sh
+
+test=./test.txt
+
+cat $0 >$test;
+
+for i in rc4 des-cfb des-ofb des-ecb des-cbc des-ede des-ede3 \
+ des-cbc-ede des-cbc-ede3 idea-ecb idea-cfb idea-ofb idea-cbc
+do
+ echo $i
+ ../apps/ssleay $i -e -k test < $test > $test.$i.cipher
+ ../apps/ssleay $i -d -k test < $test.$i.cipher >$test.$i.clear
+ cmp $test $test.$i.clear
+ if [ $? != 0 ]
+ then
+ exit 1
+ else
+ /bin/rm $test.$i.cipher $test.$i.clear
+ fi
+
+ echo $i base64
+ ../apps/ssleay $i -a -e -k test < $test > $test.$i.cipher
+ ../apps/ssleay $i -a -d -k test < $test.$i.cipher >$test.$i.clear
+ cmp $test $test.$i.clear
+ if [ $? != 0 ]
+ then
+ exit 1
+ else
+ /bin/rm $test.$i.cipher $test.$i.clear
+ fi
+done
diff --git a/test/testca b/test/testca
new file mode 100644
index 0000000..a28402f
--- /dev/null
+++ b/test/testca
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+SH="/bin/sh"
+PATH=../apps:$PATH
+export SH PATH
+
+SSLEAY_CONFIG="-config CAss.cnf"
+export SSLEAY_CONFIG
+
+/bin/rm -fr demoCA
+$SH ../apps/CA.sh -newca <<EOF
+EOF
+
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+SSLEAY_CONFIG="-config Uss.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -newreq
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+
+SSLEAY_CONFIG="-config ../apps/ssleay.cnf"
+export SSLEAY_CONFIG
+$SH ../apps/CA.sh -sign <<EOF
+y
+y
+EOF
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+
+$SH ../apps/CA.sh -verify newcert.pem
+if [ $? != 0 ]; then
+ exit 1;
+fi
+
+/bin/rm -fr demoCA newcert.pem newreq.pem
+#usage: CA -newcert|-newreq|-newca|-sign|-verify
+
diff --git a/test/testcrl.pem b/test/testcrl.pem
new file mode 100644
index 0000000..0989788
--- /dev/null
+++ b/test/testcrl.pem
@@ -0,0 +1,16 @@
+-----BEGIN X509 CRL-----
+MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT
+F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw
+MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw
+MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw
+MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw
+MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw
+MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw
+MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw
+NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw
+NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF
+AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ
+wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt
+JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v
+-----END X509 CRL-----
diff --git a/test/testenc b/test/testenc
new file mode 100644
index 0000000..7bcf3d1
--- /dev/null
+++ b/test/testenc
@@ -0,0 +1,61 @@
+#!/bin/sh
+
+testsrc=Makefile.ssl
+test=./p
+cmd=../apps/ssleay
+
+cat $testsrc >$test;
+
+echo cat
+$cmd enc < $test > $test.cipher
+$cmd enc < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+ exit 1
+else
+ /bin/rm $test.cipher $test.clear
+fi
+echo base64
+$cmd enc -a -e < $test > $test.cipher
+$cmd enc -a -d < $test.cipher >$test.clear
+cmp $test $test.clear
+if [ $? != 0 ]
+then
+ exit 1
+else
+ /bin/rm $test.cipher $test.clear
+fi
+
+for i in rc4 \
+ des-cfb des-ede-cfb des-ede3-cfb \
+ des-ofb des-ede-ofb des-ede3-ofb \
+ des-ecb des-ede des-ede3 desx \
+ des-cbc des-ede-cbc des-ede3-cbc \
+ idea-ecb idea-cfb idea-ofb idea-cbc \
+ rc2-ecb rc2-cfb rc2-ofb rc2-cbc \
+ bf-ecb bf-cfb bf-ofb bf-cbc
+do
+ echo $i
+ $cmd $i -bufsize 113 -e -k test < $test > $test.$i.cipher
+ $cmd $i -bufsize 157 -d -k test < $test.$i.cipher >$test.$i.clear
+ cmp $test $test.$i.clear
+ if [ $? != 0 ]
+ then
+ exit 1
+ else
+ /bin/rm $test.$i.cipher $test.$i.clear
+ fi
+
+ echo $i base64
+ $cmd $i -bufsize 113 -a -e -k test < $test > $test.$i.cipher
+ $cmd $i -bufsize 157 -a -d -k test < $test.$i.cipher >$test.$i.clear
+ cmp $test $test.$i.clear
+ if [ $? != 0 ]
+ then
+ exit 1
+ else
+ /bin/rm $test.$i.cipher $test.$i.clear
+ fi
+done
+rm -f $test
diff --git a/test/testgen b/test/testgen
new file mode 100644
index 0000000..12a4ca4
--- /dev/null
+++ b/test/testgen
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+T=testcert
+KEY=512
+CA=../certs/testca.pem
+
+/bin/rm -f $T.1 $T.2 $T.key
+
+PATH=../apps:$PATH;
+export PATH
+
+echo "generating certificate request"
+
+echo "There should be a 2 sequences of .'s and some +'s."
+echo "There should not be more that at most 80 per line"
+echo "This could take some time."
+
+../apps/ssleay req -config test.cnf -new -out testreq.pem
+if [ $? != 0 ]; then
+echo problems creating request
+exit 1
+fi
+
+../apps/ssleay req -verify -in testreq.pem -noout
+if [ $? != 0 ]; then
+echo signature on req is wrong
+exit 1
+fi
+
+exit 0
diff --git a/test/testkey.pem b/test/testkey.pem
new file mode 100644
index 0000000..c8eba82
--- /dev/null
+++ b/test/testkey.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBOQIBAAJBAK8j1FaU9b+TMyeiXGzIGJZ/Coj39v2v4a4NviCjWELm14fdcdg4
+3Q99LTLyvLDnq7sLQX4gOMaLM4rmGMgeuGsCAwEAAQJAAaFRvqSQTQIvvbSzK4gJ
+Qo1YKcI1GFNkxFv4YxFiJu0/LXaw9U/iDSlUdH15F6ezndqojovnn731Pmf7e08F
+MQIhAOCi7P0RtrV3O/KB0MYldxFOKNwp5lzH+um7jBq6oRw1AiEAx5fGT9fIFl6Z
+hXgWYy+eO8QPjEXDcLTgc5/VbE3o1h8CIBIre4nYxfOVqmaqM23jl+bxcIKmbPiy
+QExpnCKJWADFAiAL73CFb8LgS5HkoFS+Y6eTrVq8qaNRRw+w+lrZ2iLVQwIgRk40
+WRSH7Yv90rv1PpcQ4wxSnu3lfyFO1XZ/J1UxdfA=
+-----END RSA PRIVATE KEY-----
diff --git a/test/testp7.pem b/test/testp7.pem
new file mode 100644
index 0000000..b3b6dba
--- /dev/null
+++ b/test/testp7.pem
@@ -0,0 +1,46 @@
+-----BEGIN PKCS7-----
+MIAGCSqGSIb3DQEHAqCAMIIIBwIBATEAMIAGCSqGSIb3DQEHAQAAoIIGPDCCBHIw
+ggQcoAMCAQICEHkvjiX1iVGQMenF9HgIjI8wDQYJKoZIhvcNAQEEBQAwYjERMA8G
+A1UEBxMISW50ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQL
+EytWZXJpU2lnbiBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyMB4X
+DTk2MDcxOTAwMDAwMFoXDTk3MDMzMDIzNTk1OVowgdUxETAPBgNVBAcTCEludGVy
+bmV0MRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjE0MDIGA1UECxMrVmVyaVNpZ24g
+Q2xhc3MgMSBDQSAtIEluZGl2aWR1YWwgU3Vic2NyaWJlcjEoMCYGA1UECxMfRGln
+aXRhbCBJRCBDbGFzcyAxIC0gU01JTUUgVGVzdDFHMEUGA1UECxM+d3d3LnZlcmlz
+aWduLmNvbS9yZXBvc2l0b3J5L0NQUy0xLjAgSW5jLiBieSBSZWYuLExJQUIuTFRE
+KGMpOTYwWzANBgkqhkiG9w0BAQEFAANKADBHAkAOy7xxCAIkOfuIA2LyRpxgKlDO
+Rl8htdXYhF5iBGUx1GYaK6KF+bK/CCI0l4j2OfWGFBUrwGoWqxTNcWgTfMzRAgMB
+AAGjggI5MIICNTAJBgNVHRMEAjAAMIICJgYDVR0DBIICHTCCAhkwggIVMIICEQYL
+YIZIAYb4RQEHAQEwggIAFoIBq1RoaXMgY2VydGlmaWNhdGUgaW5jb3Jwb3JhdGVz
+IGJ5IHJlZmVyZW5jZSwgYW5kIGl0cyB1c2UgaXMgc3RyaWN0bHkgc3ViamVjdCB0
+bywgdGhlIFZlcmlTaWduIENlcnRpZmljYXRpb24gUHJhY3RpY2UgU3RhdGVtZW50
+IChDUFMpLCBhdmFpbGFibGUgYXQ6IGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9D
+UFMtMS4wOyBieSBFLW1haWwgYXQgQ1BTLXJlcXVlc3RzQHZlcmlzaWduLmNvbTsg
+b3IgYnkgbWFpbCBhdCBWZXJpU2lnbiwgSW5jLiwgMjU5MyBDb2FzdCBBdmUuLCBN
+b3VudGFpbiBWaWV3LCBDQSA5NDA0MyBVU0EgVGVsLiArMSAoNDE1KSA5NjEtODgz
+MCBDb3B5cmlnaHQgKGMpIDE5OTYgVmVyaVNpZ24sIEluYy4gIEFsbCBSaWdodHMg
+UmVzZXJ2ZWQuIENFUlRBSU4gV0FSUkFOVElFUyBESVNDTEFJTUVEIGFuZCBMSUFC
+SUxJVFkgTElNSVRFRC6gDgYMYIZIAYb4RQEHAQEBoQ4GDGCGSAGG+EUBBwEBAjAv
+MC0WK2h0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L0NQUy0xLgMw
+DQYJKoZIhvcNAQEEBQADQQDAmA7km/3iJWEsWN9Z2WU2gmZAknx45WnDKHxMa3Bf
+gNsh6BLk/ngkJKjNKTDR13XVHqEPUY1flbjATZputw1GMIIBwjCCAWygAwIBAgIQ
+fAmE6tW5ERSQWDneu3KfSTANBgkqhkiG9w0BAQIFADA+MQswCQYDVQQGEwJVUzEX
+MBUGA1UEChMOVmVyaVNpZ24sIEluYy4xFjAUBgNVBAsTDVRFU1QgUm9vdCBQQ0Ew
+HhcNOTYwNzE3MDAwMDAwWhcNOTcwNzE3MjM1OTU5WjBiMREwDwYDVQQHEwhJbnRl
+cm5ldDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNDAyBgNVBAsTK1ZlcmlTaWdu
+IENsYXNzIDEgQ0EgLSBJbmRpdmlkdWFsIFN1YnNjcmliZXIwXDANBgkqhkiG9w0B
+AQEFAANLADBIAkEA7Fc6zYJw4WwCWa1ni3fYNbzGSQNluuw990024GusjLfhEk1h
+MsIUukTT/n8yxoO7rYp4x+LS+tHF2tBtuxg7CwIDAQABoyIwIDALBgNVHQ8EBAMC
+AQYwEQYJYIZIAYb4QgEBBAQDAgIEMA0GCSqGSIb3DQEBAgUAA0EAFKem0cJGg9nd
+TAbP5o1HIEyNn11ZlvLU5v1Hejs1MKQt72IMm4jjgOH+pjguXW8lB6yzrK4oVOO2
+UNCaNQ1H26GCAa0wgeYwgZEwDQYJKoZIhvcNAQECBQAwYjERMA8GA1UEBxMISW50
+ZXJuZXQxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTQwMgYDVQQLEytWZXJpU2ln
+biBDbGFzcyAxIENBIC0gSW5kaXZpZHVhbCBTdWJzY3JpYmVyFw05NjA3MTcxNzU5
+MjlaFw05NzA3MTgwMDAwMDBaMA0GCSqGSIb3DQEBAgUAA0EAubVWYTsWsQmste9f
++UgMw8BkjDlM25fwQLrCfmmnLxjewey10kSROypUaJLb+r4oRALc0fG9XfZsaiiI
+gotQHjCBwTBtMA0GCSqGSIb3DQEBAgUAMD4xCzAJBgNVBAYTAlVTMRcwFQYDVQQK
+Ew5WZXJpU2lnbiwgSW5jLjEWMBQGA1UECxMNVEVTVCBSb290IFBDQRcNOTYwNzE3
+MTc0NDA5WhcNOTgwNzE3MDAwMDAwWjANBgkqhkiG9w0BAQIFAANBAHitA0/xAukC
+jHzeh1AMT/l2oC68N+yFb+aJPHBBMxc6gG2MaKjBNwb5hcXUllMlExONA3ju10f7
+owIq3s3wx10xAAAAAAA=
+-----END PKCS7-----
diff --git a/test/testreq.pem b/test/testreq.pem
new file mode 100644
index 0000000..ebae21d
--- /dev/null
+++ b/test/testreq.pem
@@ -0,0 +1,9 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIIBQjCB7QIBADCBhzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClF1ZWVuc2xhbmQx
+ETAPBgNVBAcTCEJyaXNiYW5lMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDET
+MBEGA1UEAxMKRXJpYyBZb3VuZzEfMB0GCSqGSIb3DQEJARYQZWF5QG1pbmNvbS5v
+ei5hdTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQCvI9RWlPW/kzMnolxsyBiWfwqI
+9/b9r+GuDb4go1hC5teH3XHYON0PfS0y8ryw56u7C0F+IDjGizOK5hjIHrhrAgMB
+AAGgADANBgkqhkiG9w0BAQQFAANBAAJIIXcUJRF4IW0bTYoBAAWnvWNA6gl2lvNF
+OTkJTP7rQG0kdx/YNbBKAosMUUtEk38o2fzsv64jzXL8weUwoPM=
+-----END CERTIFICATE REQUEST-----
diff --git a/test/testreq2.pem b/test/testreq2.pem
new file mode 100644
index 0000000..c3cdcff
--- /dev/null
+++ b/test/testreq2.pem
@@ -0,0 +1,7 @@
+-----BEGIN CERTIFICATE REQUEST-----
+MIHaMIGFAgEAMA4xDDAKBgNVBAMTA2NuNDBcMA0GCSqGSIb3DQEBAQUAA0sAMEgC
+QQCQsnkyUGDY2R3mYoeTprFJKgWuJ3f1jUjlIuW5+wfAUoeMt35c4vcFZ2mIBpEG
+DtzkNQN1kr2O9ldm9zYnYhyhAgMBAAGgEjAQBgorBgEEAYI3AgEOMQIwADANBgkq
+hkiG9w0BAQQFAANBAAb2szZgVIxg3vK6kYLjGSBISyuzcXJ6IvuPW6M+yzi1Qgoi
+gQhazHTJp91T8ItZEzUJGZSZl2e5iXlnffWB+/U=
+-----END CERTIFICATE REQUEST-----
diff --git a/test/testrsa.pem b/test/testrsa.pem
new file mode 100644
index 0000000..aad2106
--- /dev/null
+++ b/test/testrsa.pem
@@ -0,0 +1,9 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIIBPAIBAAJBAKrbeqkuRk8VcRmWFmtP+LviMB3+6dizWW3DwaffznyHGAFwUJ/I
+Tv0XtbsCyl3QoyKGhrOAy3RvPK5M38iuXT0CAwEAAQJAZ3cnzaHXM/bxGaR5CR1R
+rD1qFBAVfoQFiOH9uPJgMaoAuoQEisPHVcZDKcOv4wEg6/TInAIXBnEigtqvRzuy
+oQIhAPcgZzUq3yVooAaoov8UbXPxqHlwo6GBMqnv20xzkf6ZAiEAsP4BnIaQTM8S
+mvcpHZwQJdmdHHkGKAs37Dfxi67HbkUCIQCeZGliHXFa071Fp06ZeWlR2ADonTZz
+rJBhdTe0v5pCeQIhAIZfkiGgGBX4cIuuckzEm43g9WMUjxP/0GlK39vIyihxAiEA
+mymehFRT0MvqW5xAKAx7Pgkt8HVKwVhc2LwGKHE0DZM=
+-----END RSA PRIVATE KEY-----
diff --git a/test/testsid.pem b/test/testsid.pem
new file mode 100644
index 0000000..cd8617b
--- /dev/null
+++ b/test/testsid.pem
@@ -0,0 +1,12 @@
+-----BEGIN SSL SESSION PARAMETERS-----
+MIIBxwIBAQIBAgQDAQCABBCi11xa5qkOP8xrr02K/NQCBBBkIYQZM0Bt95W0EHNV
+bA58oQYCBDIBr7WiBAICASyjggGGMIIBgjCCASwCAQMwDQYJKoZIhvcNAQEEBQAw
+ODELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3Jz
+YSB0ZXN0IENBMB4XDTk1MTAwOTIzMzEzNFoXDTk4MDcwNTIzMzEzNFowYDELMAkG
+A1UEBhMCQVUxDDAKBgNVBAgTA1FMRDEZMBcGA1UEChMQTWluY29tIFB0eS4gTHRk
+LjELMAkGA1UECxMCQ1MxGzAZBgNVBAMTElNTTGVheSBkZW1vIGNsaWVudDBcMA0G
+CSqGSIb3DQEBAQUAA0sAMEgCQQC4pcXEL1lgVA+B5Q3TcuW/O3LZHoA73IYm8oFD
+TezgCDhL2RTMn+seKWF36UtJKRIOBU9jZHCVVd0Me5ls6BEjAgMBAAEwDQYJKoZI
+hvcNAQEEBQADQQBoIpOcwUY1qlVF7j3ROSGvUsbvByOBFmYWkIBgsCqR+9qo1A7L
+CrWF5i8LWt/vLwAHaxWNx2YuBJMFyuK81fTv
+-----END SSL SESSION PARAMETERS-----
diff --git a/test/testss b/test/testss
new file mode 100644
index 0000000..a5aecf4
--- /dev/null
+++ b/test/testss
@@ -0,0 +1,89 @@
+#!/bin/sh
+
+digest='-mdc2'
+reqcmd="../apps/ssleay req"
+x509cmd="../apps/ssleay x509 $digest"
+verifycmd="../apps/ssleay verify"
+
+CAkey="keyCA.ss"
+CAcert="certCA.ss"
+CAreq="reqCA.ss"
+CAconf="CAss.cnf"
+CAreq2="req2CA.ss" # temp
+
+Uconf="Uss.cnf"
+Ukey="keyU.ss"
+Ureq="reqU.ss"
+Ucert="certU.ss"
+
+echo
+echo "make a certificate request using 'req'"
+$reqcmd -config $CAconf -out $CAreq -keyout $CAkey -new #>err.ss
+if [ $? != 0 ]; then
+ echo "error using 'req' to generate a certificate request"
+ exit 1
+fi
+echo
+echo "convert the certificate request into a self signed certificate using 'x509'"
+$x509cmd -CAcreateserial -in $CAreq -days 30 -req -out $CAcert -signkey $CAkey >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'x509' to self sign a certificate request"
+ exit 1
+fi
+
+echo
+echo "convert a certificate into a certificate request using 'x509'"
+$x509cmd -in $CAcert -x509toreq -signkey $CAkey -out $CAreq2 >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'x509' convert a certificate to a certificate request"
+ exit 1
+fi
+
+$reqcmd -verify -in $CAreq -noout
+if [ $? != 0 ]; then
+ echo first generated request is invalid
+ exit 1
+fi
+
+$reqcmd -verify -in $CAreq2 -noout
+if [ $? != 0 ]; then
+ echo second generated request is invalid
+ exit 1
+fi
+
+$verifycmd -CAfile $CAcert $CAcert
+if [ $? != 0 ]; then
+ echo first generated cert is invalid
+ exit 1
+fi
+
+echo
+echo "make another certificate request using 'req'"
+$reqcmd -config $Uconf -out $Ureq -keyout $Ukey -new >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'req' to generate a certificate request"
+ exit 1
+fi
+
+echo
+echo "sign certificate request with the just created CA via 'x509'"
+$x509cmd -CAcreateserial -in $Ureq -days 30 -req -out $Ucert -CA $CAcert -CAkey $CAkey >err.ss
+if [ $? != 0 ]; then
+ echo "error using 'x509' to sign a certificate request"
+ exit 1
+fi
+
+$verifycmd -CAfile $CAcert $Ucert
+echo
+echo "Certificate details"
+$x509cmd -subject -issuer -startdate -enddate -noout -in $Ucert
+
+echo
+echo The generated CA certificate is $CAcert
+echo The generated CA private key is $CAkey
+
+echo The generated user certificate is $Ucert
+echo The generated user private key is $Ukey
+
+/bin/rm err.ss
+exit 0
diff --git a/test/testssl b/test/testssl
new file mode 100644
index 0000000..f115adb
--- /dev/null
+++ b/test/testssl
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+echo test sslv2
+./ssltest -ssl2 || exit 1
+
+echo test sslv2 with server authentication
+./ssltest -ssl2 -server_auth -CApath ../certs || exit 1
+
+echo test sslv2 with client authentication
+./ssltest -ssl2 -client_auth -CApath ../certs || exit 1
+
+echo test sslv2 with both client and server authentication
+./ssltest -ssl2 -server_auth -client_auth -CApath ../certs || exit 1
+
+echo test sslv3
+./ssltest -ssl3 || exit 1
+
+echo test sslv3 with server authentication
+./ssltest -ssl3 -server_auth -CApath ../certs || exit 1
+
+echo test sslv3 with client authentication
+./ssltest -ssl3 -client_auth -CApath ../certs || exit 1
+
+echo test sslv3 with both client and server authentication
+./ssltest -ssl3 -server_auth -client_auth -CApath ../certs || exit 1
+
+echo test sslv2/sslv3
+./ssltest || exit 1
+
+echo test sslv2/sslv3 with server authentication
+./ssltest -server_auth -CApath ../certs || exit 1
+
+echo test sslv2/sslv3 with client authentication
+./ssltest -client_auth -CApath ../certs || exit 1
+
+echo test sslv2/sslv3 with both client and server authentication
+./ssltest -server_auth -client_auth -CApath ../certs || exit 1
+
+exit 0
+
diff --git a/test/testx509.pem b/test/testx509.pem
new file mode 100644
index 0000000..8a85d14
--- /dev/null
+++ b/test/testx509.pem
@@ -0,0 +1,10 @@
+-----BEGIN CERTIFICATE-----
+MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV
+BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz
+MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM
+RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF
+AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO
+/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE
+Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ
+zl9HYIMxATFyqSiD9jsx
+-----END CERTIFICATE-----
diff --git a/test/tpkcs7 b/test/tpkcs7
new file mode 100644
index 0000000..ea1f005
--- /dev/null
+++ b/test/tpkcs7
@@ -0,0 +1,51 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay pkcs7'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testp7.pem
+fi
+
+echo testing pkcs7 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/tpkcs7d b/test/tpkcs7d
new file mode 100644
index 0000000..c8f18fb
--- /dev/null
+++ b/test/tpkcs7d
@@ -0,0 +1,44 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay pkcs7'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=pkcs7-1.pem
+fi
+
+echo testing pkcs7 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/treq b/test/treq
new file mode 100644
index 0000000..e5f1d8c
--- /dev/null
+++ b/test/treq
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay req'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testreq.pem
+fi
+
+echo testing req conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -verify -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -verify -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/trsa b/test/trsa
new file mode 100644
index 0000000..e5b8fe0
--- /dev/null
+++ b/test/trsa
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay rsa'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testrsa.pem
+fi
+
+echo testing rsa conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/tsid b/test/tsid
new file mode 100644
index 0000000..8c7e9b1
--- /dev/null
+++ b/test/tsid
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay sess_id'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testsid.pem
+fi
+
+echo testing session-id conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in fff.p -inform p -outform t >f.t
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> d"
+#$cmd -in f.t -inform t -outform d >ff.d2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+#echo "d -> t"
+#$cmd -in f.d -inform d -outform t >ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#echo "t -> t"
+#$cmd -in f.t -inform t -outform t >ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#echo "p -> t"
+#$cmd -in f.p -inform p -outform t >ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#echo "t -> p"
+#$cmd -in f.t -inform t -outform p >ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp fff.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+#cmp f.t ff.t1
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t2
+#if [ $? != 0 ]; then exit 1; fi
+#cmp f.t ff.t3
+#if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+#cmp f.p ff.p2
+#if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/tx509 b/test/tx509
new file mode 100644
index 0000000..f8d1f82
--- /dev/null
+++ b/test/tx509
@@ -0,0 +1,81 @@
+#!/bin/sh
+
+PATH=../apps:$PATH
+export PATH
+
+cmd='../apps/ssleay x509'
+
+if [ "$1"x != "x" ]; then
+ t=$1
+else
+ t=testx509.pem
+fi
+
+echo testing X509 conversions
+cp $t fff.p
+
+echo "p -> d"
+$cmd -in fff.p -inform p -outform d >f.d
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in fff.p -inform p -outform n >f.n
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in fff.p -inform p -outform p >f.p
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> d"
+$cmd -in f.d -inform d -outform d >ff.d1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> d"
+$cmd -in f.n -inform n -outform d >ff.d2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> d"
+$cmd -in f.p -inform p -outform d >ff.d3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> n"
+$cmd -in f.d -inform d -outform n >ff.n1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> n"
+$cmd -in f.n -inform n -outform n >ff.n2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> n"
+$cmd -in f.p -inform p -outform n >ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+echo "d -> p"
+$cmd -in f.d -inform d -outform p >ff.p1
+if [ $? != 0 ]; then exit 1; fi
+echo "n -> p"
+$cmd -in f.n -inform n -outform p >ff.p2
+if [ $? != 0 ]; then exit 1; fi
+echo "p -> p"
+$cmd -in f.p -inform p -outform p >ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp fff.p f.p
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp fff.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.n ff.n1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.n ff.n2
+if [ $? != 0 ]; then exit 1; fi
+cmp f.n ff.n3
+if [ $? != 0 ]; then exit 1; fi
+
+cmp f.p ff.p1
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p2
+if [ $? != 0 ]; then exit 1; fi
+cmp f.p ff.p3
+if [ $? != 0 ]; then exit 1; fi
+
+/bin/rm -f f.* ff.* fff.*
+exit 0
diff --git a/test/v3-cert1.pem b/test/v3-cert1.pem
new file mode 100644
index 0000000..0da253d
--- /dev/null
+++ b/test/v3-cert1.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx
+NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz
+dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw
+ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu
+ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2
+ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp
+miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C
+AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK
+Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x
+DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR
+MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB
+AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21
+X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3
+WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO
+-----END CERTIFICATE-----
diff --git a/test/v3-cert2.pem b/test/v3-cert2.pem
new file mode 100644
index 0000000..de0723f
--- /dev/null
+++ b/test/v3-cert2.pem
@@ -0,0 +1,16 @@
+-----BEGIN CERTIFICATE-----
+MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD
+YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0
+ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu
+dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1
+WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV
+BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx
+FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA
+6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT
+G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ
+YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm
+b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc
+F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz
+lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap
+jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=
+-----END CERTIFICATE-----
diff --git a/times/486-66.dos b/times/486-66.dos
new file mode 100644
index 0000000..1644bf8
--- /dev/null
+++ b/times/486-66.dos
@@ -0,0 +1,22 @@
+MS-dos static libs, 16bit C build, 16bit assember
+
+SSLeay 0.6.1
+options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /f- /Ocgnotb2 /G2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -D
+NO_SOCK
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 18.62k 55.54k 76.88k 85.39k 86.52k
+md5 94.03k 442.06k 794.38k 974.51k 1061.31k
+sha 38.37k 166.23k 272.78k 331.41k 353.77k
+sha1 34.38k 147.77k 244.77k 292.57k 312.08k
+rc4 641.25k 795.34k 817.16k 829.57k 817.16k
+des cfb 111.46k 118.08k 120.69k 119.16k 119.37k
+des cbc 122.96k 135.69k 137.10k 135.69k 135.40k
+des ede3 48.01k 50.92k 50.32k 50.96k 50.96k
+idea cfb 97.09k 100.21k 100.36k 101.14k 100.98k
+idea cbc 102.08k 109.41k 111.46k 111.65k 110.52k
+rc2 cfb 120.47k 125.55k 125.79k 125.55k 125.55k
+rc2 cbc 129.77k 140.33k 143.72k 142.16k 141.85k
+rsa 512 bits 0.264s
+rsa 1024 bits 1.494s
diff --git a/times/486-66.nt b/times/486-66.nt
new file mode 100644
index 0000000..b26a900
--- /dev/null
+++ b/times/486-66.nt
@@ -0,0 +1,22 @@
+SSLeay 0.6.1 02-Jul-1996
+built on Fri Jul 10 09:53:15 EST 1996
+options:bn(64,32) md2(int) rc4(idx,int) des(idx,long) idea(int)
+C flags:cl /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /nologo -DWIN32 -DL_ENDIAN /MD
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 38.27k 107.28k 145.43k 159.60k 164.15k
+md5 399.00k 1946.13k 3610.80k 4511.94k 4477.27k
+sha 182.04k 851.26k 1470.65k 1799.20k 1876.48k
+sha1 151.83k 756.55k 1289.76k 1567.38k 1625.70k
+rc4 1853.92k 2196.25k 2232.91k 2241.31k 2152.96k
+des cfb 360.58k 382.69k 384.94k 386.07k 377.19k
+des cbc 376.10k 431.87k 436.32k 437.78k 430.45k
+des ede3 152.55k 160.38k 161.51k 161.33k 159.98k
+idea cfb 245.59k 255.60k 256.65k 257.16k 254.61k
+idea cbc 257.16k 276.12k 279.05k 279.11k 276.70k
+rc2 cfb 280.25k 293.49k 294.74k 294.15k 291.47k
+rc2 cbc 295.47k 321.57k 324.76k 324.76k 320.00k
+rsa 512 bits 0.084s
+rsa 1024 bits 0.495s
+rsa 2048 bits 3.435s
+
diff --git a/times/486-66.w31 b/times/486-66.w31
new file mode 100644
index 0000000..381f149
--- /dev/null
+++ b/times/486-66.w31
@@ -0,0 +1,23 @@
+Windows 3.1 DLL's, 16 bit C with 32bit assember
+
+SSLeay 0.6.1 02-Jul-1996
+built on Wed Jul 10 09:53:15 EST 1996
+options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 18.94k 54.27k 73.43k 80.91k 83.75k
+md5 78.96k 391.26k 734.30k 919.80k 992.97k
+sha 39.01k 168.04k 280.67k 336.08k 359.10k
+sha1 35.20k 150.14k 247.31k 294.54k 313.94k
+rc4 509.61k 655.36k 678.43k 677.02k 670.10k
+des cfb 97.09k 104.69k 106.56k 105.70k 106.56k
+des cbc 116.82k 129.77k 131.07k 131.07k 131.07k
+des ede3 44.22k 47.90k 48.53k 48.47k 47.86k
+idea cfb 83.49k 87.03k 87.03k 87.15k 87.73k
+idea cbc 89.04k 96.23k 96.95k 97.81k 97.09k
+rc2 cfb 108.32k 113.58k 113.78k 114.57k 114.77k
+rc2 cbc 118.08k 131.07k 134.02k 134.02k 132.66k
+rsa 512 bits 0.181s
+rsa 1024 bits 0.846s
+
diff --git a/times/586-100.dos b/times/586-100.dos
new file mode 100644
index 0000000..3085c25
--- /dev/null
+++ b/times/586-100.dos
@@ -0,0 +1,24 @@
+ms-dos static libs, 16 bit C and 16 bit assmber
+
+SSLeay 0.6.1 02-Jul-1996
+built on Tue Jul 9 22:52:54 EST 1996
+options:bn(32,16) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DMSDOS -DNO_SOCK
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 45.99k 130.75k 176.53k 199.35k 203.21k
+md5 236.17k 1072.16k 1839.61k 2221.56k 2383.13k
+sha 107.97k 459.10k 757.64k 908.64k 954.99k
+sha1 96.95k 409.92k 672.16k 788.40k 844.26k
+rc4 1659.14k 1956.30k 2022.72k 2022.72k 2022.72k
+des cfb 313.57k 326.86k 326.86k 331.83k 326.86k
+des cbc 345.84k 378.82k 378.82k 384.38k 378.82k
+des ede3 139.59k 144.66k 144.61k 144.45k 143.29k
+idea cfb 262.67k 274.21k 274.21k 274.21k 274.21k
+idea cbc 284.32k 318.14k 318.14k 318.14k 318.14k
+rc2 cfb 265.33k 274.21k 277.69k 277.11k 277.69k
+rc2 cbc 283.71k 310.60k 309.86k 313.57k 314.32k
+rsa 512 bits 0.104s
+rsa 1024 bits 0.566s
+rsa 2048 bits 3.680s
+rsa 4096 bits 26.740s
diff --git a/times/586-100.lnx b/times/586-100.lnx
new file mode 100644
index 0000000..0c05173
--- /dev/null
+++ b/times/586-100.lnx
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 12 04:13:55 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 72.95k 202.77k 274.01k 300.37k 309.23k
+md5 770.57k 4094.02k 7409.41k 9302.36k 9986.05k
+sha 363.05k 1571.07k 2613.85k 3134.81k 3320.49k
+sha1 340.94k 1462.85k 2419.20k 2892.12k 3042.35k
+rc4 3676.91k 4314.94k 4407.47k 4430.51k 4412.76k
+des cbc 1489.95k 1799.08k 1841.66k 1851.73k 1848.66k
+des ede3 621.93k 711.19k 726.10k 729.77k 729.09k
+idea cbc 618.16k 676.99k 683.09k 684.37k 683.59k
+rc2 cbc 537.59k 573.93k 578.56k 579.58k 579.70k
+blowfish cbc 2077.57k 2682.20k 2827.18k 2840.92k 2842.62k
+rsa 512 bits 0.024s 0.003
+rsa 1024 bits 0.120s 0.003
+rsa 2048 bits 0.751s 0.026
+rsa 4096 bits 5.320s 0.096
+dsa 512 bits 0.022s 0.042
+dsa 1024 bits 0.065s 0.126
+dsa 2048 bits 0.227s 0.449
diff --git a/times/586-100.nt b/times/586-100.nt
new file mode 100644
index 0000000..9adcac3
--- /dev/null
+++ b/times/586-100.nt
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 19 10:47:38 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 89.57k 245.94k 331.59k 362.95k 373.29k
+md5 858.93k 4175.51k 7700.21k 9715.78k 10369.11k
+sha 466.18k 2103.67k 3607.69k 4399.31k 4669.16k
+sha1 449.59k 2041.02k 3496.13k 4256.45k 4512.92k
+rc4 5862.55k 7447.27k 7698.80k 7768.38k 7653.84k
+des cbc 1562.71k 1879.84k 1928.24k 1938.93k 1911.02k
+des ede3 680.27k 707.97k 728.62k 733.15k 725.98k
+idea cbc 797.46k 885.85k 895.68k 898.06k 896.45k
+rc2 cbc 609.46k 648.75k 654.01k 654.42k 653.60k
+blowfish cbc 2357.94k 3000.22k 3106.89k 3134.76k 3080.42k
+rsa 512 bits 0.022s 0.003
+rsa 1024 bits 0.112s 0.003
+rsa 2048 bits 0.726s 0.026
+rsa 4096 bits 5.268s 0.095
+dsa 512 bits 0.021s 0.039
+dsa 1024 bits 0.063s 0.127
+dsa 2048 bits 0.224s 0.451
diff --git a/times/586-100.w31 b/times/586-100.w31
new file mode 100644
index 0000000..d5b1c10
--- /dev/null
+++ b/times/586-100.w31
@@ -0,0 +1,27 @@
+Pentium 100, Windows 3.1 DLL's, 16 bit C, 32bit assember.
+
+Running under Windows NT 4.0 Beta 2
+
+SSLeay 0.6.4 20-Aug-1996
+built on Thu Aug 22 08:44:21 EST 1996
+options:bn(32,32) md2(char) rc4(idx,int) des(ptr,long) idea(short)
+C flags:cl /ALw /Gx- /Gf /G2 /f- /Ocgnotb2 /W3 /WX -DL_ENDIAN /nologo -DWIN16
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 45.83k 128.82k 180.17k 194.90k 198.59k
+md5 224.82k 1038.19k 1801.68k 2175.47k 2330.17k
+sha 105.11k 448.11k 739.48k 884.13k 944.66k
+sha1 94.71k 402.99k 667.88k 795.58k 844.26k
+rc4 1614.19k 1956.30k 2022.72k 2022.72k 2022.72k
+des cfb 291.27k 318.14k 318.14k 318.14k 322.84k
+des cbc 326.86k 356.17k 362.08k 362.08k 367.15k
+des ede3 132.40k 139.57k 139.53k 139.37k 140.97k
+idea cfb 265.33k 280.67k 280.67k 277.69k 281.27k
+idea cbc 274.21k 302.01k 306.24k 306.24k 305.53k
+rc2 cfb 264.79k 274.21k 274.78k 274.21k 274.21k
+rc2 cbc 281.27k 306.24k 309.86k 305.53k 309.86k
+rsa 512 bits 0.058s
+rsa 1024 bits 0.280s
+rsa 2048 bits 1.430s
+rsa 4096 bits 10.600s
+
diff --git a/times/586p-100.lnx b/times/586p-100.lnx
new file mode 100644
index 0000000..561eb31
--- /dev/null
+++ b/times/586p-100.lnx
@@ -0,0 +1,26 @@
+Pentium 100 - Linux 1.2.13 - gcc 2.7.2p
+This is the pentium specific version of gcc
+
+SSLeay 0.6.4 20-Aug-1996
+built on Thu Aug 22 08:27:58 EST 1996
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,long) idea(int)
+C flags:gcc -DL_ENDIAN -DTERMIO -O6 -fomit-frame-pointer -mpentium -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 74.90k 208.43k 282.11k 309.59k 318.43k
+md5 807.08k 4205.67k 7801.51k 9958.06k 10810.71k
+sha 405.98k 1821.55k 3119.10k 3799.04k 4052.31k
+sha1 389.13k 1699.50k 2852.78k 3437.57k 3656.36k
+rc4 3621.15k 4130.07k 4212.74k 4228.44k 4213.42k
+des cfb 794.39k 828.37k 831.74k 832.51k 832.85k
+des cbc 817.68k 886.17k 894.72k 896.00k 892.93k
+des ede3 308.83k 323.29k 324.61k 324.95k 324.95k
+idea cfb 690.41k 715.39k 718.51k 719.19k 718.17k
+idea cbc 696.80k 760.60k 767.32k 768.68k 770.05k
+rc2 cfb 619.91k 639.74k 642.30k 642.73k 641.71k
+rc2 cbc 631.99k 671.42k 676.35k 676.18k 677.21k
+rsa 512 bits 0.025s
+rsa 1024 bits 0.123s
+rsa 2048 bits 0.756s
+rsa 4096 bits 5.365s
+
diff --git a/times/686-200.bsd b/times/686-200.bsd
new file mode 100644
index 0000000..f23c580
--- /dev/null
+++ b/times/686-200.bsd
@@ -0,0 +1,25 @@
+Pentium Pro 200mhz
+FreeBSD 2.1.5
+gcc 2.7.2.2
+
+SSLeay 0.7.0 30-Jan-1997
+built on Tue Apr 22 12:14:36 EST 1997
+options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:gcc -DTERMIOS -D_ANSI_SOURCE -fomit-frame-pointer -O3 -m486 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 130.99k 367.68k 499.09k 547.04k 566.50k
+md5 1924.98k 8293.50k 13464.41k 16010.39k 16820.68k
+sha 1250.75k 5330.43k 8636.88k 10227.36k 10779.14k
+sha1 1071.55k 4572.50k 7459.98k 8791.96k 9341.61k
+rc4 10724.22k 14546.25k 15240.18k 15259.50k 15265.63k
+des cbc 3309.11k 3883.01k 3968.25k 3971.86k 3979.14k
+des ede3 1442.98k 1548.33k 1562.48k 1562.00k 1563.33k
+idea cbc 2195.69k 2506.39k 2529.59k 2545.66k 2546.54k
+rc2 cbc 806.00k 833.52k 837.58k 838.52k 836.69k
+blowfish cbc 4687.34k 5949.97k 6182.43k 6248.11k 6226.09k
+rsa 512 bits 0.010s
+rsa 1024 bits 0.045s
+rsa 2048 bits 0.260s
+rsa 4096 bits 1.690s
+
diff --git a/times/686-200.nt b/times/686-200.nt
new file mode 100644
index 0000000..c8cbaa0
--- /dev/null
+++ b/times/686-200.nt
@@ -0,0 +1,24 @@
+built on Tue May 13 08:24:51 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfi
+sh(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 156.39k 427.99k 576.14k 628.36k 647.27k
+md5 2120.48k 10255.02k 18396.07k 22795.13k 24244.53k
+sha 1468.59k 6388.89k 10686.12k 12826.62k 13640.01k
+sha1 1393.46k 6013.34k 9974.56k 11932.59k 12633.45k
+rc4 13833.46k 19275.29k 20321.24k 20281.93k 20520.08k
+des cbc 3382.50k 4104.02k 4152.78k 4194.30k 4194.30k
+des ede3 1465.51k 1533.00k 1549.96k 1553.29k 1570.29k
+idea cbc 2579.52k 3079.52k 3130.08k 3153.61k 3106.89k
+rc2 cbc 1204.57k 1276.42k 1285.81k 1289.76k 1285.81k
+blowfish cbc 5229.81k 6374.32k 6574.14k 6574.14k 6594.82k
+rsa 512 bits 0.008s 0.001
+rsa 1024 bits 0.038s 0.001
+rsa 2048 bits 0.231s 0.008
+rsa 4096 bits 1.540s 0.027
+dsa 512 bits 0.007s 0.013
+dsa 1024 bits 0.021s 0.040
+dsa 2048 bits 0.066s 0.130
+
diff --git a/times/R10000.t b/times/R10000.t
new file mode 100644
index 0000000..6b3874c
--- /dev/null
+++ b/times/R10000.t
@@ -0,0 +1,24 @@
+IRIX 6.2 - R10000 195mhz
+SLeay 0.6.5a 06-Dec-1996
+built on Tue Dec 24 03:51:45 EST 1996
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
+C flags:cc -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 156.34k 424.03k 571.88k 628.88k 646.01k
+md5 1885.02k 8181.72k 13440.53k 16020.60k 16947.54k
+sha 1587.12k 7022.05k 11951.24k 14440.12k 15462.74k
+sha1 1413.13k 6215.86k 10571.16k 12736.22k 13628.51k
+rc4 10556.28k 11974.08k 12077.10k 12111.38k 12103.20k
+des cfb 2977.71k 3252.27k 3284.36k 3302.66k 3290.54k
+des cbc 3298.31k 3704.96k 3771.30k 3730.73k 3778.80k
+des ede3 1278.28k 1328.82k 1342.66k 1339.82k 1343.27k
+idea cfb 2843.34k 3138.04k 3180.95k 3176.46k 3188.54k
+idea cbc 3115.21k 3558.03k 3590.61k 3591.24k 3601.18k
+rc2 cfb 2006.66k 2133.33k 2149.03k 2159.36k 2149.71k
+rc2 cbc 2167.07k 2315.30k 2338.05k 2329.34k 2333.90k
+rsa 512 bits 0.008s
+rsa 1024 bits 0.043s
+rsa 2048 bits 0.280s
+rsa 4096 bits 2.064s
+
diff --git a/times/R4400.t b/times/R4400.t
new file mode 100644
index 0000000..af8848f
--- /dev/null
+++ b/times/R4400.t
@@ -0,0 +1,26 @@
+IRIX 5.3
+R4400 200mhz
+cc -O2
+SSLeay 0.6.5a 06-Dec-1996
+built on Mon Dec 23 11:51:11 EST 1996
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc2,16,long) idea(int)
+C flags:cc -O2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 100.62k 280.25k 380.15k 416.02k 428.82k
+md5 828.62k 3525.05k 6311.98k 7742.51k 8328.04k
+sha 580.04k 2513.74k 4251.73k 5101.04k 5394.80k
+sha1 520.23k 2382.94k 4107.82k 5024.62k 5362.56k
+rc4 5871.53k 6323.08k 6357.49k 6392.04k 6305.45k
+des cfb 1016.76k 1156.72k 1176.59k 1180.55k 1181.65k
+des cbc 1016.38k 1303.81k 1349.10k 1359.41k 1356.62k
+des ede3 607.39k 650.74k 655.11k 657.52k 654.18k
+idea cfb 1296.10k 1348.66k 1353.80k 1358.75k 1355.40k
+idea cbc 1453.90k 1554.68k 1567.84k 1569.89k 1573.57k
+rc2 cfb 1199.86k 1251.69k 1253.57k 1259.56k 1251.31k
+rc2 cbc 1334.60k 1428.55k 1441.89k 1445.42k 1441.45k
+rsa 512 bits 0.024s
+rsa 1024 bits 0.125s
+rsa 2048 bits 0.806s
+rsa 4096 bits 5.800s
+
diff --git a/times/aix.t b/times/aix.t
new file mode 100644
index 0000000..4f24e39
--- /dev/null
+++ b/times/aix.t
@@ -0,0 +1,34 @@
+from Paco Garcia <pgarcia@ctv.es>
+This machine is a Bull Estrella Minitower Model MT604-100
+Processor : PPC604
+P.Speed : 100Mhz
+Data/Instr Cache : 16 K
+L2 Cache : 256 K
+PCI BUS Speed : 33 Mhz
+TransfRate PCI : 132 MB/s
+Memory : 96 MB
+
+AIX 4.1.4
+
+SSLeay 0.6.6 14-Jan-1997
+built on Mon Jan 13 21:36:03 CUT 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish
+(idx)
+C flags:cc -O -DAIX -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 53.83k 147.46k 197.63k 215.72k 221.70k
+md5 1278.13k 5354.77k 8679.60k 10195.09k 10780.56k
+sha 1055.34k 4600.37k 7721.30k 9298.94k 9868.63k
+sha1 276.90k 1270.25k 2187.95k 2666.84k 2850.82k
+rc4 4660.57k 5268.93k 5332.48k 5362.47k 5346.65k
+des cbc 1774.16k 1981.10k 1979.56k 2032.71k 1972.25k
+des ede3 748.81k 781.42k 785.66k 785.75k 780.84k
+idea cbc 2066.19k 2329.58k 2378.91k 2379.86k 2380.89k
+rc2 cbc 1278.53k 1379.69k 1389.99k 1393.66k 1389.91k
+blowfish cbc 2812.91k 3307.90k 3364.91k 3386.37k 3374.32k
+rsa 512 bits 0.019s
+rsa 1024 bits 0.096s
+rsa 2048 bits 0.614s
+rsa 4096 bits 4.433s
+
diff --git a/times/aixold.t b/times/aixold.t
new file mode 100644
index 0000000..0b51412
--- /dev/null
+++ b/times/aixold.t
@@ -0,0 +1,23 @@
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 04:06:32 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,4,long) idea(int) blowfish(idx)
+C flags:cc -O -DAIX -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 19.09k 52.47k 71.23k 77.49k 78.93k
+md5 214.56k 941.21k 1585.43k 1883.12k 1988.70k
+sha 118.35k 521.65k 860.28k 1042.27k 1100.46k
+sha1 109.52k 478.98k 825.90k 995.48k 1049.69k
+rc4 1263.63k 1494.24k 1545.70k 1521.66k 1518.99k
+des cbc 259.62k 286.55k 287.15k 288.15k 289.45k
+des ede3 104.92k 107.88k 109.27k 109.25k 109.96k
+idea cbc 291.63k 320.07k 319.40k 320.51k 318.27k
+rc2 cbc 220.04k 237.76k 241.44k 245.90k 244.08k
+blowfish cbc 407.95k 474.83k 480.99k 485.71k 481.07k
+rsa 512 bits 0.157s 0.019
+rsa 1024 bits 0.908s 0.023
+rsa 2048 bits 6.225s 0.218
+rsa 4096 bits 46.500s 0.830
+dsa 512 bits 0.159s 0.312
+dsa 1024 bits 0.536s 1.057
+dsa 2048 bits 1.970s 3.977
diff --git a/times/alpha.t b/times/alpha.t
new file mode 100644
index 0000000..3a7c6c4
--- /dev/null
+++ b/times/alpha.t
@@ -0,0 +1,81 @@
+SSLeay-051 Alpha gcc -O3 64Bit (assember bn_mul)
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 44.40k 121.56k 162.73k 179.20k 185.01k
+md5 780.85k 3278.53k 5281.52k 6327.98k 6684.67k
+sha 501.40k 2249.19k 3855.27k 4801.19k 5160.96k
+sha-1 384.99k 1759.72k 3113.64k 3946.92k 4229.80k
+rc4 3505.05k 3724.54k 3723.78k 3555.33k 3694.68k
+des cfb 946.96k 1015.27k 1021.87k 1033.56k 1037.65k
+des cbc 1001.24k 1220.20k 1243.31k 1272.73k 1265.87k
+des ede3 445.34k 491.65k 500.53k 502.10k 502.44k
+idea cfb 643.53k 667.49k 663.81k 666.28k 664.51k
+idea cbc 650.42k 735.41k 733.27k 742.74k 745.47k
+rsa 512 bits 0.031s
+rsa 1024 bits 0.141s
+rsa 2048 bits 0.844s
+rsa 4096 bits 6.033s
+
+SSLeay-051 Alpha cc -O2 64bit (assember bn_mul)
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 45.37k 122.86k 165.97k 182.95k 188.42k
+md5 842.42k 3629.93k 5916.76k 7039.17k 7364.61k
+sha 498.93k 2197.23k 3895.60k 4756.48k 5132.13k
+sha-1 382.02k 1757.21k 3112.53k 3865.23k 4128.77k
+rc4 2975.25k 3049.33k 3180.97k 3214.68k 3424.26k
+des cfb 901.55k 990.83k 1006.08k 1011.19k 1004.89k
+des cbc 947.84k 1127.84k 1163.67k 1162.24k 1157.80k
+des ede3 435.62k 485.57k 493.67k 491.52k 491.52k
+idea cfb 629.31k 648.66k 647.77k 648.53k 649.90k
+idea cbc 565.15k 608.00k 613.46k 613.38k 617.13k
+rsa 512 bits 0.030s
+rsa 1024 bits 0.141s
+rsa 2048 bits 0.854s
+rsa 4096 bits 6.067s
+
+des cfb 718.28k 822.64k 833.11k 836.27k 841.05k
+des cbc 806.10k 951.42k 975.83k 983.73k 991.23k
+des ede3 329.50k 379.11k 387.95k 387.41k 388.33k
+
+des cfb 871.62k 948.65k 951.81k 953.00k 955.58k
+des cbc 953.60k 1174.27k 1206.70k 1216.10k 1216.44k
+des ede3 349.34k 418.05k 427.26k 429.74k 431.45k
+
+
+
+
+SSLeay-045c Alpha gcc -O3 64Bit
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 44.95k 122.22k 164.27k 180.62k 184.66k
+md5 808.71k 3371.95k 5415.68k 6385.66k 6684.67k
+sha 493.68k 2162.05k 3725.82k 4552.02k 4838.74k
+rc4 3317.32k 3649.09k 3728.30k 3744.09k 3691.86k
+cfb des 996.45k 1050.77k 1058.30k 1059.16k 1064.96k
+cbc des 1096.52k 1255.49k 1282.13k 1289.90k 1299.80k
+ede3 des 482.14k 513.51k 518.66k 520.19k 521.39k
+cfb idea 519.90k 533.40k 535.21k 535.55k 535.21k
+cbc idea 619.34k 682.21k 688.04k 689.15k 690.86k
+rsa 512 bits 0.050s
+rsa 1024 bits 0.279s
+rsa 2048 bits 1.908s
+rsa 4096 bits 14.750s
+
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 37.31k 102.77k 137.64k 151.55k 155.78k
+md5 516.65k 2535.21k 4655.72k 5859.66k 6343.34k
+rc4 3519.61k 3707.01k 3746.86k 3755.39k 3675.48k
+cfb des 780.27k 894.68k 913.10k 921.26k 922.97k
+cbc des 867.54k 1040.13k 1074.17k 1075.54k 1084.07k
+ede3 des 357.19k 397.36k 398.08k 402.28k 401.41k
+cbc idea 646.53k 686.44k 694.03k 691.20k 693.59k
+rsa 512 bits 0.046s
+rsa 1024 bits 0.270s
+rsa 2048 bits 1.858s
+rsa 4096 bits 14.350s
+
+md2 C 37.83k 103.17k 137.90k 150.87k 155.37k
+md2 L 37.30k 102.04k 139.01k 152.74k 155.78k
+rc4 I 3532.24k 3718.08k 3750.83k 3768.78k 3694.59k
+rc4 CI 2662.97k 2873.26k 2907.22k 2920.63k 2886.31k
+rc4 LI 3514.63k 3738.72k 3747.41k 3752.96k 3708.49k
+cbc idea S 619.01k 658.68k 661.50k 662.53k 663.55k
+cbc idea L 645.69k 684.22k 694.55k 692.57k 690.86k
diff --git a/times/alpha400.t b/times/alpha400.t
new file mode 100644
index 0000000..079e0d1
--- /dev/null
+++ b/times/alpha400.t
@@ -0,0 +1,25 @@
+Alpha EV5.6 (21164A) 400mhz
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 03:39:58 EST 1997
+options:bn(64,64) md2(int) rc4(ptr,int) des(idx,cisc,4,long) idea(int) blowfish(idx)
+C flags:cc -arch host -tune host -fast -std -O4 -inline speed
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 274.98k 760.96k 1034.27k 1124.69k 1148.69k
+md5 2524.46k 11602.60k 19838.81k 24075.26k 25745.10k
+sha 1848.46k 8335.66k 14232.49k 17247.91k 18530.30k
+sha1 1639.67k 7336.53k 12371.80k 14807.72k 15870.63k
+rc4 17950.93k 19390.66k 19652.44k 19700.39k 19412.31k
+des cbc 4018.59k 4872.06k 4988.76k 5003.26k 4995.73k
+des ede3 1809.11k 1965.67k 1984.26k 1986.90k 1982.46k
+idea cbc 2848.82k 3204.33k 3250.26k 3257.34k 3260.42k
+rc2 cbc 3766.08k 4349.50k 4432.21k 4448.94k 4448.26k
+blowfish cbc 6694.88k 9042.35k 9486.93k 9598.98k 9624.91k
+rsa 512 bits 0.003s 0.000
+rsa 1024 bits 0.013s 0.000
+rsa 2048 bits 0.081s 0.003
+rsa 4096 bits 0.577s 0.011
+dsa 512 bits 0.003s 0.005
+dsa 1024 bits 0.007s 0.014
+dsa 2048 bits 0.025s 0.050
diff --git a/times/cyrix100.lnx b/times/cyrix100.lnx
new file mode 100644
index 0000000..010a221
--- /dev/null
+++ b/times/cyrix100.lnx
@@ -0,0 +1,22 @@
+SSLeay 0.6.6 06-Dec-1996
+built on Fri Dec 6 10:05:20 GMT 1996
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,risc,16,long) idea(int)
+C flags:gcc -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall -Wuninitialized
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 36.77k 102.48k 138.00k 151.57k 155.78k
+md5 513.59k 2577.22k 4623.51k 5768.99k 6214.53k
+sha 259.89k 1105.45k 1814.97k 2156.16k 2292.13k
+sha1 242.43k 1040.95k 1719.44k 2049.74k 2164.64k
+rc4 1984.48k 2303.41k 2109.37k 2071.47k 1985.61k
+des cfb 712.08k 758.29k 753.17k 752.06k 748.67k
+des cbc 787.37k 937.64k 956.77k 961.61k 957.54k
+des ede3 353.97k 377.28k 379.99k 379.34k 379.11k
+idea cfb 403.80k 418.50k 416.60k 415.78k 415.03k
+idea cbc 426.54k 466.40k 471.31k 472.67k 473.14k
+rc2 cfb 405.15k 420.05k 418.16k 416.72k 416.36k
+rc2 cbc 428.21k 468.43k 473.09k 472.59k 474.70k
+rsa 512 bits 0.040s
+rsa 1024 bits 0.195s
+rsa 2048 bits 1.201s
+rsa 4096 bits 8.700s
diff --git a/times/dgux-x86.t b/times/dgux-x86.t
new file mode 100644
index 0000000..70635c5
--- /dev/null
+++ b/times/dgux-x86.t
@@ -0,0 +1,23 @@
+version:SSLeay 0.5.2c 15-May-1996
+built Fri Jun 14 19:47:04 EST 1996
+options:bn(LLONG,thirty_two) md2(CHAR) rc4(IDX,int) des(ary,long) idea(int)
+C flags:gcc -O3 -fomit-frame-pointer -DL_ENDIAN
+
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 113.86k 316.48k 428.36k 467.63k 481.56k
+md5 1001.99k 5037.99k 9545.94k 12036.95k 11800.38k
+sha 628.77k 2743.48k 5113.42k 6206.99k 6165.42k
+sha1 583.83k 2638.66k 4538.85k 5532.09k 5917.04k
+rc4 5493.27k 6369.39k 6511.30k 6577.83k 6486.73k
+des cfb 1219.01k 1286.06k 1299.33k 1288.87k 1381.72k
+des cbc 1360.58k 1469.04k 1456.96k 1454.08k 1513.57k
+des ede3 544.45k 567.84k 568.99k 570.37k 566.09k
+idea cfb 1012.39k 1056.30k 1063.52k 989.17k 863.24k
+idea cbc 985.36k 1090.44k 1105.92k 1108.65k 1090.17k
+rc2 cfb 963.86k 979.06k 995.30k 937.35k 827.39k
+rc2 cbc 951.72k 1042.11k 1049.60k 1047.21k 1059.11k
+rsa 512 bits 0.032s
+rsa 1024 bits 0.159s
+rsa 2048 bits 1.025s
+rsa 4096 bits 7.270s
+
diff --git a/times/dgux.t b/times/dgux.t
new file mode 100644
index 0000000..c7f7564
--- /dev/null
+++ b/times/dgux.t
@@ -0,0 +1,17 @@
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 38.54k 106.28k 144.00k 157.46k 161.72k
+md5 323.23k 1471.62k 2546.11k 3100.20k 3309.57k
+rc4 I 1902.74k 2055.20k 2080.42k 2077.88k 2065.46k
+cfb des 456.23k 475.22k 481.79k 488.42k 487.17k
+cbc des 484.30k 537.50k 553.09k 558.08k 558.67k
+ede3 des 199.97k 209.05k 211.03k 211.85k 212.78k
+cbc idea 478.50k 519.33k 523.42k 525.09k 526.44k
+rsa 512 bits 0.159s !RSA_LLONG
+rsa 1024 bits 1.053s
+rsa 2048 bits 7.600s
+rsa 4096 bits 59.760s
+
+md2 C 30.53k 83.58k 112.84k 123.22k 126.24k
+rc4 1844.56k 1975.50k 1997.73k 1994.95k 1984.88k
+rc4 C 1800.09k 1968.85k 1995.20k 1992.36k 1996.80k
+rc4 CI 1830.81k 2035.75k 2067.28k 2070.23k 2062.77k
diff --git a/times/hpux-acc.t b/times/hpux-acc.t
new file mode 100644
index 0000000..0c0e936
--- /dev/null
+++ b/times/hpux-acc.t
@@ -0,0 +1,25 @@
+HPUX 887
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 02:59:45 EST 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int) blowfish(idx)
+C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa -Ae +ESlit +O4 -Wl,-a,archive
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 58.99k 166.85k 225.07k 247.21k 253.76k
+md5 639.22k 2726.98k 4477.25k 5312.69k 5605.20k
+sha 381.08k 1661.49k 2793.84k 3368.86k 3581.23k
+sha1 349.54k 1514.56k 2536.63k 3042.59k 3224.39k
+rc4 2891.10k 4238.01k 4464.11k 4532.49k 4545.87k
+des cbc 717.05k 808.76k 820.14k 821.97k 821.96k
+des ede3 288.21k 303.50k 303.69k 305.82k 305.14k
+idea cbc 325.83k 334.36k 335.89k 336.61k 333.43k
+rc2 cbc 793.00k 915.81k 926.69k 933.28k 929.53k
+blowfish cbc 1561.91k 2051.97k 2122.65k 2139.40k 2145.92k
+rsa 512 bits 0.031s 0.004
+rsa 1024 bits 0.164s 0.004
+rsa 2048 bits 1.055s 0.037
+rsa 4096 bits 7.600s 0.137
+dsa 512 bits 0.029s 0.057
+dsa 1024 bits 0.092s 0.177
+dsa 2048 bits 0.325s 0.646
diff --git a/times/hpux-kr.t b/times/hpux-kr.t
new file mode 100644
index 0000000..ad4a0ad
--- /dev/null
+++ b/times/hpux-kr.t
@@ -0,0 +1,23 @@
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 02:17:35 EST 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,cisc,16,long) idea(int) blowfish(idx)
+C flags:cc -DB_ENDIAN -DNOCONST -DNOPROTO -D_HPUX_SOURCE
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 35.30k 98.36k 133.41k 146.34k 150.69k
+md5 391.20k 1737.31k 2796.65k 3313.75k 3503.74k
+sha 189.55k 848.14k 1436.72k 1735.87k 1848.03k
+sha1 175.30k 781.14k 1310.32k 1575.61k 1675.81k
+rc4 2070.55k 2501.47k 2556.65k 2578.34k 2584.91k
+des cbc 465.13k 536.85k 545.87k 547.86k 548.89k
+des ede3 190.05k 200.99k 202.31k 202.22k 202.75k
+idea cbc 263.44k 277.77k 282.13k 281.51k 283.15k
+rc2 cbc 448.37k 511.39k 519.54k 522.00k 521.31k
+blowfish cbc 839.98k 1097.70k 1131.16k 1145.64k 1144.67k
+rsa 512 bits 0.048s 0.005
+rsa 1024 bits 0.222s 0.006
+rsa 2048 bits 1.272s 0.042
+rsa 4096 bits 8.445s 0.149
+dsa 512 bits 0.041s 0.077
+dsa 1024 bits 0.111s 0.220
+dsa 2048 bits 0.363s 0.726
diff --git a/times/hpux.t b/times/hpux.t
new file mode 100644
index 0000000..dcf7615
--- /dev/null
+++ b/times/hpux.t
@@ -0,0 +1,86 @@
+HP-UX A.09.05 9000/712
+
+SSLeay 0.6.6 14-Jan-1997
+built on Tue Jan 14 16:36:31 WET 1997
+options:bn(32,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int)
+blowfish(idx)
+C flags:cc -DB_ENDIAN -D_HPUX_SOURCE -Aa +ESlit +O2 -Wl,-a,archive
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 66.56k 184.92k 251.82k 259.86k 282.62k
+md5 615.54k 2805.92k 4764.30k 5724.21k 6084.39k
+sha 358.23k 1616.46k 2781.50k 3325.72k 3640.89k
+sha1 327.50k 1497.98k 2619.44k 3220.26k 3460.85k
+rc4 3500.47k 3890.99k 3943.81k 3883.74k 3900.02k
+des cbc 742.65k 871.66k 887.15k 891.21k 895.40k
+des ede3 302.42k 322.50k 324.46k 326.66k 326.05k
+idea cbc 664.41k 755.87k 765.61k 772.70k 773.69k
+rc2 cbc 798.78k 931.04k 947.69k 950.31k 952.04k
+blowfish cbc 1353.32k 1932.29k 2021.93k 2047.02k 2053.66k
+rsa 512 bits 0.059s
+rsa 1024 bits 0.372s
+rsa 2048 bits 2.697s
+rsa 4096 bits 20.790s
+
+SSLeay 0.6.6 14-Jan-1997
+built on Tue Jan 14 15:37:30 WET 1997
+options:bn(64,32) md2(int) rc4(ptr,int) des(ptr,risc1,16,long) idea(int)
+blowfish(idx)
+C flags:gcc -DB_ENDIAN -O3
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 44.91k 122.57k 167.71k 183.89k 190.24k
+md5 532.50k 2316.27k 3965.72k 4740.11k 5055.06k
+sha 363.76k 1684.09k 2978.53k 3730.86k 3972.72k
+sha1 385.76k 1743.53k 2997.69k 3650.74k 3899.08k
+rc4 3178.84k 3621.31k 3672.71k 3684.01k 3571.54k
+des cbc 733.00k 844.70k 863.28k 863.72k 868.73k
+des ede3 289.99k 308.94k 310.11k 309.64k 312.08k
+idea cbc 624.07k 713.91k 724.76k 723.35k 725.13k
+rc2 cbc 704.34k 793.39k 804.25k 805.99k 782.63k
+blowfish cbc 1371.24k 1823.66k 1890.05k 1915.51k 1920.12k
+rsa 512 bits 0.030s
+rsa 1024 bits 0.156s
+rsa 2048 bits 1.113s
+rsa 4096 bits 7.480s
+
+
+HPUX B.10.01 V 9000/887 - HP92453-01 A.10.11 HP C Compiler
+SSLeay 0.5.2 - -Aa +ESlit +Oall +O4 -Wl,-a,archive
+
+HPUX A.09.04 B 9000/887
+
+ssleay 0.5.1 gcc v 2.7.0 -O3 -mpa-risc-1-1
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 53.00k 166.81k 205.66k 241.95k 242.20k
+md5 743.22k 3128.44k 6031.85k 6142.07k 7025.26k
+sha 481.30k 2008.24k 3361.31k 3985.07k 4180.74k
+sha-1 463.60k 1916.15k 3139.24k 3786.27k 3997.70k
+rc4 3708.61k 4125.16k 4547.53k 4206.21k 4390.07k
+des cfb 665.91k 705.97k 698.48k 694.25k 666.08k
+des cbc 679.80k 741.90k 769.85k 747.62k 719.47k
+des ede3 264.31k 270.22k 265.63k 273.07k 273.07k
+idea cfb 635.91k 673.40k 605.60k 699.53k 672.36k
+idea cbc 705.85k 774.63k 750.60k 715.83k 721.50k
+rsa 512 bits 0.066s
+rsa 1024 bits 0.372s
+rsa 2048 bits 2.177s
+rsa 4096 bits 16.230s
+
+HP92453-01 A.09.61 HP C Compiler
+ssleay 0.5.1 cc -Ae +ESlit +Oall -Wl,-a,archive
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 58.69k 163.30k 213.57k 230.40k 254.23k
+md5 608.60k 2596.82k 3871.43k 4684.10k 4763.88k
+sha 343.26k 1482.43k 2316.80k 2766.27k 2860.26k
+sha-1 319.15k 1324.13k 2106.03k 2527.82k 2747.95k
+rc4 2467.47k 3374.41k 3265.49k 3354.39k 3368.55k
+des cfb 812.05k 814.90k 851.20k 819.20k 854.56k
+des cbc 836.35k 994.06k 916.02k 1020.01k 988.14k
+des ede3 369.78k 389.15k 401.01k 382.94k 408.03k
+idea cfb 290.40k 298.06k 286.11k 296.92k 299.46k
+idea cbc 301.30k 297.72k 304.34k 300.10k 309.70k
+rsa 512 bits 0.350s
+rsa 1024 bits 2.635s
+rsa 2048 bits 19.930s
+
diff --git a/times/p2.w95 b/times/p2.w95
new file mode 100644
index 0000000..82d1e55
--- /dev/null
+++ b/times/p2.w95
@@ -0,0 +1,22 @@
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 235.90k 652.30k 893.36k 985.74k 985.74k
+mdc2 779.61k 816.81k 825.65k 816.01k 825.65k
+md5 2788.77k 13508.23k 24672.38k 30504.03k 33156.55k
+sha 1938.22k 8397.01k 14122.24k 16980.99k 18196.55k
+sha1 1817.29k 7832.50k 13168.93k 15738.48k 16810.84k
+rc4 15887.52k 21709.65k 22745.68k 22995.09k 22995.09k
+des cbc 4599.02k 5377.31k 5377.31k 5533.38k 5533.38k
+des ede3 1899.59k 2086.71k 2086.67k 2086.51k 2085.90k
+idea cbc 3350.08k 3934.62k 3979.42k 4017.53k 4017.53k
+rc2 cbc 1534.13k 1630.76k 1625.70k 1644.83k 1653.91k
+blowfish cbc 6678.83k 8490.49k 8701.88k 8848.74k 8886.24k
+ sign verify
+rsa 512 bits 0.0062s 0.0008s
+rsa 1024 bits 0.0287s 0.0009s
+rsa 2048 bits 0.1785s 0.0059s
+rsa 4096 bits 1.1300s 0.0205s
+ sign verify
+dsa 512 bits 0.0055s 0.0100s
+dsa 1024 bits 0.0154s 0.0299s
+dsa 2048 bits 0.0502s 0.0996s
diff --git a/times/readme b/times/readme
new file mode 100644
index 0000000..7074f58
--- /dev/null
+++ b/times/readme
@@ -0,0 +1,11 @@
+The 'times' in this directory are not all for the most recent version of
+the library and it should be noted that on some CPUs (specifically sparc
+and Alpha), the locations of files in the application after linking can
+make upto a %10 speed difference when running benchmarks on things like
+cbc mode DES. To put it mildly this can be very anoying.
+
+About the only way to get around this would be to compile the library as one
+object file, or to 'include' the source files in a specific order.
+
+The best way to get an idea of the 'raw' DES speed is to build the
+'speed' program in crypto/des.
diff --git a/times/s586-100.lnx b/times/s586-100.lnx
new file mode 100644
index 0000000..cbc3e3c
--- /dev/null
+++ b/times/s586-100.lnx
@@ -0,0 +1,25 @@
+Shared library build
+
+SSLeay 0.7.3 30-Apr-1997
+built on Tue May 13 03:43:56 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(ptr2)
+C flags:-DTERMIO -O3 -DL_ENDIAN -fomit-frame-pointer -m486 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 68.95k 191.40k 258.22k 283.31k 291.21k
+md5 627.37k 3064.75k 5370.15k 6765.91k 7255.38k
+sha 323.35k 1431.32k 2417.07k 2916.69k 3102.04k
+sha1 298.08k 1318.34k 2228.82k 2694.83k 2864.47k
+rc4 3404.13k 4026.33k 4107.43k 4136.28k 4117.85k
+des cbc 1414.60k 1782.53k 1824.24k 1847.64k 1840.47k
+des ede3 588.36k 688.19k 700.33k 702.46k 704.51k
+idea cbc 582.96k 636.71k 641.54k 642.39k 642.30k
+rc2 cbc 569.34k 612.37k 617.64k 617.47k 619.86k
+blowfish cbc 2015.77k 2534.49k 2609.65k 2607.10k 2615.98k
+rsa 512 bits 0.027s 0.003
+rsa 1024 bits 0.128s 0.003
+rsa 2048 bits 0.779s 0.027
+rsa 4096 bits 5.450s 0.098
+dsa 512 bits 0.024s 0.045
+dsa 1024 bits 0.068s 0.132
+dsa 2048 bits 0.231s 0.469
diff --git a/times/s586-100.nt b/times/s586-100.nt
new file mode 100644
index 0000000..8e3baf6
--- /dev/null
+++ b/times/s586-100.nt
@@ -0,0 +1,23 @@
+SSLeay 0.7.3 30-Apr-1997
+built on Mon May 19 10:47:38 EST 1997
+options:bn(64,32) md2(char) rc4(idx,int) des(idx,cisc,4,long) idea(int) blowfish(ptr2)
+C flags not available
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 90.26k 248.57k 335.06k 366.09k 376.64k
+md5 863.95k 4205.24k 7628.78k 9582.60k 10290.25k
+sha 463.93k 2102.51k 3623.28k 4417.85k 4695.29k
+sha1 458.23k 2005.88k 3385.78k 4094.00k 4340.13k
+rc4 5843.60k 7543.71k 7790.31k 7836.89k 7791.47k
+des cbc 1583.95k 1910.67k 1960.69k 1972.12k 1946.13k
+des ede3 654.79k 722.60k 740.97k 745.82k 738.27k
+idea cbc 792.04k 876.96k 887.35k 892.63k 890.36k
+rc2 cbc 603.50k 652.38k 661.85k 662.69k 661.44k
+blowfish cbc 2379.88k 3043.76k 3153.61k 3153.61k 3134.76k
+rsa 512 bits 0.022s 0.003
+rsa 1024 bits 0.111s 0.003
+rsa 2048 bits 0.716s 0.025
+rsa 4096 bits 5.188s 0.094
+dsa 512 bits 0.020s 0.039
+dsa 1024 bits 0.062s 0.124
+dsa 2048 bits 0.221s 0.441
diff --git a/times/sgi.t b/times/sgi.t
new file mode 100644
index 0000000..7963610
--- /dev/null
+++ b/times/sgi.t
@@ -0,0 +1,29 @@
+SGI Challenge R4400 200mhz IRIX 5.3 - gcc (2.6.3)
+SSLeay 0.6.1 02-Jul-1996
+built on Tue Jul 2 16:25:30 EST 1996
+options:bn(64,32) md2(char) rc4(idx,char) des(idx,long) idea(int)
+C flags:gcc -O2 -mips2 -DTERMIOS -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 96.53k 266.70k 360.09k 393.70k 405.07k
+md5 971.15k 4382.56k 7406.90k 8979.99k 9559.18k
+sha 596.86k 2832.26k 4997.30k 6277.75k 6712.89k
+sha1 578.34k 2630.16k 4632.05k 5684.34k 6083.37k
+rc4 5641.12k 6821.76k 6996.13k 7052.61k 6913.32k
+des cfb 1354.86k 1422.11k 1434.58k 1433.24k 1432.89k
+des cbc 1467.13k 1618.92k 1630.08k 1637.00k 1629.62k
+des ede3 566.13k 591.91k 596.86k 596.18k 592.54k
+idea cfb 1190.60k 1264.49k 1270.38k 1267.84k 1272.37k
+idea cbc 1271.45k 1410.37k 1422.49k 1426.46k 1421.73k
+rc2 cfb 1285.73k 1371.40k 1380.92k 1383.13k 1379.23k
+rc2 cbc 1386.61k 1542.10k 1562.49k 1572.45k 1567.93k
+rsa 512 bits 0.018s
+rsa 1024 bits 0.106s
+rsa 2048 bits 0.738s
+rsa 4096 bits 5.535s
+
+version:SSLeay 0.5.2c 15-May-1996
+rsa 512 bits 0.035s
+rsa 1024 bits 0.204s
+rsa 2048 bits 1.423s
+rsa 4096 bits 10.800s
diff --git a/times/sparc.t b/times/sparc.t
new file mode 100644
index 0000000..1611f76
--- /dev/null
+++ b/times/sparc.t
@@ -0,0 +1,26 @@
+gcc 2.7.2
+Sparc 10 - Solaris 2.3 - 50mhz
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 00:55:51 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
+C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 54.88k 154.52k 210.35k 231.08k 237.21k
+md5 550.75k 2460.49k 4116.01k 4988.74k 5159.86k
+sha 340.28k 1461.76k 2430.10k 2879.87k 2999.15k
+sha1 307.27k 1298.41k 2136.26k 2540.07k 2658.28k
+rc4 2652.21k 2805.24k 3301.63k 4003.98k 4071.18k
+des cbc 811.78k 903.93k 914.19k 921.60k 932.29k
+des ede3 328.21k 344.93k 349.64k 351.48k 345.07k
+idea cbc 685.06k 727.42k 734.41k 730.11k 739.21k
+rc2 cbc 718.59k 777.02k 781.96k 784.38k 782.60k
+blowfish cbc 1268.85k 1520.64k 1568.88k 1587.54k 1591.98k
+rsa 512 bits 0.037s 0.005
+rsa 1024 bits 0.213s 0.006
+rsa 2048 bits 1.471s 0.053
+rsa 4096 bits 11.100s 0.202
+dsa 512 bits 0.038s 0.074
+dsa 1024 bits 0.128s 0.248
+dsa 2048 bits 0.473s 0.959
+
diff --git a/times/sparcLX.t b/times/sparcLX.t
new file mode 100644
index 0000000..2fdaed7
--- /dev/null
+++ b/times/sparcLX.t
@@ -0,0 +1,22 @@
+Sparc Station LX
+SSLeay 0.7.3 30-Apr-1997
+built on Thu May 1 10:44:02 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr)
+C flags:gcc -O3 -fomit-frame-pointer -mv8 -Wall
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 17.60k 48.72k 66.47k 72.70k 74.72k
+md5 226.24k 1082.21k 1982.72k 2594.02k 2717.01k
+sha 71.38k 320.71k 551.08k 677.76k 720.90k
+sha1 63.08k 280.79k 473.86k 576.94k 608.94k
+rc4 1138.30k 1257.67k 1304.49k 1377.78k 1364.42k
+des cbc 265.34k 308.85k 314.28k 315.39k 317.20k
+des ede3 83.23k 93.13k 94.04k 94.50k 94.63k
+idea cbc 254.48k 274.26k 275.88k 274.68k 275.80k
+rc2 cbc 328.27k 375.39k 381.43k 381.61k 380.83k
+blowfish cbc 487.00k 498.02k 510.12k 515.41k 516.10k
+rsa 512 bits 0.093s
+rsa 1024 bits 0.537s
+rsa 2048 bits 3.823s
+rsa 4096 bits 28.650s
+
diff --git a/times/usparc.t b/times/usparc.t
new file mode 100644
index 0000000..2215624
--- /dev/null
+++ b/times/usparc.t
@@ -0,0 +1,25 @@
+Sparc 2000? - Solaris 2.5.1 - 167mhz Ultra sparc
+
+SSLeay 0.7.3r 20-May-1997
+built on Mon Jun 2 02:25:48 EST 1997
+options:bn(64,32) md2(int) rc4(ptr,char) des(ptr,risc1,16,long) idea(int) blowfish(ptr)
+C flags:cc cc -xtarget=ultra -xarch=v8plus -Xa -xO5 -Xa -DB_ENDIAN
+The 'numbers' are in 1000s of bytes per second processed.
+type 8 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
+md2 135.23k 389.87k 536.66k 591.87k 603.48k
+md5 1534.38k 6160.41k 9842.69k 11446.95k 11993.09k
+sha 1178.30k 5020.74k 8532.22k 10275.50k 11010.05k
+sha1 1114.22k 4703.94k 7703.81k 9236.14k 9756.67k
+rc4 10818.03k 13327.57k 13711.10k 13810.69k 13836.29k
+des cbc 3052.44k 3320.02k 3356.25k 3369.98k 3295.91k
+des ede3 1310.32k 1359.98k 1367.47k 1362.94k 1362.60k
+idea cbc 1749.52k 1833.13k 1844.74k 1848.32k 1848.66k
+rc2 cbc 1950.25k 2053.23k 2064.21k 2072.58k 2072.58k
+blowfish cbc 4927.16k 5659.75k 5762.73k 5797.55k 5805.40k
+rsa 512 bits 0.021s 0.003
+rsa 1024 bits 0.126s 0.003
+rsa 2048 bits 0.888s 0.032
+rsa 4096 bits 6.770s 0.122
+dsa 512 bits 0.022s 0.043
+dsa 1024 bits 0.076s 0.151
+dsa 2048 bits 0.286s 0.574
diff --git a/tools/Makefile.ssl b/tools/Makefile.ssl
new file mode 100644
index 0000000..537e97d
--- /dev/null
+++ b/tools/Makefile.ssl
@@ -0,0 +1,54 @@
+#
+# SSLeay/tools/Makefile
+#
+
+DIR= tools
+TOP= ..
+CC= cc
+INCLUDES= -I.. -I../../include
+CFLAG=-g
+INSTALLTOP=/usr/local/ssl
+MAKE= make -f Makefile.ssl
+MAKEDEPEND= makedepend -f Makefile.ssl
+MAKEFILE= Makefile.ssl
+
+CFLAGS= $(INCLUDES) $(CFLAG)
+
+GENERAL=Makefile.ssl
+TEST=
+APPS= c_hash c_info c_issuer c_name c_rehash
+
+all:
+
+install:
+ @for i in $(APPS) ; \
+ do \
+ (cp $$i $(INSTALLTOP)/bin/$$i; \
+ chmod 755 $(INSTALLTOP)/bin/$$i ); \
+ done;
+
+files:
+ perl $(TOP)/util/files.pl Makefile.ssl >> $(TOP)/MINFO
+
+links:
+ /bin/rm -f Makefile
+ $(TOP)/util/point.sh Makefile.ssl Makefile ;
+
+lint:
+
+tags:
+
+errors:
+
+depend:
+
+dclean:
+ perl -pe 'if (/^# DO NOT DELETE THIS LINE/) {print; exit(0);}' $(MAKEFILE) >Makefile.new
+ mv -f Makefile.new $(MAKEFILE)
+
+clean:
+ /bin/rm -f *.o *.obj lib tags core .pure .nfs* *.old *.bak fluff
+
+errors:
+
+# DO NOT DELETE THIS LINE -- make depend depends on it.
diff --git a/tools/c_hash b/tools/c_hash
new file mode 100644
index 0000000..54ff9d2
--- /dev/null
+++ b/tools/c_hash
@@ -0,0 +1,9 @@
+#!/bin/sh
+# print out the hash values
+#
+
+for i in $*
+do
+ h=`ssleay x509 -hash -noout -in $i`
+ echo "$h.0 => $i"
+done
diff --git a/tools/c_info b/tools/c_info
new file mode 100644
index 0000000..5dd960b
--- /dev/null
+++ b/tools/c_info
@@ -0,0 +1,12 @@
+#!/bin/sh
+#
+# print the subject
+#
+
+for i in $*
+do
+ n=`ssleay x509 -subject -issuer -enddate -noout -in $i`
+ echo "$i"
+ echo "$n"
+ echo "--------"
+done
diff --git a/tools/c_issuer b/tools/c_issuer
new file mode 100644
index 0000000..a885b24
--- /dev/null
+++ b/tools/c_issuer
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# print out the issuer
+#
+
+for i in $*
+do
+ n=`ssleay x509 -issuer -noout -in $i`
+ echo "$i\t$n"
+done
diff --git a/tools/c_name b/tools/c_name
new file mode 100644
index 0000000..4b33e68
--- /dev/null
+++ b/tools/c_name
@@ -0,0 +1,10 @@
+#!/bin/sh
+#
+# print the subject
+#
+
+for i in $*
+do
+ n=`ssleay x509 -subject -noout -in $i`
+ echo "$i $n"
+done
diff --git a/tools/c_rehash b/tools/c_rehash
new file mode 100644
index 0000000..0076001
--- /dev/null
+++ b/tools/c_rehash
@@ -0,0 +1,47 @@
+#!/bin/sh
+#
+# redo the hashes for the certificates in your cert path or the ones passed
+# on the command line.
+#
+
+if [ "$SSLEAY"x = "x" ]; then
+ SSLEAY='ssleay'
+ export SSLEAY
+fi
+DIR=/usr/local/ssl
+#PATH=$DIR/bin:$PATH
+
+SSL_DIR=$DIR/certs
+
+if [ "$*" = "" ]; then
+ CERTS=${*:-${SSL_CERT_DIR:-$SSL_DIR}}
+else
+ CERTS=$*
+fi
+
+IFS=': '
+for i in $CERTS
+do
+ (
+ IFS=' '
+ if [ -d $i -a -w $i ]; then
+ cd $i
+ echo "Doing $i"
+ for i in *.pem
+ do
+ if [ $i != '*.pem' ]; then
+ h=`$SSLEAY x509 -hash -noout -in $i`
+ if [ "x$h" = "x" ]; then
+ echo $i does not contain a certificate
+ else
+ if [ -f $h.0 ]; then
+ /bin/rm -f $h.0
+ fi
+ echo "$i => $h.0"
+ ln -s $i $h.0
+ fi
+ fi
+ done
+ fi
+ )
+done
diff --git a/util/FreeBSD.sh b/util/FreeBSD.sh
new file mode 100755
index 0000000..db8edfc
--- /dev/null
+++ b/util/FreeBSD.sh
@@ -0,0 +1,6 @@
+#!/bin/sh
+
+perl util/perlpath.pl /usr/bin
+perl util/ssldir.pl /usr/local
+perl util/mk1mf.pl FreeBSD >Makefile.FreeBSD
+perl Configure FreeBSD
diff --git a/util/add_cr.pl b/util/add_cr.pl
new file mode 100755
index 0000000..04d0026
--- /dev/null
+++ b/util/add_cr.pl
@@ -0,0 +1,123 @@
+#!/usr/local/bin/perl
+#
+# This adds a copyright message to a souce code file.
+# It also gets the file name correct.
+#
+# perl util/add_cr.pl *.[ch] */*.[ch] */*/*.[ch]
+#
+
+foreach (@ARGV)
+ {
+ &dofile($_);
+ }
+
+sub dofile
+ {
+ local($file)=@_;
+
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+
+ print STDERR "doing $file\n";
+ @in=<IN>;
+
+ return(1) if ($in[0] =~ / NOCW /);
+
+ @out=();
+ open(OUT,">$file.out") || die "unable to open $file.$$:$!\n";
+ push(@out,"/* $file */\n");
+ if (($in[1] !~ /^\/\* Copyright \(C\) [0-9-]+ Eric Young \(eay\@cryptsoft.com\)/))
+ {
+ push(@out,&Copyright);
+ $i=2;
+ @a=grep(/ Copyright \(C\) /,@in);
+ if ($#a >= 0)
+ {
+ while (($i <= $#in) && ($in[$i] ne " */\n"))
+ { $i++; }
+ $i++ if ($in[$i] eq " */\n");
+
+ while (($i <= $#in) && ($in[$i] =~ /^\s*$/))
+ { $i++; }
+
+ push(@out,"\n");
+ for ( ; $i <= $#in; $i++)
+ { push(@out,$in[$i]); }
+ }
+ else
+ { push(@out,@in); }
+ }
+ else
+ {
+ shift(@in);
+ push(@out,@in);
+ }
+ print OUT @out;
+ close(IN);
+ close(OUT);
+ rename("$file","$file.orig") || die "unable to rename $file:$!\n";
+ rename("$file.out",$file) || die "unable to rename $file.out:$!\n";
+ }
+
+
+
+sub Copyright
+ {
+ return <<'EOF';
+/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
+ * All rights reserved.
+ *
+ * This package is an SSL implementation written
+ * by Eric Young (eay@cryptsoft.com).
+ * The implementation was written so as to conform with Netscapes SSL.
+ *
+ * This library is free for commercial and non-commercial use as long as
+ * the following conditions are aheared to. The following conditions
+ * apply to all code found in this distribution, be it the RC4, RSA,
+ * lhash, DES, etc., code; not just the SSL code. The SSL documentation
+ * included with this distribution is covered by the same copyright terms
+ * except that the holder is Tim Hudson (tjh@cryptsoft.com).
+ *
+ * Copyright remains Eric Young's, and as such any Copyright notices in
+ * the code are not to be removed.
+ * If this package is used in a product, Eric Young should be given attribution
+ * as the author of the parts of the library used.
+ * This can be in the form of a textual message at program startup or
+ * in documentation (online or textual) provided with the package.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the copyright
+ * notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ * must display the following acknowledgement:
+ * "This product includes cryptographic software written by
+ * Eric Young (eay@cryptsoft.com)"
+ * The word 'cryptographic' can be left out if the rouines from the library
+ * being used are not cryptographic related :-).
+ * 4. If you include any Windows specific code (or a derivative thereof) from
+ * the apps directory (application code) you must include an acknowledgement:
+ * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ * The licence and distribution terms for any publically available version or
+ * derivative of this code cannot be changed. i.e. this code cannot simply be
+ * copied and put under another distribution licence
+ * [including the GNU Public Licence.]
+ */
+EOF
+ }
diff --git a/util/ck_errf.pl b/util/ck_errf.pl
new file mode 100755
index 0000000..3af9174
--- /dev/null
+++ b/util/ck_errf.pl
@@ -0,0 +1,44 @@
+#!/usr/local/bin/perl
+#
+# This is just a quick script to scan for cases where the 'error'
+# function name in a XXXerr() macro is wrong.
+#
+# Run in the top level by going
+# perl util/ck_errf.pl */*.c */*/*.c
+#
+
+foreach $file (@ARGV)
+ {
+ open(IN,"<$file") || die "unable to open $file\n";
+ $func="";
+ while (<IN>)
+ {
+ if (/^[a-zA-Z].+[\s*]([A-Za-z_0-9]+)\(.*\)/)
+ {
+ $func=$1;
+ $func =~ tr/A-Z/a-z/;
+ }
+ if (/([A-Z0-9]+)err\(([^,]+)/)
+ {
+ next if ($func eq "");
+ $errlib=$1;
+ $n=$2;
+ if ($n !~ /([^_]+)_F_(.+)$/)
+ {
+ # print "check -$file:$.:$func:$n\n";
+ next;
+ }
+ $lib=$1;
+ $n=$2;
+
+ if ($lib ne $errlib)
+ { print "$file:$.:$func:$n\n"; next; }
+
+ $n =~ tr/A-Z/a-z/;
+ if (($n ne $func) && ($errlib ne "SYS"))
+ { print "$file:$.:$func:$n\n"; next; }
+ # print "$func:$1\n";
+ }
+ }
+ }
+
diff --git a/util/deleof.pl b/util/deleof.pl
new file mode 100755
index 0000000..155acd8
--- /dev/null
+++ b/util/deleof.pl
@@ -0,0 +1,7 @@
+#!/usr/local/bin/perl
+
+while (<>)
+ {
+ print
+ last if (/^# DO NOT DELETE THIS LINE/);
+ }
diff --git a/util/do_ms.sh b/util/do_ms.sh
new file mode 100755
index 0000000..03e349d
--- /dev/null
+++ b/util/do_ms.sh
@@ -0,0 +1,17 @@
+#!/bin/sh
+#
+# generate the Microsoft makefiles and .def files
+#
+
+PATH=util:../util:$PATH
+
+# perl util/mk1mf.pl VC-MSDOS no-sock >ms/msdos.mak
+# perl util/mk1mf.pl VC-W31-32 >ms/w31.mak
+perl util/mk1mf.pl VC-W31-32 dll >ms/w31dll.mak
+# perl util/mk1mf.pl VC-WIN32 >ms/nt.mak
+perl util/mk1mf.pl VC-WIN32 dll >ms/ntdll.mak
+
+perl util/mkdef.pl 16 libeay > ms/libeay16.def
+perl util/mkdef.pl 32 libeay > ms/libeay32.def
+perl util/mkdef.pl 16 ssleay > ms/ssleay16.def
+perl util/mkdef.pl 32 ssleay > ms/ssleay32.def
diff --git a/util/err-ins.pl b/util/err-ins.pl
new file mode 100755
index 0000000..31b70df
--- /dev/null
+++ b/util/err-ins.pl
@@ -0,0 +1,33 @@
+#!/usr/local/bin/perl
+#
+# tack error codes onto the end of a file
+#
+
+open(ERR,$ARGV[0]) || die "unable to open error file '$ARGV[0]':$!\n";
+@err=<ERR>;
+close(ERR);
+
+open(IN,$ARGV[1]) || die "unable to open header file '$ARGV[1]':$!\n";
+
+@out="";
+while (<IN>)
+ {
+ push(@out,$_);
+ last if /BEGIN ERROR CODES/;
+ }
+close(IN);
+
+open(OUT,">$ARGV[1]") || die "unable to open header file '$ARGV[1]':$1\n";
+print OUT @out;
+print OUT @err;
+print OUT <<"EOF";
+
+#ifdef __cplusplus
+}
+#endif
+#endif
+
+EOF
+close(OUT);
+
+
diff --git a/util/files.pl b/util/files.pl
new file mode 100755
index 0000000..41f033e
--- /dev/null
+++ b/util/files.pl
@@ -0,0 +1,61 @@
+#!/usr/local/bin/perl
+#
+# used to generate the file MINFO for use by util/mk1mf.pl
+# It is basically a list of all variables from the passed makefile
+#
+
+$s="";
+while (<>)
+ {
+ chop;
+ s/#.*//;
+ if (/^(\S+)\s*=\s*(.*)$/)
+ {
+ $o="";
+ ($s,$b)=($1,$2);
+ for (;;)
+ {
+ if ($b =~ /\\$/)
+ {
+ chop($b);
+ $o.=$b." ";
+ $b=<>;
+ chop($b);
+ }
+ else
+ {
+ $o.=$b." ";
+ last;
+ }
+ }
+ $o =~ s/^\s+//;
+ $o =~ s/\s+$//;
+ $o =~ s/\s+/ /g;
+
+ $o =~ s/\$[({]([^)}]+)[)}]/$sym{$1}/g;
+ $sym{$s}=$o;
+ }
+ }
+
+$pwd=`pwd`; chop($pwd);
+
+if ($sym{'TOP'} eq ".")
+ {
+ $n=0;
+ $dir=".";
+ }
+else {
+ $n=split(/\//,$sym{'TOP'});
+ @_=split(/\//,$pwd);
+ $z=$#_-$n+1;
+ foreach $i ($z .. $#_) { $dir.=$_[$i]."/"; }
+ chop($dir);
+ }
+
+print "RELATIVE_DIRECTORY=$dir\n";
+
+foreach (sort keys %sym)
+ {
+ print "$_=$sym{$_}\n";
+ }
+print "RELATIVE_DIRECTORY=\n";
diff --git a/util/fixNT.sh b/util/fixNT.sh
new file mode 100755
index 0000000..a4eee1b
--- /dev/null
+++ b/util/fixNT.sh
@@ -0,0 +1,14 @@
+#!/bin/sh
+#
+# clean up the mess that NT makes of my source tree
+#
+
+if [ -f makefile.ssl -a ! -f Makefile.ssl ]; then
+ /bin/mv makefile.ssl Makefile.ssl
+fi
+chmod +x Configure util/*
+echo cleaning
+/bin/rm -f `find . -name '*.$$$' -print` 2>/dev/null >/dev/null
+echo 'removing those damn ^M'
+perl -pi -e 's/\015//' * */* */*/* 2>/dev/null >/dev/null
+make -f Makefile.ssl links
diff --git a/util/install.sh b/util/install.sh
new file mode 100755
index 0000000..e1d0c98
--- /dev/null
+++ b/util/install.sh
@@ -0,0 +1,108 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5; it is not part of GNU.
+#
+# $XConsortium: install.sh,v 1.2 89/12/18 14:47:22 jim Exp $
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.
+#
+
+
+# set DOITPROG to echo to test this script
+
+doit="${DOITPROG:-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG:-mv}"
+cpprog="${CPPROG:-cp}"
+chmodprog="${CHMODPROG:-chmod}"
+chownprog="${CHOWNPROG:-chown}"
+chgrpprog="${CHGRPPROG:-chgrp}"
+stripprog="${STRIPPROG:-strip}"
+rmprog="${RMPROG:-rm}"
+
+instcmd="$mvprog"
+chmodcmd=""
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+src=""
+dst=""
+
+while [ x"$1" != x ]; do
+ case $1 in
+ -c) instcmd="$cpprog"
+ shift
+ continue;;
+
+ -m) chmodcmd="$chmodprog $2"
+ shift
+ shift
+ continue;;
+
+ -o) chowncmd="$chownprog $2"
+ shift
+ shift
+ continue;;
+
+ -g) chgrpcmd="$chgrpprog $2"
+ shift
+ shift
+ continue;;
+
+ -s) stripcmd="$stripprog"
+ shift
+ continue;;
+
+ *) if [ x"$src" = x ]
+ then
+ src=$1
+ else
+ dst=$1
+ fi
+ shift
+ continue;;
+ esac
+done
+
+if [ x"$src" = x ]
+then
+ echo "install: no input file specified"
+ exit 1
+fi
+
+if [ x"$dst" = x ]
+then
+ echo "install: no destination specified"
+ exit 1
+fi
+
+
+# if destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+if [ -d $dst ]
+then
+ dst="$dst"/`basename $src`
+fi
+
+
+# get rid of the old one and mode the new one in
+
+$doit $rmcmd $dst
+$doit $instcmd $src $dst
+
+
+# and set any options; do chmod last to preserve setuid bits
+
+if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; fi
+if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; fi
+if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; fi
+if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; fi
+
+exit 0
diff --git a/util/libeay.num b/util/libeay.num
new file mode 100755
index 0000000..04ad69c
--- /dev/null
+++ b/util/libeay.num
@@ -0,0 +1,955 @@
+SSLeay 1
+SSLeay_version 2
+ASN1_BIT_STRING_asn1_meth 3
+ASN1_HEADER_free 4
+ASN1_HEADER_new 5
+ASN1_IA5STRING_asn1_meth 6
+ASN1_INTEGER_get 7
+ASN1_INTEGER_set 8
+ASN1_INTEGER_to_BN 9
+ASN1_OBJECT_create 10
+ASN1_OBJECT_free 11
+ASN1_OBJECT_new 12
+ASN1_PRINTABLE_type 13
+ASN1_STRING_cmp 14
+ASN1_STRING_dup 15
+ASN1_STRING_free 16
+ASN1_STRING_new 17
+ASN1_STRING_print 18
+ASN1_STRING_set 19
+ASN1_STRING_type_new 20
+ASN1_TYPE_free 21
+ASN1_TYPE_new 22
+ASN1_UNIVERSALSTRING_to_string 23
+ASN1_UTCTIME_check 24
+ASN1_UTCTIME_print 25
+ASN1_UTCTIME_set 26
+ASN1_check_infinite_end 27
+ASN1_d2i_bio 28
+ASN1_d2i_fp 29
+ASN1_digest 30
+ASN1_dup 31
+ASN1_get_object 32
+ASN1_i2d_bio 33
+ASN1_i2d_fp 34
+ASN1_object_size 35
+ASN1_parse 36
+ASN1_put_object 37
+ASN1_sign 38
+ASN1_verify 39
+BF_cbc_encrypt 40
+BF_cfb64_encrypt 41
+BF_ecb_encrypt 42
+BF_encrypt 43
+BF_ofb64_encrypt 44
+BF_options 45
+BF_set_key 46
+BIO_CONNECT_free 47
+BIO_CONNECT_new 48
+BIO_PROXY_free 49
+BIO_PROXY_new 50
+BIO_accept 51
+BIO_ctrl 52
+BIO_ctrl_int 53
+BIO_debug_callback 54
+BIO_dump 55
+BIO_dup_chain 56
+BIO_f_base64 57
+BIO_f_buffer 58
+BIO_f_cipher 59
+BIO_f_md 60
+BIO_f_null 61
+BIO_f_proxy_server 62
+BIO_fd_non_fatal_error 63
+BIO_fd_should_retry 64
+BIO_find_type 65
+BIO_free 66
+BIO_free_all 67
+BIO_get_accept 68
+BIO_get_accept_socket 69
+BIO_get_filter_bio 70
+BIO_get_host_ip 71
+BIO_get_port 72
+BIO_get_retry_BIO 73
+BIO_get_retry_reason 74
+BIO_gethostbyname 75
+BIO_gets 76
+BIO_nbio_sock_error 77
+BIO_new 78
+BIO_new_accept 79
+BIO_new_connect 80
+BIO_new_fd 81
+BIO_new_file 82
+BIO_new_fp 83
+BIO_new_socket 84
+BIO_pop 85
+BIO_printf 86
+BIO_push 87
+BIO_puts 88
+BIO_read 89
+BIO_s_accept 90
+BIO_s_connect 91
+BIO_s_fd 92
+BIO_s_file 93
+BIO_s_file_internal_w16 94
+BIO_s_mem 95
+BIO_s_null 96
+BIO_s_proxy_client 97
+BIO_s_socket 98
+BIO_s_socket 99
+BIO_set 100
+BIO_set_cipher 101
+BIO_set_tcp_ndelay 102
+BIO_sock_cleanup 103
+BIO_sock_error 104
+BIO_sock_init 105
+BIO_sock_non_fatal_error 106
+BIO_sock_should_retry 107
+BIO_socket_ioctl 108
+BIO_write 109
+BN_CTX_free 110
+BN_CTX_new 111
+BN_MONT_CTX_free 112
+BN_MONT_CTX_new 113
+BN_MONT_CTX_set 114
+BN_add 115
+BN_add_word 116
+BN_ascii2bn 117
+BN_bin2bn 118
+BN_bn2ascii 119
+BN_bn2bin 120
+BN_clear 121
+BN_clear_bit 122
+BN_clear_free 123
+BN_cmp 124
+BN_copy 125
+BN_div 126
+BN_div_word 127
+BN_dup 128
+BN_free 129
+BN_from_montgomery 130
+BN_gcd 131
+BN_generate_prime 132
+BN_get_word 133
+BN_is_bit_set 134
+BN_is_prime 135
+BN_lshift 136
+BN_lshift1 137
+BN_mask_bits 138
+BN_mod 139
+BN_mod_exp 140
+BN_mod_exp_mont 141
+BN_mod_exp_recp 142
+BN_mod_exp_simple 143
+BN_mod_inverse 144
+BN_mod_mul 145
+BN_mod_mul_montgomery 146
+BN_mod_mul_reciprocal 147
+BN_mod_word 148
+BN_mul 149
+BN_new 150
+BN_num_bits 151
+BN_num_bits_word 152
+BN_options 153
+BN_print 154
+BN_print_fp 155
+BN_rand 156
+BN_reciprocal 157
+BN_rshift 158
+BN_rshift1 159
+BN_set_bit 160
+BN_set_word 161
+BN_sqr 162
+BN_sub 163
+BN_to_ASN1_INTEGER 164
+BN_ucmp 165
+BN_value_one 166
+BUF_MEM_free 167
+BUF_MEM_grow 168
+BUF_MEM_new 169
+BUF_strdup 170
+CONF_free 171
+CONF_get_number 172
+CONF_get_section 173
+CONF_get_string 174
+CONF_load 175
+CRYPTO_add_lock 176
+CRYPTO_dbg_free 177
+CRYPTO_dbg_malloc 178
+CRYPTO_dbg_realloc 179
+CRYPTO_dbg_remalloc 180
+CRYPTO_free 181
+CRYPTO_get_add_lock_callback 182
+CRYPTO_get_id_callback 183
+CRYPTO_get_lock_name 184
+CRYPTO_get_locking_callback 185
+CRYPTO_get_mem_functions 186
+CRYPTO_lock 187
+CRYPTO_malloc 188
+CRYPTO_mem_ctrl 189
+CRYPTO_mem_leaks 190
+CRYPTO_mem_leaks_cb 191
+CRYPTO_mem_leaks_fp 192
+CRYPTO_realloc 193
+CRYPTO_remalloc 194
+CRYPTO_set_add_lock_callback 195
+CRYPTO_set_id_callback 196
+CRYPTO_set_locking_callback 197
+CRYPTO_set_mem_functions 198
+CRYPTO_thread_id 199
+DH_check 200
+DH_compute_key 201
+DH_free 202
+DH_generate_key 203
+DH_generate_parameters 204
+DH_new 205
+DH_size 206
+DHparams_print 207
+DHparams_print_fp 208
+DSA_free 209
+DSA_generate_key 210
+DSA_generate_parameters 211
+DSA_is_prime 212
+DSA_new 213
+DSA_print 214
+DSA_print_fp 215
+DSA_sign 216
+DSA_sign_setup 217
+DSA_size 218
+DSA_verify 219
+DSAparams_print 220
+DSAparams_print_fp 221
+ERR_clear_error 222
+ERR_error_string 223
+ERR_free_strings 224
+ERR_func_error_string 225
+ERR_get_err_state_table 226
+ERR_get_error 227
+ERR_get_error_line 228
+ERR_get_state 229
+ERR_get_string_table 230
+ERR_lib_error_string 231
+ERR_load_ASN1_strings 232
+ERR_load_BIO_strings 233
+ERR_load_BN_strings 234
+ERR_load_BUF_strings 235
+ERR_load_CONF_strings 236
+ERR_load_DH_strings 237
+ERR_load_DSA_strings 238
+ERR_load_ERR_strings 239
+ERR_load_EVP_strings 240
+ERR_load_OBJ_strings 241
+ERR_load_PEM_strings 242
+ERR_load_PROXY_strings 243
+ERR_load_RSA_strings 244
+ERR_load_X509_strings 245
+ERR_load_crypto_strings 246
+ERR_load_strings 247
+ERR_peek_error 248
+ERR_peek_error_line 249
+ERR_print_errors 250
+ERR_print_errors_fp 251
+ERR_put_error 252
+ERR_reason_error_string 253
+ERR_remove_state 254
+EVP_BytesToKey 255
+EVP_CIPHER_CTX_cleanup 256
+EVP_CipherFinal 257
+EVP_CipherInit 258
+EVP_CipherUpdate 259
+EVP_DecodeBlock 260
+EVP_DecodeFinal 261
+EVP_DecodeInit 262
+EVP_DecodeUpdate 263
+EVP_DecryptFinal 264
+EVP_DecryptInit 265
+EVP_DecryptUpdate 266
+EVP_DigestFinal 267
+EVP_DigestInit 268
+EVP_DigestUpdate 269
+EVP_EncodeBlock 270
+EVP_EncodeFinal 271
+EVP_EncodeInit 272
+EVP_EncodeUpdate 273
+EVP_EncryptFinal 274
+EVP_EncryptInit 275
+EVP_EncryptUpdate 276
+EVP_OpenFinal 277
+EVP_OpenInit 278
+EVP_PKEY_assign 279
+EVP_PKEY_copy_parameters 280
+EVP_PKEY_free 281
+EVP_PKEY_missing_parameters 282
+EVP_PKEY_new 283
+EVP_PKEY_save_parameters 284
+EVP_PKEY_size 285
+EVP_PKEY_type 286
+EVP_SealFinal 287
+EVP_SealInit 288
+EVP_SignFinal 289
+EVP_VerifyFinal 290
+EVP_add_alias 291
+EVP_add_cipher 292
+EVP_add_digest 293
+EVP_bf_cbc 294
+EVP_bf_cfb 295
+EVP_bf_ecb 296
+EVP_bf_ofb 297
+EVP_cleanup 298
+EVP_des_cbc 299
+EVP_des_cfb 300
+EVP_des_ecb 301
+EVP_des_ede 302
+EVP_des_ede3 303
+EVP_des_ede3_cbc 304
+EVP_des_ede3_cfb 305
+EVP_des_ede3_ofb 306
+EVP_des_ede_cbc 307
+EVP_des_ede_cfb 308
+EVP_des_ede_ofb 309
+EVP_des_ofb 310
+EVP_desx_cbc 311
+EVP_dss 312
+EVP_dss1 313
+EVP_enc_null 314
+EVP_get_cipherbyname 315
+EVP_get_digestbyname 316
+EVP_get_pw_prompt 317
+EVP_idea_cbc 318
+EVP_idea_cfb 319
+EVP_idea_ecb 320
+EVP_idea_ofb 321
+EVP_md2 322
+EVP_md5 323
+EVP_md_null 324
+EVP_rc2_cbc 325
+EVP_rc2_cfb 326
+EVP_rc2_ecb 327
+EVP_rc2_ofb 328
+EVP_rc4 329
+EVP_read_pw_string 330
+EVP_set_pw_prompt 331
+EVP_sha 332
+EVP_sha1 333
+MD2 334
+MD2_Final 335
+MD2_Init 336
+MD2_Update 337
+MD2_options 338
+MD5 339
+MD5_Final 340
+MD5_Init 341
+MD5_Update 342
+MDC2 343
+MDC2_Final 344
+MDC2_Init 345
+MDC2_Update 346
+NETSCAPE_SPKAC_free 347
+NETSCAPE_SPKAC_new 348
+NETSCAPE_SPKI_free 349
+NETSCAPE_SPKI_new 350
+NETSCAPE_SPKI_sign 351
+NETSCAPE_SPKI_verify 352
+OBJ_add_object 353
+OBJ_bsearch 354
+OBJ_cleanup 355
+OBJ_cmp 356
+OBJ_create_and_add_object 357
+OBJ_dup 358
+OBJ_ln2nid 359
+OBJ_new_nid 360
+OBJ_nid2ln 361
+OBJ_nid2obj 362
+OBJ_nid2sn 363
+OBJ_obj2nid 364
+OBJ_sn2nid 365
+OBJ_txt2nid 366
+PEM_ASN1_read 367
+PEM_ASN1_read_bio 368
+PEM_ASN1_write 369
+PEM_ASN1_write_bio 370
+PEM_SealFinal 371
+PEM_SealInit 372
+PEM_SealUpdate 373
+PEM_SignFinal 374
+PEM_SignInit 375
+PEM_SignUpdate 376
+PEM_X509_INFO_read 377
+PEM_X509_INFO_read_bio 378
+PEM_X509_INFO_write_bio 379
+PEM_dek_info 380
+PEM_do_header 381
+PEM_get_EVP_CIPHER_INFO 382
+PEM_proc_type 383
+PEM_read 384
+PEM_read_DHparams 385
+PEM_read_DSAPrivateKey 386
+PEM_read_DSAparams 387
+PEM_read_PKCS7 388
+PEM_read_PrivateKey 389
+PEM_read_RSAPrivateKey 390
+PEM_read_X509 391
+PEM_read_X509_CRL 392
+PEM_read_X509_REQ 393
+PEM_read_bio 394
+PEM_read_bio_DHparams 395
+PEM_read_bio_DSAPrivateKey 396
+PEM_read_bio_DSAparams 397
+PEM_read_bio_PKCS7 398
+PEM_read_bio_PrivateKey 399
+PEM_read_bio_RSAPrivateKey 400
+PEM_read_bio_X509 401
+PEM_read_bio_X509_CRL 402
+PEM_read_bio_X509_REQ 403
+PEM_write 404
+PEM_write_DHparams 405
+PEM_write_DSAPrivateKey 406
+PEM_write_DSAparams 407
+PEM_write_PKCS7 408
+PEM_write_PrivateKey 409
+PEM_write_RSAPrivateKey 410
+PEM_write_X509 411
+PEM_write_X509_CRL 412
+PEM_write_X509_REQ 413
+PEM_write_bio 414
+PEM_write_bio_DHparams 415
+PEM_write_bio_DSAPrivateKey 416
+PEM_write_bio_DSAparams 417
+PEM_write_bio_PKCS7 418
+PEM_write_bio_PrivateKey 419
+PEM_write_bio_RSAPrivateKey 420
+PEM_write_bio_X509 421
+PEM_write_bio_X509_CRL 422
+PEM_write_bio_X509_REQ 423
+PKCS7_DIGEST_free 424
+PKCS7_DIGEST_new 425
+PKCS7_ENCRYPT_free 426
+PKCS7_ENCRYPT_new 427
+PKCS7_ENC_CONTENT_free 428
+PKCS7_ENC_CONTENT_new 429
+PKCS7_ENVELOPE_free 430
+PKCS7_ENVELOPE_new 431
+PKCS7_ISSUER_AND_SERIAL_digest 432
+PKCS7_ISSUER_AND_SERIAL_free 433
+PKCS7_ISSUER_AND_SERIAL_new 434
+PKCS7_RECIP_INFO_free 435
+PKCS7_RECIP_INFO_new 436
+PKCS7_SIGNED_free 437
+PKCS7_SIGNED_new 438
+PKCS7_SIGNER_INFO_free 439
+PKCS7_SIGNER_INFO_new 440
+PKCS7_SIGN_ENVELOPE_free 441
+PKCS7_SIGN_ENVELOPE_new 442
+PKCS7_dup 443
+PKCS7_free 444
+PKCS7_new 445
+PROXY_ENTRY_add_noproxy 446
+PROXY_ENTRY_clear_noproxy 447
+PROXY_ENTRY_free 448
+PROXY_ENTRY_get_noproxy 449
+PROXY_ENTRY_new 450
+PROXY_ENTRY_set_server 451
+PROXY_add_noproxy 452
+PROXY_add_server 453
+PROXY_check_by_host 454
+PROXY_check_url 455
+PROXY_clear_noproxy 456
+PROXY_free 457
+PROXY_get_noproxy 458
+PROXY_get_proxies 459
+PROXY_get_proxy_entry 460
+PROXY_load_conf 461
+PROXY_new 462
+PROXY_print 463
+RAND_bytes 464
+RAND_cleanup 465
+RAND_file_name 466
+RAND_load_file 467
+RAND_screen 468
+RAND_seed 469
+RAND_write_file 470
+RC2_cbc_encrypt 471
+RC2_cfb64_encrypt 472
+RC2_ecb_encrypt 473
+RC2_encrypt 474
+RC2_ofb64_encrypt 475
+RC2_set_key 476
+RC4 477
+RC4_options 478
+RC4_set_key 479
+RSAPrivateKey_asn1_meth 480
+RSAPrivateKey_dup 481
+RSAPublicKey_dup 482
+RSA_PKCS1_SSLeay 483
+RSA_free 484
+RSA_generate_key 485
+RSA_new 486
+RSA_new_method 487
+RSA_print 488
+RSA_print_fp 489
+RSA_private_decrypt 490
+RSA_private_encrypt 491
+RSA_public_decrypt 492
+RSA_public_encrypt 493
+RSA_set_default_method 494
+RSA_sign 495
+RSA_sign_ASN1_OCTET_STRING 496
+RSA_size 497
+RSA_verify 498
+RSA_verify_ASN1_OCTET_STRING 499
+SHA 500
+SHA1 501
+SHA1_Final 502
+SHA1_Init 503
+SHA1_Update 504
+SHA_Final 505
+SHA_Init 506
+SHA_Update 507
+SSLeay_add_all_algorithms 508
+SSLeay_add_all_ciphers 509
+SSLeay_add_all_digests 510
+TXT_DB_create_index 511
+TXT_DB_free 512
+TXT_DB_get_by_index 513
+TXT_DB_insert 514
+TXT_DB_read 515
+TXT_DB_write 516
+X509_ALGOR_free 517
+X509_ALGOR_new 518
+X509_ATTRIBUTE_free 519
+X509_ATTRIBUTE_new 520
+X509_CINF_free 521
+X509_CINF_new 522
+X509_CRL_INFO_free 523
+X509_CRL_INFO_new 524
+X509_CRL_add_ext 525
+X509_CRL_cmp 526
+X509_CRL_delete_ext 527
+X509_CRL_dup 528
+X509_CRL_free 529
+X509_CRL_get_ext 530
+X509_CRL_get_ext_by_NID 531
+X509_CRL_get_ext_by_OBJ 532
+X509_CRL_get_ext_by_critical 533
+X509_CRL_get_ext_count 534
+X509_CRL_new 535
+X509_CRL_sign 536
+X509_CRL_verify 537
+X509_EXTENSION_create_by_NID 538
+X509_EXTENSION_create_by_OBJ 539
+X509_EXTENSION_dup 540
+X509_EXTENSION_free 541
+X509_EXTENSION_get_critical 542
+X509_EXTENSION_get_data 543
+X509_EXTENSION_get_object 544
+X509_EXTENSION_new 545
+X509_EXTENSION_set_critical 546
+X509_EXTENSION_set_data 547
+X509_EXTENSION_set_object 548
+X509_INFO_free 549
+X509_INFO_new 550
+X509_LOOKUP_by_alias 551
+X509_LOOKUP_by_fingerprint 552
+X509_LOOKUP_by_issuer_serial 553
+X509_LOOKUP_by_subject 554
+X509_LOOKUP_ctrl 555
+X509_LOOKUP_file 556
+X509_LOOKUP_free 557
+X509_LOOKUP_hash_dir 558
+X509_LOOKUP_init 559
+X509_LOOKUP_new 560
+X509_LOOKUP_shutdown 561
+X509_NAME_ENTRY_create_by_NID 562
+X509_NAME_ENTRY_create_by_OBJ 563
+X509_NAME_ENTRY_dup 564
+X509_NAME_ENTRY_free 565
+X509_NAME_ENTRY_get_data 566
+X509_NAME_ENTRY_get_object 567
+X509_NAME_ENTRY_new 568
+X509_NAME_ENTRY_set_data 569
+X509_NAME_ENTRY_set_object 570
+X509_NAME_add_entry 571
+X509_NAME_cmp 572
+X509_NAME_delete_entry 573
+X509_NAME_digest 574
+X509_NAME_dup 575
+X509_NAME_entry_count 576
+X509_NAME_free 577
+X509_NAME_get_entry 578
+X509_NAME_get_index_by_NID 579
+X509_NAME_get_index_by_OBJ 580
+X509_NAME_get_text_by_NID 581
+X509_NAME_get_text_by_OBJ 582
+X509_NAME_hash 583
+X509_NAME_new 584
+X509_NAME_oneline 585
+X509_NAME_print 586
+X509_NAME_set 587
+X509_OBJECT_free_contents 588
+X509_OBJECT_retrive_by_subject 589
+X509_OBJECT_up_ref_count 590
+X509_PKEY_free 591
+X509_PKEY_new 592
+X509_PUBKEY_free 593
+X509_PUBKEY_get 594
+X509_PUBKEY_new 595
+X509_PUBKEY_set 596
+X509_REQ_INFO_free 597
+X509_REQ_INFO_new 598
+X509_REQ_dup 599
+X509_REQ_free 600
+X509_REQ_get_pubkey 601
+X509_REQ_new 602
+X509_REQ_print 603
+X509_REQ_print_fp 604
+X509_REQ_set_pubkey 605
+X509_REQ_set_subject_name 606
+X509_REQ_set_version 607
+X509_REQ_sign 608
+X509_REQ_to_X509 609
+X509_REQ_verify 610
+X509_REVOKED_add_ext 611
+X509_REVOKED_delete_ext 612
+X509_REVOKED_free 613
+X509_REVOKED_get_ext 614
+X509_REVOKED_get_ext_by_NID 615
+X509_REVOKED_get_ext_by_OBJ 616
+X509_REVOKED_get_ext_by_critical 617
+X509_REVOKED_get_ext_count 618
+X509_REVOKED_new 619
+X509_SIG_free 620
+X509_SIG_new 621
+X509_STORE_CTX_cleanup 622
+X509_STORE_CTX_init 623
+X509_STORE_add_cert 624
+X509_STORE_add_lookup 625
+X509_STORE_free 626
+X509_STORE_get_by_subject 627
+X509_STORE_load_locations 628
+X509_STORE_new 629
+X509_STORE_set_default_paths 630
+X509_VAL_free 631
+X509_VAL_new 632
+X509_add_ext 633
+X509_asn1_meth 634
+X509_certificate_type 635
+X509_check_private_key 636
+X509_cmp_current_time 637
+X509_delete_ext 638
+X509_digest 639
+X509_dup 640
+X509_free 641
+X509_get_default_cert_area 642
+X509_get_default_cert_dir 643
+X509_get_default_cert_dir_env 644
+X509_get_default_cert_file 645
+X509_get_default_cert_file_env 646
+X509_get_default_private_dir 647
+X509_get_ext 648
+X509_get_ext_by_NID 649
+X509_get_ext_by_OBJ 650
+X509_get_ext_by_critical 651
+X509_get_ext_count 652
+X509_get_issuer_name 653
+X509_get_pubkey 654
+X509_get_pubkey_parameters 655
+X509_get_serialNumber 656
+X509_get_subject_name 657
+X509_gmtime_adj 658
+X509_issuer_and_serial_cmp 659
+X509_issuer_and_serial_hash 660
+X509_issuer_name_cmp 661
+X509_issuer_name_hash 662
+X509_load_cert_file 663
+X509_new 664
+X509_print 665
+X509_print_fp 666
+X509_set_issuer_name 667
+X509_set_notAfter 668
+X509_set_notBefore 669
+X509_set_pubkey 670
+X509_set_serialNumber 671
+X509_set_subject_name 672
+X509_set_version 673
+X509_sign 674
+X509_subject_name_cmp 675
+X509_subject_name_hash 676
+X509_to_X509_REQ 677
+X509_verify 678
+X509_verify_cert 679
+X509_verify_cert_error_string 680
+X509v3_add_ext 681
+X509v3_add_extension 682
+X509v3_add_netscape_extensions 683
+X509v3_add_standard_extensions 684
+X509v3_cleanup_extensions 685
+X509v3_data_type_by_NID 686
+X509v3_data_type_by_OBJ 687
+X509v3_delete_ext 688
+X509v3_get_ext 689
+X509v3_get_ext_by_NID 690
+X509v3_get_ext_by_OBJ 691
+X509v3_get_ext_by_critical 692
+X509v3_get_ext_count 693
+X509v3_pack_string 694
+X509v3_pack_type_by_NID 695
+X509v3_pack_type_by_OBJ 696
+X509v3_unpack_string 697
+_des_crypt 698
+a2d_ASN1_OBJECT 699
+a2i_ASN1_INTEGER 700
+a2i_ASN1_STRING 701
+asn1_Finish 702
+asn1_GetSequence 703
+bn_div64 704
+bn_expand2 705
+bn_mul_add_word 706
+bn_mul_word 707
+bn_qadd 708
+bn_qsub 709
+bn_sqr_words 710
+crypt 711
+d2i_ASN1_BIT_STRING 712
+d2i_ASN1_BOOLEAN 713
+d2i_ASN1_HEADER 714
+d2i_ASN1_IA5STRING 715
+d2i_ASN1_INTEGER 716
+d2i_ASN1_OBJECT 717
+d2i_ASN1_OCTET_STRING 718
+d2i_ASN1_PRINTABLE 719
+d2i_ASN1_PRINTABLESTRING 720
+d2i_ASN1_SET 721
+d2i_ASN1_T61STRING 722
+d2i_ASN1_TYPE 723
+d2i_ASN1_UTCTIME 724
+d2i_ASN1_bytes 725
+d2i_ASN1_type_bytes 726
+d2i_DHparams 727
+d2i_DSAPrivateKey 728
+d2i_DSAPrivateKey_bio 729
+d2i_DSAPrivateKey_fp 730
+d2i_DSAPublicKey 731
+d2i_DSAparams 732
+d2i_NETSCAPE_SPKAC 733
+d2i_NETSCAPE_SPKI 734
+d2i_Netscape_RSA 735
+d2i_PKCS7 736
+d2i_PKCS7_DIGEST 737
+d2i_PKCS7_ENCRYPT 738
+d2i_PKCS7_ENC_CONTENT 739
+d2i_PKCS7_ENVELOPE 740
+d2i_PKCS7_ISSUER_AND_SERIAL 741
+d2i_PKCS7_RECIP_INFO 742
+d2i_PKCS7_SIGNED 743
+d2i_PKCS7_SIGNER_INFO 744
+d2i_PKCS7_SIGN_ENVELOPE 745
+d2i_PKCS7_bio 746
+d2i_PKCS7_fp 747
+d2i_PrivateKey 748
+d2i_PublicKey 749
+d2i_RSAPrivateKey 750
+d2i_RSAPrivateKey_bio 751
+d2i_RSAPrivateKey_fp 752
+d2i_RSAPublicKey 753
+d2i_X509 754
+d2i_X509_ALGOR 755
+d2i_X509_ATTRIBUTE 756
+d2i_X509_CINF 757
+d2i_X509_CRL 758
+d2i_X509_CRL_INFO 759
+d2i_X509_CRL_bio 760
+d2i_X509_CRL_fp 761
+d2i_X509_EXTENSION 762
+d2i_X509_NAME 763
+d2i_X509_NAME_ENTRY 764
+d2i_X509_PKEY 765
+d2i_X509_PUBKEY 766
+d2i_X509_REQ 767
+d2i_X509_REQ_INFO 768
+d2i_X509_REQ_bio 769
+d2i_X509_REQ_fp 770
+d2i_X509_REVOKED 771
+d2i_X509_SIG 772
+d2i_X509_VAL 773
+d2i_X509_bio 774
+d2i_X509_fp 775
+des_3cbc_encrypt 776
+des_cbc_cksum 777
+des_cbc_encrypt 778
+des_cblock_print_file 779
+des_cfb64_encrypt 780
+des_cfb_encrypt 781
+des_decrypt3 782
+des_ecb3_encrypt 783
+des_ecb_encrypt 784
+des_ede3_cbc_encrypt 785
+des_ede3_cfb64_encrypt 786
+des_ede3_ofb64_encrypt 787
+des_enc_read 788
+des_enc_write 789
+des_encrypt 790
+des_encrypt2 791
+des_encrypt3 792
+des_fcrypt 793
+des_is_weak_key 794
+des_key_sched 795
+des_ncbc_encrypt 796
+des_ofb64_encrypt 797
+des_ofb_encrypt 798
+des_options 799
+des_pcbc_encrypt 800
+des_quad_cksum 801
+des_random_key 802
+des_random_seed 803
+des_read_2passwords 804
+des_read_password 805
+des_read_pw 806
+des_read_pw_string 807
+des_set_key 808
+des_set_odd_parity 809
+des_string_to_2keys 810
+des_string_to_key 811
+des_xcbc_encrypt 812
+des_xwhite_in2out 813
+fcrypt_body 814
+i2a_ASN1_INTEGER 815
+i2a_ASN1_OBJECT 816
+i2a_ASN1_STRING 817
+i2d_ASN1_BIT_STRING 818
+i2d_ASN1_BOOLEAN 819
+i2d_ASN1_HEADER 820
+i2d_ASN1_IA5STRING 821
+i2d_ASN1_INTEGER 822
+i2d_ASN1_OBJECT 823
+i2d_ASN1_OCTET_STRING 824
+i2d_ASN1_PRINTABLE 825
+i2d_ASN1_SET 826
+i2d_ASN1_TYPE 827
+i2d_ASN1_UTCTIME 828
+i2d_ASN1_bytes 829
+i2d_DHparams 830
+i2d_DSAPrivateKey 831
+i2d_DSAPrivateKey_bio 832
+i2d_DSAPrivateKey_fp 833
+i2d_DSAPublicKey 834
+i2d_DSAparams 835
+i2d_NETSCAPE_SPKAC 836
+i2d_NETSCAPE_SPKI 837
+i2d_Netscape_RSA 838
+i2d_PKCS7 839
+i2d_PKCS7_DIGEST 840
+i2d_PKCS7_ENCRYPT 841
+i2d_PKCS7_ENC_CONTENT 842
+i2d_PKCS7_ENVELOPE 843
+i2d_PKCS7_ISSUER_AND_SERIAL 844
+i2d_PKCS7_RECIP_INFO 845
+i2d_PKCS7_SIGNED 846
+i2d_PKCS7_SIGNER_INFO 847
+i2d_PKCS7_SIGN_ENVELOPE 848
+i2d_PKCS7_bio 849
+i2d_PKCS7_fp 850
+i2d_PrivateKey 851
+i2d_PublicKey 852
+i2d_RSAPrivateKey 853
+i2d_RSAPrivateKey_bio 854
+i2d_RSAPrivateKey_fp 855
+i2d_RSAPublicKey 856
+i2d_X509 857
+i2d_X509_ALGOR 858
+i2d_X509_ATTRIBUTE 859
+i2d_X509_CINF 860
+i2d_X509_CRL 861
+i2d_X509_CRL_INFO 862
+i2d_X509_CRL_bio 863
+i2d_X509_CRL_fp 864
+i2d_X509_EXTENSION 865
+i2d_X509_NAME 866
+i2d_X509_NAME_ENTRY 867
+i2d_X509_PKEY 868
+i2d_X509_PUBKEY 869
+i2d_X509_REQ 870
+i2d_X509_REQ_INFO 871
+i2d_X509_REQ_bio 872
+i2d_X509_REQ_fp 873
+i2d_X509_REVOKED 874
+i2d_X509_SIG 875
+i2d_X509_VAL 876
+i2d_X509_bio 877
+i2d_X509_fp 878
+idea_cbc_encrypt 879
+idea_cfb64_encrypt 880
+idea_ecb_encrypt 881
+idea_encrypt 882
+idea_ofb64_encrypt 883
+idea_options 884
+idea_set_decrypt_key 885
+idea_set_encrypt_key 886
+lh_delete 887
+lh_doall 888
+lh_doall_arg 889
+lh_free 890
+lh_insert 891
+lh_new 892
+lh_node_stats 893
+lh_node_stats_bio 894
+lh_node_usage_stats 895
+lh_node_usage_stats_bio 896
+lh_retrieve 897
+lh_stats 898
+lh_stats_bio 899
+lh_strhash 900
+sk_delete 901
+sk_delete_ptr 902
+sk_dup 903
+sk_find 904
+sk_free 905
+sk_insert 906
+sk_new 907
+sk_pop 908
+sk_pop_free 909
+sk_push 910
+sk_set_cmp_func 911
+sk_shift 912
+sk_unshift 913
+sk_zero 914
+BIO_f_nbio_test 915
+ASN1_TYPE_get 916
+ASN1_TYPE_set 917
+PKCS7_content_free 918
+ERR_load_PKCS7_strings 919
+X509_find_by_issuer_and_serial 920
+X509_find_by_subject 921
+d2i_PKCS7_fp 922
+i2d_PKCS7_fp 923
+PKCS7_dup 924
+d2i_PKCS7_bio 925
+i2d_PKCS7_bio 926
+PKCS7_ctrl 927
+PKCS7_set_type 928
+PKCS7_set_content 929
+PKCS7_SIGNER_INFO_set 930
+PKCS7_add_signer 931
+PKCS7_add_certificate 932
+PKCS7_add_crl 933
+PKCS7_content_new 934
+PKCS7_dataSign 935
+PKCS7_dataVerify 936
+PKCS7_dataInit 937
+PKCS7_add_signature 938
+PKCS7_cert_from_signer_info 939
+PKCS7_get_signer_info 940
+EVP_delete_alias 941
+EVP_mdc2 942
+PEM_read_bio_RSAPublicKey 943
+PEM_write_bio_RSAPublicKey 944
+d2i_RSAPublicKey_bio 945
+i2d_RSAPublicKey_bio 946
+PEM_read_RSAPublicKey 947
+PEM_read_bio_RSAPublicKey 948
+PEM_write_RSAPublicKey 949
+PEM_write_bio_RSAPublicKey 950
+d2i_RSAPublicKey_bio 951
+d2i_RSAPublicKey_fp 952
+i2d_RSAPublicKey_bio 953
+i2d_RSAPublicKey_fp 954
+BIO_copy_next_retry 955
diff --git a/util/mk1mf.pl b/util/mk1mf.pl
new file mode 100755
index 0000000..ef07692
--- /dev/null
+++ b/util/mk1mf.pl
@@ -0,0 +1,692 @@
+#!/usr/local/bin/perl
+# A bit of an evil hack but it post processes the file ../MINFO which
+# is generated by `make files` in the top directory.
+# This script outputs one mega makefile that has no shell stuff or any
+# funny stuff
+#
+
+$INSTALLTOP="/usr/local/ssl";
+
+$infile="MINFO";
+
+%ops=(
+ "VC-WIN32", "Microsoft Visual C++ 4.[01] - Windows NT [34].x",
+ "VC-W31-16", "Microsoft Visual C++ 1.52 - Windows 3.1 - 286",
+ "VC-WIN16", "Alias for VC-W31-32",
+ "VC-W31-32", "Microsoft Visual C++ 1.52 - Windows 3.1 - 386+",
+ "VC-MSDOS","Microsoft Visual C++ 1.52 - MSDOS",
+ "BC-NT", "Borland C++ 4.5 - Windows NT - PROBABLY NOT WORKING",
+ "BC-W31", "Borland C++ 4.5 - Windows 3.1 - PROBABLY NOT WORKING",
+ "BC-MSDOS","Borland C++ 4.5 - MSDOS",
+ "FreeBSD","FreeBSD distribution",
+ "default","cc under unix",
+ );
+
+$type="";
+foreach (@ARGV)
+ {
+ if (/^no-rc2$/) { $no_rc2=1; }
+ elsif (/^no-rc4$/) { $no_rc4=1; }
+ elsif (/^no-idea$/) { $no_idea=1; }
+ elsif (/^no-des$/) { $no_des=1; }
+ elsif (/^no-bf$/) { $no_bf=1; }
+ elsif (/^no-md2$/) { $no_md2=1; }
+ elsif (/^no-md5$/) { $no_md5=1; }
+ elsif (/^no-sha$/) { $no_sha=1; }
+ elsif (/^no-sha1$/) { $no_sha1=1; }
+ elsif (/^no-mdc2$/) { $no_mdc2=1; }
+ elsif (/^no-patents$/) { $no_rc2=$no_rc4=$no_idea=$no_sha1=$no_rsa=1; }
+ elsif (/^no-rsa$/) { $no_rsa=1; }
+ elsif (/^no-dsa$/) { $no_dsa=1; }
+ elsif (/^no-dh$/) { $no_dh=1; }
+ elsif (/^no-asm$/) { $no_asm=1; }
+ elsif (/^no-ssl2$/) { $no_ssl2=1; }
+ elsif (/^no-ssl3$/) { $no_ssl3=1; }
+ elsif (/^no-err$/) { $no_err=1; }
+ elsif (/^no-sock$/) { $no_sock=1; }
+
+ elsif (/^rsaref$/) { $rsaref=1; }
+ elsif (/^gcc$/) { $gcc=1; }
+ elsif (/^debug$/) { $debug=1; }
+ elsif (/^shlib$/) { $shlib=1; }
+ elsif (/^dll$/) { $shlib=1; }
+ elsif (/^([^=]*)=(.*)$/){ $VARS{$1}=$2; }
+ elsif (/^-[lL].*$/) { $l_flags.="$_ "; }
+ elsif ((!/^-help/) && (!/^-h/) && (!/^-\?/) && /^-.*$/)
+ { $c_flags.="$_ "; }
+ else
+ {
+ if (!defined($ops{$_}))
+ {
+ print STDERR "unknown option - $_\n";
+ print STDERR "usage: perl mk1mf.pl [system] [options]\n";
+ print STDERR "\nwhere [system] can be one of the following\n";
+ foreach $i (sort keys %ops)
+ { printf STDERR "\t%-10s\t%s\n",$i,$ops{$i}; }
+ print STDERR <<"EOF";
+and [options] can be one of
+ no-md2 no-md5 no-sha no-sha1 no-mdc2 - Skip this digest
+ no-rc2 no-rc4 no-idea no-des no-bf - Skip this symetriccipher
+ no-rsa no-dsa no-dh - Skip this public key cipher
+ no-ssl2 no-ssl3 - Skip this version of SSL
+ just-ssl - remove all non-ssl keys/digest
+ no-asm - No x86 asm
+ no-socks - No socket code
+ no-err - No error strings
+ dll/shlib - Build shared libraries (MS)
+ debug - Debug build
+ gcc - Use Gcc (unix)
+ rsaref - Build to require RSAref
+
+Values that can be set
+TMP=tmpdir OUT=outdir SRC=srcdir BIN=binpath CC=C-compiler
+
+-L<ex_lib_path> -l<ex_lib> - extra library flags (unix)
+-<ex_cc_flags> - extra 'cc' flags,
+ added (MS), or replace (unix)
+EOF
+ exit(1);
+ }
+ $type=$_;
+ }
+ }
+
+$no_mdc2=1 if ($no_des);
+
+$no_ssl3=1 if ($no_md5 || $no_sha1);
+$no_ssl3=1 if ($no_rsa && $no_dh);
+
+$no_ssl2=1 if ($no_md5 || $no_rsa);
+$no_ssl2=1 if ($no_rsa);
+
+$cc=(defined($VARS{'CC'}))?$VARS{'CC'}:'cc';
+$src_dir=(defined($VARS{'SRC'}))?$VARS{'SRC'}:'.';
+$out_dir=(defined($VARS{'OUT'}))?$VARS{'OUT'}:'out';
+$tmp_dir=(defined($VARS{'TMP'}))?$VARS{'TMP'}:'tmp';
+$bin_dir=(defined($VARS{'BIN'}))?$VARS{'BIN'}:'';
+
+($ssl,$crypto)=("ssl","crypto");
+$RSAglue="RSAglue";
+$ranlib="echo ranlib";
+
+push(@INC,"util/pl","pl");
+if ($type eq "VC-MSDOS")
+ {
+ $asmbits=16;
+ $msdos=1;
+ require 'VC-16.pl';
+ }
+elsif ($type eq "VC-W31-16")
+ {
+ $asmbits=16;
+ $msdos=1; $win16=1;
+ require 'VC-16.pl';
+ }
+elsif (($type eq "VC-W31-32") || ($type eq "VC-WIN16"))
+ {
+ $asmbits=32;
+ $msdos=1; $win16=1;
+ require 'VC-16.pl';
+ }
+elsif (($type eq "VC-WIN32") || ($type eq "VC-NT"))
+ {
+ require 'VC-32.pl';
+ }
+elsif ($type eq "BC-NT")
+ {
+ $bc=1;
+ require 'BC-32.pl';
+ }
+elsif ($type eq "BC-W31")
+ {
+ $bc=1;
+ $msdos=1; $w16=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "BC-Q16")
+ {
+ $msdos=1; $w16=1; $shlib=0; $qw=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "BC-MSDOS")
+ {
+ $asmbits=16;
+ $msdos=1;
+ require 'BC-16.pl';
+ }
+elsif ($type eq "FreeBSD")
+ {
+ require 'unix.pl';
+ $cflags='-DTERMIO -D_ANSI_SOURCE -O2 -fomit-frame-pointer';
+ }
+else
+ {
+ require "unix.pl";
+
+ $unix=1;
+ $cflags.=' -DTERMIO';
+ }
+
+# $bin_dir.=$o causes a core dump on my sparc :-(
+$bin_dir=$bin_dir.$o unless ((substr($bin_dir,-1,1) eq $o) || ($bin_dir eq ''));
+
+$cflags.=" -DNO_IDEA" if $no_idea;
+$cflags.=" -DNO_RC2" if $no_rc2;
+$cflags.=" -DNO_RC4" if $no_rc4;
+$cflags.=" -DNO_MD2" if $no_md2;
+$cflags.=" -DNO_MD5" if $no_md5;
+$cflags.=" -DNO_SHA" if $no_sha;
+$cflags.=" -DNO_SHA1" if $no_sha1;
+$cflags.=" -DNO_MDC2" if $no_mdc2;
+$cflags.=" -DNO_BLOWFISH" if $no_bf;
+$cflags.=" -DNO_DES" if $no_des;
+$cflags.=" -DNO_RSA" if $no_rsa;
+$cflags.=" -DNO_DSA" if $no_dsa;
+$cflags.=" -DNO_DH" if $no_dh;
+$cflags.=" -DNO_SOCK" if $no_sock;
+$cflags.=" -DNO_SSL2" if $no_ssl2;
+$cflags.=" -DNO_SSL3" if $no_ssl3;
+$cflags.=" -DNO_ERR" if $no_err;
+$cflags.=" -DRSAref" if $rsaref ne "";
+
+if ($unix)
+ { $cflags="$c_flags" if ($c_flags ne ""); }
+else { $cflags="$c_flags$cflags" if ($c_flags ne ""); }
+
+$ex_libs="$l_flags$ex_libs" if ($l_flags ne "");
+
+if ($ranlib ne "")
+ {
+ $ranlib="\$(SRC_D)$o$ranlib";
+ }
+
+if ($msdos)
+ {
+ $banner ="\t\@echo Make sure you have run 'perl Configure $type' in the\n";
+ $banner.="\t\@echo top level directory, if you don't have perl, you will\n";
+ $banner.="\t\@echo need to probably edit crypto/bn/bn.h, check the\n";
+ $banner.="\t\@echo documentation for details.\n";
+ }
+
+# have to do this to allow $(CC) under unix
+$link="$bin_dir$link" if ($link !~ /^\$/);
+
+$INSTALLTOP =~ s|/|$o|g;
+
+$defs= <<"EOF";
+# This makefile has been automatically generated from the SSLeay distribution.
+# This single makefile will build the complete SSLeay distribution and
+# by default leave the 'intertesting' output files in .${o}out and the stuff
+# that needs deleting in .${o}tmp.
+# The file was generated by running 'make makefile.one', which
+# does a 'make files', which writes all the environment variables from all
+# the makefiles to the file call MINFO. This file is used by
+# util${o}mk1mf.pl to generate makefile.one.
+# The 'makefile per directory' system suites me when developing this
+# library and also so I can 'distribute' indervidual library sections.
+# The one monster makefile better suits building in non-unix
+# environments.
+
+INSTALLTOP=$INSTALLTOP
+
+# Set your compiler options
+CC=$bin_dir${cc}
+CFLAG=$cflags
+APP_CFLAG=$app_cflag
+LIB_CFLAG=$lib_cflag
+APP_EX_OBJ=$app_ex_obj
+SHLIB_EX_OBJ=$shlib_ex_obj
+# add extra libraries to this define, for solaris -lsocket -lnsl would
+# be added
+EX_LIBS=$ex_libs
+
+# The SSLeay directory
+SRC_D=$src_dir
+
+LINK=$link
+LFLAGS=$lflags
+
+BN_MULW_OBJ=$bn_mulw_obj
+BN_MULW_SRC=$bn_mulw_src
+DES_ENC_OBJ=$des_enc_obj
+DES_ENC_SRC=$des_enc_src
+DES_CRYPT_OBJ=$des_crypt_obj
+DES_CRYPT_SRC=$des_crypt_src
+BF_ENC_OBJ=$bf_enc_obj
+BF_ENC_SRC=$bf_enc_src
+
+# The output directory for everything intersting
+OUT_D=$out_dir
+# The output directory for all the temporary muck
+TMP_D=$tmp_dir
+
+CP=$cp
+RM=$rm
+RANLIB=$ranlib
+MKDIR=mkdir
+MKLIB=$bin_dir$mklib
+MLFLAGS=$mlflags
+ASM=$bin_dir$asm
+
+######################################################
+# You should not need to touch anything below this point
+######################################################
+
+E_EXE=ssleay
+SSL=$ssl
+CRYPTO=$crypto
+RSAGLUE=$RSAglue
+
+# BIN_D - Binary output directory
+# TEST_D - Binary test file output directory
+# LIB_D - library output directory
+# INC_D - include directory
+BIN_D=\$(OUT_D)
+TEST_D=\$(OUT_D)
+LIB_D=\$(OUT_D)
+INC_D=\$(OUT_D)
+
+# INCL_D - local library directory
+# OBJ_D - temp object file directory
+OBJ_D=\$(TMP_D)
+INCL_D=\$(TMP_D)
+
+O_SSL= \$(LIB_D)$o$plib\$(SSL)$shlibp
+O_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$shlibp
+O_RSAGLUE= \$(LIB_D)$o$plib\$(RSAGLUE)$libp
+L_SSL= \$(LIB_D)$o$plib\$(SSL)$libp
+L_CRYPTO= \$(LIB_D)$o$plib\$(CRYPTO)$libp
+
+L_LIBS= \$(L_SSL) \$(L_CRYPTO)
+#L_LIBS= \$(O_SSL) \$(O_RSAGLUE) -lrsaref \$(O_CRYPTO)
+
+######################################################
+# Don't touch anything below this point
+######################################################
+
+INC=-DFLAT_INC -I\$(INC_D) -I\$(INCL_D)
+APP_CFLAGS=\$(INC) \$(CFLAG) \$(APP_CFLAG)
+LIB_CFLAGS=\$(INC) \$(CFLAG) \$(LIB_CFLAG)
+LIBS_DEP=\$(O_CRYPTO) \$(O_RSAGLUE) \$(O_SSL)
+
+#############################################
+EOF
+
+$rules=<<"EOF";
+all: banner \$(OUT_D) \$(TMP_D) headers lib exe
+
+banner:
+$banner
+
+\$(OUT_D):
+ \$(MKDIR) \$(OUT_D)
+
+\$(TMP_D):
+ \$(MKDIR) \$(TMP_D)
+
+headers: \$(HEADER) \$(EXHEADER)
+
+lib: \$(LIBS_DEP)
+
+exe: \$(T_EXE) \$(BIN_D)$o\$(E_EXE)$exep
+
+install:
+ \$(MKDIR) \$(INSTALLTOP)
+ \$(MKDIR) \$(INSTALLTOP)${o}bin
+ \$(MKDIR) \$(INSTALLTOP)${o}include
+ \$(MKDIR) \$(INSTALLTOP)${o}lib
+ \$(CP) \$(INC_D)${o}*.h \$(INSTALLTOP)${o}include
+ \$(CP) \$(BIN_D)$o\$(E_EXE)$exep \$(INSTALLTOP)${o}bin
+ \$(CP) \$(LIB_D)$o\$(O_SSL) \$(INSTALLTOP)${o}lib
+ \$(CP) \$(LIB_D)$o\$(O_CRYPTO) \$(INSTALLTOP)${o}lib
+
+clean:
+ \$(RM) \$(TMP_D)$o*.*
+
+vclean:
+ \$(RM) \$(TMP_D)$o*.*
+ \$(RM) \$(OUT_D)$o*.*
+
+EOF
+
+#############################################
+# We parse in input file and 'store' info for later printing.
+open(IN,"<$infile") || die "unable to open $infile:$!\n";
+$_=<IN>;
+for (;;)
+ {
+ chop;
+
+ ($key,$val)=/^([^=]+)=(.*)/;
+ if ($key eq "RELATIVE_DIRECTORY")
+ {
+ if ($lib ne "")
+ {
+ $uc=$lib;
+ $uc =~ s/^lib(.*)\.a/$1/;
+ $uc =~ tr/a-z/A-Z/;
+ $lib_nam{$uc}=$uc;
+ $lib_obj{$uc}.=$libobj." ";
+ }
+ last if ($val eq "FINISHED");
+ $lib="";
+ $libobj="";
+ $dir=$val;
+ }
+
+ if ($key eq "TEST")
+ { $test.=&var_add($dir,$val); }
+
+ if (($key eq "PROGS") || ($key eq "E_OBJ"))
+ { $e_exe.=&var_add($dir,$val); }
+
+ if ($key eq "LIB")
+ {
+ $lib=$val;
+ $lib =~ s/^.*\/([^\/]+)$/$1/;
+ }
+
+ if ($key eq "EXHEADER")
+ { $exheader.=&var_add($dir,$val); }
+
+ if ($key eq "HEADER")
+ { $header.=&var_add($dir,$val); }
+
+ if ($key eq "LIBOBJ")
+ { $libobj=&var_add($dir,$val); }
+
+ if (!($_=<IN>))
+ { $_="RELATIVE_DIRECTORY=FINISHED\n"; }
+ }
+close(IN);
+
+# Strip of trailing ' '
+foreach (keys %lib_obj) { $lib_obj{$_}=&clean_up_ws($lib_obj{$_}); }
+$test=&clean_up_ws($test);
+$e_exe=&clean_up_ws($e_exe);
+$exheader=&clean_up_ws($exheader);
+$header=&clean_up_ws($header);
+
+# First we strip the exheaders from the headers list
+foreach (split(/\s+/,$exheader)){ $h{$_}=1; }
+foreach (split(/\s+/,$header)) { $h.=$_." " unless $h{$_}; }
+chop($h); $header=$h;
+
+$defs.=&do_defs("HEADER",$header,"\$(INCL_D)",".h");
+$rules.=&do_copy_rule("\$(INCL_D)",$header,".h");
+
+$defs.=&do_defs("EXHEADER",$exheader,"\$(INC_D)",".h");
+$rules.=&do_copy_rule("\$(INC_D)",$exheader,".h");
+
+$defs.=&do_defs("T_OBJ",$test,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$test,"\$(APP_CFLAGS)");
+
+$defs.=&do_defs("E_OBJ",$e_exe,"\$(OBJ_D)",$obj);
+$rules.=&do_compile_rule("\$(OBJ_D)",$e_exe,'-DMONOLITH $(APP_CFLAGS)');
+
+foreach (values %lib_nam)
+ {
+ $lib_obj=$lib_obj{$_};
+
+ if (($_ eq "SSL") && $no_ssl2 && $no_ssl3)
+ {
+ $rules.="\$(O_SSL):\n\n";
+ next;
+ }
+
+ if (($_ eq "RSAGLUE") && $no_rsa)
+ {
+ $rules.="\$(O_RSAGLUE):\n\n";
+ next;
+ }
+
+ if (($bn_mulw_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\S*bn_mulw\S*/\$(BN_MULW_OBJ)/;
+ $rules.=&do_asm_rule($bn_mulw_obj,$bn_mulw_src);
+ }
+ if (($des_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\S*des_enc\S*/\$(DES_ENC_OBJ)/;
+ $lib_obj =~ s/\S*fcrypt_b\S*\s*//;
+ $rules.=&do_asm_rule($des_enc_obj,$des_enc_src);
+ }
+ if (($bf_enc_obj ne "") && ($_ eq "CRYPTO"))
+ {
+ $lib_obj =~ s/\S*bf_enc\S*/\$(BF_ENC_OBJ)/;
+ $rules.=&do_asm_rule($bf_enc_obj,$bf_enc_src);
+ }
+ $defs.=&do_defs(${_}."OBJ",$lib_obj,"\$(OBJ_D)",$obj);
+ $rules.=&do_compile_rule("\$(OBJ_D)",$lib_obj{$_},"\$(LIB_CFLAGS)");
+ }
+
+$defs.=&do_defs("T_EXE",$test,"\$(TEST_D)",$exep);
+foreach (split(/\s+/,$test))
+ {
+ $t=&bname($_);
+ $tt="\$(OBJ_D)${o}$t${obj}";
+ $rules.=&do_link_rule("\$(TEST_D)$o$t$exep",$tt,"\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+ }
+
+$rules.= &do_lib_rule("\$(SSLOBJ)","\$(O_SSL)",$ssl,$shlib);
+$rules.= &do_lib_rule("\$(RSAGLUEOBJ)","\$(O_RSAGLUE)",$RSAglue,0)
+ unless $no_rsa;
+$rules.= &do_lib_rule("\$(CRYPTOOBJ)","\$(O_CRYPTO)",$crypto,$shlib);
+
+$rules.=&do_link_rule("\$(BIN_D)$o\$(E_EXE)$exep","\$(E_OBJ)","\$(LIBS_DEP)","\$(L_LIBS) \$(EX_LIBS)");
+
+print $defs;
+print "###################################################################\n";
+print $rules;
+
+###############################################
+# strip off any trailing .[och] and append the relative directory
+# also remembering to do nothing if we are in one of the dropped
+# directories
+sub var_add
+ {
+ local($dir,$val)=@_;
+ local(@a,$_,$ret);
+
+ return("") if $no_idea && $dir =~ /\/idea/;
+ return("") if $no_rc2 && $dir =~ /\/rc2/;
+ return("") if $no_rc4 && $dir =~ /\/rc4/;
+ return("") if $no_rsa && $dir =~ /\/rsa/;
+ return("") if $no_rsa && $dir =~ /^rsaref/;
+ return("") if $no_dsa && $dir =~ /\/dsa/;
+ return("") if $no_dh && $dir =~ /\/dh/;
+ if ($no_des && $dir =~ /\/des/)
+ {
+ if ($val =~ /read_pwd/)
+ { return("$dir/read_pwd "); }
+ else
+ { return(""); }
+ }
+ return("") if $no_mdc2 && $dir =~ /\/mdc2/;
+ return("") if $no_sock && $dir =~ /\/proxy/;
+ return("") if $no_bf && $dir =~ /\/bf/;
+
+ $val =~ s/^\s*(.*)\s*$/$1/;
+ @a=split(/\s+/,$val);
+ grep(s/\.[och]$//,@a);
+
+ @a=grep(!/^e_.*_3d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_d$/,@a) if $no_des;
+ @a=grep(!/^e_.*_i$/,@a) if $no_idea;
+ @a=grep(!/^e_.*_r2$/,@a) if $no_rc2;
+ @a=grep(!/^e_.*_bf$/,@a) if $no_bf;
+ @a=grep(!/^e_rc4$/,@a) if $no_rc4;
+
+ @a=grep(!/(^s2_)|(^s23_)/,@a) if $no_ssl2;
+ @a=grep(!/(^s3_)|(^s23_)/,@a) if $no_ssl3;
+
+ @a=grep(!/(_sock$)|(_acpt$)|(_conn$)|(^pxy_)/,@a) if $no_sock;
+
+ @a=grep(!/(^md2)|(_md2$)/,@a) if $no_md2;
+ @a=grep(!/(^md5)|(_md5$)/,@a) if $no_md5;
+
+ @a=grep(!/(^d2i_r_)|(^i2d_r_)/,@a) if $no_rsa;
+ @a=grep(!/(^p_open$)|(^p_seal$)/,@a) if $no_rsa;
+ @a=grep(!/(^pem_seal$)/,@a) if $no_rsa;
+
+ @a=grep(!/(m_dss$)|(m_dss1$)/,@a) if $no_dsa;
+ @a=grep(!/(^d2i_s_)|(^i2d_s_)|(_dsap$)/,@a) if $no_dsa;
+
+ @a=grep(!/^n_pkey$/,@a) if $no_rsa || $no_rc4;
+
+ @a=grep(!/_dhp$/,@a) if $no_dh;
+
+ @a=grep(!/(^sha[^1])|(_sha$)|(m_dss$)/,@a) if $no_sha;
+ @a=grep(!/(^sha1)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+ @a=grep(!/_mdc2$/,@a) if $no_mdc2;
+
+ @a=grep(!/(^rsa$)|(^genrsa$)|(^req$)|(^ca$)/,@a) if $no_rsa;
+ @a=grep(!/(^dsa$)|(^gendsa$)|(^dsaparam$)/,@a) if $no_dsa;
+ @a=grep(!/^gendsa$/,@a) if $no_sha1;
+ @a=grep(!/(^dh$)|(^gendh$)/,@a) if $no_dh;
+
+ @a=grep(!/(^dh)|(_sha1$)|(m_dss1$)/,@a) if $no_sha1;
+
+ grep($_="$dir/$_",@a);
+ @a=grep(!/(^|\/)s_/,@a) if $no_sock;
+ @a=grep(!/(^|\/)bio_sock/,@a) if $no_sock;
+ $ret=join(' ',@a)." ";
+ return($ret);
+ }
+
+# change things so that each 'token' is only separated by one space
+sub clean_up_ws
+ {
+ local($w)=@_;
+
+ $w =~ s/^\s*(.*)\s*$/$1/;
+ $w =~ s/\s+/ /g;
+ return($w);
+ }
+
+sub do_defs
+ {
+ local($var,$files,$location,$postfix)=@_;
+ local($_,$ret);
+ local(*OUT,$tmp,$t);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ $ret="$var=";
+ $n=1;
+ $Vars{$var}.="";
+ foreach (split(/ /,$files))
+ {
+ $_=&bname($_) unless /^\$/;
+ if ($n++ == 2)
+ {
+ $n=0;
+ $ret.="\\\n\t";
+ }
+ if ($_ =~ /BN_MULW/)
+ { $t="$_ "; }
+ elsif ($_ =~ /DES_ENC/)
+ { $t="$_ "; }
+ elsif ($_ =~ /BF_ENC/)
+ { $t="$_ "; }
+ else { $t="$location${o}$_$postfix "; }
+
+ $Vars{$var}.="$t ";
+ $ret.=$t;
+ }
+ chop($ret);
+ $ret.="\n\n";
+ return($ret);
+ }
+
+# return the name with the leading path removed
+sub bname
+ {
+ local($ret)=@_;
+ $ret =~ s/^.*[\\\/]([^\\\/]+)$/$1/;
+ return($ret);
+ }
+
+# do a rule for each file that says 'copy' to new direcory on change
+sub do_copy_rule
+ {
+ local($to,$files,$p)=@_;
+ local($ret,$_,$n);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ $ret.="$to${o}$n$p: \$(SRC_D)$o$_$p\n\t\$(CP) \$(SRC_D)$o$_$p $to${o}$n$p\n\n";
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+# compile the files in '$files' into $to
+sub do_compile_rule
+ {
+ local($to,$files,$ex)=@_;
+ local($ret,$_,$n);
+
+ $files =~ s/\//$o/g if $o ne '/';
+ foreach (split(/\s+/,$files))
+ {
+ $n=&bname($_);
+ $ret.=&cc_compile_target("$to${o}$n$obj","${_}.c",$ex)
+ }
+ return($ret);
+ }
+
+##############################################################
+# do a rule for each file that says 'compile' to new direcory
+sub cc_compile_target
+ {
+ local($target,$source,$ex_flags)=@_;
+ local($ret);
+
+ # EAY EAY
+ $ex_flags.=' -DCFLAGS="\"$(CC) $(CFLAG)\""' if ($source =~ /cversion/);
+ $target =~ s/\//$o/g if $o ne "/";
+ $source =~ s/\//$o/g if $o ne "/";
+ $ret ="$target: \$(SRC_D)$o$source\n\t";
+ $ret.="\$(CC) ${ofile}$target $ex_flags -c \$(SRC_D)$o$source\n\n";
+ return($ret);
+ }
+
+##############################################################
+sub do_asm_rule
+ {
+ local($target,$src)=@_;
+ local($ret,@s,@t,$i);
+
+ $target =~ s/\//$o/g if $o ne "/";
+ $src =~ s/\//$o/g if $o ne "/";
+
+ @s=split(/\s+/,$src);
+ @t=split(/\s+/,$target);
+
+ for ($i=0; $i<=$#s; $i++)
+ {
+ $ret.="$t[$i]: $s[$i]\n";
+ $ret.="\t\$(ASM) $afile$t[$i] \$(SRC_D)$o$s[$i]\n\n";
+ }
+ return($ret);
+ }
+
+sub do_shlib_rule
+ {
+ local($n,$def)=@_;
+ local($ret,$nn);
+ local($t);
+
+ ($nn=$n) =~ tr/a-z/A-Z/;
+ $ret.="$n.dll: \$(${nn}OBJ)\n";
+ if ($vc && $w32)
+ {
+ $ret.="\t\$(MKSHLIB) $efile$n.dll $def @<<\n \$(${nn}OBJ_F)\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
diff --git a/util/mkcerts.sh b/util/mkcerts.sh
new file mode 100755
index 0000000..5f8a1da
--- /dev/null
+++ b/util/mkcerts.sh
@@ -0,0 +1,220 @@
+#!bin/sh
+
+# This script will re-make all the required certs.
+# cd apps
+# sh ../util/mkcerts.sh
+# mv ca-cert.pem pca-cert.pem ../certs
+# cd ..
+# cat certs/*.pem >>apps/server.pem
+# cat certs/*.pem >>apps/server2.pem
+# SSLEAY=`pwd`/apps/ssleay; export SSLEAY
+# sh tools/c_rehash certs
+#
+
+CAbits=1024
+SSLEAY="../apps/ssleay"
+CONF="-config ../apps/ssleay.cnf"
+
+# create pca request.
+echo creating $CAbits bit PCA cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey $CAbits \
+ -keyout pca-key.pem \
+ -out pca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test PCA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating PCA request
+ exit 1
+fi
+
+#sign it.
+echo
+echo self signing PCA
+$SSLEAY x509 -md5 -days 1461 \
+ -req -signkey pca-key.pem \
+ -CAcreateserial -CAserial pca-cert.srl \
+ -in pca-req.pem -out pca-cert.pem
+
+if [ $? != 0 ]; then
+ echo problems self signing PCA cert
+ exit 1
+fi
+echo
+
+# create ca request.
+echo creating $CAbits bit CA cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey $CAbits \
+ -keyout ca-key.pem \
+ -out ca-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Test CA (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating CA request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing CA
+$SSLEAY x509 -md5 -days 1461 \
+ -req \
+ -CAcreateserial -CAserial pca-cert.srl \
+ -CA pca-cert.pem -CAkey pca-key.pem \
+ -in ca-req.pem -out ca-cert.pem
+
+if [ $? != 0 ]; then
+ echo problems signing CA cert
+ exit 1
+fi
+echo
+
+# create server request.
+echo creating 512 bit server cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 512 \
+ -keyout s512-key.pem \
+ -out s512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 512 bit server cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in s512-req.pem -out server.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 512 bit server cert
+ exit 1
+fi
+echo
+
+# create 1024 bit server request.
+echo creating 1024 bit server cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 1024 \
+ -keyout s1024key.pem \
+ -out s1024req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Server test cert (1024 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 1024 bit server cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 1024 bit server cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in s1024req.pem -out server2.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 1024 bit server cert
+ exit 1
+fi
+echo
+
+# create 512 bit client request.
+echo creating 512 bit client cert request
+$SSLEAY req $CONF \
+ -new -md5 -newkey 512 \
+ -keyout c512-key.pem \
+ -out c512-req.pem -nodes >/dev/null <<EOF
+AU
+Queensland
+.
+CryptSoft Pty Ltd
+.
+Client test cert (512 bit)
+
+
+
+EOF
+
+if [ $? != 0 ]; then
+ echo problems generating 512 bit client cert request
+ exit 1
+fi
+
+#sign it.
+echo
+echo signing 512 bit client cert
+$SSLEAY x509 -md5 -days 365 \
+ -req \
+ -CAcreateserial -CAserial ca-cert.srl \
+ -CA ca-cert.pem -CAkey ca-key.pem \
+ -in c512-req.pem -out client.pem
+
+if [ $? != 0 ]; then
+ echo problems signing 512 bit client cert
+ exit 1
+fi
+
+echo cleanup
+
+cat pca-key.pem >> pca-cert.pem
+cat ca-key.pem >> ca-cert.pem
+cat s512-key.pem >> server.pem
+cat s1024key.pem >> server2.pem
+cat c512-key.pem >> client.pem
+
+for i in pca-cert.pem ca-cert.pem server.pem server2.pem client.pem
+do
+$SSLEAY x509 -issuer -subject -in $i -noout >$$
+cat $$
+/bin/cat $i >>$$
+/bin/mv $$ $i
+done
+
+#/bin/rm -f *key.pem *req.pem *.srl
+
+echo Finished
+
diff --git a/util/mkdef.pl b/util/mkdef.pl
new file mode 100755
index 0000000..fa68333
--- /dev/null
+++ b/util/mkdef.pl
@@ -0,0 +1,260 @@
+#!/usr/local/bin/perl
+#
+# generate a .def file
+#
+# It does this by parsing the header files and looking for the
+# non-prototyped functions.
+#
+
+$crypto_num="util/libeay.num";
+$ssl_num= "util/ssleay.num";
+
+$NT=1;
+foreach (@ARGV)
+ {
+ $NT=1 if $_ eq "32";
+ $NT=0 if $_ eq "16";
+ $do_ssl=1 if $_ eq "ssleay";
+ $do_crypto=1 if $_ eq "libeay";
+ }
+
+if (!$do_ssl && !$do_crypto)
+ {
+ print STDERR "usage: $0 ( ssl | crypto ) [ 16 | 32 ]\n";
+ exit(1);
+ }
+
+%ssl_list=&load_numbers($ssl_num);
+%crypto_list=&load_numbers($crypto_num);
+
+$ssl="ssl/ssl.h";
+
+$crypto ="crypto/crypto.h";
+$crypto.=" crypto/des/des.h";
+$crypto.=" crypto/idea/idea.h";
+$crypto.=" crypto/rc4/rc4.h";
+$crypto.=" crypto/rc2/rc2.h";
+$crypto.=" crypto/bf/blowfish.h";
+$crypto.=" crypto/md/md2.h";
+$crypto.=" crypto/md/md5.h";
+$crypto.=" crypto/mdc2/mdc2.h";
+$crypto.=" crypto/sha/sha.h";
+
+$crypto.=" crypto/bn/bn.h";
+$crypto.=" crypto/rsa/rsa.h";
+$crypto.=" crypto/dsa/dsa.h";
+$crypto.=" crypto/dh/dh.h";
+
+$crypto.=" crypto/stack/stack.h";
+$crypto.=" crypto/buffer/buffer.h";
+$crypto.=" crypto/bio/bio.h";
+$crypto.=" crypto/lhash/lhash.h";
+$crypto.=" crypto/conf/conf.h";
+$crypto.=" crypto/txt_db/txt_db.h";
+
+$crypto.=" crypto/evp/evp.h";
+$crypto.=" crypto/objects/objects.h";
+$crypto.=" crypto/pem/pem.h";
+#$crypto.=" crypto/meth/meth.h";
+$crypto.=" crypto/asn1/asn1.h";
+$crypto.=" crypto/asn1/asn1_mac.h";
+$crypto.=" crypto/err/err.h";
+$crypto.=" crypto/pkcs7/pkcs7.h";
+$crypto.=" crypto/x509/x509.h";
+$crypto.=" crypto/x509/x509_vfy.h";
+$crypto.=" crypto/rand/rand.h";
+
+$match{'NOPROTO'}=1;
+$match2{'PERL5'}=1;
+
+&print_def_file(*STDOUT,"SSLEAY",*ssl_list,&do_defs("SSLEAY",$ssl))
+ if $do_ssl == 1;
+
+&print_def_file(*STDOUT,"LIBEAY",*crypto_list,&do_defs("LIBEAY",$crypto))
+ if $do_crypto == 1;
+
+sub do_defs
+ {
+ local($name,$files)=@_;
+ local(@ret);
+
+ $off=-1;
+ foreach $file (split(/\s+/,$files))
+ {
+# print STDERR "reading $file\n";
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ $depth=0;
+ $pr=-1;
+ @np="";
+ $/=undef;
+ $a=<IN>;
+ while (($i=index($a,"/*")) >= 0)
+ {
+ $j=index($a,"*/");
+ break unless ($j >= 0);
+ $a=substr($a,0,$i).substr($a,$j+2);
+ # print "$i $j\n";
+ }
+ foreach (split("\n",$a))
+ {
+ if (/^\#ifndef (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=-1;
+ next;
+ }
+ elsif (/^\#if !defined\(([^\)]+)\)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=-1;
+ next;
+ }
+ elsif (/^\#ifdef (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=1;
+ next;
+ }
+ elsif (/^\#if (.*)/)
+ {
+ push(@tag,$1);
+ $tag{$1}=1;
+ next;
+ }
+ elsif (/^\#endif/)
+ {
+ $tag{$tag[$#tag]}=0;
+ pop(@tag);
+ next;
+ }
+ elsif (/^\#else/)
+ {
+ $t=$tag[$#tag];
+ $tag{$t}= -$tag{$t};
+ next;
+ }
+ $t=undef;
+ if (/^extern .*;$/)
+ { $t=&do_extern($name,$_); }
+ elsif ( ($tag{'NOPROTO'} == 1) &&
+ ($tag{'FreeBSD'} != 1) &&
+ (($NT && ($tag{'WIN16'} != 1)) ||
+ (!$NT && ($tag{'WIN16'} != -1))) &&
+ ($tag{'PERL5'} != 1))
+ { $t=&do_line($name,$_); }
+ if (($t ne undef) && (!$done{$name,$t}))
+ {
+ $done{$name,$t}++;
+ push(@ret,$t);
+ }
+ }
+ close(IN);
+ }
+ return(@ret);
+ }
+
+sub do_line
+ {
+ local($file,$_)=@_;
+ local($n);
+
+ return(undef) if /^$/;
+ return(undef) if /^\s/;
+ if (/(CRYPTO_get_locking_callback)/)
+ { return($1); }
+ elsif (/(CRYPTO_get_id_callback)/)
+ { return($1); }
+ elsif (/(CRYPTO_get_add_lock_callback)/)
+ { return($1); }
+ elsif (/(SSL_CTX_get_verify_callback)/)
+ { return($1); }
+ else
+ {
+ /\s\**(\S+)\s*\(/;
+ return($1);
+ }
+ }
+
+sub do_extern
+ {
+ local($file,$_)=@_;
+ local($n);
+
+ /\s\**(\S+);$/;
+ return($1);
+ }
+
+sub print_def_file
+ {
+ local(*OUT,$name,*nums,@functions)=@_;
+ local($n)=1;
+
+ if ($NT)
+ { $name.="32"; }
+ else
+ { $name.="16"; }
+
+ print OUT <<"EOF";
+;
+; Definition file for the DDL version of the $name library from SSLeay
+;
+
+LIBRARY $name
+
+DESCRIPTION 'SSLeay $name - eay\@cryptsoft.com'
+
+EOF
+
+ if (!$NT)
+ {
+ print <<"EOF";
+CODE PRELOAD MOVEABLE
+DATA PRELOAD MOVEABLE SINGLE
+
+EXETYPE WINDOWS
+
+HEAPSIZE 4096
+STACKSIZE 8192
+
+EOF
+ }
+
+ print "EXPORTS\n";
+
+
+ (@e)=grep(/^SSLeay/,@functions);
+ (@r)=grep(!/^SSLeay/,@functions);
+ @functions=((sort @e),(sort @r));
+
+ foreach $func (@functions)
+ {
+ if (!defined($nums{$func}))
+ {
+ printf STDERR "$func does not have a number assigned\n";
+ }
+ else
+ {
+ $n=$nums{$func};
+ printf OUT " %s%-35s@%d\n",($NT)?"":"_",$func,$n;
+ }
+ }
+ printf OUT "\n";
+ }
+
+sub load_numbers
+ {
+ local($name)=@_;
+ local($j,@a,%ret);
+
+ open(IN,"<$name") || die "unable to open $name:$!\n";
+ while (<IN>)
+ {
+ chop;
+ s/#.*$//;
+ next if /^\s*$/;
+ @a=split;
+ $ret{$a[0]}=$a[1];
+ }
+ close(IN);
+ return(%ret);
+ }
diff --git a/util/mklink.sh b/util/mklink.sh
new file mode 100755
index 0000000..1e052ed
--- /dev/null
+++ b/util/mklink.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+#
+# A bit of an ugly shell script used to actually 'link' files.
+# Used by 'make links'
+#
+
+PATH=$PATH:.:util:../util:../../util
+export PATH
+
+from=$1
+shift
+
+here=`pwd`
+tmp=`dirname $from`
+while [ "$tmp"x != "x" -a "$tmp"x != ".x" ]
+do
+ t=`basename $here`
+ here=`dirname $here`
+ to="/$t$to"
+ tmp=`dirname $tmp`
+done
+to=..$to
+
+#echo from=$from
+#echo to =$to
+#exit 1
+
+if [ "$*"x != "x" ]; then
+ for i in $*
+ do
+ /bin/rm -f $from/$i
+ point.sh $to/$i $from/$i
+ done
+fi
+exit 0;
diff --git a/util/perlpath.pl b/util/perlpath.pl
new file mode 100755
index 0000000..0aa5ada
--- /dev/null
+++ b/util/perlpath.pl
@@ -0,0 +1,30 @@
+#!/usr/local/bin/perl
+#
+# modify the '#!/usr/local/bin/perl'
+# line in all scripts that rely on perl.
+#
+
+require "find.pl";
+
+$#ARGV == 0 || print STDERR "usage: perlpath newpath (eg /usr/bin)\n";
+&find(".");
+
+sub wanted
+ {
+ return unless /\.pl$/ || /^[Cc]onfigur/;
+
+ open(IN,"<$_") || die "unable to open $dir/$_:$!\n";
+ @a=<IN>;
+ close(IN);
+
+ $a[0]="#!$ARGV[0]/perl\n";
+
+ # Playing it safe...
+ $new="$_.new";
+ open(OUT,">$new") || die "unable to open $dir/$new:$!\n";
+ print OUT @a;
+ close(OUT);
+
+ rename($new,$_) || die "unable to rename $dir/$new:$!\n";
+ chmod(0755,$_) || die "unable to chmod $dir/$new:$!\n";
+ }
diff --git a/util/pl/BC-16.pl b/util/pl/BC-16.pl
new file mode 100644
index 0000000..133fe7f
--- /dev/null
+++ b/util/pl/BC-16.pl
@@ -0,0 +1,146 @@
+#!/usr/local/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc';
+
+if ($debug)
+ { $op="-v "; }
+else { $op="-O "; }
+
+$cflags="-d -ml $op -DL_ENDIAN";
+# I add the stack opt
+$base_lflags="/c /C";
+$lflags="$base_lflags";
+
+if ($win16)
+ {
+ $shlib=1;
+ $cflags.=" -DWIN16";
+ $app_cflag="-W";
+ $lib_cflag="-WD";
+ $lflags.="/Twe";
+ }
+else
+ {
+ $cflags.=" -DMSDOS";
+ $lflags.=" /Tde";
+ }
+
+if ($shlib)
+ {
+ $mlflags=" /Twd $base_lflags"; # stack if defined in .def file
+ $libs="libw ldllcew";
+ $no_asm=1;
+ }
+else
+ { $mlflags=''; }
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="tlink";
+$efile="";
+$exep='.exe';
+$ex_libs="CL";
+$ex_libs.=$no_sock?"":" winsock.lib";
+
+$app_ex_obj="C0L.obj ";
+$shlib_ex_obj="" if ($shlib);
+
+# static library stuff
+$mklib='tlib';
+$ranlib='echo no ranlib';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='bcc -c -B -Tml';
+$afile='/o';
+if ($no_asm)
+ {
+ $bn_mulw_obj='';
+ $bn_mulw_src='';
+ }
+elsif ($asmbits == 32)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w32.asm';
+ }
+else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w16.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w16.asm';
+ }
+
+sub do_lib_rule
+ {
+ local($target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)="";
+ foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
+ {
+ $lib_names.=" +$_ &\n";
+ $dll_names.=" $_\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
+ }
+ else
+ {
+ local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
+ $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /nowep $out_lib $target\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) @&&|";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ $ret.=" \$(LFLAGS) ";
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ $ret.=" \$(APP_EX_OBJ)";
+ foreach $_ (sort split(/\s+/,$Vars{$1}))
+ { $ret.="\n $r $_ +"; }
+ chop($ret);
+ $ret.="\n";
+ }
+ else
+ { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
+ $ret.=" $target\n\n $libs\n\n|\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/util/pl/BC-32.pl b/util/pl/BC-32.pl
new file mode 100644
index 0000000..84262a8
--- /dev/null
+++ b/util/pl/BC-32.pl
@@ -0,0 +1,135 @@
+#!/usr/local/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='bcc32';
+
+if ($debug)
+ { $op="-v "; }
+else { $op="-O "; }
+
+$cflags="-d $op -DL_ENDIAN ";
+# I add the stack opt
+$base_lflags="-c";
+$lflags="$base_lflags";
+
+$cflags.=" -DWIN32";
+$app_cflag="-WC";
+$lib_cflag="-WC";
+$lflags.=" -Tpe";
+
+if ($shlib)
+ {
+ $mlflags="$base_lflags -Tpe"; # stack if defined in .def file
+ $libs="libw ldllcew";
+ }
+else
+ { $mlflags=''; }
+
+$obj='.obj';
+$ofile="-o";
+
+# EXE linking stuff
+$link="tlink32";
+$efile="";
+$exep='.exe';
+$ex_libs="CW32.LIB IMPORT32.LIB";
+$ex_libs.=$no_sock?"":" wsock32.lib";
+$shlib_ex_obj="" if $shlib;
+$app_ex_obj="C0X32.OBJ";
+
+# static library stuff
+$mklib='tlib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='ml /Cp /c /Cx';
+$afile='/Fo';
+if ($noasm)
+ {
+ $bn_mulw_obj='';
+ $bn_mulw_src='';
+ }
+else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86b32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86m32.asm';
+ }
+
+sub do_lib_rule
+ {
+ local($target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)="";
+ foreach $_ (sort split(/\s+/,$Vars{"${Name}OBJ"}))
+ {
+ $lib_names.=" +$_ &\n";
+ $dll_names.=" $_\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\t\$(MKLIB) $target & <<|\n$lib_names\n,\n|\n";
+ }
+ else
+ {
+ # $(SHLIB_EX_OBJ)
+ local($ex)=($Name eq "SSL")?' $(L_CRYPTO) winsock':"";
+ $ret.="\t\$(LINK) \$(MLFLAGS) @&&|\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}16.def;\n|\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /nowep $out_lib $target\n\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) @&&|";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ $r=" \$(LFLAGS) ";
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ @a=('$(APP_EX_OBJ)');
+ push(@a,sort split(/\s+/,$Vars{$1}));
+ foreach $_ (@a)
+ {
+ $ret.="\n $r $_ +";
+ $r="";
+ }
+ chop($ret);
+ $ret.="\n";
+ }
+ else
+ { $ret.="\n $r \$(APP_EX_OBJ) $files\n"; }
+ $ret.=" $target\n\n $libs\n\n|\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/util/pl/VC-16.pl b/util/pl/VC-16.pl
new file mode 100644
index 0000000..ea3e593
--- /dev/null
+++ b/util/pl/VC-16.pl
@@ -0,0 +1,165 @@
+#!/usr/local/bin/perl
+# VCw16lib.pl - the file for Visual C++ 1.52b for windows, static libraries
+#
+
+$ssl= "ssleay16";
+$crypto="libeay16";
+$RSAref="RSAref16";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='cl';
+
+if ($debug)
+ {
+ $op="/Od /Zi /Zd";
+ $base_lflags="/CO";
+ }
+else {
+ $op="/G2 /f- /Ocgnotb2";
+ }
+$base_lflags.=" /FARCALL /NOLOGO /NOD /SEG:1024 /ONERROR:NOEXE /NOE /PACKC:60000";
+if ($win16) { $base_lflags.=" /PACKD:60000"; }
+
+$cflags="/ALw /Gx- /Gt256 /Gf $op /W3 /WX -DL_ENDIAN /nologo";
+# I add the stack opt
+$lflags="$base_lflags /STACK:20000";
+
+if ($win16)
+ {
+ $cflags.=" -DWIN16";
+ $app_cflag="/Gw /FPi87";
+ $lib_cflag="/Gw";
+ $lib_cflag.=" -DWIN16TTY" if !$shlib;
+ $lflags.=" /ALIGN:16";
+ $ex_libs.="oldnames llibcewq libw";
+ }
+else
+ {
+ $no_sock=1;
+ $cflags.=" -DMSDOS";
+ $lflags.=" /EXEPACK";
+ $ex_libs.="oldnames.lib llibce.lib";
+ }
+
+if ($shlib)
+ {
+ $mlflags="$base_lflags";
+ $libs="oldnames ldllcew libw";
+ $shlib_ex_obj="";
+# $no_asm=1;
+ }
+else
+ { $mlflags=''; }
+
+$app_ex_obj="setargv.obj";
+
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="";
+$exep='.exe';
+$ex_libs.=$no_sock?"":" winsock";
+
+# static library stuff
+$mklib='lib /PAGESIZE:1024';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='';
+
+$asm='ml /Cp /c /Cx';
+$afile='/Fo';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ if ($asmbits == 32)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w32.asm';
+ }
+ else
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86w16.obj';
+ $bn_mulw_src='crypto\bn\asm\x86w16.asm';
+ }
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: $objs\n";
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+
+ # Due to a pathetic line length limit, I unwrap the args.
+ local($lib_names)="";
+ local($dll_names)=" \$(SHLIB_EX_OBJ) +\n";
+ ($obj)= ($objs =~ /\((.*)\)/);
+ foreach $_ (sort split(/\s+/,$Vars{$obj}))
+ {
+ $lib_names.="+$_ &\n";
+ $dll_names.=" $_ +\n";
+ }
+
+ if (!$shlib)
+ {
+ $ret.="\tdel $target\n";
+ $ret.="\t\$(MKLIB) @<<\n$target\ny\n$lib_names\n\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target eq '$(O_SSL)')?'$(L_CRYPTO)':"";
+ $ex.=' winsock';
+ $ret.="\t\$(LINK) \$(MLFLAGS) @<<\n";
+ $ret.=$dll_names;
+ $ret.="\n $target\n\n $ex $libs\nms$o${name}.def;\n<<\n";
+ ($out_lib=$target) =~ s/O_/L_/;
+ $ret.="\timplib /noignorecase /nowep $out_lib $target\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$f,$_,@f);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) \$(LFLAGS) @<<\n";
+
+ # Due to a pathetic line length limit, I have to unwrap the args.
+ if ($files =~ /\(([^)]*)\)$/)
+ {
+ @a=('$(APP_EX_OBJ)');
+ push(@a,sort split(/\s+/,$Vars{$1}));
+ for $_ (@a)
+ { $ret.=" $_ +\n"; }
+ }
+ else
+ { $ret.=" \$(APP_EX_OBJ) $files"; }
+ $ret.="\n $target\n\n $libs\n\n<<\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/util/pl/VC-32.pl b/util/pl/VC-32.pl
new file mode 100644
index 0000000..12bc58e
--- /dev/null
+++ b/util/pl/VC-32.pl
@@ -0,0 +1,111 @@
+#!/usr/local/bin/perl
+# VCw32lib.pl - the file for Visual C++ 4.[01] for windows NT, static libraries
+#
+
+$ssl= "ssleay32";
+$crypto="libeay32";
+$RSAref="RSAref32";
+
+$o='\\';
+$cp='copy';
+$rm='del';
+
+# C compiler stuff
+$cc='cl';
+$cflags='/W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32 -DL_ENDIAN';
+$lflags="/nologo /subsystem:console /machine:I386 /opt:ref";
+$mlflags='';
+if ($debug)
+ {
+ $cflags="/W3 /WX /Zi /Yd /Od /nologo -DWIN32 -D_DEBUG -DL_ENDIAN";
+ $lflags.=" /debug";
+ $mlflags.=' /debug';
+ }
+$obj='.obj';
+$ofile="/Fo";
+
+# EXE linking stuff
+$link="link";
+$efile="/out:";
+$exep='.exe';
+if ($no_sock)
+ { $ex_libs=""; }
+else { $ex_libs="wsock32.lib user32.lib gdi32.lib"; }
+
+# static library stuff
+$mklib='lib';
+$ranlib='';
+$plib="";
+$libp=".lib";
+$shlibp=($shlib)?".dll":".lib";
+$lfile='/out:';
+
+$shlib_ex_obj="";
+$app_ex_obj="setargv.obj";
+
+$asm='ml /Cp /coff /c /Cx';
+$afile='/Fo';
+
+$bn_mulw_obj='';
+$bn_mulw_src='';
+$des_enc_obj='';
+$des_enc_src='';
+$bf_enc_obj='';
+$bf_enc_src='';
+
+if (!$no_asm)
+ {
+ $bn_mulw_obj='crypto\bn\asm\x86nt32.obj';
+ $bn_mulw_src='crypto\bn\asm\x86nt32.asm';
+ $des_enc_obj='crypto\des\asm\d-win32.obj crypto\des\asm\c-win32.obj';
+ $des_enc_src='crypto\des\asm\d-win32.asm crypto\des\asm\c-win32.asm';
+ $bf_enc_obj='crypto\bf\asm\b-win32.obj';
+ $bf_enc_src='crypto\bf\asm\b-win32.asm';
+ }
+
+if ($shlib)
+ {
+ $mlflags.=" $lflags /dll";
+ $cflags.=" /MD";
+ $cflags.="d" if ($debug);
+ $lib_cflag=" /GD";
+ }
+
+sub do_lib_rule
+ {
+ local($objs,$target,$name,$shlib)=@_;
+ local($ret,$Name);
+
+ $taget =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: $objs\n";
+ if (!$shlib)
+ {
+# $ret.="\t\$(RM) \$(O_$Name)\n";
+ $ret.="\t\$(MKLIB) $lfile$target @<<\n $objs\n<<\n";
+ }
+ else
+ {
+ local($ex)=($target eq '$(O_SSL)')?' $(L_CRYPTO)':'';
+ $ex.=' wsock32.lib gdi32.lib';
+ $ret.="\t\$(LINK) \$(MLFLAGS) $efile$target /def:ms/${Name}.def @<<\n \$(SHLIB_EX_OBJ) $objs $ex\n<<\n";
+ }
+ $ret.="\n";
+ return($ret);
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($targer);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.=" \$(LINK) \$(LFLAGS) $efile$target @<<\n";
+ $ret.=" \$(APP_EX_OBJ) $files $libs\n<<\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/util/pl/f.mak b/util/pl/f.mak
new file mode 100644
index 0000000..e69de29
--- /dev/null
+++ b/util/pl/f.mak
diff --git a/util/pl/unix.pl b/util/pl/unix.pl
new file mode 100644
index 0000000..4c0c91a
--- /dev/null
+++ b/util/pl/unix.pl
@@ -0,0 +1,82 @@
+#!/usr/local/bin/perl
+#
+# unix.pl - the standard unix makefile stuff.
+#
+
+$o='/';
+$cp='/bin/cp';
+$rm='/bin/rm -f';
+
+# C compiler stuff
+
+if ($gcc)
+ {
+ $cc='gcc';
+ if ($debug)
+ { $cflags="-g2 -ggdb"; }
+ else
+ { $cflags="-O3 -fomit-frame-pointer"; }
+ }
+else
+ {
+ $cc='cc';
+ if ($debug)
+ { $cflags="-g"; }
+ else
+ { $cflags="-O"; }
+ }
+$obj='.o';
+$ofile='-o ';
+
+# EXE linking stuff
+$link='${CC}';
+$lflags='${CFLAGS}';
+$efile='-o ';
+$exep='';
+$ex_libs="";
+
+# static library stuff
+$mklib='ar r';
+$mlflags='';
+$ranlib='util/ranlib.sh';
+$plib='lib';
+$libp=".a";
+$shlibp=".a";
+$lfile='';
+
+$asm='as';
+$afile='-o ';
+$bn_mulw_obj="";
+$bn_mulw_src="";
+$des_enc_obj="";
+$des_enc_src="";
+$bf_enc_obj="";
+$bf_enc_src="";
+
+sub do_lib_rule
+ {
+ local($obj,$target,$name,$shlib)=@_;
+ local($ret,$_,$Name);
+
+ $target =~ s/\//$o/g if $o ne '/';
+ ($Name=$name) =~ tr/a-z/A-Z/;
+
+ $ret.="$target: \$(${Name}OBJ)\n";
+ $ret.="\t\$(RM) $target\n";
+ $ret.="\t\$(MKLIB) $target \$(${Name}OBJ)\n";
+ $ret.="\t\$(RANLIB) $target\n\n";
+ }
+
+sub do_link_rule
+ {
+ local($target,$files,$dep_libs,$libs)=@_;
+ local($ret,$_);
+
+ $file =~ s/\//$o/g if $o ne '/';
+ $n=&bname($target);
+ $ret.="$target: $files $dep_libs\n";
+ $ret.="\t\$(LINK) ${efile}$target \$(LFLAGS) $files $libs\n\n";
+ return($ret);
+ }
+
+1;
diff --git a/util/point.sh b/util/point.sh
new file mode 100755
index 0000000..92c12e8
--- /dev/null
+++ b/util/point.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+/bin/rm -f $2
+ln -s $1 $2
diff --git a/util/ranlib.sh b/util/ranlib.sh
new file mode 100755
index 0000000..543f712
--- /dev/null
+++ b/util/ranlib.sh
@@ -0,0 +1,23 @@
+#!/bin/sh
+
+cwd=`pwd`
+cd /tmp
+
+if [ -s /bin/ranlib ] ; then
+ RL=/bin/ranlib
+else if [ -s /usr/bin/ranlib ] ; then
+ RL=/usr/bin/ranlib
+fi
+fi
+
+if [ "x$RL" != "x" ]
+then
+ case "$1" in
+ /*)
+ $RL "$1"
+ ;;
+ *)
+ $RL "$cwd/$1"
+ ;;
+ esac
+fi
diff --git a/util/sp-diff.pl b/util/sp-diff.pl
new file mode 100755
index 0000000..fbea971
--- /dev/null
+++ b/util/sp-diff.pl
@@ -0,0 +1,80 @@
+#!/usr/local/bin/perl
+#
+# This file takes as input, the files that have been output from
+# ssleay speed.
+# It prints a table of the relative differences with %100 being 'no difference'
+#
+
+($#ARGV == 1) || die "$0 speedout1 speedout2\n";
+
+%one=&loadfile($ARGV[0]);
+%two=&loadfile($ARGV[1]);
+
+$line=0;
+foreach $a ("md2","md5","sha","sha1","rc4","des cfb","des cbc","des ede3",
+ "idea cfb","idea cbc","rc2 cfb","rc2 cbc","blowfish cbc")
+ {
+ if (defined($one{$a,8}) && defined($two{$a,8}))
+ {
+ print "type 8 byte% 64 byte% 256 byte% 1024 byte% 8192 byte%\n"
+ unless $line;
+ $line++;
+ printf "%-12s ",$a;
+ foreach $b (8,64,256,1024,8192)
+ {
+ $r=$two{$a,$b}/$one{$a,$b}*100;
+ printf "%12.2f",$r;
+ }
+ print "\n";
+ }
+ }
+
+foreach $a (
+ "rsa 512","rsa 1024","rsa 2048","rsa 4096",
+ "dsa 512","dsa 1024","dsa 2048",
+ )
+ {
+ if (defined($one{$a,1}) && defined($two{$a,1}))
+ {
+ $r1=($one{$a,1}/$two{$a,1})*100;
+ $r2=($one{$a,2}/$two{$a,2})*100;
+ printf "$a bits %% %6.2f %% %6.2f\n",$r1,$r2;
+ }
+ }
+
+sub loadfile
+ {
+ local($file)=@_;
+ local($_,%ret);
+
+ open(IN,"<$file") || die "unable to open '$file' for input\n";
+ $header=1;
+ while (<IN>)
+ {
+ $header=0 if /^[dr]sa/;
+ if (/^type/) { $header=0; next; }
+ next if $header;
+ chop;
+ @a=split;
+ if ($a[0] =~ /^[dr]sa$/)
+ {
+ ($n,$t1,$t2)=($_ =~ /^([dr]sa\s+\d+)\s+bits\s+([.\d]+)s\s+([.\d]+)/);
+ $ret{$n,1}=$t1;
+ $ret{$n,2}=$t2;
+ }
+ else
+ {
+ $n=join(' ',grep(/[^k]$/,@a));
+ @k=grep(s/k$//,@a);
+
+ $ret{$n, 8}=$k[0];
+ $ret{$n, 64}=$k[1];
+ $ret{$n, 256}=$k[2];
+ $ret{$n,1024}=$k[3];
+ $ret{$n,8192}=$k[4];
+ }
+ }
+ close(IN);
+ return(%ret);
+ }
+
diff --git a/util/speed.sh b/util/speed.sh
new file mode 100755
index 0000000..e44f20c
--- /dev/null
+++ b/util/speed.sh
@@ -0,0 +1,39 @@
+#!/bin/sh
+
+#
+# This is a ugly script use, in conjuction with editing the 'b'
+# configuration in the $(TOP)/Configure script which will
+# output when finished a file called speed.log which is the
+# timings of SSLeay with various options turned on or off.
+#
+# from the $(TOP) directory
+# Edit Configure, modifying things to do with the b/bl-4c-2c etc
+# configurations.
+#
+
+make clean
+perl Configure b
+make
+apps/ssleay version -v -b -f >speed.1
+apps/ssleay speed >speed.1l
+
+perl Configure bl-4c-2c
+/bin/rm -f crypto/rc4/*.o crypto/bn/bn*.o crypto/md/md2_dgst.o
+make
+apps/ssleay speed rc4 rsa md2 >speed.2l
+
+perl Configure bl-4c-ri
+/bin/rm -f crypto/rc4/rc4*.o
+make
+apps/ssleay speed rc4 >speed.3l
+
+perl Configure b2-is-ri-dp
+/bin/rm -f crypto/idea/i_*.o crypto/rc4/*.o crypto/des/ecb_enc.o crypto/bn/bn*.o
+apps/ssleay speed rsa rc4 idea des >speed.4l
+
+cat speed.1 >speed.log
+cat speed.1l >>speed.log
+perl util/sp-diff.pl speed.1l speed.2l >>speed.log
+perl util/sp-diff.pl speed.1l speed.3l >>speed.log
+perl util/sp-diff.pl speed.1l speed.4l >>speed.log
+
diff --git a/util/src-dep.pl b/util/src-dep.pl
new file mode 100755
index 0000000..ad997e4
--- /dev/null
+++ b/util/src-dep.pl
@@ -0,0 +1,147 @@
+#!/usr/local/bin/perl
+
+# we make up an array of
+# $file{function_name}=filename;
+# $unres{filename}="func1 func2 ...."
+$debug=1;
+#$nm_func="parse_linux";
+$nm_func="parse_solaris";
+
+foreach (@ARGV)
+ {
+ &$nm_func($_);
+ }
+
+foreach $file (sort keys %unres)
+ {
+ @a=split(/\s+/,$unres{$file});
+ %ff=();
+ foreach $func (@a)
+ {
+ $f=$file{$func};
+ $ff{$f}=1 if $f ne "";
+ }
+
+ foreach $a (keys %ff)
+ { $we_need{$file}.="$a "; }
+ }
+
+foreach $file (sort keys %we_need)
+ {
+# print " $file $we_need{$file}\n";
+ foreach $bit (split(/\s+/,$we_need{$file}))
+ { push(@final,&walk($bit)); }
+
+ foreach (@final) { $fin{$_}=1; }
+ @final="";
+ foreach (sort keys %fin)
+ { push(@final,$_); }
+
+ print "$file: @final\n";
+ }
+
+sub walk
+ {
+ local($f)=@_;
+ local(@a,%seen,@ret,$r);
+
+ @ret="";
+ $f =~ s/^\s+//;
+ $f =~ s/\s+$//;
+ return "" if ($f =~ "^\s*$");
+
+ return(split(/\s/,$done{$f})) if defined ($done{$f});
+
+ return if $in{$f} > 0;
+ $in{$f}++;
+ push(@ret,$f);
+ foreach $r (split(/\s+/,$we_need{$f}))
+ {
+ push(@ret,&walk($r));
+ }
+ $in{$f}--;
+ $done{$f}=join(" ",@ret);
+ return(@ret);
+ }
+
+sub parse_linux
+ {
+ local($name)=@_;
+
+ open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+ while (<IN>)
+ {
+ chop;
+ next if /^\s*$/;
+ if (/^[^[](.*):$/)
+ {
+ $file=$1;
+ $file="$1.c" if /\[(.*).o\]/;
+ print STDERR "$file\n";
+ $we_need{$file}=" ";
+ next;
+ }
+
+ @a=split(/\s*\|\s*/);
+ next unless $#a == 7;
+ next unless $a[4] eq "GLOB";
+ if ($a[6] eq "UNDEF")
+ {
+ $unres{$file}.=$a[7]." ";
+ }
+ else
+ {
+ if ($file{$a[7]} ne "")
+ {
+ print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+ }
+ else
+ {
+ $file{$a[7]}=$file;
+ }
+ }
+ }
+ close(IN);
+ }
+
+sub parse_solaris
+ {
+ local($name)=@_;
+
+ open(IN,"nm $name|") || die "unable to run 'nn $name':$!\n";
+ while (<IN>)
+ {
+ chop;
+ next if /^\s*$/;
+ if (/^(\S+):$/)
+ {
+ $file=$1;
+ #$file="$1.c" if $file =~ /^(.*).o$/;
+ print STDERR "$file\n";
+ $we_need{$file}=" ";
+ next;
+ }
+ @a=split(/\s*\|\s*/);
+ next unless $#a == 7;
+ next unless $a[4] eq "GLOB";
+ if ($a[6] eq "UNDEF")
+ {
+ $unres{$file}.=$a[7]." ";
+ print STDERR "$file needs $a[7]\n" if $debug;
+ }
+ else
+ {
+ if ($file{$a[7]} ne "")
+ {
+ print STDERR "duplicate definition of $a[7],\n$file{$a[7]} and $file \n";
+ }
+ else
+ {
+ $file{$a[7]}=$file;
+ print STDERR "$file has $a[7]\n" if $debug;
+ }
+ }
+ }
+ close(IN);
+ }
+
diff --git a/util/ssldir.pl b/util/ssldir.pl
new file mode 100755
index 0000000..6c30685
--- /dev/null
+++ b/util/ssldir.pl
@@ -0,0 +1,52 @@
+#!/usr/local/bin/perl
+
+$#ARGV == 0 || die "usage: ssldir.pl /new/path\n";
+@files=('crypto/cryptlib.h',
+ 'Makefile.ssl',
+ 'tools/c_rehash',
+ 'util/mk1mf.pl',
+ );
+
+%cryptlib=(
+ '\sX509_CERT_AREA\s',"#define X509_CERT_AREA\t\t".'"%s"',
+ '\sX509_CERT_DIR\s', "#define X509_CERT_DIR\t\t".'"%s/certs"',
+ '\sX509_CERT_FILE\s', "#define X509_CERT_FILE\t\t".'"%s/cert.pem"',
+ '\sX509_PRIVATE_DIR\s',"#define X509_PRIVATE_DIR\t".'"%s/private"',
+ );
+
+%Makefile_ssl=(
+ '^INSTALLTOP=','INSTALLTOP=%s',
+ );
+
+%c_rehash=(
+ '^DIR=', 'DIR=%s',
+ );
+
+%mk1mf=(
+ '^$INSTALLTOP=','$INSTALLTOP="%s";',
+ );
+
+&dofile("crypto/cryptlib.h",$ARGV[0],%cryptlib);
+&dofile("Makefile.ssl",$ARGV[0],%Makefile_ssl);
+&dofile("tools/c_rehash",$ARGV[0],%c_rehash);
+&dofile("util/mk1mf.pl",$ARGV[0],%mk1mf);
+
+sub dofile
+ {
+ ($f,$p,%m)=@_;
+
+ open(IN,"<$f") || die "unable to open $f:$!\n";
+ @a=<IN>;
+ close(IN);
+ foreach $k (keys %m)
+ {
+ grep(/$k/ && ($_=sprintf($m{$k}."\n",$p)),@a);
+ }
+ ($ff=$f) =~ s/\..*$//;
+ open(OUT,">$ff.new") || die "unable to open $f:$!\n";
+ print OUT @a;
+ close(OUT);
+ rename($f,"$ff.old") || die "unable to rename $f\n";
+ rename("$ff.new",$f) || die "unable to rename $ff.new\n";
+ }
+
diff --git a/util/ssleay.num b/util/ssleay.num
new file mode 100755
index 0000000..592de9b
--- /dev/null
+++ b/util/ssleay.num
@@ -0,0 +1,131 @@
+ERR_load_SSL_strings 1
+SSL_CIPHER_description 2
+SSL_CTX_add_client_CA 3
+SSL_CTX_add_session 4
+SSL_CTX_check_private_key 5
+SSL_CTX_ctrl 6
+SSL_CTX_flush_sessions 7
+SSL_CTX_free 8
+SSL_CTX_get_client_CA_list 9
+SSL_CTX_get_verify_callback 10
+SSL_CTX_get_verify_mode 11
+SSL_CTX_new 12
+SSL_CTX_remove_session 13
+SSL_CTX_set_cert_verify_cb 14
+SSL_CTX_set_cipher_list 15
+SSL_CTX_set_client_CA_list 16
+SSL_CTX_set_default_passwd_cb 17
+SSL_CTX_set_dh_params 18
+SSL_CTX_set_ssl_version 19
+SSL_CTX_set_tmp_rsa 20
+SSL_CTX_set_verify 21
+SSL_CTX_use_PrivateKey 22
+SSL_CTX_use_PrivateKey_ASN1 23
+SSL_CTX_use_PrivateKey_file 24
+SSL_CTX_use_RSAPrivateKey 25
+SSL_CTX_use_RSAPrivateKey_ASN1 26
+SSL_CTX_use_RSAPrivateKey_file 27
+SSL_CTX_use_certificate 28
+SSL_CTX_use_certificate_ASN1 29
+SSL_CTX_use_certificate_file 30
+SSL_SESSION_free 31
+SSL_SESSION_new 32
+SSL_SESSION_print 33
+SSL_SESSION_print_fp 34
+SSL_accept 35
+SSL_add_client_CA 36
+SSL_alert_desc_string 37
+SSL_alert_desc_string_long 38
+SSL_alert_type_string 39
+SSL_alert_type_string_long 40
+SSL_check_private_key 41
+SSL_clear 42
+SSL_connect 43
+SSL_copy_session_id 44
+SSL_ctrl 45
+SSL_dup 46
+SSL_dup_CA_list 47
+SSL_free 48
+SSL_get_certificate 49
+#SSL_get_cipher 50
+#SSL_get_cipher_bits 51
+SSL_get_cipher_list 52
+#SSL_get_cipher_name 53
+#SSL_get_cipher_version 54
+SSL_get_ciphers 55
+SSL_get_client_CA_list 56
+SSL_get_default_timeout 57
+SSL_get_error 58
+SSL_get_fd 59
+SSL_get_peer_cert_chain 60
+SSL_get_peer_certificate 61
+SSL_get_privatekey 62
+SSL_get_rbio 63
+SSL_get_read_ahead 64
+SSL_get_shared_ciphers 65
+SSL_get_ssl_method 66
+SSL_get_time 67
+SSL_get_timeout 68
+SSL_get_verify_callback 69
+SSL_get_verify_mode 70
+SSL_get_version 71
+SSL_get_wbio 72
+SSL_load_client_CA_file 73
+SSL_load_error_strings 74
+SSL_new 75
+SSL_peek 76
+SSL_pending 77
+SSL_read 78
+SSL_renegotiate 79
+SSL_rstate_string 80
+SSL_rstate_string_long 81
+SSL_set_accept_state 82
+SSL_set_bio 83
+SSL_set_cipher_list 84
+SSL_set_client_CA_list 85
+SSL_set_connect_state 86
+SSL_set_fd 87
+SSL_set_read_ahead 88
+SSL_set_rfd 89
+SSL_set_session 90
+SSL_set_ssl_method 91
+SSL_set_time 92
+SSL_set_timeout 93
+SSL_set_verify 94
+SSL_set_wfd 95
+SSL_shutdown 96
+SSL_state_string 97
+SSL_state_string_long 98
+SSL_use_PrivateKey 99
+SSL_use_PrivateKey_ASN1 100
+SSL_use_PrivateKey_file 101
+SSL_use_RSAPrivateKey 102
+SSL_use_RSAPrivateKey_ASN1 103
+SSL_use_RSAPrivateKey_file 104
+SSL_use_certificate 105
+SSL_use_certificate_ASN1 106
+SSL_use_certificate_file 107
+SSL_write 108
+SSLeay_add_ssl_algorithms 109
+SSLv23_client_method 110
+SSLv23_method 111
+SSLv23_server_method 112
+SSLv2_client_method 113
+SSLv2_method 114
+SSLv2_server_method 115
+SSLv3_client_method 116
+SSLv3_method 117
+SSLv3_server_method 118
+d2i_SSL_SESSION 119
+i2d_SSL_SESSION 120
+BIO_f_ssl 121
+BIO_new_ssl 122
+BIO_proxy_ssl_copy_session_id 123
+BIO_ssl_copy_session_id 124
+SSL_do_handshake 125
+SSL_get_privatekey 126
+SSL_get_current_cipher 127
+SSL_CIPHER_get_bits 128
+SSL_CIPHER_get_version 129
+SSL_CIPHER_get_name 130
+BIO_ssl_shutdown 131
diff --git a/util/tab_num.pl b/util/tab_num.pl
new file mode 100755
index 0000000..a81ed0e
--- /dev/null
+++ b/util/tab_num.pl
@@ -0,0 +1,17 @@
+#!/usr/local/bin/perl
+
+$num=1;
+$width=40;
+
+while (<>)
+ {
+ chop;
+
+ $i=length($_);
+
+ $n=$width-$i;
+ $i=int(($n+7)/8);
+ print $_.("\t" x $i).$num."\n";
+ $num++;
+ }
+
diff --git a/util/up_ver.pl b/util/up_ver.pl
new file mode 100755
index 0000000..c2fc7c3
--- /dev/null
+++ b/util/up_ver.pl
@@ -0,0 +1,70 @@
+#!/usr/local/bin/perl
+#
+# Up the version numbers in the files.
+#
+
+@files=(
+ "crypto/des/ecb_enc.c",
+ "crypto/idea/i_ecb.c",
+ "crypto/lhash/lhash.c",
+ "crypto/conf/conf.c",
+ "crypto/md/md2_dgst.c",
+ "crypto/md/md5_dgst.c",
+ "crypto/pem/pem_lib.c",
+ "crypto/bn/bn_lib.c",
+ "crypto/dh/dh_lib.c",
+ "crypto/rc4/rc4_enc.org",
+ "crypto/rc2/rc2_ecb.c",
+ "crypto/bf/bf_ecb.c",
+ "crypto/rsa/rsa_lib.c",
+ "crypto/dsa/dsa_lib.c",
+ "crypto/sha/sha1dgst.c",
+ "crypto/sha/sha_dgst.c",
+ "crypto/asn1/asn1_lib.c",
+ "crypto/x509/x509_vfy.c",
+ "crypto/evp/evp_enc.c",
+ "crypto/rand/md_rand.c",
+ "crypto/stack/stack.c",
+ "crypto/txt_db/txt_db.c",
+ "crypto/cversion.c",
+ "ssl/ssl_lib.c",
+ "ssl/s2_lib.c",
+ "ssl/s3_lib.c",
+ "README",
+ );
+
+@month=('Jan','Feb','Mar','Apr','May','Jun',
+ 'Jul','Aug','Sep','Oct','Nov','Dec');
+@a=localtime(time());
+$time=sprintf("%02d-%s-%04d",$a[3],$month[$a[4]],$a[5]+1900);
+
+$ver=$ARGV[0];
+($ver ne "") || die "no version number specified\n";
+
+foreach $file (@files)
+ {
+ open(IN,"<$file") || die "unable to open $file:$!\n";
+ open(OUT,">$file.new") || die "unable to open $file.new:$!\n";
+ $found=0;
+
+ print STDERR "$file:";
+
+ while (<IN>)
+ {
+ if (s/SSLeay \d\.\d.\d[^"]*(\"|\s)/SSLeay $ver $time\1/)
+ {
+ print STDERR " Done";
+ $found++;
+ print OUT;
+ while (<IN>) { print OUT; }
+ last;
+ }
+ print OUT;
+ }
+ print STDERR "\n";
+ close(IN);
+ close(OUT);
+ (!$found) && die "unable to update the version number in $file\n";
+ rename($file,"$file.old") || die "unable to rename $file:$!\n";
+ rename("$file.new",$file) || die "unable to rename $file.new:$!\n";
+ }
